summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--.dockerignore4
-rw-r--r--.papr.inventory1
-rwxr-xr-x.papr.sh4
-rw-r--r--.tito/packages/openshift-ansible2
-rw-r--r--.tito/releasers.conf6
-rw-r--r--BUILD.md29
-rw-r--r--README.md3
-rw-r--r--README_CONTAINER_IMAGE.md6
-rw-r--r--README_libvirt.md8
-rw-r--r--ansible.cfg12
-rw-r--r--docs/proposals/role_decomposition.md353
-rw-r--r--filter_plugins/oo_filters.py26
-rwxr-xr-xhack/build-images.sh20
-rwxr-xr-xhack/push-release.sh56
-rw-r--r--images/installer/Dockerfile62
-rw-r--r--images/installer/Dockerfile.rhel755
-rw-r--r--images/installer/README_CONTAINER_IMAGE.md (renamed from images/installer/system-container/README.md)27
-rw-r--r--images/installer/root/exports/config.json.template (renamed from images/installer/system-container/root/exports/config.json.template)0
-rw-r--r--images/installer/root/exports/manifest.json (renamed from images/installer/system-container/root/exports/manifest.json)2
-rw-r--r--images/installer/root/exports/service.template (renamed from images/installer/system-container/root/exports/service.template)0
-rw-r--r--images/installer/root/exports/tmpfiles.template (renamed from images/installer/system-container/root/exports/tmpfiles.template)0
-rwxr-xr-ximages/installer/root/usr/local/bin/entrypoint17
-rwxr-xr-ximages/installer/root/usr/local/bin/run46
-rwxr-xr-ximages/installer/root/usr/local/bin/run-system-container.sh (renamed from images/installer/system-container/root/usr/local/bin/run-system-container.sh)0
-rwxr-xr-ximages/installer/root/usr/local/bin/usage33
-rwxr-xr-ximages/installer/root/usr/local/bin/usage.ocp33
-rwxr-xr-ximages/installer/root/usr/local/bin/user_setup17
-rw-r--r--inventory/byo/hosts.byo.glusterfs.external.example56
-rw-r--r--inventory/byo/hosts.byo.glusterfs.mixed.example59
-rw-r--r--inventory/byo/hosts.byo.glusterfs.native.example46
-rw-r--r--inventory/byo/hosts.byo.glusterfs.registry-only.example (renamed from inventory/byo/hosts.byo.native-glusterfs.example)19
-rw-r--r--inventory/byo/hosts.byo.glusterfs.storage-and-registry.example63
-rw-r--r--inventory/byo/hosts.origin.example55
-rw-r--r--inventory/byo/hosts.ose.example55
-rw-r--r--openshift-ansible.spec418
-rw-r--r--playbooks/adhoc/contiv/delete_contiv.yml2
-rw-r--r--playbooks/adhoc/uninstall.yml32
-rw-r--r--playbooks/aws/openshift-cluster/config.yml1
-rw-r--r--playbooks/byo/openshift-checks/README.md11
-rw-r--r--playbooks/byo/openshift-cluster/cluster_hosts.yml1
-rw-r--r--playbooks/byo/openshift-cluster/config.yml18
-rw-r--r--playbooks/byo/openshift-cluster/service-catalog.yml12
-rw-r--r--playbooks/byo/openshift-cluster/upgrades/upgrade_etcd.yml2
-rw-r--r--playbooks/byo/openshift-etcd/migrate.yml8
-rw-r--r--playbooks/common/openshift-checks/health.yml5
-rw-r--r--playbooks/common/openshift-checks/pre-install.yml5
-rw-r--r--playbooks/common/openshift-cluster/config.yml25
-rw-r--r--playbooks/common/openshift-cluster/evaluate_groups.yml9
-rw-r--r--playbooks/common/openshift-cluster/openshift_hosted.yml4
-rw-r--r--playbooks/common/openshift-cluster/openshift_metrics.yml9
-rw-r--r--playbooks/common/openshift-cluster/redeploy-certificates/masters.yml10
-rw-r--r--playbooks/common/openshift-cluster/redeploy-certificates/registry.yml1
-rw-r--r--playbooks/common/openshift-cluster/redeploy-certificates/router.yml3
-rw-r--r--playbooks/common/openshift-cluster/service_catalog.yml21
-rw-r--r--playbooks/common/openshift-cluster/upgrades/docker/docker_upgrade.yml6
-rw-r--r--playbooks/common/openshift-cluster/upgrades/docker/restart.yml5
-rw-r--r--playbooks/common/openshift-cluster/upgrades/docker/upgrade.yml8
-rw-r--r--playbooks/common/openshift-cluster/upgrades/etcd/upgrade.yml2
-rw-r--r--playbooks/common/openshift-cluster/upgrades/initialize_nodes_to_upgrade.yml45
-rw-r--r--playbooks/common/openshift-cluster/upgrades/upgrade_control_plane.yml50
-rw-r--r--playbooks/common/openshift-cluster/upgrades/upgrade_nodes.yml7
-rw-r--r--playbooks/common/openshift-cluster/upgrades/v3_5/storage_upgrade.yml18
-rw-r--r--playbooks/common/openshift-cluster/upgrades/v3_5/upgrade.yml2
-rw-r--r--playbooks/common/openshift-cluster/upgrades/v3_5/upgrade_control_plane.yml2
-rw-r--r--playbooks/common/openshift-cluster/upgrades/v3_6/storage_upgrade.yml18
-rw-r--r--playbooks/common/openshift-cluster/upgrades/v3_6/upgrade.yml2
-rw-r--r--playbooks/common/openshift-cluster/upgrades/v3_6/upgrade_control_plane.yml2
-rw-r--r--playbooks/common/openshift-etcd/migrate.yml120
-rw-r--r--playbooks/common/openshift-etcd/restart.yml2
-rw-r--r--playbooks/common/openshift-glusterfs/config.yml23
-rw-r--r--playbooks/common/openshift-loadbalancer/config.yml1
-rw-r--r--playbooks/common/openshift-master/config.yml25
-rw-r--r--playbooks/common/openshift-master/restart_hosts.yml1
-rw-r--r--playbooks/common/openshift-master/restart_services.yml1
-rw-r--r--playbooks/common/openshift-node/config.yml5
-rw-r--r--playbooks/common/openshift-node/network_manager.yml2
-rw-r--r--playbooks/common/openshift-node/restart.yml5
-rw-r--r--playbooks/libvirt/openshift-cluster/config.yml1
-rw-r--r--playbooks/libvirt/openshift-cluster/tasks/launch_instances.yml10
-rw-r--r--requirements.txt2
-rw-r--r--roles/ansible_service_broker/defaults/main.yml10
-rw-r--r--roles/ansible_service_broker/meta/main.yml15
-rw-r--r--roles/ansible_service_broker/tasks/install.yml280
-rw-r--r--roles/ansible_service_broker/tasks/main.yml8
-rw-r--r--roles/ansible_service_broker/tasks/remove.yml65
-rw-r--r--roles/ansible_service_broker/tasks/validate_facts.yml15
-rw-r--r--roles/ansible_service_broker/vars/default_images.yml14
-rw-r--r--roles/ansible_service_broker/vars/openshift-enterprise.yml14
-rw-r--r--roles/calico/handlers/main.yml4
-rw-r--r--roles/calico/tasks/gen_certs.yml17
-rw-r--r--roles/calico/tasks/main.yml27
-rw-r--r--roles/cockpit/tasks/main.yml2
-rw-r--r--roles/contiv/defaults/main.yml25
-rw-r--r--roles/contiv/meta/main.yml2
-rw-r--r--roles/contiv/tasks/default_network.yml45
-rw-r--r--roles/contiv/tasks/netmaster.yml2
-rw-r--r--roles/contiv/tasks/netplugin.yml4
-rw-r--r--roles/contiv/tasks/netplugin_iptables.yml33
-rw-r--r--roles/contiv/tasks/packageManagerInstall.yml5
-rw-r--r--roles/contiv/tasks/pkgMgrInstallers/centos-install.yml18
-rw-r--r--roles/contiv/templates/netplugin.j24
-rw-r--r--roles/contiv_auth_proxy/README.md29
-rw-r--r--roles/contiv_auth_proxy/defaults/main.yml11
-rw-r--r--roles/contiv_auth_proxy/files/auth-proxy.service13
-rw-r--r--roles/contiv_auth_proxy/handlers/main.yml2
-rw-r--r--roles/contiv_auth_proxy/tasks/cleanup.yml10
-rw-r--r--roles/contiv_auth_proxy/tasks/main.yml37
-rw-r--r--roles/contiv_auth_proxy/templates/auth_proxy.j236
-rw-r--r--roles/contiv_auth_proxy/tests/inventory1
-rw-r--r--roles/contiv_auth_proxy/tests/test.yml5
-rw-r--r--roles/contiv_auth_proxy/vars/main.yml2
-rw-r--r--roles/contiv_facts/defaults/main.yaml3
-rw-r--r--roles/docker/handlers/main.yml4
-rw-r--r--roles/docker/tasks/package_docker.yml9
-rw-r--r--roles/docker/tasks/systemcontainer_docker.yml20
-rw-r--r--roles/etcd/tasks/main.yml13
-rw-r--r--roles/etcd/tasks/system_container.yml20
-rw-r--r--roles/etcd_common/defaults/main.yml6
-rw-r--r--roles/etcd_common/tasks/backup.yml44
-rw-r--r--roles/etcd_migrate/README.md53
-rw-r--r--roles/etcd_migrate/defaults/main.yml3
-rw-r--r--roles/etcd_migrate/meta/main.yml17
-rw-r--r--roles/etcd_migrate/tasks/check.yml59
-rw-r--r--roles/etcd_migrate/tasks/check_cluster_health.yml23
-rw-r--r--roles/etcd_migrate/tasks/check_cluster_status.yml32
-rw-r--r--roles/etcd_migrate/tasks/configure.yml13
-rw-r--r--roles/etcd_migrate/tasks/main.yml25
-rw-r--r--roles/etcd_migrate/tasks/migrate.yml64
-rw-r--r--roles/flannel/handlers/main.yml4
-rw-r--r--roles/lib_openshift/library/oc_atomic_container.py13
-rw-r--r--roles/lib_openshift/library/oc_storageclass.py1688
-rw-r--r--roles/lib_openshift/src/ansible/oc_atomic_container.py13
-rw-r--r--roles/lib_openshift/src/ansible/oc_storageclass.py32
-rw-r--r--roles/lib_openshift/src/class/oc_storageclass.py155
-rw-r--r--roles/lib_openshift/src/doc/storageclass86
-rw-r--r--roles/lib_openshift/src/lib/storageclass.py76
-rw-r--r--roles/lib_openshift/src/sources.yml11
-rwxr-xr-xroles/lib_openshift/src/test/integration/oc_storageclass.yml87
-rwxr-xr-xroles/lib_openshift/src/test/unit/test_oc_storageclass.py93
-rw-r--r--roles/openshift_ca/tasks/main.yml59
-rw-r--r--roles/openshift_certificate_expiry/library/openshift_cert_expiry.py21
-rw-r--r--roles/openshift_certificate_expiry/test/conftest.py5
-rw-r--r--roles/openshift_default_storage_class/defaults/main.yml15
-rw-r--r--roles/openshift_default_storage_class/tasks/main.yml18
-rwxr-xr-xroles/openshift_examples/examples-sync.sh2
-rw-r--r--roles/openshift_examples/files/examples/v1.4/cfme-templates/cfme-template.yaml6
-rw-r--r--roles/openshift_examples/files/examples/v1.4/db-templates/mariadb-ephemeral-template.json12
-rw-r--r--roles/openshift_examples/files/examples/v1.4/db-templates/mariadb-persistent-template.json12
-rw-r--r--roles/openshift_examples/files/examples/v1.4/db-templates/mongodb-ephemeral-template.json12
-rw-r--r--roles/openshift_examples/files/examples/v1.4/db-templates/mongodb-persistent-template.json12
-rw-r--r--roles/openshift_examples/files/examples/v1.4/db-templates/mysql-ephemeral-template.json12
-rw-r--r--roles/openshift_examples/files/examples/v1.4/db-templates/mysql-persistent-template.json12
-rw-r--r--roles/openshift_examples/files/examples/v1.4/db-templates/postgresql-ephemeral-template.json11
-rw-r--r--roles/openshift_examples/files/examples/v1.4/db-templates/postgresql-persistent-template.json11
-rw-r--r--roles/openshift_examples/files/examples/v1.4/db-templates/redis-ephemeral-template.json25
-rw-r--r--roles/openshift_examples/files/examples/v1.4/db-templates/redis-persistent-template.json25
-rw-r--r--roles/openshift_examples/files/examples/v1.4/image-streams/dotnet_imagestreams.json15
-rw-r--r--roles/openshift_examples/files/examples/v1.4/image-streams/image-streams-centos7.json75
-rw-r--r--roles/openshift_examples/files/examples/v1.4/image-streams/image-streams-rhel7.json67
-rw-r--r--roles/openshift_examples/files/examples/v1.4/quickstart-templates/README.md1
-rw-r--r--roles/openshift_examples/files/examples/v1.4/quickstart-templates/amp.yml1261
-rw-r--r--roles/openshift_examples/files/examples/v1.4/quickstart-templates/apicast-gateway-template.yml149
-rw-r--r--roles/openshift_examples/files/examples/v1.4/quickstart-templates/apicast.yml157
-rw-r--r--roles/openshift_examples/files/examples/v1.4/quickstart-templates/cakephp-mysql-persistent.json7
-rw-r--r--roles/openshift_examples/files/examples/v1.4/quickstart-templates/cakephp-mysql.json7
-rw-r--r--roles/openshift_examples/files/examples/v1.4/quickstart-templates/dancer-mysql-persistent.json10
-rw-r--r--roles/openshift_examples/files/examples/v1.4/quickstart-templates/dancer-mysql.json10
-rw-r--r--roles/openshift_examples/files/examples/v1.4/quickstart-templates/django-postgresql-persistent.json9
-rw-r--r--roles/openshift_examples/files/examples/v1.4/quickstart-templates/django-postgresql.json9
-rw-r--r--roles/openshift_examples/files/examples/v1.4/quickstart-templates/dotnet-example.json333
-rw-r--r--roles/openshift_examples/files/examples/v1.4/quickstart-templates/dotnet-pgsql-persistent.json565
-rw-r--r--roles/openshift_examples/files/examples/v1.4/quickstart-templates/httpd.json274
-rw-r--r--roles/openshift_examples/files/examples/v1.4/quickstart-templates/jenkins-ephemeral-template.json15
-rw-r--r--roles/openshift_examples/files/examples/v1.4/quickstart-templates/jenkins-persistent-template.json15
-rw-r--r--roles/openshift_examples/files/examples/v1.4/quickstart-templates/nodejs-mongodb-persistent.json11
-rw-r--r--roles/openshift_examples/files/examples/v1.4/quickstart-templates/nodejs-mongodb.json11
-rw-r--r--roles/openshift_examples/files/examples/v1.4/quickstart-templates/pvc.yml49
-rw-r--r--roles/openshift_examples/files/examples/v1.4/quickstart-templates/rails-postgresql-persistent.json13
-rw-r--r--roles/openshift_examples/files/examples/v1.4/quickstart-templates/rails-postgresql.json13
-rw-r--r--roles/openshift_examples/files/examples/v1.4/quickstart-templates/wildcard.yml158
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-streams/jboss-image-streams.json535
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/amq62-basic.json21
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/amq62-persistent-ssl.json30
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/amq62-persistent.json25
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/amq62-ssl.json26
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/amq63-basic.json334
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/amq63-persistent-ssl.json569
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/amq63-persistent.json386
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/amq63-ssl.json521
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/datagrid65-basic.json50
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/datagrid65-https.json59
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/datagrid65-mysql-persistent.json93
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/datagrid65-mysql.json92
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/datagrid65-postgresql-persistent.json84
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/datagrid65-postgresql.json83
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/datavirt63-basic-s2i.json73
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/datavirt63-extensions-support-s2i.json63
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/datavirt63-secure-s2i.json308
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver62-amq-s2i.json40
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver62-basic-s2i.json20
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver62-https-s2i.json27
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver63-amq-s2i.json66
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver63-basic-s2i.json45
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver63-https-s2i.json52
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver64-amq-s2i.json748
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver64-basic-s2i.json376
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver64-https-s2i.json517
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-amq-persistent-s2i.json75
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-amq-s2i.json71
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-basic-s2i.json44
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-https-s2i.json55
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-mongodb-persistent-s2i.json86
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-mongodb-s2i.json85
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-mysql-persistent-s2i.json87
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-mysql-s2i.json86
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-postgresql-persistent-s2i.json84
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-postgresql-s2i.json83
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-sso-s2i.json72
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-third-party-db-s2i.json646
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-amq-persistent-s2i.json75
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-amq-s2i.json71
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-basic-s2i.json44
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-https-s2i.json55
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-mongodb-persistent-s2i.json86
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-mongodb-s2i.json85
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-mysql-persistent-s2i.json87
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-mysql-s2i.json86
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-postgresql-persistent-s2i.json84
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-postgresql-s2i.json83
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-sso-s2i.json74
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-third-party-db-s2i.json657
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-basic-s2i.json43
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-https-s2i.json48
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-mongodb-persistent-s2i.json77
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-mongodb-s2i.json76
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-mysql-persistent-s2i.json78
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-mysql-s2i.json77
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-postgresql-persistent-s2i.json75
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-postgresql-s2i.json74
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-basic-s2i.json43
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-https-s2i.json48
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-mongodb-persistent-s2i.json77
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-mongodb-s2i.json76
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-mysql-persistent-s2i.json78
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-mysql-s2i.json77
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-postgresql-persistent-s2i.json75
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-postgresql-s2i.json74
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat7-basic-s2i.json319
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat7-https-s2i.json438
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat7-mongodb-persistent-s2i.json715
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat7-mongodb-s2i.json674
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat7-mysql-persistent-s2i.json718
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat7-mysql-s2i.json677
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat7-postgresql-persistent-s2i.json692
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat7-postgresql-s2i.json651
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat8-basic-s2i.json319
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat8-https-s2i.json438
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat8-mongodb-persistent-s2i.json715
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat8-mongodb-s2i.json674
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat8-mysql-persistent-s2i.json718
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat8-mysql-s2i.json677
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat8-postgresql-persistent-s2i.json692
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat8-postgresql-s2i.json649
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/openjdk18-web-basic-s2i.json7
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-amq-mysql-persistent-s2i.json93
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-amq-mysql-s2i.json91
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-amq-postgresql-persistent-s2i.json90
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-amq-postgresql-s2i.json88
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-basic-s2i.json46
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-mysql-persistent-s2i.json82
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-mysql-s2i.json81
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-postgresql-persistent-s2i.json79
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-postgresql-s2i.json78
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver64-amq-mysql-persistent-s2i.json1156
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver64-amq-mysql-s2i.json1034
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver64-amq-postgresql-persistent-s2i.json1126
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver64-amq-postgresql-s2i.json1004
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver64-basic-s2i.json383
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver64-mysql-persistent-s2i.json860
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver64-mysql-s2i.json783
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver64-postgresql-persistent-s2i.json830
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver64-postgresql-s2i.json753
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso70-https.json50
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso70-mysql-persistent.json75
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso70-mysql.json78
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso70-postgresql-persistent.json72
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso70-postgresql.json71
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso71-https.json544
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso71-mysql-persistent.json799
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso71-mysql.json767
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso71-postgresql-persistent.json773
-rw-r--r--roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso71-postgresql.json741
-rw-r--r--roles/openshift_examples/files/examples/v1.5/cfme-templates/cfme-pv-app-example.yaml13
-rw-r--r--roles/openshift_examples/files/examples/v1.5/cfme-templates/cfme-pv-db-example.yaml13
-rw-r--r--roles/openshift_examples/files/examples/v1.5/cfme-templates/cfme-pv-example.yaml13
-rw-r--r--roles/openshift_examples/files/examples/v1.5/cfme-templates/cfme-pv-region-example.yaml13
-rw-r--r--roles/openshift_examples/files/examples/v1.5/cfme-templates/cfme-pv-server-example.yaml13
-rw-r--r--roles/openshift_examples/files/examples/v1.5/cfme-templates/cfme-template.yaml210
-rw-r--r--roles/openshift_examples/files/examples/v1.5/db-templates/mariadb-ephemeral-template.json12
-rw-r--r--roles/openshift_examples/files/examples/v1.5/db-templates/mariadb-persistent-template.json12
-rw-r--r--roles/openshift_examples/files/examples/v1.5/db-templates/mongodb-ephemeral-template.json12
-rw-r--r--roles/openshift_examples/files/examples/v1.5/db-templates/mongodb-persistent-template.json12
-rw-r--r--roles/openshift_examples/files/examples/v1.5/db-templates/mysql-ephemeral-template.json12
-rw-r--r--roles/openshift_examples/files/examples/v1.5/db-templates/mysql-persistent-template.json12
-rw-r--r--roles/openshift_examples/files/examples/v1.5/db-templates/postgresql-ephemeral-template.json11
-rw-r--r--roles/openshift_examples/files/examples/v1.5/db-templates/postgresql-persistent-template.json11
-rw-r--r--roles/openshift_examples/files/examples/v1.5/db-templates/redis-ephemeral-template.json10
-rw-r--r--roles/openshift_examples/files/examples/v1.5/db-templates/redis-persistent-template.json10
-rw-r--r--roles/openshift_examples/files/examples/v1.5/image-streams/image-streams-centos7.json73
-rw-r--r--roles/openshift_examples/files/examples/v1.5/image-streams/image-streams-rhel7.json65
-rw-r--r--roles/openshift_examples/files/examples/v1.5/quickstart-templates/README.md1
-rw-r--r--roles/openshift_examples/files/examples/v1.5/quickstart-templates/amp.yml1261
-rw-r--r--roles/openshift_examples/files/examples/v1.5/quickstart-templates/apicast-gateway-template.yml149
-rw-r--r--roles/openshift_examples/files/examples/v1.5/quickstart-templates/apicast.yml157
-rw-r--r--roles/openshift_examples/files/examples/v1.5/quickstart-templates/cakephp-mysql-persistent.json7
-rw-r--r--roles/openshift_examples/files/examples/v1.5/quickstart-templates/cakephp-mysql.json7
-rw-r--r--roles/openshift_examples/files/examples/v1.5/quickstart-templates/dancer-mysql-persistent.json10
-rw-r--r--roles/openshift_examples/files/examples/v1.5/quickstart-templates/dancer-mysql.json10
-rw-r--r--roles/openshift_examples/files/examples/v1.5/quickstart-templates/django-postgresql-persistent.json9
-rw-r--r--roles/openshift_examples/files/examples/v1.5/quickstart-templates/django-postgresql.json9
-rw-r--r--roles/openshift_examples/files/examples/v1.5/quickstart-templates/dotnet-example.json2
-rw-r--r--roles/openshift_examples/files/examples/v1.5/quickstart-templates/httpd.json274
-rw-r--r--roles/openshift_examples/files/examples/v1.5/quickstart-templates/jenkins-ephemeral-template.json5
-rw-r--r--roles/openshift_examples/files/examples/v1.5/quickstart-templates/jenkins-persistent-template.json5
-rw-r--r--roles/openshift_examples/files/examples/v1.5/quickstart-templates/nodejs-mongodb-persistent.json11
-rw-r--r--roles/openshift_examples/files/examples/v1.5/quickstart-templates/nodejs-mongodb.json11
-rw-r--r--roles/openshift_examples/files/examples/v1.5/quickstart-templates/pvc.yml49
-rw-r--r--roles/openshift_examples/files/examples/v1.5/quickstart-templates/rails-postgresql-persistent.json13
-rw-r--r--roles/openshift_examples/files/examples/v1.5/quickstart-templates/rails-postgresql.json13
-rw-r--r--roles/openshift_examples/files/examples/v1.5/quickstart-templates/wildcard.yml158
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-streams/jboss-image-streams.json535
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/amq62-basic.json21
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/amq62-persistent-ssl.json30
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/amq62-persistent.json25
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/amq62-ssl.json26
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/amq63-basic.json334
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/amq63-persistent-ssl.json569
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/amq63-persistent.json386
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/amq63-ssl.json521
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/datagrid65-basic.json50
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/datagrid65-https.json59
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/datagrid65-mysql-persistent.json93
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/datagrid65-mysql.json92
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/datagrid65-postgresql-persistent.json84
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/datagrid65-postgresql.json83
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/datavirt63-basic-s2i.json73
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/datavirt63-extensions-support-s2i.json63
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/datavirt63-secure-s2i.json308
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver62-amq-s2i.json40
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver62-basic-s2i.json20
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver62-https-s2i.json27
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver63-amq-s2i.json66
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver63-basic-s2i.json45
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver63-https-s2i.json52
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver64-amq-s2i.json748
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver64-basic-s2i.json376
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver64-https-s2i.json517
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-amq-persistent-s2i.json75
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-amq-s2i.json71
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-basic-s2i.json44
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-https-s2i.json55
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-mongodb-persistent-s2i.json86
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-mongodb-s2i.json85
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-mysql-persistent-s2i.json87
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-mysql-s2i.json86
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-postgresql-persistent-s2i.json84
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-postgresql-s2i.json83
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-sso-s2i.json72
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-third-party-db-s2i.json646
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-amq-persistent-s2i.json75
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-amq-s2i.json71
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-basic-s2i.json44
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-https-s2i.json55
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-mongodb-persistent-s2i.json86
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-mongodb-s2i.json85
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-mysql-persistent-s2i.json87
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-mysql-s2i.json86
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-postgresql-persistent-s2i.json84
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-postgresql-s2i.json83
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-sso-s2i.json74
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-third-party-db-s2i.json657
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-basic-s2i.json43
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-https-s2i.json48
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-mongodb-persistent-s2i.json77
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-mongodb-s2i.json76
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-mysql-persistent-s2i.json78
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-mysql-s2i.json77
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-postgresql-persistent-s2i.json75
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-postgresql-s2i.json74
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-basic-s2i.json43
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-https-s2i.json48
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-mongodb-persistent-s2i.json77
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-mongodb-s2i.json76
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-mysql-persistent-s2i.json78
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-mysql-s2i.json77
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-postgresql-persistent-s2i.json75
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-postgresql-s2i.json74
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat7-basic-s2i.json319
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat7-https-s2i.json438
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat7-mongodb-persistent-s2i.json715
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat7-mongodb-s2i.json674
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat7-mysql-persistent-s2i.json718
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat7-mysql-s2i.json677
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat7-postgresql-persistent-s2i.json692
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat7-postgresql-s2i.json651
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat8-basic-s2i.json319
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat8-https-s2i.json438
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat8-mongodb-persistent-s2i.json715
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat8-mongodb-s2i.json674
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat8-mysql-persistent-s2i.json718
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat8-mysql-s2i.json677
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat8-postgresql-persistent-s2i.json692
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat8-postgresql-s2i.json649
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/openjdk18-web-basic-s2i.json7
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-amq-mysql-persistent-s2i.json93
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-amq-mysql-s2i.json91
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-amq-postgresql-persistent-s2i.json90
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-amq-postgresql-s2i.json88
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-basic-s2i.json46
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-mysql-persistent-s2i.json82
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-mysql-s2i.json81
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-postgresql-persistent-s2i.json79
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-postgresql-s2i.json78
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver64-amq-mysql-persistent-s2i.json1156
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver64-amq-mysql-s2i.json1034
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver64-amq-postgresql-persistent-s2i.json1126
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver64-amq-postgresql-s2i.json1004
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver64-basic-s2i.json383
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver64-mysql-persistent-s2i.json860
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver64-mysql-s2i.json783
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver64-postgresql-persistent-s2i.json830
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver64-postgresql-s2i.json753
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso70-https.json50
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso70-mysql-persistent.json75
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso70-mysql.json78
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso70-postgresql-persistent.json72
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso70-postgresql.json71
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso71-https.json544
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso71-mysql-persistent.json799
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso71-mysql.json767
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso71-postgresql-persistent.json773
-rw-r--r--roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso71-postgresql.json741
-rw-r--r--roles/openshift_examples/files/examples/v3.6/cfme-templates/cfme-pv-app-example.yaml13
-rw-r--r--roles/openshift_examples/files/examples/v3.6/cfme-templates/cfme-pv-db-example.yaml13
-rw-r--r--roles/openshift_examples/files/examples/v3.6/cfme-templates/cfme-pv-example.yaml13
-rw-r--r--roles/openshift_examples/files/examples/v3.6/cfme-templates/cfme-pv-region-example.yaml13
-rw-r--r--roles/openshift_examples/files/examples/v3.6/cfme-templates/cfme-pv-server-example.yaml13
-rw-r--r--roles/openshift_examples/files/examples/v3.6/cfme-templates/cfme-template.yaml210
-rw-r--r--roles/openshift_examples/files/examples/v3.6/cfme-templates/jboss-middleware-manager-pv-example.yaml58
-rw-r--r--roles/openshift_examples/files/examples/v3.6/cfme-templates/jboss-middleware-manager-template.yaml254
-rw-r--r--roles/openshift_examples/files/examples/v3.6/db-templates/mariadb-ephemeral-template.json12
-rw-r--r--roles/openshift_examples/files/examples/v3.6/db-templates/mariadb-persistent-template.json12
-rw-r--r--roles/openshift_examples/files/examples/v3.6/db-templates/mongodb-ephemeral-template.json12
-rw-r--r--roles/openshift_examples/files/examples/v3.6/db-templates/mongodb-persistent-template.json12
-rw-r--r--roles/openshift_examples/files/examples/v3.6/db-templates/mysql-ephemeral-template.json12
-rw-r--r--roles/openshift_examples/files/examples/v3.6/db-templates/mysql-persistent-template.json12
-rw-r--r--roles/openshift_examples/files/examples/v3.6/db-templates/postgresql-ephemeral-template.json11
-rw-r--r--roles/openshift_examples/files/examples/v3.6/db-templates/postgresql-persistent-template.json11
-rw-r--r--roles/openshift_examples/files/examples/v3.6/db-templates/redis-ephemeral-template.json10
-rw-r--r--roles/openshift_examples/files/examples/v3.6/db-templates/redis-persistent-template.json10
-rw-r--r--roles/openshift_examples/files/examples/v3.6/image-streams/image-streams-centos7.json45
-rw-r--r--roles/openshift_examples/files/examples/v3.6/image-streams/image-streams-rhel7.json45
-rw-r--r--roles/openshift_examples/files/examples/v3.6/quickstart-templates/README.md1
-rw-r--r--roles/openshift_examples/files/examples/v3.6/quickstart-templates/cakephp-mysql-persistent.json7
-rw-r--r--roles/openshift_examples/files/examples/v3.6/quickstart-templates/cakephp-mysql.json7
-rw-r--r--roles/openshift_examples/files/examples/v3.6/quickstart-templates/dancer-mysql-persistent.json7
-rw-r--r--roles/openshift_examples/files/examples/v3.6/quickstart-templates/dancer-mysql.json7
-rw-r--r--roles/openshift_examples/files/examples/v3.6/quickstart-templates/django-postgresql-persistent.json7
-rw-r--r--roles/openshift_examples/files/examples/v3.6/quickstart-templates/django-postgresql.json7
-rw-r--r--roles/openshift_examples/files/examples/v3.6/quickstart-templates/dotnet-example.json2
-rw-r--r--roles/openshift_examples/files/examples/v3.6/quickstart-templates/httpd.json274
-rw-r--r--roles/openshift_examples/files/examples/v3.6/quickstart-templates/jenkins-ephemeral-template.json5
-rw-r--r--roles/openshift_examples/files/examples/v3.6/quickstart-templates/jenkins-persistent-template.json5
-rw-r--r--roles/openshift_examples/files/examples/v3.6/quickstart-templates/nodejs-mongodb-persistent.json9
-rw-r--r--roles/openshift_examples/files/examples/v3.6/quickstart-templates/nodejs-mongodb.json9
-rw-r--r--roles/openshift_examples/files/examples/v3.6/quickstart-templates/rails-postgresql-persistent.json13
-rw-r--r--roles/openshift_examples/files/examples/v3.6/quickstart-templates/rails-postgresql.json13
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-streams/jboss-image-streams.json535
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/amq62-basic.json21
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/amq62-persistent-ssl.json30
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/amq62-persistent.json25
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/amq62-ssl.json26
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/amq63-basic.json334
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/amq63-persistent-ssl.json569
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/amq63-persistent.json386
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/amq63-ssl.json521
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/datagrid65-basic.json50
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/datagrid65-https.json59
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/datagrid65-mysql-persistent.json93
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/datagrid65-mysql.json92
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/datagrid65-postgresql-persistent.json84
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/datagrid65-postgresql.json83
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/datavirt63-basic-s2i.json73
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/datavirt63-extensions-support-s2i.json63
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/datavirt63-secure-s2i.json308
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver62-amq-s2i.json40
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver62-basic-s2i.json20
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver62-https-s2i.json27
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver63-amq-s2i.json66
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver63-basic-s2i.json45
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver63-https-s2i.json52
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver64-amq-s2i.json748
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver64-basic-s2i.json376
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver64-https-s2i.json517
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-amq-persistent-s2i.json75
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-amq-s2i.json71
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-basic-s2i.json44
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-https-s2i.json55
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-mongodb-persistent-s2i.json86
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-mongodb-s2i.json85
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-mysql-persistent-s2i.json87
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-mysql-s2i.json86
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-postgresql-persistent-s2i.json84
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-postgresql-s2i.json83
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-sso-s2i.json72
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-third-party-db-s2i.json646
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-amq-persistent-s2i.json75
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-amq-s2i.json71
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-basic-s2i.json44
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-https-s2i.json55
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-mongodb-persistent-s2i.json86
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-mongodb-s2i.json85
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-mysql-persistent-s2i.json87
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-mysql-s2i.json86
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-postgresql-persistent-s2i.json84
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-postgresql-s2i.json83
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-sso-s2i.json74
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-third-party-db-s2i.json657
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-basic-s2i.json43
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-https-s2i.json48
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-mongodb-persistent-s2i.json77
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-mongodb-s2i.json76
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-mysql-persistent-s2i.json78
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-mysql-s2i.json77
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-postgresql-persistent-s2i.json75
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-postgresql-s2i.json74
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-basic-s2i.json43
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-https-s2i.json48
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-mongodb-persistent-s2i.json77
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-mongodb-s2i.json76
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-mysql-persistent-s2i.json78
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-mysql-s2i.json77
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-postgresql-persistent-s2i.json75
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-postgresql-s2i.json74
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat7-basic-s2i.json319
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat7-https-s2i.json438
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat7-mongodb-persistent-s2i.json715
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat7-mongodb-s2i.json674
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat7-mysql-persistent-s2i.json718
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat7-mysql-s2i.json677
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat7-postgresql-persistent-s2i.json692
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat7-postgresql-s2i.json651
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat8-basic-s2i.json319
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat8-https-s2i.json438
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat8-mongodb-persistent-s2i.json715
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat8-mongodb-s2i.json674
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat8-mysql-persistent-s2i.json718
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat8-mysql-s2i.json677
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat8-postgresql-persistent-s2i.json692
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat8-postgresql-s2i.json649
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/openjdk18-web-basic-s2i.json7
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-amq-mysql-persistent-s2i.json93
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-amq-mysql-s2i.json91
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-amq-postgresql-persistent-s2i.json90
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-amq-postgresql-s2i.json88
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-basic-s2i.json46
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-mysql-persistent-s2i.json82
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-mysql-s2i.json81
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-postgresql-persistent-s2i.json79
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-postgresql-s2i.json78
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver64-amq-mysql-persistent-s2i.json1156
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver64-amq-mysql-s2i.json1034
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver64-amq-postgresql-persistent-s2i.json1126
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver64-amq-postgresql-s2i.json1004
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver64-basic-s2i.json383
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver64-mysql-persistent-s2i.json860
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver64-mysql-s2i.json783
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver64-postgresql-persistent-s2i.json830
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver64-postgresql-s2i.json753
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso70-https.json50
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso70-mysql-persistent.json75
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso70-mysql.json78
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso70-postgresql-persistent.json72
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso70-postgresql.json71
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso71-https.json544
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso71-mysql-persistent.json799
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso71-mysql.json767
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso71-postgresql-persistent.json773
-rw-r--r--roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso71-postgresql.json741
-rw-r--r--roles/openshift_examples/tasks/main.yml16
-rw-r--r--roles/openshift_excluder/tasks/exclude.yml4
-rw-r--r--roles/openshift_excluder/tasks/unexclude.yml4
-rw-r--r--roles/openshift_facts/defaults/main.yml2
-rwxr-xr-xroles/openshift_facts/library/openshift_facts.py56
-rw-r--r--roles/openshift_facts/tasks/main.yml8
-rw-r--r--roles/openshift_health_checker/action_plugins/openshift_health_check.py15
-rw-r--r--roles/openshift_health_checker/callback_plugins/zz_failure_summary.py41
-rw-r--r--[-rwxr-xr-x]roles/openshift_health_checker/library/aos_version.py34
-rw-r--r--[-rwxr-xr-x]roles/openshift_health_checker/library/check_yum_update.py0
-rw-r--r--roles/openshift_health_checker/library/docker_info.py2
-rw-r--r--roles/openshift_health_checker/library/search_journalctl.py150
-rw-r--r--roles/openshift_health_checker/openshift_checks/__init__.py82
-rw-r--r--roles/openshift_health_checker/openshift_checks/disk_availability.py137
-rw-r--r--roles/openshift_health_checker/openshift_checks/docker_image_availability.py75
-rw-r--r--roles/openshift_health_checker/openshift_checks/docker_storage.py191
-rw-r--r--roles/openshift_health_checker/openshift_checks/etcd_imagedata_size.py29
-rw-r--r--roles/openshift_health_checker/openshift_checks/etcd_traffic.py44
-rw-r--r--roles/openshift_health_checker/openshift_checks/etcd_volume.py23
-rw-r--r--roles/openshift_health_checker/openshift_checks/logging/curator.py15
-rw-r--r--roles/openshift_health_checker/openshift_checks/logging/elasticsearch.py51
-rw-r--r--roles/openshift_health_checker/openshift_checks/logging/fluentd.py49
-rw-r--r--roles/openshift_health_checker/openshift_checks/logging/kibana.py37
-rw-r--r--roles/openshift_health_checker/openshift_checks/logging/logging.py42
-rw-r--r--roles/openshift_health_checker/openshift_checks/logging/logging_index_time.py130
-rw-r--r--roles/openshift_health_checker/openshift_checks/memory_availability.py21
-rw-r--r--roles/openshift_health_checker/openshift_checks/mixins.py25
-rw-r--r--roles/openshift_health_checker/openshift_checks/ovs_version.py23
-rw-r--r--roles/openshift_health_checker/openshift_checks/package_availability.py23
-rw-r--r--roles/openshift_health_checker/openshift_checks/package_update.py8
-rw-r--r--roles/openshift_health_checker/openshift_checks/package_version.py43
-rw-r--r--roles/openshift_health_checker/test/action_plugin_test.py27
-rw-r--r--roles/openshift_health_checker/test/aos_version_test.py137
-rw-r--r--roles/openshift_health_checker/test/disk_availability_test.py38
-rw-r--r--roles/openshift_health_checker/test/docker_image_availability_test.py49
-rw-r--r--roles/openshift_health_checker/test/docker_storage_test.py127
-rw-r--r--roles/openshift_health_checker/test/elasticsearch_test.py26
-rw-r--r--roles/openshift_health_checker/test/etcd_imagedata_size_test.py20
-rw-r--r--roles/openshift_health_checker/test/etcd_traffic_test.py74
-rw-r--r--roles/openshift_health_checker/test/etcd_volume_test.py9
-rw-r--r--roles/openshift_health_checker/test/fluentd_test.py4
-rw-r--r--roles/openshift_health_checker/test/kibana_test.py18
-rw-r--r--roles/openshift_health_checker/test/logging_check_test.py46
-rw-r--r--roles/openshift_health_checker/test/logging_index_time_test.py170
-rw-r--r--roles/openshift_health_checker/test/memory_availability_test.py8
-rw-r--r--roles/openshift_health_checker/test/mixins_test.py4
-rw-r--r--roles/openshift_health_checker/test/openshift_check_test.py43
-rw-r--r--roles/openshift_health_checker/test/ovs_version_test.py17
-rw-r--r--roles/openshift_health_checker/test/package_availability_test.py7
-rw-r--r--roles/openshift_health_checker/test/package_update_test.py5
-rw-r--r--roles/openshift_health_checker/test/package_version_test.py56
-rw-r--r--roles/openshift_health_checker/test/search_journalctl_test.py157
-rw-r--r--roles/openshift_hosted/defaults/main.yml2
-rw-r--r--roles/openshift_hosted/tasks/registry/registry.yml9
-rw-r--r--roles/openshift_hosted/tasks/registry/storage/glusterfs.yml2
-rw-r--r--roles/openshift_hosted/tasks/router/router.yml12
-rw-r--r--roles/openshift_hosted/templates/registry_config.j25
-rw-r--r--roles/openshift_hosted_logging/README.md2
-rw-r--r--roles/openshift_hosted_logging/vars/main.yaml3
-rw-r--r--roles/openshift_loadbalancer/README.md2
-rw-r--r--roles/openshift_logging/README.md2
-rw-r--r--roles/openshift_logging/defaults/main.yml5
-rw-r--r--roles/openshift_logging/tasks/install_logging.yaml39
-rw-r--r--roles/openshift_logging_curator/tasks/main.yaml2
-rw-r--r--roles/openshift_logging_curator/templates/curator.j22
-rw-r--r--roles/openshift_logging_elasticsearch/tasks/main.yaml26
-rw-r--r--roles/openshift_logging_elasticsearch/templates/elasticsearch.yml.j24
-rw-r--r--roles/openshift_logging_elasticsearch/templates/es.j218
-rw-r--r--roles/openshift_logging_elasticsearch/templates/pvc.j23
-rw-r--r--roles/openshift_logging_fluentd/defaults/main.yml2
-rw-r--r--roles/openshift_logging_fluentd/tasks/main.yaml20
-rw-r--r--roles/openshift_logging_fluentd/templates/fluentd.j224
-rw-r--r--roles/openshift_logging_fluentd/vars/main.yml1
-rw-r--r--roles/openshift_logging_kibana/defaults/main.yml2
-rw-r--r--roles/openshift_logging_kibana/tasks/main.yaml7
-rw-r--r--roles/openshift_logging_kibana/templates/kibana.j22
-rw-r--r--roles/openshift_logging_mux/defaults/main.yml1
-rw-r--r--roles/openshift_logging_mux/tasks/main.yaml2
-rw-r--r--roles/openshift_logging_mux/templates/mux.j216
-rw-r--r--roles/openshift_master/README.md25
-rw-r--r--roles/openshift_master/defaults/main.yml4
-rw-r--r--roles/openshift_master/tasks/main.yml38
-rw-r--r--roles/openshift_master/templates/atomic-openshift-master.j23
-rw-r--r--roles/openshift_master/templates/docker-cluster/atomic-openshift-master-api.service.j22
-rw-r--r--roles/openshift_master/templates/docker-cluster/atomic-openshift-master-controllers.service.j22
-rw-r--r--roles/openshift_master/templates/master.yaml.v1.j28
-rw-r--r--roles/openshift_master/templates/master_docker/master.docker.service.j22
-rw-r--r--roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.j23
-rw-r--r--roles/openshift_master/templates/native-cluster/atomic-openshift-master-controllers.j23
-rw-r--r--roles/openshift_master_certificates/tasks/main.yml2
-rw-r--r--roles/openshift_metrics/defaults/main.yaml2
-rw-r--r--roles/openshift_metrics/tasks/generate_hawkular_certificates.yaml4
-rw-r--r--roles/openshift_metrics/tasks/generate_rolebindings.yaml24
-rw-r--r--roles/openshift_metrics/tasks/install_cassandra.yaml3
-rw-r--r--roles/openshift_metrics/tasks/install_hosa.yaml2
-rw-r--r--roles/openshift_metrics/tasks/install_support.yaml2
-rw-r--r--roles/openshift_metrics/tasks/main.yaml2
-rw-r--r--roles/openshift_metrics/tasks/uninstall_metrics.yaml3
-rw-r--r--roles/openshift_metrics/templates/hawkular_metrics_role.j215
-rw-r--r--roles/openshift_metrics/templates/pvc.j23
-rw-r--r--roles/openshift_metrics/templates/route.j22
-rw-r--r--roles/openshift_named_certificates/filter_plugins/openshift_named_certificates.py21
-rw-r--r--roles/openshift_node/defaults/main.yml2
-rw-r--r--roles/openshift_node/handlers/main.yml15
-rw-r--r--roles/openshift_node/meta/main.yml2
-rw-r--r--roles/openshift_node/tasks/main.yml24
-rw-r--r--roles/openshift_node/tasks/openvswitch_system_container.yml2
-rw-r--r--roles/openshift_node/tasks/storage_plugins/glusterfs.yml60
-rw-r--r--roles/openshift_node/tasks/storage_plugins/nfs.yml42
-rw-r--r--roles/openshift_node/tasks/systemd_units.yml2
-rw-r--r--roles/openshift_node/templates/atomic-openshift-node.service.j222
-rw-r--r--roles/openshift_node/templates/node.service.j231
-rw-r--r--roles/openshift_node/templates/node.yaml.v1.j24
-rw-r--r--roles/openshift_node/templates/openshift.docker.node.service8
-rw-r--r--roles/openshift_node/templates/origin-node.service.j221
-rw-r--r--roles/openshift_node_certificates/handlers/main.yml4
-rw-r--r--roles/openshift_node_dnsmasq/defaults/main.yml1
-rwxr-xr-xroles/openshift_node_dnsmasq/files/networkmanager/99-origin-dns.sh34
-rw-r--r--roles/openshift_node_dnsmasq/tasks/main.yml11
-rw-r--r--roles/openshift_node_dnsmasq/templates/node-dnsmasq.conf.j22
-rw-r--r--roles/openshift_node_dnsmasq/templates/origin-dns.conf.j24
-rw-r--r--roles/openshift_node_upgrade/README.md6
-rw-r--r--roles/openshift_node_upgrade/defaults/main.yml1
-rw-r--r--roles/openshift_node_upgrade/handlers/main.yml25
-rw-r--r--roles/openshift_node_upgrade/tasks/docker/upgrade.yml8
-rw-r--r--roles/openshift_node_upgrade/tasks/main.yml30
-rw-r--r--roles/openshift_node_upgrade/tasks/restart.yml7
-rw-r--r--roles/openshift_node_upgrade/tasks/rpm_upgrade.yml2
-rw-r--r--roles/openshift_node_upgrade/tasks/systemd_units.yml15
l---------roles/openshift_node_upgrade/templates/atomic-openshift-node.service.j21
-rw-r--r--roles/openshift_node_upgrade/templates/node.service.j231
-rw-r--r--roles/openshift_node_upgrade/templates/openshift.docker.node.service10
l---------roles/openshift_node_upgrade/templates/origin-node.service.j21
-rw-r--r--roles/openshift_repos/defaults/main.yaml1
-rw-r--r--roles/openshift_repos/tasks/main.yaml6
-rw-r--r--roles/openshift_sanitize_inventory/tasks/main.yml4
-rw-r--r--roles/openshift_sanitize_inventory/tasks/unsupported.yml12
-rw-r--r--roles/openshift_service_catalog/defaults/main.yml3
-rw-r--r--roles/openshift_service_catalog/files/kubeservicecatalog_roles_bindings.yml199
-rw-r--r--roles/openshift_service_catalog/files/kubesystem_roles_bindings.yml38
-rw-r--r--roles/openshift_service_catalog/files/openshift-ansible-catalog-console.js2
-rw-r--r--roles/openshift_service_catalog/meta/main.yml17
-rw-r--r--roles/openshift_service_catalog/tasks/generate_certs.yml70
-rw-r--r--roles/openshift_service_catalog/tasks/install.yml239
-rw-r--r--roles/openshift_service_catalog/tasks/main.yml8
-rw-r--r--roles/openshift_service_catalog/tasks/remove.yml56
-rw-r--r--roles/openshift_service_catalog/tasks/start_api_server.yml22
-rw-r--r--roles/openshift_service_catalog/tasks/wire_aggregator.yml206
-rw-r--r--roles/openshift_service_catalog/templates/api_server.j279
-rw-r--r--roles/openshift_service_catalog/templates/api_server_route.j214
-rw-r--r--roles/openshift_service_catalog/templates/api_server_service.j213
-rw-r--r--roles/openshift_service_catalog/templates/controller_manager.j247
-rw-r--r--roles/openshift_service_catalog/templates/controller_manager_service.j213
-rw-r--r--roles/openshift_service_catalog/templates/sc_role_patching.j226
-rw-r--r--roles/openshift_service_catalog/vars/default_images.yml3
-rw-r--r--roles/openshift_service_catalog/vars/openshift-enterprise.yml3
-rw-r--r--roles/openshift_storage_glusterfs/README.md17
-rw-r--r--roles/openshift_storage_glusterfs/defaults/main.yml30
-rw-r--r--roles/openshift_storage_glusterfs/files/v3.6/deploy-heketi-template.yml22
-rw-r--r--roles/openshift_storage_glusterfs/files/v3.6/glusterfs-template.yml5
-rw-r--r--roles/openshift_storage_glusterfs/files/v3.6/heketi-template.yml22
-rw-r--r--roles/openshift_storage_glusterfs/tasks/glusterfs_common.yml91
-rw-r--r--roles/openshift_storage_glusterfs/tasks/glusterfs_config.yml21
-rw-r--r--roles/openshift_storage_glusterfs/tasks/glusterfs_deploy.yml4
-rw-r--r--roles/openshift_storage_glusterfs/tasks/glusterfs_registry.yml31
-rw-r--r--roles/openshift_storage_glusterfs/tasks/heketi_deploy_part1.yml2
-rw-r--r--roles/openshift_storage_glusterfs/tasks/heketi_deploy_part2.yml6
-rw-r--r--roles/openshift_storage_glusterfs/tasks/main.yml2
-rw-r--r--roles/openshift_storage_glusterfs/templates/v3.6/glusterfs-storageclass.yml.j27
-rw-r--r--roles/openshift_storage_glusterfs/templates/v3.6/heketi.json.j236
-rw-r--r--roles/openshift_storage_glusterfs/templates/v3.6/topology.json.j214
-rw-r--r--roles/openshift_storage_nfs/tasks/main.yml2
-rw-r--r--roles/openshift_storage_nfs/templates/exports.j21
-rw-r--r--roles/openshift_version/tasks/main.yml196
-rw-r--r--roles/rhel_subscribe/meta/main.yml3
-rw-r--r--roles/rhel_subscribe/tasks/main.yml10
-rw-r--r--test/integration/openshift_health_checker/setup_container.yml3
-rw-r--r--tox.ini7
-rw-r--r--utils/etc/ansible.cfg6
768 files changed, 109051 insertions, 3822 deletions
diff --git a/.dockerignore b/.dockerignore
index 968811df5..0a70c5bfa 100644
--- a/.dockerignore
+++ b/.dockerignore
@@ -1,8 +1,12 @@
.*
bin
docs
+hack
+inventory
test
utils
**/*.md
*.spec
+*.ini
+*.txt
setup*
diff --git a/.papr.inventory b/.papr.inventory
index 23bc9923c..878d434e2 100644
--- a/.papr.inventory
+++ b/.papr.inventory
@@ -9,6 +9,7 @@ ansible_python_interpreter=/usr/bin/python3
deployment_type=origin
openshift_image_tag="{{ lookup('env', 'OPENSHIFT_IMAGE_TAG') }}"
openshift_master_default_subdomain="{{ lookup('env', 'RHCI_ocp_node1_IP') }}.xip.io"
+openshift_check_min_host_disk_gb=1.5
openshift_check_min_host_memory_gb=1.9
[masters]
diff --git a/.papr.sh b/.papr.sh
index fe0b97b68..decca625f 100755
--- a/.papr.sh
+++ b/.papr.sh
@@ -18,7 +18,9 @@ upload_journals() {
trap upload_journals ERR
# run the actual installer
-ansible-playbook -vvv -i .papr.inventory playbooks/byo/config.yml
+# FIXME: override openshift_image_tag defined in the inventory until
+# https://github.com/openshift/openshift-ansible/issues/4478 is fixed.
+ansible-playbook -vvv -i .papr.inventory playbooks/byo/config.yml -e "openshift_image_tag=$OPENSHIFT_IMAGE_TAG"
# run a small subset of origin conformance tests to sanity
# check the cluster NB: we run it on the master since we may
diff --git a/.tito/packages/openshift-ansible b/.tito/packages/openshift-ansible
index baf77acc6..a667c3f2d 100644
--- a/.tito/packages/openshift-ansible
+++ b/.tito/packages/openshift-ansible
@@ -1 +1 @@
-3.6.114-1 ./
+3.7.1-1 ./
diff --git a/.tito/releasers.conf b/.tito/releasers.conf
index b52e4fd87..17baaa1bd 100644
--- a/.tito/releasers.conf
+++ b/.tito/releasers.conf
@@ -37,6 +37,12 @@ releaser = tito.release.DistGitReleaser
branches = rhaos-3.6-rhel-7
srpm_disttag = .el7aos
+[aos-3.7]
+releaser = tito.release.DistGitReleaser
+branches = rhaos-3.7-rhel-7
+srpm_disttag = .el7aos
+
+
[copr-openshift-ansible]
releaser = tito.release.CoprReleaser
project_name = @OpenShiftOnlineOps/openshift-ansible
diff --git a/BUILD.md b/BUILD.md
index d9de3f5aa..1c270db23 100644
--- a/BUILD.md
+++ b/BUILD.md
@@ -33,35 +33,6 @@ To build a container image of `openshift-ansible` using standalone **Docker**:
cd openshift-ansible
docker build -f images/installer/Dockerfile -t openshift-ansible .
-### Building on OpenShift
-
-To build an openshift-ansible image using an **OpenShift** [build and image stream](https://docs.openshift.org/latest/architecture/core_concepts/builds_and_image_streams.html) the straightforward command would be:
-
- oc new-build registry.centos.org/openshift/playbook2image~https://github.com/openshift/openshift-ansible
-
-However: because the `Dockerfile` for this repository is not in the top level directory, and because we can't change the build context to the `images/installer` path as it would cause the build to fail, the `oc new-app` command above will create a build configuration using the *source to image* strategy, which is the default approach of the [playbook2image](https://github.com/openshift/playbook2image) base image. This does build an image successfully, but unfortunately the resulting image will be missing some customizations that are handled by the [Dockerfile](images/installer/Dockerfile) in this repo.
-
-At the time of this writing there is no straightforward option to [set the dockerfilePath](https://docs.openshift.org/latest/dev_guide/builds/build_strategies.html#dockerfile-path) of a `docker` build strategy with `oc new-build`. The alternatives to achieve this are:
-
-- Use the simple `oc new-build` command above to generate the BuildConfig and ImageStream objects, and then manually edit the generated build configuration to change its strategy to `dockerStrategy` and set `dockerfilePath` to `images/installer/Dockerfile`.
-
-- Download and pass the `Dockerfile` to `oc new-build` with the `-D` option:
-
-```
-curl -s https://raw.githubusercontent.com/openshift/openshift-ansible/master/images/installer/Dockerfile |
- oc new-build -D - \
- --docker-image=registry.centos.org/openshift/playbook2image \
- https://github.com/openshift/openshift-ansible
-```
-
-Once a build is started, the progress of the build can be monitored with:
-
- oc logs -f bc/openshift-ansible
-
-Once built, the image will be visible in the Image Stream created by `oc new-app`:
-
- oc describe imagestream openshift-ansible
-
## Build the Atomic System Container
A system container runs using runC instead of Docker and it is managed
diff --git a/README.md b/README.md
index 1cf8d1156..71912fb98 100644
--- a/README.md
+++ b/README.md
@@ -39,7 +39,8 @@ Follow this release pattern and you can't go wrong:
| ------------- | ----------------- |
| 1.3 | 3.3 |
| 1.4 | 3.4 |
-| 1.*X* | 3.*X* |
+| 1.5 | 3.5 |
+| 3.*X* | 3.*X* |
If you're running from the openshift-ansible **master branch** we can
only guarantee compatibility with the newest origin releases **in
diff --git a/README_CONTAINER_IMAGE.md b/README_CONTAINER_IMAGE.md
index cf3b432df..a2151352d 100644
--- a/README_CONTAINER_IMAGE.md
+++ b/README_CONTAINER_IMAGE.md
@@ -1,6 +1,6 @@
# Containerized openshift-ansible to run playbooks
-The [Dockerfile](images/installer/Dockerfile) in this repository uses the [playbook2image](https://github.com/openshift/playbook2image) source-to-image base image to containerize `openshift-ansible`. The resulting image can run any of the provided playbooks. See [BUILD.md](BUILD.md) for image build instructions.
+The [Dockerfile](images/installer/Dockerfile) in this repository can be used to build a containerized `openshift-ansible`. The resulting image can run any of the provided playbooks. See [BUILD.md](BUILD.md) for image build instructions.
The image is designed to **run as a non-root user**. The container's UID is mapped to the username `default` at runtime. Therefore, the container's environment reflects that user's settings, and the configuration should match that. For example `$HOME` is `/opt/app-root/src`, so ssh keys are expected to be under `/opt/app-root/src/.ssh`. If you ran a container as `root` you would have to adjust the container's configuration accordingly, e.g. by placing ssh keys under `/root/.ssh` instead. Nevertheless, the expectation is that containers will be run as non-root; for example, this container image can be run inside OpenShift under the default `restricted` [security context constraint](https://docs.openshift.org/latest/architecture/additional_concepts/authorization.html#security-context-constraints).
@@ -14,8 +14,6 @@ This provides consistency with other images used by the platform and it's also a
## Usage
-The `playbook2image` base image provides several options to control the behaviour of the containers. For more details on these options see the [playbook2image](https://github.com/openshift/playbook2image) documentation.
-
At the very least, when running a container you must specify:
1. An **inventory**. This can be a location inside the container (possibly mounted as a volume) with a path referenced via the `INVENTORY_FILE` environment variable. Alternatively you can serve the inventory file from a web server and use the `INVENTORY_URL` environment variable to fetch it, or `DYNAMIC_SCRIPT_URL` to download a script that provides a dynamic inventory.
@@ -52,8 +50,6 @@ Here is a detailed explanation of the options used in the command above:
Further usage examples are available in the [examples directory](examples/) with samples of how to use the image from within OpenShift.
-Additional usage information for images built from `playbook2image` like this one can be found in the [playbook2image examples](https://github.com/openshift/playbook2image/tree/master/examples).
-
## Running openshift-ansible as a System Container
Building the System Container: See the [BUILD.md](BUILD.md).
diff --git a/README_libvirt.md b/README_libvirt.md
index c523d83fb..1661681a0 100644
--- a/README_libvirt.md
+++ b/README_libvirt.md
@@ -15,7 +15,7 @@ Install dependencies
3. Install [ebtables](http://ebtables.netfilter.org/)
4. Install [qemu and qemu-system-x86](http://wiki.qemu.org/Main_Page)
5. Install [libvirt-python and libvirt](http://libvirt.org/)
-6. Install [genisoimage](http://cdrkit.org/)
+6. Install [genisoimage](http://cdrkit.org/) or [mkisofs](http://cdrtools.sourceforge.net/private/cdrecord.html)
7. Enable and start the libvirt daemon, e.g:
- `systemctl enable libvirtd`
- `systemctl start libvirtd`
@@ -23,6 +23,7 @@ Install dependencies
9. Check that your `$HOME` is accessible to the qemu user²
10. Configure dns resolution on the host³
11. Install libselinux-python
+12. Ensure you have an SSH private and public keypair at `~/.ssh/id_rsa` and `~/.ssh/id_rsa.pub`⁴
#### ¹ Depending on your distribution, libvirt access may be denied by default or may require a password at each access.
@@ -103,6 +104,11 @@ sudo vi /etc/NetworkManager/dnsmasq.d/libvirt_dnsmasq.conf
server=/example.com/192.168.55.1
```
+#### ⁴ Private and public keypair in ~/.ssh/id_rsa and ~/.ssh/id_rsa.pub
+
+This playbook uses SSH keys to communicate with the libvirt-driven virtual machines. At this time the names of those keys are fixed and cannot be changed.
+
+
Test The Setup
--------------
diff --git a/ansible.cfg b/ansible.cfg
index 0c74d63da..589a58e9d 100644
--- a/ansible.cfg
+++ b/ansible.cfg
@@ -16,6 +16,13 @@ host_key_checking = False
retry_files_enabled = False
retry_files_save_path = ~/ansible-installer-retries
nocows = True
+remote_user = root
+roles_path = roles/
+gathering = smart
+fact_caching = jsonfile
+fact_caching_connection = $HOME/ansible/facts
+fact_caching_timeout = 600
+callback_whitelist = profile_tasks
# Uncomment to use the provided BYO inventory
#hostfile = inventory/byo/hosts
@@ -29,3 +36,8 @@ nocows = True
# Additional ssh options for OpenShift Ansible
[ssh_connection]
pipelining = True
+ssh_args = -o ControlMaster=auto -o ControlPersist=600s
+timeout = 10
+# shorten the ControlPath which is often too long; when it is,
+# ssh connection reuse silently fails, making everything slower.
+control_path = %(directory)s/%%h-%%r
diff --git a/docs/proposals/role_decomposition.md b/docs/proposals/role_decomposition.md
new file mode 100644
index 000000000..b6c1d8c5b
--- /dev/null
+++ b/docs/proposals/role_decomposition.md
@@ -0,0 +1,353 @@
+# Scaffolding for decomposing large roles
+
+## Why?
+
+Currently we have roles that are very large and encompass a lot of different
+components. This makes for a lot of logic required within the role, can
+create complex conditionals, and increases the learning curve for the role.
+
+## How?
+
+Creating a guide on how to approach breaking up a large role into smaller,
+component based, roles. Also describe how to develop new roles, to avoid creating
+large roles.
+
+## Proposal
+
+Create a new guide or append to the current contributing guide a process for
+identifying large roles that can be split up, and how to compose smaller roles
+going forward.
+
+### Large roles
+
+A role should be considered for decomposition if it:
+
+1) Configures/installs more than one product.
+1) Can configure multiple variations of the same product that can live
+side by side.
+1) Has different entry points for upgrading and installing a product
+
+Large roles<sup>1</sup> should be responsible for:
+> 1 or composing playbooks
+
+1) Composing smaller roles to provide a full solution such as an Openshift Master
+1) Ensuring that smaller roles are called in the correct order if necessary
+1) Calling smaller roles with their required variables
+1) Performing prerequisite tasks that small roles may depend on being in place
+(openshift_logging certificate generation for example)
+
+### Small roles
+
+A small role should be able to:
+
+1) Be deployed independently of other products (this is different than requiring
+being installed after other base components such as OCP)
+1) Be self contained and able to determine facts that it requires to complete
+1) Fail fast when facts it requires are not available or are invalid
+1) "Make it so" based on provided variables and anything that may be required
+as part of doing such (this should include data migrations)
+1) Have a minimal set of dependencies in meta/main.yml, just enough to do its job
+
+### Example using decomposition of openshift_logging
+
+The `openshift_logging` role was created as a port from the deployer image for
+the `3.5` deliverable. It was a large role that created the service accounts,
+configmaps, secrets, routes, and deployment configs/daemonset required for each
+of its different components (Fluentd, Kibana, Curator, Elasticsearch).
+
+It was possible to configure any of the components independently of one another,
+up to a point. However, it was an all of nothing installation and there was a
+need from customers to be able to do things like just deploy Fluentd.
+
+Also being able to support multiple versions of configuration files would become
+increasingly messy with a large role. Especially if the components had changes
+at different intervals.
+
+#### Folding of responsibility
+
+There was a duplicate of work within the installation of three of the four logging
+components where there was a possibility to deploy both an 'operations' and
+'non-operations' cluster side-by-side. The first step was to collapse that
+duplicate work into a single path and allow a variable to be provided to
+configure such that either possibility could be created.
+
+#### Consolidation of responsibility
+
+The generation of OCP objects required for each component were being created in
+the same task file, all Service Accounts were created at the same time, all secrets,
+configmaps, etc. The only components that were not generated at the same time were
+the deployment configs and the daemonset. The second step was to make the small
+roles self contained and generate their own required objects.
+
+#### Consideration for prerequisites
+
+Currently the Aggregated Logging stack generates its own certificates as it has
+some requirements that prevent it from utilizing the OCP cert generation service.
+In order to make sure that all components were able to trust one another as they
+did previously, until the cert generation service can be used, the certificate
+generation is being handled within the top level `openshift_logging` role and
+providing the location of the generated certificates to the individual roles.
+
+#### Snippets
+
+[openshift_logging/tasks/install_logging.yaml](https://github.com/ewolinetz/openshift-ansible/blob/logging_component_subroles/roles/openshift_logging/tasks/install_logging.yaml)
+```yaml
+- name: Gather OpenShift Logging Facts
+ openshift_logging_facts:
+ oc_bin: "{{openshift.common.client_binary}}"
+ openshift_logging_namespace: "{{openshift_logging_namespace}}"
+
+- name: Set logging project
+ oc_project:
+ state: present
+ name: "{{ openshift_logging_namespace }}"
+
+- name: Create logging cert directory
+ file:
+ path: "{{ openshift.common.config_base }}/logging"
+ state: directory
+ mode: 0755
+ changed_when: False
+ check_mode: no
+
+- include: generate_certs.yaml
+ vars:
+ generated_certs_dir: "{{openshift.common.config_base}}/logging"
+
+## Elasticsearch
+- include_role:
+ name: openshift_logging_elasticsearch
+ vars:
+ generated_certs_dir: "{{openshift.common.config_base}}/logging"
+
+- include_role:
+ name: openshift_logging_elasticsearch
+ vars:
+ generated_certs_dir: "{{openshift.common.config_base}}/logging"
+ openshift_logging_es_ops_deployment: true
+ when:
+ - openshift_logging_use_ops | bool
+
+
+## Kibana
+- include_role:
+ name: openshift_logging_kibana
+ vars:
+ generated_certs_dir: "{{openshift.common.config_base}}/logging"
+ openshift_logging_kibana_namespace: "{{ openshift_logging_namespace }}"
+ openshift_logging_kibana_master_url: "{{ openshift_logging_master_url }}"
+ openshift_logging_kibana_master_public_url: "{{ openshift_logging_master_public_url }}"
+ openshift_logging_kibana_image_prefix: "{{ openshift_logging_image_prefix }}"
+ openshift_logging_kibana_image_version: "{{ openshift_logging_image_version }}"
+ openshift_logging_kibana_replicas: "{{ openshift_logging_kibana_replica_count }}"
+ openshift_logging_kibana_es_host: "{{ openshift_logging_es_host }}"
+ openshift_logging_kibana_es_port: "{{ openshift_logging_es_port }}"
+ openshift_logging_kibana_image_pull_secret: "{{ openshift_logging_image_pull_secret }}"
+
+- include_role:
+ name: openshift_logging_kibana
+ vars:
+ generated_certs_dir: "{{openshift.common.config_base}}/logging"
+ openshift_logging_kibana_ops_deployment: true
+ openshift_logging_kibana_namespace: "{{ openshift_logging_namespace }}"
+ openshift_logging_kibana_master_url: "{{ openshift_logging_master_url }}"
+ openshift_logging_kibana_master_public_url: "{{ openshift_logging_master_public_url }}"
+ openshift_logging_kibana_image_prefix: "{{ openshift_logging_image_prefix }}"
+ openshift_logging_kibana_image_version: "{{ openshift_logging_image_version }}"
+ openshift_logging_kibana_image_pull_secret: "{{ openshift_logging_image_pull_secret }}"
+ openshift_logging_kibana_es_host: "{{ openshift_logging_es_ops_host }}"
+ openshift_logging_kibana_es_port: "{{ openshift_logging_es_ops_port }}"
+ openshift_logging_kibana_nodeselector: "{{ openshift_logging_kibana_ops_nodeselector }}"
+ openshift_logging_kibana_cpu_limit: "{{ openshift_logging_kibana_ops_cpu_limit }}"
+ openshift_logging_kibana_memory_limit: "{{ openshift_logging_kibana_ops_memory_limit }}"
+ openshift_logging_kibana_hostname: "{{ openshift_logging_kibana_ops_hostname }}"
+ openshift_logging_kibana_replicas: "{{ openshift_logging_kibana_ops_replica_count }}"
+ openshift_logging_kibana_proxy_debug: "{{ openshift_logging_kibana_ops_proxy_debug }}"
+ openshift_logging_kibana_proxy_cpu_limit: "{{ openshift_logging_kibana_ops_proxy_cpu_limit }}"
+ openshift_logging_kibana_proxy_memory_limit: "{{ openshift_logging_kibana_ops_proxy_memory_limit }}"
+ openshift_logging_kibana_cert: "{{ openshift_logging_kibana_ops_cert }}"
+ openshift_logging_kibana_key: "{{ openshift_logging_kibana_ops_key }}"
+ openshift_logging_kibana_ca: "{{ openshift_logging_kibana_ops_ca}}"
+ when:
+ - openshift_logging_use_ops | bool
+
+
+## Curator
+- include_role:
+ name: openshift_logging_curator
+ vars:
+ generated_certs_dir: "{{openshift.common.config_base}}/logging"
+ openshift_logging_curator_namespace: "{{ openshift_logging_namespace }}"
+ openshift_logging_curator_master_url: "{{ openshift_logging_master_url }}"
+ openshift_logging_curator_image_prefix: "{{ openshift_logging_image_prefix }}"
+ openshift_logging_curator_image_version: "{{ openshift_logging_image_version }}"
+ openshift_logging_curator_image_pull_secret: "{{ openshift_logging_image_pull_secret }}"
+
+- include_role:
+ name: openshift_logging_curator
+ vars:
+ generated_certs_dir: "{{openshift.common.config_base}}/logging"
+ openshift_logging_curator_ops_deployment: true
+ openshift_logging_curator_namespace: "{{ openshift_logging_namespace }}"
+ openshift_logging_curator_master_url: "{{ openshift_logging_master_url }}"
+ openshift_logging_curator_image_prefix: "{{ openshift_logging_image_prefix }}"
+ openshift_logging_curator_image_version: "{{ openshift_logging_image_version }}"
+ openshift_logging_curator_image_pull_secret: "{{ openshift_logging_image_pull_secret }}"
+ openshift_logging_curator_cpu_limit: "{{ openshift_logging_curator_ops_cpu_limit }}"
+ openshift_logging_curator_memory_limit: "{{ openshift_logging_curator_ops_memory_limit }}"
+ openshift_logging_curator_nodeselector: "{{ openshift_logging_curator_ops_nodeselector }}"
+ when:
+ - openshift_logging_use_ops | bool
+
+
+## Fluentd
+- include_role:
+ name: openshift_logging_fluentd
+ vars:
+ generated_certs_dir: "{{openshift.common.config_base}}/logging"
+
+- include: update_master_config.yaml
+```
+
+[openshift_logging_elasticsearch/meta/main.yaml](https://github.com/ewolinetz/openshift-ansible/blob/logging_component_subroles/roles/openshift_logging_elasticsearch/meta/main.yaml)
+```yaml
+---
+galaxy_info:
+ author: OpenShift Red Hat
+ description: OpenShift Aggregated Logging Elasticsearch Component
+ company: Red Hat, Inc.
+ license: Apache License, Version 2.0
+ min_ansible_version: 2.2
+ platforms:
+ - name: EL
+ versions:
+ - 7
+ categories:
+ - cloud
+dependencies:
+- role: lib_openshift
+```
+
+[openshift_logging/meta/main.yaml](https://github.com/ewolinetz/openshift-ansible/blob/logging_component_subroles/roles/openshift_logging/meta/main.yaml)
+```yaml
+---
+galaxy_info:
+ author: OpenShift Red Hat
+ description: OpenShift Aggregated Logging
+ company: Red Hat, Inc.
+ license: Apache License, Version 2.0
+ min_ansible_version: 2.2
+ platforms:
+ - name: EL
+ versions:
+ - 7
+ categories:
+ - cloud
+dependencies:
+- role: lib_openshift
+- role: openshift_facts
+```
+
+[openshift_logging/tasks/install_support.yaml - old](https://github.com/openshift/openshift-ansible/blob/master/roles/openshift_logging/tasks/install_support.yaml)
+```yaml
+---
+# This is the base configuration for installing the other components
+- name: Check for logging project already exists
+ command: >
+ {{ openshift.common.client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig get project {{openshift_logging_namespace}} --no-headers
+ register: logging_project_result
+ ignore_errors: yes
+ when: not ansible_check_mode
+ changed_when: no
+
+- name: "Create logging project"
+ command: >
+ {{ openshift.common.admin_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig new-project {{openshift_logging_namespace}}
+ when: not ansible_check_mode and "not found" in logging_project_result.stderr
+
+- name: Create logging cert directory
+ file: path={{openshift.common.config_base}}/logging state=directory mode=0755
+ changed_when: False
+ check_mode: no
+
+- include: generate_certs.yaml
+ vars:
+ generated_certs_dir: "{{openshift.common.config_base}}/logging"
+
+- name: Create temp directory for all our templates
+ file: path={{mktemp.stdout}}/templates state=directory mode=0755
+ changed_when: False
+ check_mode: no
+
+- include: generate_secrets.yaml
+ vars:
+ generated_certs_dir: "{{openshift.common.config_base}}/logging"
+
+- include: generate_configmaps.yaml
+
+- include: generate_services.yaml
+
+- name: Generate kibana-proxy oauth client
+ template: src=oauth-client.j2 dest={{mktemp.stdout}}/templates/oauth-client.yaml
+ vars:
+ secret: "{{oauth_secret}}"
+ when: oauth_secret is defined
+ check_mode: no
+ changed_when: no
+
+- include: generate_clusterroles.yaml
+
+- include: generate_rolebindings.yaml
+
+- include: generate_clusterrolebindings.yaml
+
+- include: generate_serviceaccounts.yaml
+
+- include: generate_routes.yaml
+```
+
+# Limitations
+
+There will always be exceptions for some of these rules, however the majority of
+roles should be able to fall within these guidelines.
+
+# Additional considerations
+
+## Playbooks including playbooks
+In some circumstances it does not make sense to have a composing role but instead
+a playbook would be best for orchestrating the role flow. Decisions made regarding
+playbooks including playbooks will need to be taken into consideration as part of
+defining this process.
+Ref: (link to rteague's presentation?)
+
+## Role dependencies
+We want to make sure that our roles do not have any extra or unnecessary dependencies
+in meta/main.yml without:
+
+1. Proposing the inclusion in a team meeting or as part of the PR review and getting agreement
+1. Documenting in meta/main.yml why it is there and when it was agreed to (date)
+
+## Avoiding overly verbose roles
+When we are splitting our roles up into smaller components we want to ensure we
+avoid creating roles that are, for a lack of a better term, overly verbose. What
+do we mean by that? If we have `openshift_master` as an example, and we were to
+split it up, we would have a component for `etcd`, `docker`, and possibly for
+its rpms/configs. We would want to avoid creating a role that would just create
+certificates as those would make sense to be contained with the rpms and configs.
+Likewise, when it comes to being able to restart the master, we wouldn't have a
+role where that was its sole purpose.
+
+The same would apply for the `etcd` and `docker` roles. Anything that is required
+as part of installing `etcd` such as generating certificates, installing rpms,
+and upgrading data between versions should all be contained within the single
+`etcd` role.
+
+## Enforcing standards
+Certain naming standards like variable names could be verified as part of a Travis
+test. If we were going to also enforce that a role either has tasks or includes
+(for example) then we could create tests for that as well.
+
+## CI tests for individual roles
+If we are able to correctly split up roles, it should be possible to test role
+installations/upgrades like unit tests (assuming they would be able to be installed
+independently of other components).
diff --git a/filter_plugins/oo_filters.py b/filter_plugins/oo_filters.py
index cff9f8a60..36a90a870 100644
--- a/filter_plugins/oo_filters.py
+++ b/filter_plugins/oo_filters.py
@@ -194,10 +194,10 @@ def oo_select_keys_from_list(data, keys):
"""
if not isinstance(data, list):
- raise errors.AnsibleFilterError("|failed expects to filter on a list")
+ raise errors.AnsibleFilterError("|oo_select_keys_from_list failed expects to filter on a list")
if not isinstance(keys, list):
- raise errors.AnsibleFilterError("|failed expects first param is a list")
+ raise errors.AnsibleFilterError("|oo_select_keys_from_list failed expects first param is a list")
# Gather up the values for the list of keys passed in
retval = [oo_select_keys(item, keys) for item in data]
@@ -213,10 +213,10 @@ def oo_select_keys(data, keys):
"""
if not isinstance(data, Mapping):
- raise errors.AnsibleFilterError("|failed expects to filter on a dict or object")
+ raise errors.AnsibleFilterError("|oo_select_keys failed expects to filter on a dict or object")
if not isinstance(keys, list):
- raise errors.AnsibleFilterError("|failed expects first param is a list")
+ raise errors.AnsibleFilterError("|oo_select_keys failed expects first param is a list")
# Gather up the values for the list of keys passed in
retval = [data[key] for key in keys if key in data]
@@ -1009,6 +1009,21 @@ def oo_random_word(length, source='abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRS
return ''.join(random.choice(source) for i in range(length))
+def oo_contains_rule(source, apiGroups, resources, verbs):
+ '''Return true if the specified rule is contained within the provided source'''
+
+ rules = source['rules']
+
+ if rules:
+ for rule in rules:
+ if set(rule['apiGroups']) == set(apiGroups):
+ if set(rule['resources']) == set(resources):
+ if set(rule['verbs']) == set(verbs):
+ return True
+
+ return False
+
+
class FilterModule(object):
""" Custom ansible filter mapping """
@@ -1049,5 +1064,6 @@ class FilterModule(object):
"oo_openshift_loadbalancer_frontends": oo_openshift_loadbalancer_frontends,
"oo_openshift_loadbalancer_backends": oo_openshift_loadbalancer_backends,
"to_padded_yaml": to_padded_yaml,
- "oo_random_word": oo_random_word
+ "oo_random_word": oo_random_word,
+ "oo_contains_rule": oo_contains_rule
}
diff --git a/hack/build-images.sh b/hack/build-images.sh
index ce421178f..6e6d360bf 100755
--- a/hack/build-images.sh
+++ b/hack/build-images.sh
@@ -47,7 +47,7 @@ if [ "$help" = true ]; then
echo " default: openshift/origin-ansible"
echo
echo " --version=VERSION"
- echo " The version used to tag the image"
+ echo " The version used to tag the image (can be a comma-separated list)"
echo " default: latest"
echo
echo " --no-cache"
@@ -62,25 +62,33 @@ if [ "$help" = true ]; then
exit 0
fi
+
if [ "$verbose" = true ]; then
set -x
fi
BUILD_STARTTIME=$(date +%s)
comp_path=$source_root/
-docker_tag=${prefix}:${version}
+
+# turn comma-separated versions into -t args for docker build
+IFS=',' read -r -a version_arr <<< "$version"
+docker_tags=()
+for tag in "${version_arr[@]}"; do
+ docker_tags+=("-t" "${prefix}:${tag}")
+done
+
echo
echo
-echo "--- Building component '$comp_path' with docker tag '$docker_tag' ---"
-docker build ${options} -t $docker_tag $comp_path
-BUILD_ENDTIME=$(date +%s); echo "--- $docker_tag took $(($BUILD_ENDTIME - $BUILD_STARTTIME)) seconds ---"
+echo "--- Building component '$comp_path' with docker tag(s) '$version' ---"
+docker build ${options} "${docker_tags[@]}" $comp_path
+BUILD_ENDTIME=$(date +%s); echo "--- ${version} took $(($BUILD_ENDTIME - $BUILD_STARTTIME)) seconds ---"
echo
echo
echo
echo
echo "++ Active images"
-docker images | grep ${prefix} | grep ${version} | sort
+docker images | grep ${prefix} | sort
echo
diff --git a/hack/push-release.sh b/hack/push-release.sh
index 131ed83ca..1f41ab179 100755
--- a/hack/push-release.sh
+++ b/hack/push-release.sh
@@ -1,55 +1,41 @@
#!/bin/bash
-# This script pushes all of the built images to a registry.
+# This script pushes a built image to a registry.
#
-# Set OS_PUSH_BASE_REGISTRY to prefix the destination images
+# Set OS_PUSH_BASE_REGISTRY to prefix the destination images e.g.
+# OS_PUSH_BASE_REGISTRY="docker.io/"
#
+# Set OS_PUSH_TAG with a comma-separated list for pushing same image
+# to multiple tags e.g.
+# OS_PUSH_TAG="latest,v3.6"
set -o errexit
set -o nounset
set -o pipefail
-STARTTIME=$(date +%s)
-OS_ROOT=$(dirname "${BASH_SOURCE}")/..
+starttime=$(date +%s)
-PREFIX="${PREFIX:-openshift/origin-ansible}"
+# image name without repo or tag.
+image="${PREFIX:-openshift/origin-ansible}"
-# Go to the top of the tree.
-cd "${OS_ROOT}"
+# existing local tag on the image we want to push
+source_tag="${OS_TAG:-latest}"
-# Allow a release to be repushed with a tag
-tag="${OS_PUSH_TAG:-}"
-if [[ -n "${tag}" ]]; then
- tag=":${tag}"
-else
- tag=":latest"
-fi
-
-# Source tag
-source_tag="${OS_TAG:-}"
-if [[ -z "${source_tag}" ]]; then
- source_tag="latest"
-fi
-
-images=(
- ${PREFIX}
-)
+# Enable retagging a build with one or more tags for push
+IFS=',' read -r -a push_tags <<< "${OS_PUSH_TAG:-latest}"
+registry="${OS_PUSH_BASE_REGISTRY:-}"
+# force push if available
PUSH_OPTS=""
if docker push --help | grep -q force; then
PUSH_OPTS="--force"
fi
-if [[ "${OS_PUSH_BASE_REGISTRY-}" != "" || "${tag}" != "" ]]; then
- set -e
- for image in "${images[@]}"; do
- docker tag "${image}:${source_tag}" "${OS_PUSH_BASE_REGISTRY-}${image}${tag}"
- done
- set +e
-fi
-
-for image in "${images[@]}"; do
- docker push ${PUSH_OPTS} "${OS_PUSH_BASE_REGISTRY-}${image}${tag}"
+set -x
+for tag in "${push_tags[@]}"; do
+ docker tag "${image}:${source_tag}" "${registry}${image}:${tag}"
+ docker push ${PUSH_OPTS} "${registry}${image}:${tag}"
done
+set +x
-ret=$?; ENDTIME=$(date +%s); echo "$0 took $(($ENDTIME - $STARTTIME)) seconds"; exit "$ret"
+endtime=$(date +%s); echo "$0 took $(($endtime - $starttime)) seconds"; exit 0
diff --git a/images/installer/Dockerfile b/images/installer/Dockerfile
index 915dfe377..d03f33a1d 100644
--- a/images/installer/Dockerfile
+++ b/images/installer/Dockerfile
@@ -1,10 +1,18 @@
-# Using playbook2image as a base
-# See https://github.com/openshift/playbook2image for details on the image
-# including documentation for the settings/env vars referenced below
-FROM registry.centos.org/openshift/playbook2image:latest
+FROM centos:7
MAINTAINER OpenShift Team <dev@lists.openshift.redhat.com>
+USER root
+
+# install ansible and deps
+RUN INSTALL_PKGS="python-lxml pyOpenSSL python2-cryptography openssl java-1.8.0-openjdk-headless httpd-tools openssh-clients" \
+ && yum install -y --setopt=tsflags=nodocs $INSTALL_PKGS \
+ && EPEL_PKGS="ansible python-passlib python2-boto" \
+ && yum install -y epel-release \
+ && yum install -y --setopt=tsflags=nodocs $EPEL_PKGS \
+ && rpm -q $INSTALL_PKGS $EPEL_PKGS \
+ && yum clean all
+
LABEL name="openshift/origin-ansible" \
summary="OpenShift's installation and configuration tool" \
description="A containerized openshift-ansible image to let you run playbooks to install, upgrade, maintain and check an OpenShift cluster" \
@@ -12,40 +20,24 @@ LABEL name="openshift/origin-ansible" \
io.k8s.display-name="openshift-ansible" \
io.k8s.description="A containerized openshift-ansible image to let you run playbooks to install, upgrade, maintain and check an OpenShift cluster" \
io.openshift.expose-services="" \
- io.openshift.tags="openshift,install,upgrade,ansible"
+ io.openshift.tags="openshift,install,upgrade,ansible" \
+ atomic.run="once"
-USER root
+ENV USER_UID=1001 \
+ HOME=/opt/app-root/src \
+ WORK_DIR=/usr/share/ansible/openshift-ansible \
+ OPTS="-v"
-# Create a symlink to /opt/app-root/src so that files under /usr/share/ansible are accessible.
-# This is required since the system-container uses by default the playbook under
-# /usr/share/ansible/openshift-ansible. With this change we won't need to keep two different
-# configurations for the two images.
-RUN mkdir -p /usr/share/ansible/ && ln -s /opt/app-root/src /usr/share/ansible/openshift-ansible
+# Add image scripts and files for running as a system container
+COPY images/installer/root /
+# Include playbooks, roles, plugins, etc. from this repo
+COPY . ${WORK_DIR}
-RUN INSTALL_PKGS="skopeo openssl java-1.8.0-openjdk-headless httpd-tools" && \
- yum install -y --setopt=tsflags=nodocs $INSTALL_PKGS && \
- rpm -V $INSTALL_PKGS && \
- yum clean all
+RUN /usr/local/bin/user_setup \
+ && rm /usr/local/bin/usage.ocp
USER ${USER_UID}
-# The playbook to be run is specified via the PLAYBOOK_FILE env var.
-# This sets a default of openshift_facts.yml as it's an informative playbook
-# that can help test that everything is set properly (inventory, sshkeys)
-ENV PLAYBOOK_FILE=playbooks/byo/openshift_facts.yml \
- OPTS="-v" \
- INSTALL_OC=true
-
-# playbook2image's assemble script expects the source to be available in
-# /tmp/src (as per the source-to-image specs) so we import it there
-ADD . /tmp/src
-
-# Running the 'assemble' script provided by playbook2image will install
-# dependencies specified in requirements.txt and install the 'oc' client
-# as per the INSTALL_OC environment setting above
-RUN /usr/libexec/s2i/assemble
-
-# Add files for running as a system container
-COPY images/installer/system-container/root /
-
-CMD [ "/usr/libexec/s2i/run" ]
+WORKDIR ${WORK_DIR}
+ENTRYPOINT [ "/usr/local/bin/entrypoint" ]
+CMD [ "/usr/local/bin/run" ]
diff --git a/images/installer/Dockerfile.rhel7 b/images/installer/Dockerfile.rhel7
index 9d7eeec24..3110f409c 100644
--- a/images/installer/Dockerfile.rhel7
+++ b/images/installer/Dockerfile.rhel7
@@ -1,7 +1,18 @@
-FROM openshift3/playbook2image
+FROM rhel7.3:7.3-released
MAINTAINER OpenShift Team <dev@lists.openshift.redhat.com>
+USER root
+
+# Playbooks, roles, and their dependencies are installed from packages.
+RUN INSTALL_PKGS="atomic-openshift-utils atomic-openshift-clients python-boto openssl java-1.8.0-openjdk-headless httpd-tools" \
+ && yum repolist > /dev/null \
+ && yum-config-manager --enable rhel-7-server-ose-3.6-rpms \
+ && yum-config-manager --enable rhel-7-server-rh-common-rpms \
+ && yum install -y --setopt=tsflags=nodocs $INSTALL_PKGS \
+ && rpm -q $INSTALL_PKGS \
+ && yum clean all
+
LABEL name="openshift3/ose-ansible" \
summary="OpenShift's installation and configuration tool" \
description="A containerized openshift-ansible image to let you run playbooks to install, upgrade, maintain and check an OpenShift cluster" \
@@ -11,35 +22,25 @@ LABEL name="openshift3/ose-ansible" \
io.openshift.expose-services="" \
io.openshift.tags="openshift,install,upgrade,ansible" \
com.redhat.component="aos3-installation-docker" \
- version="v3.4.1" \
+ version="v3.6.0" \
release="1" \
- architecture="x86_64"
-
-# Playbooks, roles and their dependencies are installed from packages.
-# Unlike in Dockerfile, we don't invoke the 'assemble' script here
-# because all content and dependencies (like 'oc') is already
-# installed via yum.
-USER root
-RUN INSTALL_PKGS="atomic-openshift-utils atomic-openshift-clients python-boto" && \
- yum repolist > /dev/null && \
- yum-config-manager --enable rhel-7-server-ose-3.4-rpms && \
- yum-config-manager --enable rhel-7-server-rh-common-rpms && \
- yum install -y $INSTALL_PKGS && \
- yum clean all
+ architecture="x86_64" \
+ atomic.run="once"
-USER ${USER_UID}
-
-# The playbook to be run is specified via the PLAYBOOK_FILE env var.
-# This sets a default of openshift_facts.yml as it's an informative playbook
-# that can help test that everything is set properly (inventory, sshkeys).
-# As the playbooks are installed via packages instead of being copied to
-# $APP_HOME by the 'assemble' script, we set the WORK_DIR env var to the
-# location of openshift-ansible.
-ENV PLAYBOOK_FILE=playbooks/byo/openshift_facts.yml \
+ENV USER_UID=1001 \
+ HOME=/opt/app-root/src \
WORK_DIR=/usr/share/ansible/openshift-ansible \
+ ANSIBLE_CONFIG=/usr/share/atomic-openshift-utils/ansible.cfg \
OPTS="-v"
-# Add files for running as a system container
-COPY system-container/root /
+# Add image scripts and files for running as a system container
+COPY root /
+
+RUN /usr/local/bin/user_setup \
+ && mv /usr/local/bin/usage{.ocp,}
+
+USER ${USER_UID}
-CMD [ "/usr/libexec/s2i/run" ]
+WORKDIR ${WORK_DIR}
+ENTRYPOINT [ "/usr/local/bin/entrypoint" ]
+CMD [ "/usr/local/bin/run" ]
diff --git a/images/installer/system-container/README.md b/images/installer/README_CONTAINER_IMAGE.md
index fbcd47c4a..bc1ebb4a8 100644
--- a/images/installer/system-container/README.md
+++ b/images/installer/README_CONTAINER_IMAGE.md
@@ -1,17 +1,34 @@
-# System container installer
+ORIGIN-ANSIBLE IMAGE INSTALLER
+===============================
+
+Contains Dockerfile information for building an openshift/origin-ansible image
+based on `centos:7` or `rhel7.3:7.3-released`.
+
+Read additional setup information for this image at: https://hub.docker.com/r/openshift/origin-ansible/
+
+Read additional information about the `openshift/origin-ansible` at: https://github.com/openshift/openshift-ansible/blob/master/README_CONTAINER_IMAGE.md
+
+Also contains necessary components for running the installer using an Atomic System Container.
+
+
+System container installer
+==========================
These files are needed to run the installer using an [Atomic System container](http://www.projectatomic.io/blog/2016/09/intro-to-system-containers/).
+These files can be found under `root/exports`:
* config.json.template - Template of the configuration file used for running containers.
-* manifest.json - Used to define various settings for the system container, such as the default values to use for the installation.
-
-* run-system-container.sh - Entrypoint to the container.
+* manifest.json - Used to define various settings for the system container, such as the default values to use for the installation.
* service.template - Template file for the systemd service.
* tmpfiles.template - Template file for systemd-tmpfiles.
+These files can be found under `root/usr/local/bin`:
+
+* run-system-container.sh - Entrypoint to the container.
+
## Options
These options may be set via the ``atomic`` ``--set`` flag. For defaults see ``root/exports/manifest.json``
@@ -28,4 +45,4 @@ These options may be set via the ``atomic`` ``--set`` flag. For defaults see ``r
* ANSIBLE_CONFIG - Full path for the ansible configuration file to use inside the container
-* INVENTORY_FILE - Full path for the inventory to use from the host
+* INVENTORY_FILE - Full path for the inventory to use from the host \ No newline at end of file
diff --git a/images/installer/system-container/root/exports/config.json.template b/images/installer/root/exports/config.json.template
index 739c0080f..739c0080f 100644
--- a/images/installer/system-container/root/exports/config.json.template
+++ b/images/installer/root/exports/config.json.template
diff --git a/images/installer/system-container/root/exports/manifest.json b/images/installer/root/exports/manifest.json
index 321a84ee8..8b984d7a3 100644
--- a/images/installer/system-container/root/exports/manifest.json
+++ b/images/installer/root/exports/manifest.json
@@ -6,7 +6,7 @@
"VAR_LOG_OPENSHIFT_LOG": "/var/log/ansible.log",
"PLAYBOOK_FILE": "/usr/share/ansible/openshift-ansible/playbooks/byo/config.yml",
"HOME_ROOT": "/root",
- "ANSIBLE_CONFIG": "/usr/share/ansible/openshift-ansible/ansible.cfg",
+ "ANSIBLE_CONFIG": "/usr/share/atomic-openshift-utils/ansible.cfg",
"INVENTORY_FILE": "/dev/null"
}
}
diff --git a/images/installer/system-container/root/exports/service.template b/images/installer/root/exports/service.template
index bf5316af6..bf5316af6 100644
--- a/images/installer/system-container/root/exports/service.template
+++ b/images/installer/root/exports/service.template
diff --git a/images/installer/system-container/root/exports/tmpfiles.template b/images/installer/root/exports/tmpfiles.template
index b1f6caf47..b1f6caf47 100644
--- a/images/installer/system-container/root/exports/tmpfiles.template
+++ b/images/installer/root/exports/tmpfiles.template
diff --git a/images/installer/root/usr/local/bin/entrypoint b/images/installer/root/usr/local/bin/entrypoint
new file mode 100755
index 000000000..777bf3f11
--- /dev/null
+++ b/images/installer/root/usr/local/bin/entrypoint
@@ -0,0 +1,17 @@
+#!/bin/bash -e
+#
+# This file serves as the main entrypoint to the openshift-ansible image.
+#
+# For more information see the documentation:
+# https://github.com/openshift/openshift-ansible/blob/master/README_CONTAINER_IMAGE.md
+
+
+# Patch /etc/passwd file with the current user info.
+# The current user's entry must be correctly defined in this file in order for
+# the `ssh` command to work within the created container.
+
+if ! whoami &>/dev/null; then
+ echo "${USER:-default}:x:$(id -u):$(id -g):Default User:$HOME:/sbin/nologin" >> /etc/passwd
+fi
+
+exec "$@"
diff --git a/images/installer/root/usr/local/bin/run b/images/installer/root/usr/local/bin/run
new file mode 100755
index 000000000..9401ea118
--- /dev/null
+++ b/images/installer/root/usr/local/bin/run
@@ -0,0 +1,46 @@
+#!/bin/bash -e
+#
+# This file serves as the default command to the openshift-ansible image.
+# Runs a playbook with inventory as specified by environment variables.
+#
+# For more information see the documentation:
+# https://github.com/openshift/openshift-ansible/blob/master/README_CONTAINER_IMAGE.md
+
+# SOURCE and HOME DIRECTORY: /opt/app-root/src
+
+if [[ -z "${PLAYBOOK_FILE}" ]]; then
+ echo
+ echo "PLAYBOOK_FILE must be provided."
+ exec /usr/local/bin/usage
+fi
+
+INVENTORY="$(mktemp)"
+if [[ -v INVENTORY_FILE ]]; then
+ # Make a copy so that ALLOW_ANSIBLE_CONNECTION_LOCAL below
+ # does not attempt to modify the original
+ cp -a ${INVENTORY_FILE} ${INVENTORY}
+elif [[ -v INVENTORY_URL ]]; then
+ curl -o ${INVENTORY} ${INVENTORY_URL}
+elif [[ -v DYNAMIC_SCRIPT_URL ]]; then
+ curl -o ${INVENTORY} ${DYNAMIC_SCRIPT_URL}
+ chmod 755 ${INVENTORY}
+else
+ echo
+ echo "One of INVENTORY_FILE, INVENTORY_URL or DYNAMIC_SCRIPT_URL must be provided."
+ exec /usr/local/bin/usage
+fi
+INVENTORY_ARG="-i ${INVENTORY}"
+
+if [[ "$ALLOW_ANSIBLE_CONNECTION_LOCAL" = false ]]; then
+ sed -i s/ansible_connection=local// ${INVENTORY}
+fi
+
+if [[ -v VAULT_PASS ]]; then
+ VAULT_PASS_FILE=.vaultpass
+ echo ${VAULT_PASS} > ${VAULT_PASS_FILE}
+ VAULT_PASS_ARG="--vault-password-file ${VAULT_PASS_FILE}"
+fi
+
+cd ${WORK_DIR}
+
+exec ansible-playbook ${INVENTORY_ARG} ${VAULT_PASS_ARG} ${OPTS} ${PLAYBOOK_FILE}
diff --git a/images/installer/system-container/root/usr/local/bin/run-system-container.sh b/images/installer/root/usr/local/bin/run-system-container.sh
index 9ce7c7328..9ce7c7328 100755
--- a/images/installer/system-container/root/usr/local/bin/run-system-container.sh
+++ b/images/installer/root/usr/local/bin/run-system-container.sh
diff --git a/images/installer/root/usr/local/bin/usage b/images/installer/root/usr/local/bin/usage
new file mode 100755
index 000000000..3518d7f19
--- /dev/null
+++ b/images/installer/root/usr/local/bin/usage
@@ -0,0 +1,33 @@
+#!/bin/bash -e
+cat <<"EOF"
+
+The origin-ansible image provides several options to control the behaviour of the containers.
+For more details on these options see the documentation:
+
+ https://github.com/openshift/openshift-ansible/blob/master/README_CONTAINER_IMAGE.md
+
+At a minimum, when running a container using this image you must provide:
+
+* ssh keys so that Ansible can reach your hosts. These should be mounted as a volume under
+ /opt/app-root/src/.ssh
+* An inventory file. This can be mounted inside the container as a volume and specified with the
+ INVENTORY_FILE environment variable. Alternatively you can serve the inventory file from a web
+ server and use the INVENTORY_URL environment variable to fetch it.
+* The playbook to run. This is set using the PLAYBOOK_FILE environment variable.
+
+Here is an example of how to run a containerized origin-ansible with
+the openshift_facts playbook, which collects and displays facts about your
+OpenShift environment. The inventory and ssh keys are mounted as volumes
+(the latter requires setting the uid in the container and SELinux label
+in the key file via :Z so they can be accessed) and the PLAYBOOK_FILE
+environment variable is set to point to the playbook within the image:
+
+docker run -tu `id -u` \
+ -v $HOME/.ssh/id_rsa:/opt/app-root/src/.ssh/id_rsa:Z,ro \
+ -v /etc/ansible/hosts:/tmp/inventory:Z,ro \
+ -e INVENTORY_FILE=/tmp/inventory \
+ -e OPTS="-v" \
+ -e PLAYBOOK_FILE=playbooks/byo/openshift_facts.yml \
+ openshift/origin-ansible
+
+EOF
diff --git a/images/installer/root/usr/local/bin/usage.ocp b/images/installer/root/usr/local/bin/usage.ocp
new file mode 100755
index 000000000..50593af6e
--- /dev/null
+++ b/images/installer/root/usr/local/bin/usage.ocp
@@ -0,0 +1,33 @@
+#!/bin/bash -e
+cat <<"EOF"
+
+The ose-ansible image provides several options to control the behaviour of the containers.
+For more details on these options see the documentation:
+
+ https://github.com/openshift/openshift-ansible/blob/master/README_CONTAINER_IMAGE.md
+
+At a minimum, when running a container using this image you must provide:
+
+* ssh keys so that Ansible can reach your hosts. These should be mounted as a volume under
+ /opt/app-root/src/.ssh
+* An inventory file. This can be mounted inside the container as a volume and specified with the
+ INVENTORY_FILE environment variable. Alternatively you can serve the inventory file from a web
+ server and use the INVENTORY_URL environment variable to fetch it.
+* The playbook to run. This is set using the PLAYBOOK_FILE environment variable.
+
+Here is an example of how to run a containerized ose-ansible with
+the openshift_facts playbook, which collects and displays facts about your
+OpenShift environment. The inventory and ssh keys are mounted as volumes
+(the latter requires setting the uid in the container and SELinux label
+in the key file via :Z so they can be accessed) and the PLAYBOOK_FILE
+environment variable is set to point to the playbook within the image:
+
+docker run -tu `id -u` \
+ -v $HOME/.ssh/id_rsa:/opt/app-root/src/.ssh/id_rsa:Z,ro \
+ -v /etc/ansible/hosts:/tmp/inventory:Z,ro \
+ -e INVENTORY_FILE=/tmp/inventory \
+ -e OPTS="-v" \
+ -e PLAYBOOK_FILE=playbooks/byo/openshift_facts.yml \
+ openshift3/ose-ansible
+
+EOF
diff --git a/images/installer/root/usr/local/bin/user_setup b/images/installer/root/usr/local/bin/user_setup
new file mode 100755
index 000000000..b76e60a4d
--- /dev/null
+++ b/images/installer/root/usr/local/bin/user_setup
@@ -0,0 +1,17 @@
+#!/bin/sh
+set -x
+
+# ensure $HOME exists and is accessible by group 0 (we don't know what the runtime UID will be)
+mkdir -p ${HOME}
+chown ${USER_UID}:0 ${HOME}
+chmod ug+rwx ${HOME}
+
+# runtime user will need to be able to self-insert in /etc/passwd
+chmod g+rw /etc/passwd
+
+# ensure that the ansible content is accessible
+chmod -R g+r ${WORK_DIR}
+find ${WORK_DIR} -type d -exec chmod g+x {} +
+
+# no need for this script to remain in the image after running
+rm $0
diff --git a/inventory/byo/hosts.byo.glusterfs.external.example b/inventory/byo/hosts.byo.glusterfs.external.example
new file mode 100644
index 000000000..5a284ce97
--- /dev/null
+++ b/inventory/byo/hosts.byo.glusterfs.external.example
@@ -0,0 +1,56 @@
+# This is an example of a bring your own (byo) host inventory for a cluster
+# with natively hosted, containerized GlusterFS storage.
+#
+# This inventory may be used with the byo/config.yml playbook to deploy a new
+# cluster with GlusterFS storage, which will use that storage to create a
+# volume that will provide backend storage for a hosted Docker registry.
+#
+# This inventory may also be used with byo/openshift-glusterfs/config.yml to
+# deploy GlusterFS storage on an existing cluster. With this playbook, the
+# registry backend volume will be created but the administrator must then
+# either deploy a hosted registry or change an existing hosted registry to use
+# that volume.
+#
+# There are additional configuration parameters that can be specified to
+# control the deployment and state of a GlusterFS cluster. Please see the
+# documentation in playbooks/byo/openshift-glusterfs/README.md and
+# roles/openshift_storage_glusterfs/README.md for additional details.
+
+[OSEv3:children]
+masters
+nodes
+# Specify there will be GlusterFS nodes
+glusterfs
+
+[OSEv3:vars]
+ansible_ssh_user=root
+openshift_deployment_type=origin
+# Specify that we want to use an external GlusterFS cluster
+openshift_storage_glusterfs_is_native=False
+# Specify the IP address or hostname of the external heketi service
+openshift_storage_glusterfs_heketi_url=172.0.0.1
+
+[masters]
+master
+
+[nodes]
+master openshift_schedulable=False
+node0 openshift_schedulable=True
+node1 openshift_schedulable=True
+node2 openshift_schedulable=True
+
+# Specify the glusterfs group, which contains the nodes of the external
+# GlusterFS cluster. At a minimum, each node must have "glusterfs_hostname"
+# and "glusterfs_devices" variables defined.
+#
+# The first variable indicates the hostname of the external GLusterFS node,
+# and must be reachable by the external heketi service.
+#
+# The second variable is a list of block devices the node will have access to
+# that are intended solely for use as GlusterFS storage. These block devices
+# must be bare (e.g. have no data, not be marked as LVM PVs), and will be
+# formatted.
+[glusterfs]
+node0.local glusterfs_ip='172.0.0.10' glusterfs_devices='[ "/dev/vdb" ]'
+node1.local glusterfs_ip='172.0.0.11' glusterfs_devices='[ "/dev/vdb", "/dev/vdc" ]'
+node2.local glusterfs_ip='172.0.0.11' glusterfs_devices='[ "/dev/vdd" ]'
diff --git a/inventory/byo/hosts.byo.glusterfs.mixed.example b/inventory/byo/hosts.byo.glusterfs.mixed.example
new file mode 100644
index 000000000..d16df6470
--- /dev/null
+++ b/inventory/byo/hosts.byo.glusterfs.mixed.example
@@ -0,0 +1,59 @@
+# This is an example of a bring your own (byo) host inventory for a cluster
+# with natively hosted, containerized GlusterFS storage.
+#
+# This inventory may be used with the byo/config.yml playbook to deploy a new
+# cluster with GlusterFS storage, which will use that storage to create a
+# volume that will provide backend storage for a hosted Docker registry.
+#
+# This inventory may also be used with byo/openshift-glusterfs/config.yml to
+# deploy GlusterFS storage on an existing cluster. With this playbook, the
+# registry backend volume will be created but the administrator must then
+# either deploy a hosted registry or change an existing hosted registry to use
+# that volume.
+#
+# There are additional configuration parameters that can be specified to
+# control the deployment and state of a GlusterFS cluster. Please see the
+# documentation in playbooks/byo/openshift-glusterfs/README.md and
+# roles/openshift_storage_glusterfs/README.md for additional details.
+
+[OSEv3:children]
+masters
+nodes
+# Specify there will be GlusterFS nodes
+glusterfs
+
+[OSEv3:vars]
+ansible_ssh_user=root
+openshift_deployment_type=origin
+# Specify that we want to use an external GlusterFS cluster and a native
+# heketi service
+openshift_storage_glusterfs_is_native=False
+openshift_storage_glusterfs_heketi_is_native=True
+# Specify that heketi will use SSH to communicate to the GlusterFS nodes and
+# the private key file it will use for authentication
+openshift_storage_glusterfs_heketi_executor=ssh
+openshift_storage_glusterfs_heketi_ssh_keyfile=/root/id_rsa
+[masters]
+master
+
+[nodes]
+master openshift_schedulable=False
+node0 openshift_schedulable=True
+node1 openshift_schedulable=True
+node2 openshift_schedulable=True
+
+# Specify the glusterfs group, which contains the nodes of the external
+# GlusterFS cluster. At a minimum, each node must have "glusterfs_hostname"
+# and "glusterfs_devices" variables defined.
+#
+# The first variable indicates the hostname of the external GLusterFS node,
+# and must be reachable by the external heketi service.
+#
+# The second variable is a list of block devices the node will have access to
+# that are intended solely for use as GlusterFS storage. These block devices
+# must be bare (e.g. have no data, not be marked as LVM PVs), and will be
+# formatted.
+[glusterfs]
+node0.local glusterfs_ip='172.0.0.10' glusterfs_devices='[ "/dev/vdb" ]'
+node1.local glusterfs_ip='172.0.0.11' glusterfs_devices='[ "/dev/vdb", "/dev/vdc" ]'
+node2.local glusterfs_ip='172.0.0.11' glusterfs_devices='[ "/dev/vdd" ]'
diff --git a/inventory/byo/hosts.byo.glusterfs.native.example b/inventory/byo/hosts.byo.glusterfs.native.example
new file mode 100644
index 000000000..c1a1f6f84
--- /dev/null
+++ b/inventory/byo/hosts.byo.glusterfs.native.example
@@ -0,0 +1,46 @@
+# This is an example of a bring your own (byo) host inventory for a cluster
+# with natively hosted, containerized GlusterFS storage for applications. It
+# will also autmatically create a StorageClass for this purpose.
+#
+# This inventory may be used with the byo/config.yml playbook to deploy a new
+# cluster with GlusterFS storage.
+#
+# This inventory may also be used with byo/openshift-glusterfs/config.yml to
+# deploy GlusterFS storage on an existing cluster.
+#
+# There are additional configuration parameters that can be specified to
+# control the deployment and state of a GlusterFS cluster. Please see the
+# documentation in playbooks/byo/openshift-glusterfs/README.md and
+# roles/openshift_storage_glusterfs/README.md for additional details.
+
+[OSEv3:children]
+masters
+nodes
+# Specify there will be GlusterFS nodes
+glusterfs
+
+[OSEv3:vars]
+ansible_ssh_user=root
+openshift_deployment_type=origin
+
+[masters]
+master
+
+[nodes]
+master openshift_schedulable=False
+# A hosted registry, by default, will only be deployed on nodes labeled
+# "region=infra".
+node0 openshift_schedulable=True
+node1 openshift_schedulable=True
+node2 openshift_schedulable=True
+
+# Specify the glusterfs group, which contains the nodes that will host
+# GlusterFS storage pods. At a minimum, each node must have a
+# "glusterfs_devices" variable defined. This variable is a list of block
+# devices the node will have access to that is intended solely for use as
+# GlusterFS storage. These block devices must be bare (e.g. have no data, not
+# be marked as LVM PVs), and will be formatted.
+[glusterfs]
+node0 glusterfs_devices='[ "/dev/vdb", "/dev/vdc", "/dev/vdd" ]'
+node1 glusterfs_devices='[ "/dev/vdb", "/dev/vdc", "/dev/vdd" ]'
+node2 glusterfs_devices='[ "/dev/vdb", "/dev/vdc", "/dev/vdd" ]'
diff --git a/inventory/byo/hosts.byo.native-glusterfs.example b/inventory/byo/hosts.byo.glusterfs.registry-only.example
index dc847a5b2..31a85ee42 100644
--- a/inventory/byo/hosts.byo.native-glusterfs.example
+++ b/inventory/byo/hosts.byo.glusterfs.registry-only.example
@@ -1,11 +1,12 @@
# This is an example of a bring your own (byo) host inventory for a cluster
-# with natively hosted, containerized GlusterFS storage.
+# with natively hosted, containerized GlusterFS storage for exclusive use
+# as storage for a natively hosted Docker registry.
#
# This inventory may be used with the byo/config.yml playbook to deploy a new
# cluster with GlusterFS storage, which will use that storage to create a
# volume that will provide backend storage for a hosted Docker registry.
#
-# This inventory may also be used with byo/openshift-glusterfs/config.yml to
+# This inventory may also be used with byo/openshift-glusterfs/registry.yml to
# deploy GlusterFS storage on an existing cluster. With this playbook, the
# registry backend volume will be created but the administrator must then
# either deploy a hosted registry or change an existing hosted registry to use
@@ -20,7 +21,7 @@
masters
nodes
# Specify there will be GlusterFS nodes
-glusterfs
+glusterfs_registry
[OSEv3:vars]
ansible_ssh_user=root
@@ -29,15 +30,15 @@ openshift_deployment_type=origin
openshift_hosted_registry_storage_kind=glusterfs
[masters]
-master node=True storage=True master=True
+master
[nodes]
-master node=True storage=True master=True openshift_schedulable=False
+master openshift_schedulable=False
# A hosted registry, by default, will only be deployed on nodes labeled
# "region=infra".
-node0 node=True openshift_node_labels="{'region': 'infra'}" openshift_schedulable=True
-node1 node=True openshift_node_labels="{'region': 'infra'}" openshift_schedulable=True
-node2 node=True openshift_node_labels="{'region': 'infra'}" openshift_schedulable=True
+node0 openshift_node_labels="{'region': 'infra'}" openshift_schedulable=True
+node1 openshift_node_labels="{'region': 'infra'}" openshift_schedulable=True
+node2 openshift_node_labels="{'region': 'infra'}" openshift_schedulable=True
# Specify the glusterfs group, which contains the nodes that will host
# GlusterFS storage pods. At a minimum, each node must have a
@@ -45,7 +46,7 @@ node2 node=True openshift_node_labels="{'region': 'infra'}" openshift_schedula
# devices the node will have access to that is intended solely for use as
# GlusterFS storage. These block devices must be bare (e.g. have no data, not
# be marked as LVM PVs), and will be formatted.
-[glusterfs]
+[glusterfs_registry]
node0 glusterfs_devices='[ "/dev/vdb", "/dev/vdc", "/dev/vdd" ]'
node1 glusterfs_devices='[ "/dev/vdb", "/dev/vdc", "/dev/vdd" ]'
node2 glusterfs_devices='[ "/dev/vdb", "/dev/vdc", "/dev/vdd" ]'
diff --git a/inventory/byo/hosts.byo.glusterfs.storage-and-registry.example b/inventory/byo/hosts.byo.glusterfs.storage-and-registry.example
new file mode 100644
index 000000000..54bd89ddc
--- /dev/null
+++ b/inventory/byo/hosts.byo.glusterfs.storage-and-registry.example
@@ -0,0 +1,63 @@
+# This is an example of a bring your own (byo) host inventory for a cluster
+# with natively hosted, containerized GlusterFS storage for both general
+# application use and a natively hosted Docker registry. It will also create a
+# StorageClass for the general storage.
+#
+# This inventory may be used with the byo/config.yml playbook to deploy a new
+# cluster with GlusterFS storage.
+#
+# This inventory may also be used with byo/openshift-glusterfs/config.yml to
+# deploy GlusterFS storage on an existing cluster. With this playbook, the
+# registry backend volume will be created but the administrator must then
+# either deploy a hosted registry or change an existing hosted registry to use
+# that volume.
+#
+# There are additional configuration parameters that can be specified to
+# control the deployment and state of a GlusterFS cluster. Please see the
+# documentation in playbooks/byo/openshift-glusterfs/README.md and
+# roles/openshift_storage_glusterfs/README.md for additional details.
+
+[OSEv3:children]
+masters
+nodes
+# Specify there will be GlusterFS nodes
+glusterfs
+glusterfs_registry
+
+[OSEv3:vars]
+ansible_ssh_user=root
+openshift_deployment_type=origin
+# Specify that we want to use GlusterFS storage for a hosted registry
+openshift_hosted_registry_storage_kind=glusterfs
+
+[masters]
+master
+
+[nodes]
+master openshift_schedulable=False
+# It is recommended to not use a single cluster for both general and registry
+# storage, so two three-node clusters will be required.
+node0 openshift_schedulable=True
+node1 openshift_schedulable=True
+node2 openshift_schedulable=True
+# A hosted registry, by default, will only be deployed on nodes labeled
+# "region=infra".
+node3 openshift_node_labels="{'region': 'infra'}" openshift_schedulable=True
+node4 openshift_node_labels="{'region': 'infra'}" openshift_schedulable=True
+node5 openshift_node_labels="{'region': 'infra'}" openshift_schedulable=True
+
+# Specify the glusterfs group, which contains the nodes that will host
+# GlusterFS storage pods. At a minimum, each node must have a
+# "glusterfs_devices" variable defined. This variable is a list of block
+# devices the node will have access to that is intended solely for use as
+# GlusterFS storage. These block devices must be bare (e.g. have no data, not
+# be marked as LVM PVs), and will be formatted.
+[glusterfs]
+node0 glusterfs_devices='[ "/dev/vdb", "/dev/vdc", "/dev/vdd" ]'
+node1 glusterfs_devices='[ "/dev/vdb", "/dev/vdc", "/dev/vdd" ]'
+node2 glusterfs_devices='[ "/dev/vdb", "/dev/vdc", "/dev/vdd" ]'
+
+[glusterfs_registry]
+node3 glusterfs_devices='[ "/dev/vdb", "/dev/vdc", "/dev/vdd" ]'
+node4 glusterfs_devices='[ "/dev/vdb", "/dev/vdc", "/dev/vdd" ]'
+node5 glusterfs_devices='[ "/dev/vdb", "/dev/vdc", "/dev/vdd" ]'
diff --git a/inventory/byo/hosts.origin.example b/inventory/byo/hosts.origin.example
index 962a01a91..de7493f71 100644
--- a/inventory/byo/hosts.origin.example
+++ b/inventory/byo/hosts.origin.example
@@ -10,6 +10,10 @@ nfs
# Set variables common for all OSEv3 hosts
[OSEv3:vars]
+# Enable unsupported configurations, things that will yield a partially
+# functioning cluster but would not be supported for production use
+#openshift_enable_unsupported_configurations=false
+
# SSH user, this user should allow ssh based auth without requiring a
# password. If using ssh key based auth, then the key should be managed by an
# ssh agent.
@@ -42,6 +46,17 @@ openshift_release=v3.6
# This could potentially trigger an upgrade and downtime, so be careful with modifying this value after the cluster is set up.
#openshift_pkg_version=-3.6.0
+# This enables all the system containers except for docker:
+#openshift_use_system_containers=False
+#
+# But you can choose separately each component that must be a
+# system container:
+#
+#openshift_use_openvswitch_system_container=False
+#openshift_use_node_system_container=False
+#openshift_use_master_system_container=False
+#openshift_use_etcd_system_container=False
+
# Install the openshift examples
#openshift_install_examples=true
@@ -98,6 +113,11 @@ openshift_release=v3.6
# Downgrades are not supported and will error out. Be careful when upgrading docker from < 1.10 to > 1.10.
# docker_version="1.12.1"
+# Specify whether to run Docker daemon with SELinux enabled in containers. Default is True.
+# Uncomment below to disable; for example if your kernel does not support the
+# Docker overlay/overlay2 storage drivers with SELinux enabled.
+#openshift_docker_selinux_enabled=False
+
# Skip upgrading Docker during an OpenShift upgrade, leaves the current Docker version alone.
# docker_upgrade=False
@@ -136,8 +156,9 @@ openshift_release=v3.6
# modify image streams to point at that registry by setting the following to true
#openshift_examples_modify_imagestreams=true
-# Origin copr repo
+# OpenShift repository configuration
#openshift_additional_repos=[{'id': 'openshift-origin-copr', 'name': 'OpenShift Origin COPR', 'baseurl': 'https://copr-be.cloud.fedoraproject.org/results/maxamillion/origin-next/epel-7-$basearch/', 'enabled': 1, 'gpgcheck': 1, 'gpgkey': 'https://copr-be.cloud.fedoraproject.org/results/maxamillion/origin-next/pubkey.gpg'}]
+#openshift_repos_enable_testing=false
# htpasswd auth
openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', 'challenge': 'true', 'kind': 'HTPasswdPasswordIdentityProvider', 'filename': '/etc/origin/master/htpasswd'}]
@@ -453,6 +474,8 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true',
# S3 bucket must already exist.
#openshift_hosted_registry_storage_kind=object
#openshift_hosted_registry_storage_provider=s3
+#openshift_hosted_registry_storage_s3_encrypt=false
+#openshift_hosted_registry_storage_s3_kmskeyid=aws_kms_key_id
#openshift_hosted_registry_storage_s3_accesskey=aws_access_key_id
#openshift_hosted_registry_storage_s3_secretkey=aws_secret_access_key
#openshift_hosted_registry_storage_s3_bucket=bucket_name
@@ -537,6 +560,11 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true',
# Configure the prefix and version for the component images
#openshift_hosted_metrics_deployer_prefix=docker.io/openshift/origin-
#openshift_hosted_metrics_deployer_version=3.6.0
+#
+# StorageClass
+# openshift_storageclass_name=gp2
+# openshift_storageclass_parameters={'type': 'gp2', 'encrypted': false}
+#
# Logging deployment
#
@@ -699,7 +727,7 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true',
#openshift_dns_ip=172.30.0.1
# Configure node kubelet arguments. pods-per-core is valid in OpenShift Origin 1.3 or OpenShift Container Platform 3.3 and later.
-#openshift_node_kubelet_args={'pods-per-core': ['10'], 'max-pods': ['250'], 'image-gc-high-threshold': ['90'], 'image-gc-low-threshold': ['80']}
+#openshift_node_kubelet_args={'pods-per-core': ['10'], 'max-pods': ['250'], 'image-gc-high-threshold': ['85'], 'image-gc-low-threshold': ['80']}
# Configure logrotate scripts
# See: https://github.com/nickhammond/ansible-logrotate
@@ -725,6 +753,10 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true',
# Global Proxy Configuration
# These options configure HTTP_PROXY, HTTPS_PROXY, and NOPROXY environment
# variables for docker and master services.
+#
+# Hosts in the openshift_no_proxy list will NOT use any globally
+# configured HTTP(S)_PROXYs. openshift_no_proxy accepts domains
+# (.example.com), and hosts (example.com), and IP addresses.
#openshift_http_proxy=http://USER:PASSWORD@IPADDR:PORT
#openshift_https_proxy=https://USER:PASSWORD@IPADDR:PORT
#openshift_no_proxy='.hosts.example.com,some-host.com'
@@ -732,7 +764,11 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true',
# Most environments don't require a proxy between openshift masters, nodes, and
# etcd hosts. So automatically add those hostnames to the openshift_no_proxy list.
# If all of your hosts share a common domain you may wish to disable this and
-# specify that domain above.
+# specify that domain above instead.
+#
+# For example, having hosts with FQDNs: m1.ex.com, n1.ex.com, and
+# n2.ex.com, one would simply add '.ex.com' to the openshift_no_proxy
+# variable (above) and set this value to False
#openshift_generate_no_proxy_hosts=True
#
# These options configure the BuildDefaults admission controller which injects
@@ -798,7 +834,7 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true',
# use this line.
# The directory in "auditFilePath" will be created if it's not
# exist
-#openshift_master_audit_config={"enabled": true, "auditFilePath": "/var/log/openpaas-oscp-audit/openpaas-oscp-audit.log", "maximumFileRetentionDays": 14, "maximumFileSizeMegabytes": 500, "maximumRetainedFiles": 5}}
+#openshift_master_audit_config={"enabled": true, "auditFilePath": "/var/log/openpaas-oscp-audit/openpaas-oscp-audit.log", "maximumFileRetentionDays": 14, "maximumFileSizeMegabytes": 500, "maximumRetainedFiles": 5}
# Enable origin repos that point at Centos PAAS SIG, defaults to true, only used
# by deployment_type=origin
@@ -815,6 +851,9 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true',
# Controls validity for etcd CA, peer, server and client certificates.
#
#etcd_ca_default_days=1825
+#
+# ServiceAccountConfig:LimitSecretRefences rejects pods that reference secrets their service accounts do not reference
+# openshift_master_saconfig_limitsecretreferences=false
# Upgrade Control
#
@@ -844,6 +883,14 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true',
# openshift_upgrade_nodes_serial=4 openshift_upgrade_nodes_max_fail_percentage=49
# where as this would not
# openshift_upgrade_nodes_serial=4 openshift_upgrade_nodes_max_fail_percentage=50
+#
+# Multiple data migrations take place and if they fail they will fail the upgrade
+# You may wish to disable these or make them non fatal
+#
+# openshift_upgrade_pre_storage_migration_enabled=true
+# openshift_upgrade_pre_storage_migration_fatal==true
+# openshift_upgrade_post_storage_migration_enabled=true
+# openshift_upgrade_post_storage_migration_fatal==false
# host group for masters
[masters]
diff --git a/inventory/byo/hosts.ose.example b/inventory/byo/hosts.ose.example
index 63f1f00d2..62a364e0d 100644
--- a/inventory/byo/hosts.ose.example
+++ b/inventory/byo/hosts.ose.example
@@ -10,6 +10,10 @@ nfs
# Set variables common for all OSEv3 hosts
[OSEv3:vars]
+# Enable unsupported configurations, things that will yield a partially
+# functioning cluster but would not be supported for production use
+#openshift_enable_unsupported_configurations=false
+
# SSH user, this user should allow ssh based auth without requiring a
# password. If using ssh key based auth, then the key should be managed by an
# ssh agent.
@@ -42,6 +46,17 @@ openshift_release=v3.6
# This could potentially trigger an upgrade and downtime, so be careful with modifying this value after the cluster is set up.
#openshift_pkg_version=-3.6.0
+# This enables all the system containers except for docker:
+#openshift_use_system_containers=False
+#
+# But you can choose separately each component that must be a
+# system container:
+#
+#openshift_use_openvswitch_system_container=False
+#openshift_use_node_system_container=False
+#openshift_use_master_system_container=False
+#openshift_use_etcd_system_container=False
+
# Install the openshift examples
#openshift_install_examples=true
@@ -94,6 +109,11 @@ openshift_release=v3.6
# Default value: "--log-driver=journald"
#openshift_docker_options="-l warn --ipv6=false"
+# Specify whether to run Docker daemon with SELinux enabled in containers. Default is True.
+# Uncomment below to disable; for example if your kernel does not support the
+# Docker overlay/overlay2 storage drivers with SELinux enabled.
+#openshift_docker_selinux_enabled=False
+
# Specify exact version of Docker to configure or upgrade to.
# Downgrades are not supported and will error out. Be careful when upgrading docker from < 1.10 to > 1.10.
# docker_version="1.12.1"
@@ -135,8 +155,9 @@ openshift_release=v3.6
# modify image streams to point at that registry by setting the following to true
#openshift_examples_modify_imagestreams=true
-# Additional yum repos to install
+# OpenShift repository configuration
#openshift_additional_repos=[{'id': 'ose-devel', 'name': 'ose-devel', 'baseurl': 'http://example.com/puddle/build/AtomicOpenShift/3.1/latest/RH7-RHOSE-3.0/$basearch/os', 'enabled': 1, 'gpgcheck': 0}]
+#openshift_repos_enable_testing=false
# htpasswd auth
openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', 'challenge': 'true', 'kind': 'HTPasswdPasswordIdentityProvider', 'filename': '/etc/origin/master/htpasswd'}]
@@ -453,6 +474,8 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true',
# S3 bucket must already exist.
#openshift_hosted_registry_storage_kind=object
#openshift_hosted_registry_storage_provider=s3
+#openshift_hosted_registry_storage_s3_encrypt=false
+#openshift_hosted_registry_storage_s3_kmskeyid=aws_kms_key_id
#openshift_hosted_registry_storage_s3_accesskey=aws_access_key_id
#openshift_hosted_registry_storage_s3_secretkey=aws_secret_access_key
#openshift_hosted_registry_storage_s3_bucket=bucket_name
@@ -537,6 +560,11 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true',
# Configure the prefix and version for the component images
#openshift_hosted_metrics_deployer_prefix=registry.example.com:8888/openshift3/
#openshift_hosted_metrics_deployer_version=3.6.0
+#
+# StorageClass
+# openshift_storageclass_name=gp2
+# openshift_storageclass_parameters={'type': 'gp2', 'encrypted': false}
+#
# Logging deployment
#
@@ -699,7 +727,7 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true',
#openshift_dns_ip=172.30.0.1
# Configure node kubelet arguments. pods-per-core is valid in OpenShift Origin 1.3 or OpenShift Container Platform 3.3 and later.
-#openshift_node_kubelet_args={'pods-per-core': ['10'], 'max-pods': ['250'], 'image-gc-high-threshold': ['90'], 'image-gc-low-threshold': ['80']}
+#openshift_node_kubelet_args={'pods-per-core': ['10'], 'max-pods': ['250'], 'image-gc-high-threshold': ['85'], 'image-gc-low-threshold': ['80']}
# Configure logrotate scripts
# See: https://github.com/nickhammond/ansible-logrotate
@@ -725,6 +753,10 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true',
# Global Proxy Configuration
# These options configure HTTP_PROXY, HTTPS_PROXY, and NOPROXY environment
# variables for docker and master services.
+#
+# Hosts in the openshift_no_proxy list will NOT use any globally
+# configured HTTP(S)_PROXYs. openshift_no_proxy accepts domains
+# (.example.com), hosts (example.com), and IP addresses.
#openshift_http_proxy=http://USER:PASSWORD@IPADDR:PORT
#openshift_https_proxy=https://USER:PASSWORD@IPADDR:PORT
#openshift_no_proxy='.hosts.example.com,some-host.com'
@@ -732,7 +764,11 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true',
# Most environments don't require a proxy between openshift masters, nodes, and
# etcd hosts. So automatically add those hostnames to the openshift_no_proxy list.
# If all of your hosts share a common domain you may wish to disable this and
-# specify that domain above.
+# specify that domain above instead.
+#
+# For example, having hosts with FQDNs: m1.ex.com, n1.ex.com, and
+# n2.ex.com, one would simply add '.ex.com' to the openshift_no_proxy
+# variable (above) and set this value to False
#openshift_generate_no_proxy_hosts=True
#
# These options configure the BuildDefaults admission controller which injects
@@ -798,7 +834,7 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true',
# use this line.
# The directory in "auditFilePath" will be created if it's not
# exist
-#openshift_master_audit_config={"enabled": true, "auditFilePath": "/var/log/openpaas-oscp-audit/openpaas-oscp-audit.log", "maximumFileRetentionDays": 14, "maximumFileSizeMegabytes": 500, "maximumRetainedFiles": 5}}
+#openshift_master_audit_config={"enabled": true, "auditFilePath": "/var/log/openpaas-oscp-audit/openpaas-oscp-audit.log", "maximumFileRetentionDays": 14, "maximumFileSizeMegabytes": 500, "maximumRetainedFiles": 5}
# Validity of the auto-generated OpenShift certificates in days.
# See also openshift_hosted_registry_cert_expire_days above.
@@ -811,6 +847,9 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true',
# Controls validity for etcd CA, peer, server and client certificates.
#
#etcd_ca_default_days=1825
+#
+# ServiceAccountConfig:LimitSecretRefences rejects pods that reference secrets their service accounts do not reference
+# openshift_master_saconfig_limitsecretreferences=false
# Upgrade Control
#
@@ -840,6 +879,14 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true',
# openshift_upgrade_nodes_serial=4 openshift_upgrade_nodes_max_fail_percentage=49
# where as this would not
# openshift_upgrade_nodes_serial=4 openshift_upgrade_nodes_max_fail_percentage=50
+#
+# Multiple data migrations take place and if they fail they will fail the upgrade
+# You may wish to disable these or make them non fatal
+#
+# openshift_upgrade_pre_storage_migration_enabled=true
+# openshift_upgrade_pre_storage_migration_fatal==true
+# openshift_upgrade_post_storage_migration_enabled=true
+# openshift_upgrade_post_storage_migration_fatal==false
# host group for masters
[masters]
diff --git a/openshift-ansible.spec b/openshift-ansible.spec
index 17e816edd..9cadf5947 100644
--- a/openshift-ansible.spec
+++ b/openshift-ansible.spec
@@ -9,7 +9,7 @@
%global __requires_exclude ^/usr/bin/ansible-playbook$
Name: openshift-ansible
-Version: 3.6.114
+Version: 3.7.1
Release: 1%{?dist}
Summary: Openshift and Atomic Enterprise Ansible
License: ASL 2.0
@@ -280,6 +280,422 @@ Atomic OpenShift Utilities includes
%changelog
+* Thu Jul 27 2017 Scott Dodson <sdodson@redhat.com> 3.7.1-1
+- Fix incorrect delegate_to in control plane upgrade (sdodson@redhat.com)
+- Follow the new naming conventions. (zhang.wanmin@zte.com.cn)
+- Simplify generation of /etc/origin/node/resolv.conf (sdodson@redhat.com)
+- Add glusterfs hosts to oo_all_hosts so that hosts set initial facts.
+ (abutcher@redhat.com)
+- Sync all openshift.common.use_openshift_sdn uses in yaml files
+ (jchaloup@redhat.com)
+- Fixing podpresets perms for service-catalog-controller (ewolinet@redhat.com)
+- Fixing route spec caCertificate to be correctly capitalized
+ (ewolinet@redhat.com)
+- Set TimeoutStartSec=300 (sdodson@redhat.com)
+- Revert "set KillMode to process in node service file" (sdodson@redhat.com)
+- openshift_checks: refactor to internalize task_vars (lmeyer@redhat.com)
+- openshift_checks: get rid of deprecated module_executor (lmeyer@redhat.com)
+- openshift_checks: improve comments/names (lmeyer@redhat.com)
+- add default value for router path in the cert (efreiber@redhat.com)
+- Router wildcard certificate created by default (efreiber@redhat.com)
+- Remove unsupported parameters from example inventory files.
+ (jarrpa@redhat.com)
+- Fix lint errors (sdodson@redhat.com)
+- Metrics: grant hawkular namespace listener role (mwringe@redhat.com)
+- Removing nolog from htpasswd invocation so not to supress errors
+ (ewolinet@redhat.com)
+- Removed kubernetes.io string from default. (kwoodson@redhat.com)
+- Allow storage migrations to be optional and/or non fatal (sdodson@redhat.com)
+- libvirt: fall back to mkisofs if genisoimage isn't available
+ (dcbw@redhat.com)
+- libvirt: add documentation about SSH keypair requirements (dcbw@redhat.com)
+- Updating how storage type is determined, adding bool filter in
+ openshift_logging_elasticsearch (ewolinet@redhat.com)
+- Pass the provisioner to the module. (kwoodson@redhat.com)
+- Use absolute path when unexcluding (Sergi Jimenez)
+- Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1474246 (Sergi Jimenez)
+- Support enabling the centos-openshift-origin-testing repository
+ (dms@redhat.com)
+- 1472467- add ose- prefix to ansible service broker name (fabian@fabianism.us)
+- Updating openshift_logging_kibana default for kibana hostname
+ (ewolinet@redhat.com)
+- GlusterFS: Create registry storage svc and ep in registry namespace
+ (jarrpa@redhat.com)
+- Default an empty list for etcd_to_config if not there (tbielawa@redhat.com)
+- If proxy in effect, add etcd host IP addresses to NO_PROXY list on masters
+ (tbielawa@redhat.com)
+- GlusterFS: Pass all booleans through bool filter. (jarrpa@redhat.com)
+- GlusterFS: Fix bug in detecting whether to open firewall ports.
+ (jarrpa@redhat.com)
+- Pass first master's openshift_image_tag to openshift_loadbalancer for
+ containerized haproxy installation. (abutcher@redhat.com)
+- verify sane log times in logging stack (jvallejo@redhat.com)
+- Fix log dumping on service failure (sdodson@redhat.com)
+- Updating verbs for serviceclasses objects (ewolinet@redhat.com)
+- Fix broken link to Docker image instructions (rhcarvalho@gmail.com)
+- Added parameters inside of gce defaults. Pass all params to the module.
+ (kwoodson@redhat.com)
+- add etcd increased-traffic check (jvallejo@redhat.com)
+- Add etcd exports to openshift_storage_nfs (abutcher@redhat.com)
+- Hopefully finally fix the no_proxy settings (tbielawa@redhat.com)
+- openshift_checks/docker_storage: overlay/2 support (lmeyer@redhat.com)
+- Removing parameter kind and allowing default to be passed.
+ (kwoodson@redhat.com)
+- Remove openshift_use_dnsmasq from aws and libvirt playbooks
+ (sdodson@redhat.com)
+- 1471973- default to bootstrapping the broker on startup (fabian@fabianism.us)
+- image builds: remove dependency on playbook2image (jvallejo@redhat.com)
+- Setting node selector to be empty string (ewolinet@redhat.com)
+- Add drain retries after 60 second delay (sdodson@redhat.com)
+- Dump some logs (sdodson@redhat.com)
+- daemon_reload on node and ovs start (sdodson@redhat.com)
+- Ensure proper fact evaluation (sdodson@redhat.com)
+- Wrap additional service changes in retries (sdodson@redhat.com)
+- Wrap docker stop in retries (sdodson@redhat.com)
+- Add retries to node restart handlers (sdodson@redhat.com)
+- Test docker restart with retries 3 delay 30 (smilner@redhat.com)
+- Adding podpreset config into master-config (ewolinet@redhat.com)
+- Update image-gc-high-threshold value (decarr@redhat.com)
+- Adding a check for variable definition. (kwoodson@redhat.com)
+- docker: fix docker_selinux_enabled (lmeyer@redhat.com)
+- Changing cluster role to admin (rhallise@redhat.com)
+- drain still pending in below files without fix : (jkaur@redhat.com)
+- Fixed spacing and lint errors. (kwoodson@redhat.com)
+- Switch CI to ansible-2.3.1.0 (sdodson@redhat.com)
+- Allow OVS 2.7 in latest OpenShift releases (rhcarvalho@gmail.com)
+- Make aos_version module handle multiple versions (rhcarvalho@gmail.com)
+- Split positive and negative unit tests (rhcarvalho@gmail.com)
+- GlusterFS: Create in custom namespace by default (jarrpa@redhat.com)
+- hosted registry: Use proper node name in GlusterFS storage setup
+ (jarrpa@redhat.com)
+- GlusterFS: Make heketi-cli command configurable (jarrpa@redhat.com)
+- GlusterFS: Reintroduce heketi-cli check for non-native heketi
+ (jarrpa@redhat.com)
+- GlusterFS: Bug fixes for external GlusterFS nodes (jarrpa@redhat.com)
+- GlusterFS: Improve and extend example inventory files (jarrpa@redhat.com)
+- Fixed tests and added sleep for update. (kwoodson@redhat.com)
+- Fixing needs_update comparison. Added a small pause for race conditions.
+ Fixed doc. Fix kind to storageclass (kwoodson@redhat.com)
+- Adding storageclass support to lib_openshift. (kwoodson@redhat.com)
+- Add an SA policy to the ansible-service-broker (rhallise@redhat.com)
+- Import templates will fail if user is not system:admin (jkaur@redhat.com)
+- Additional optimization parameters for ansible.cfg (sejug@redhat.com)
+- Fix etcd conditional check failure (admin@webresource.nl)
+- Remove invalid when: from vars: (rteague@redhat.com)
+
+* Tue Jul 18 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.6.153-1
+- Updating to compare sets instead of sorted lists (ewolinet@redhat.com)
+- Adding ability to create podpreset for service-catalog-controller for
+ bz1471881 (ewolinet@redhat.com)
+- Updating to use oc replace and conditionally update edit and admin roles
+ (ewolinet@redhat.com)
+- Other playbooks maybe expecting this to be at least an empty string. I think
+ they default it to an empty list if its not found. (tbielawa@redhat.com)
+- Fix NO_PROXY environment variable setting (tbielawa@redhat.com)
+- Changing the passing of data for sc creation. (kwoodson@redhat.com)
+- Fixed variable name. (kwoodson@redhat.com)
+- Adding disk encryption to storageclasses and to openshift registry
+ (kwoodson@redhat.com)
+
+* Mon Jul 17 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.6.152-1
+-
+
+* Sun Jul 16 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.6.151-1
+-
+
+* Sun Jul 16 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.6.150-1
+-
+
+* Sat Jul 15 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.6.149-1
+- Config was missed before replace. (jkaur@redhat.com)
+- Redeploy-certificates will fail for registry and router if user is not
+ system:admin (jkaur@redhat.com)
+
+* Fri Jul 14 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.6.148-1
+- Adding in permissions to edit and admin cluster roles (ewolinet@redhat.com)
+- making kube-service-catalog project network global when using redhat
+ /openshift-ovs-multitenant plugin (ewolinet@redhat.com)
+- set KillMode to process in node service file (jchaloup@redhat.com)
+- Upgrade fails when "Drain Node for Kubelet upgrade" (jkaur@redhat.com)
+- openvswitch, syscontainer: specify the Docker service name
+ (gscrivan@redhat.com)
+
+* Thu Jul 13 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.6.144-1
+- Created js file for enabling tech preview for console, updated master-config
+ for pod presets and console tech preview (ewolinet@redhat.com)
+- GlusterFS: Add updated example hosts files (jarrpa@redhat.com)
+- GlusterFS: Fix SSH-based heketi configuration (jarrpa@redhat.com)
+
+* Wed Jul 12 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.6.143-1
+-
+
+* Wed Jul 12 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.6.142-1
+- add scheduled pods check (jvallejo@redhat.com)
+- Only store failures that were not ignored. (rhcarvalho@gmail.com)
+- Add overlay to supported Docker storage drivers (rhcarvalho@gmail.com)
+- ansible.cfg: improve ssh ControlPath (lmeyer@redhat.com)
+- openshift_checks: fix execute_module params (lmeyer@redhat.com)
+- OCP build: override python-directed envvars (lmeyer@redhat.com)
+- OCP build: fix bug 1465724 (lmeyer@redhat.com)
+- OCP build: sync packages needed (lmeyer@redhat.com)
+- Adding create permissions for serviceclasses.servicecatalog.k8s.io to
+ service-catalog-controller role (ewolinet@redhat.com)
+- Fix calico when certs are auto-generated (djosborne10@gmail.com)
+- Removing trailing newline. (kwoodson@redhat.com)
+- Error upgrading control_plane when user is not system:admin
+ (jkaur@redhat.com)
+- [Bz 1468113] Configure the rest of the masters with the correct URL.
+ (kwoodson@redhat.com)
+
+* Tue Jul 11 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.6.141-1
+- Add evaluate_groups.yml to network_manager playbook (rteague@redhat.com)
+- updating fetch tasks to be flat paths (ewolinet@redhat.com)
+
+* Mon Jul 10 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.6.140-1
+-
+
+* Sat Jul 08 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.6.139-1
+- increase implicit 300s default timeout to explicit 600s (jchaloup@redhat.com)
+
+* Sat Jul 08 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.6.138-1
+- Wait for etcd to become healthy before migrating TTL (tbielawa@redhat.com)
+- Use openshift.node.nodename as glusterfs_hostname. (abutcher@redhat.com)
+- container-engine: Update Fedora registry url (smilner@redhat.com)
+- updating configmap map definition to fix asb not starting up correctly
+ (ewolinet@redhat.com)
+- xPaas v1.4.1 for 3.4 (sdodson@redhat.com)
+- xPaas v1.4.1 for 3.5 (sdodson@redhat.com)
+- xPaaS 1.4.1 for 3.6 (sdodson@redhat.com)
+- Only add entries to NO_PROXY settings if a NO_PROXY value is set
+ (tbielawa@redhat.com)
+- fixing configuation values. (shurley@redhat.com)
+
+* Fri Jul 07 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.6.137-1
+- Install container-selinux with container-engine (smilner@redhat.com)
+- Bug 1466152 - Json-file log driver: Neither
+ "openshift_logging_fluentd_use_journal=false" nor omitted collects the log
+ entries (rmeggins@redhat.com)
+- Adding serial: 1 to play to ensure we run one at a time (ewolinet@redhat.com)
+- Fix yamllint (sdodson@redhat.com)
+- Workaround seboolean module with setsebool command. (abutcher@redhat.com)
+- Removed quotes and added env variable to be specific. (kwoodson@redhat.com)
+- [BZ 1467786] Fix for OPENSHIFT_DEFAULT_REGISTRY setting.
+ (kwoodson@redhat.com)
+- set the proper label of /var/lib/etcd directory (jchaloup@redhat.com)
+
+* Thu Jul 06 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.6.136-1
+- Synching certs and aggregator configs from first master to all other masters
+ (ewolinet@redhat.com)
+- Addressing servicecatalog doesnt have enough permissions and multimaster
+ config for service-catalog (ewolinet@redhat.com)
+- add back mux_client config that was removed (rmeggins@redhat.com)
+- use master etcd certificates when delegating oadm migrate etcd-ttl
+ (jchaloup@redhat.com)
+
+* Wed Jul 05 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.6.135-1
+- Update the tag for enterprise service catalog (sdodson@redhat.com)
+- Fix missing service domain .svc in NO_PROXY settings (tbielawa@redhat.com)
+- drop etcdctl before the etcd_container service (jchaloup@redhat.com)
+- Fix prefix for OCP service-catalog prefix (sdodson@redhat.com)
+- Fully qualify ocp ansible_service_broker_image_prefix (sdodson@redhat.com)
+
+* Wed Jul 05 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.6.134-1
+-
+
+* Tue Jul 04 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.6.133-1
+- etcd, syscontainer: fix copy of existing datastore (gscrivan@redhat.com)
+- pre-pull images before stopping docker (jchaloup@redhat.com)
+- Always convert no_proxy from string into a list (sdodson@redhat.com)
+- fix 1466680. Fix logging deploying to the specified namespace
+ (jcantril@redhat.com)
+- logging_es: temporarily disable readiness probe (jwozniak@redhat.com)
+- Fixes to storage migration (sdodson@redhat.com)
+
+* Mon Jul 03 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.6.132-1
+-
+
+* Sun Jul 02 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.6.131-1
+- Fix upgrade (sdodson@redhat.com)
+- Prevent the script to use default route ip as upstream nameserver.
+ (steveteuber@users.noreply.github.com)
+- Use default ports for dnsmasq and node dns (sdodson@redhat.com)
+- Run dns on the node and use that for dnsmasq (sdodson@redhat.com)
+- Using ca-bundle.crt to connect to local etcd if master.etcd-ca.crt DNE
+ (ewolinet@redhat.com)
+- Set OPENSHIFT_DEFAULT_REGISTRY in registry dc. (abutcher@redhat.com)
+- Updating to use openshift.master.etcd_hosts for etcd servers for apiserver
+ (ewolinet@redhat.com)
+- Update v1.4 image streams and templates (sdodson@redhat.com)
+- xPaaS v1.4.0 for v3.4 (sdodson@redhat.com)
+- Sync latest image streams and templates for v1.5 (sdodson@redhat.com)
+- xPaaS v1.4.0 for v3.5 (sdodson@redhat.com)
+- Update latest image streams for v3.6 (sdodson@redhat.com)
+- Bump xPaas v1.4.0 for v3.6 (sdodson@redhat.com)
+- docker_image_availability: fix containerized etcd (lmeyer@redhat.com)
+- evalute etcd backup directory name only once (jchaloup@redhat.com)
+- run etcd_container with type:spc_t label (jchaloup@redhat.com)
+- Fixing ops storage options being passed to openshift_logging_elasticsearch
+ role fixing default ops pv selector (ewolinet@redhat.com)
+- Adding labels for elasticsearch and kibana services (ewolinet@redhat.com)
+- Add a retry to the docker restart handler (sdodson@redhat.com)
+- docker_storage check: make vgs return sane output (lmeyer@redhat.com)
+- Capture exceptions when resolving available checks (rhcarvalho@gmail.com)
+- PAPR: customize disk space requirements (rhcarvalho@gmail.com)
+- Enable disk check on containerized installs (rhcarvalho@gmail.com)
+- Add module docstring (rhcarvalho@gmail.com)
+- Add suggestion to check disk space in any path (rhcarvalho@gmail.com)
+- Require at least 1GB in /usr/bin/local and tempdir (rhcarvalho@gmail.com)
+- Refactor DiskAvailability for arbitrary paths (rhcarvalho@gmail.com)
+- Adding some more sections to additional considerations, being less rigid on
+ large roles for composing -- can also be a playbook (ewolinet@redhat.com)
+- Updating snippet contents, formatting and providing urls
+ (ewolinet@redhat.com)
+- Update snippets and add bullet point on role dependency (ewolinet@redhat.com)
+- Creating initial proposal doc for review (ewolinet@redhat.com)
+
+* Fri Jun 30 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.6.129-1
+- Fix generate role binding destination for the HOSA service account
+ (steveteuber@users.noreply.github.com)
+- Correct version comparisons to ensure proper evaluation (rteague@redhat.com)
+- Adding become: false to local_action tasks (ewolinet@redhat.com)
+- upgrade: fix name for the etcd system container (gscrivan@redhat.com)
+- fix backup and working directory for etcd run as a system container
+ (jchaloup@redhat.com)
+- etcd_migrate: Add /var/usrlocal/bin to path for oadm (smilner@redhat.com)
+- etcd_migrate: Add /usr/local/bin to path for oadm (smilner@redhat.com)
+- Sync environment variables FLUENTD/MUX_CPU_LIMIT FLUENTD/MUX_MEMORY_LIMIT
+ with the resource limit values. (nhosoi@redhat.com)
+- Update master configuration for named certificates during master cert
+ redeploy. (abutcher@redhat.com)
+- Get rid of openshift_facts dep in rhel_subscribe (sdodson@redhat.com)
+- logging: write ES heap dump to persistent storage (jwozniak@redhat.com)
+
+* Thu Jun 29 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.6.128-1
+- parameterize etcd binary path (fabian@fabianism.us)
+- attach leases via the first master only and only once (jchaloup@redhat.com)
+- evalute groups when running etcd upgrade from byo/openshift-
+ cluster/upgrades/upgrade_etcd.yml (jchaloup@redhat.com)
+- Bug 1465168 - mux doesn't recognize ansible boolean parameters correctly
+ (rmeggins@redhat.com)
+
+* Tue Jun 27 2017 Scott Dodson <sdodson@redhat.com> 3.6.123.1003-1
+- Generate loopback kubeconfig separately to preserve OpenShift CA certificate.
+ (abutcher@redhat.com)
+- registry: look for the oc executable in /usr/local/bin and ~/bin
+ (gscrivan@redhat.com)
+- router: look for the oc executable in /usr/local/bin and ~/bin
+ (gscrivan@redhat.com)
+- Retry docker startup once (sdodson@redhat.com)
+
+* Tue Jun 27 2017 Scott Dodson <sdodson@redhat.com> 3.6.123.1002-1
+- Fix typo in fluentd_secureforward_contents variable
+ (Andreas.Dembach@dg-i.net)
+- Reverting quotation change in ansible_service_broker install for etcd
+ (ewolinet@redhat.com)
+
+* Mon Jun 26 2017 Scott Dodson <sdodson@redhat.com> 3.6.123.1001-1
+- oc_atomic_container: use rpm to check the version. (gscrivan@redhat.com)
+- Fix .spec for stagecut (jupierce@redhat.com)
+- Picking change from sdodson (ewolinet@redhat.com)
+- openshift_version: skip nfs and lb hosts (smilner@redhat.com)
+- openshift_checks: eval groups before including role (lmeyer@redhat.com)
+- Adding volume fact for etcd for openshift ansible service broker
+ (ewolinet@redhat.com)
+- Updating to label node and wait for apiservice to be healthy and started
+ (ewolinet@redhat.com)
+- Also configure default registry on HA masters (sdodson@redhat.com)
+- Fix parsing certs with very large serial numbers (tbielawa@redhat.com)
+- fix yamllint issues (fabian@fabianism.us)
+- openshift_logging: use empty default for storage labels (fsimonce@redhat.com)
+- Set clean install and etcd storage on first master to fix scaleup
+ (sdodson@redhat.com)
+- images, syscontainer: change default value for ANSIBLE_CONFIG
+ (gscrivan@redhat.com)
+- Cleanup/updates for env variables and etcd image (fabian@fabianism.us)
+- Sync 3.5 cfme templates over to 3.6 (sdodson@redhat.com)
+- Moving checks down after required initialization happens.
+ (kwoodson@redhat.com)
+- add play and role to install ansible-service-broker (fabian@fabianism.us)
+- Creation of service_catalog and placeholder broker roles
+ (ewolinet@redhat.com)
+- GlusterFS: Use proper namespace for heketi command and service account
+ (jarrpa@redhat.com)
+- Fixing quote issue. (kwoodson@redhat.com)
+- GlusterFS: Fix heketi secret name (jarrpa@redhat.com)
+- Fix for dynamic pvs when using storageclasses. (kwoodson@redhat.com)
+- Ensure that host pki tree is mounted in containerized components
+ (sdodson@redhat.com)
+
+* Fri Jun 23 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.6.123-1
+- releases: enable build/push with multiple tags (lmeyer@redhat.com)
+- Update template examples for 3.6 (rteague@redhat.com)
+- Reverting v prefix introduced by stagecut (smunilla@redhat.com)
+- Fixed readme doc. (kwoodson@redhat.com)
+- Adding version field for stagecut (smunilla@redhat.com)
+- Remove package_update from install playbook (rhcarvalho@gmail.com)
+- Restart NetworkManager only if dnsmasq was used
+ (bliemli@users.noreply.github.com)
+- remove extra close brace in example inventory (gpei@redhat.com)
+- Adding option for serviceAccountConfig.limitSecretReferences
+ (kwoodson@redhat.com)
+- doc: Add system_container examples to inventory (smilner@redhat.com)
+- system_containers: Add openshift_ to other system_container vars
+ (smilner@redhat.com)
+- system_containers: Add openshift_ to use_system_containers var
+ (smilner@redhat.com)
+- detect etcd service name based on etcd runtime when restarting
+ (jchaloup@redhat.com)
+- set proper etcd_data_dir for system container (jchaloup@redhat.com)
+- etcd, system_container: do not mask etcd_container (gscrivan@redhat.com)
+- etcd, system_container: do not enable system etcd (gscrivan@redhat.com)
+- oc_atomic_container: Require 1.17.2 (smilner@redhat.com)
+- Verify matched openshift_upgrade_nodes_label (rteague@redhat.com)
+- bug 1457642. Use same SG index to avoid seeding timeout (jcantril@redhat.com)
+
+* Wed Jun 21 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.6.122-1
+-
+
+* Tue Jun 20 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.6.121-1
+- Updating default from null to "" (ewolinet@redhat.com)
+
+* Tue Jun 20 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.6.120-1
+- Update atomic-openshift-master.j2 (sdodson@redhat.com)
+- Enable push to registry via dns only on clean 3.6 installs
+ (sdodson@redhat.com)
+- Disable actually pushing to the registry via dns for now (sdodson@redhat.com)
+- Add openshift_node_dnsmasq role to upgrade (sdodson@redhat.com)
+- Push to the registry via dns (sdodson@redhat.com)
+
+* Tue Jun 20 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.6.119-1
+- Temporarilly only migrate jobs as we were before (sdodson@redhat.com)
+- Disable TLS verification in skopeo inspect (rhcarvalho@gmail.com)
+- Preserve etcd3 storage if it's already in use (sdodson@redhat.com)
+- GlusterFS: Generate better secret keys (jarrpa@redhat.com)
+- GlusterFS: Fix error when groups.glusterfs_registry is undefined.
+ (jarrpa@redhat.com)
+- GlusterFS: Use proper identity in heketi secret (jarrpa@redhat.com)
+- GlusterFS: Allow configuration of heketi port (jarrpa@redhat.com)
+- GlusterFS: Fix variable typo (jarrpa@redhat.com)
+- GlusterFS: Minor template fixes (jarrpa@redhat.com)
+- registry: mount GlusterFS storage volume from correct host
+ (jarrpa@redhat.com)
+
+* Mon Jun 19 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.6.117-1
+- Run storage upgrade pre and post master upgrade (rteague@redhat.com)
+- Introduce etcd migrate role (jchaloup@redhat.com)
+- Add support for rhel, aci, vxlan (srampal@cisco.com)
+
+* Sun Jun 18 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.6.116-1
+- PAPR: define openshift_image_tag via command line (rhcarvalho@gmail.com)
+- Ensure only one ES pod per PV (peter.portante@redhat.com)
+- etcd v3 for clean installs (sdodson@redhat.com)
+- Rename cockpit-shell -> cockpit-system (rhcarvalho@gmail.com)
+- Update image repo name, images have been moved from 'cloudforms' to
+ 'cloudforms42' for CF 4.2. (simaishi@redhat.com)
+- Update image repo name, images have been moved from 'cloudforms' to
+ 'cloudforms45' for CF 4.5. (simaishi@redhat.com)
+- CloudForms 4.5 templates (simaishi@redhat.com)
+
* Fri Jun 16 2017 Jenkins CD Merge Bot <smunilla@redhat.com> 3.6.114-1
-
diff --git a/playbooks/adhoc/contiv/delete_contiv.yml b/playbooks/adhoc/contiv/delete_contiv.yml
index 91948c72e..eec6c23a7 100644
--- a/playbooks/adhoc/contiv/delete_contiv.yml
+++ b/playbooks/adhoc/contiv/delete_contiv.yml
@@ -1,5 +1,5 @@
---
-- name: delete contiv
+- name: Uninstall contiv
hosts: all
gather_facts: False
tasks:
diff --git a/playbooks/adhoc/uninstall.yml b/playbooks/adhoc/uninstall.yml
index 97d835eae..58b3a7835 100644
--- a/playbooks/adhoc/uninstall.yml
+++ b/playbooks/adhoc/uninstall.yml
@@ -26,6 +26,20 @@
- hosts: nodes
become: yes
tasks:
+ - name: Remove dnsmasq dispatcher
+ file:
+ path: "{{ item }}"
+ state: absent
+ with_items:
+ - /etc/dnsmasq.d/origin-dns.conf
+ - /etc/dnsmasq.d/origin-upstream-dns.conf
+ - /etc/dnsmasq.d/openshift-ansible.conf
+ - /etc/NetworkManager/dispatcher.d/99-origin-dns.sh
+ when: openshift_use_dnsmasq | default(true) | bool
+ - service:
+ name: NetworkManager
+ state: restarted
+ when: openshift_use_dnsmasq | default(true) | bool
- name: Stop services
service: name={{ item }} state=stopped
with_items:
@@ -103,7 +117,7 @@
- atomic-openshift-sdn-ovs
- cockpit-bridge
- cockpit-docker
- - cockpit-shell
+ - cockpit-system
- cockpit-ws
- kubernetes-client
- openshift
@@ -279,9 +293,6 @@
with_items:
- /etc/ansible/facts.d/openshift.fact
- /etc/atomic-enterprise
- - /etc/dnsmasq.d/origin-dns.conf
- - /etc/dnsmasq.d/origin-upstream-dns.conf
- - /etc/NetworkManager/dispatcher.d/99-origin-dns.sh
- /etc/openshift
- /etc/openshift-sdn
- /etc/sysconfig/atomic-enterprise-node
@@ -307,16 +318,17 @@
- name: restart container-engine
service: name=container-engine state=restarted
- ignore_errors: true
+ failed_when: false
register: container_engine
- name: restart docker
service: name=docker state=restarted
- ignore_errors: true
+ failed_when: false
when: not (container_engine | changed)
-
- - name: restart NetworkManager
- service: name=NetworkManager state=restarted
+ register: l_docker_restart_docker_in_pb_result
+ until: not l_docker_restart_docker_in_pb_result | failed
+ retries: 3
+ delay: 30
- hosts: masters
become: yes
@@ -346,7 +358,7 @@
- atomic-openshift-master
- cockpit-bridge
- cockpit-docker
- - cockpit-shell
+ - cockpit-system
- cockpit-ws
- corosync
- kubernetes-client
diff --git a/playbooks/aws/openshift-cluster/config.yml b/playbooks/aws/openshift-cluster/config.yml
index 8d64b0521..821a0f30e 100644
--- a/playbooks/aws/openshift-cluster/config.yml
+++ b/playbooks/aws/openshift-cluster/config.yml
@@ -35,4 +35,3 @@
openshift_use_flannel: "{{ lookup('oo_option', 'use_flannel') }}"
openshift_use_calico: "{{ lookup('oo_option', 'use_calico') }}"
openshift_use_fluentd: "{{ lookup('oo_option', 'use_fluentd') }}"
- openshift_use_dnsmasq: false
diff --git a/playbooks/byo/openshift-checks/README.md b/playbooks/byo/openshift-checks/README.md
index 4b2ff1f94..f0f14b268 100644
--- a/playbooks/byo/openshift-checks/README.md
+++ b/playbooks/byo/openshift-checks/README.md
@@ -39,7 +39,9 @@ against your inventory file. Here is the step-by-step:
$ cd openshift-ansible
```
-2. Run the appropriate playbook:
+2. Install the [dependencies](../../../README.md#setup)
+
+3. Run the appropriate playbook:
```console
$ ansible-playbook -i <inventory file> playbooks/byo/openshift-checks/pre-install.yml
@@ -57,9 +59,8 @@ against your inventory file. Here is the step-by-step:
$ ansible-playbook -i <inventory file> playbooks/byo/openshift-checks/certificate_expiry/default.yaml -v
```
-## Running via Docker image
+## Running in a container
This repository is built into a Docker image including Ansible so that it can
-be run anywhere Docker is available. Instructions for doing so may be found
-[in the README](../../README_CONTAINER_IMAGE.md).
-
+be run anywhere Docker is available, without the need to manually install dependencies.
+Instructions for doing so may be found [in the README](../../../README_CONTAINER_IMAGE.md).
diff --git a/playbooks/byo/openshift-cluster/cluster_hosts.yml b/playbooks/byo/openshift-cluster/cluster_hosts.yml
index 9d086b7b6..0adadfcef 100644
--- a/playbooks/byo/openshift-cluster/cluster_hosts.yml
+++ b/playbooks/byo/openshift-cluster/cluster_hosts.yml
@@ -20,4 +20,5 @@ g_glusterfs_registry_hosts: "{{ groups.glusterfs_registry | default(g_glusterfs_
g_all_hosts: "{{ g_master_hosts | union(g_node_hosts) | union(g_etcd_hosts)
| union(g_lb_hosts) | union(g_nfs_hosts)
| union(g_new_node_hosts)| union(g_new_master_hosts)
+ | union(g_glusterfs_hosts)
| default([]) }}"
diff --git a/playbooks/byo/openshift-cluster/config.yml b/playbooks/byo/openshift-cluster/config.yml
index 2372a5322..acf5469bf 100644
--- a/playbooks/byo/openshift-cluster/config.yml
+++ b/playbooks/byo/openshift-cluster/config.yml
@@ -3,24 +3,6 @@
tags:
- always
-- name: Verify Requirements
- hosts: OSEv3
- roles:
- - openshift_health_checker
- vars:
- - r_openshift_health_checker_playbook_context: "install"
- post_tasks:
- - action: openshift_health_check
- args:
- checks:
- - disk_availability
- - memory_availability
- - package_availability
- - package_update
- - package_version
- - docker_image_availability
- - docker_storage
-
- include: ../../common/openshift-cluster/std_include.yml
tags:
- always
diff --git a/playbooks/byo/openshift-cluster/service-catalog.yml b/playbooks/byo/openshift-cluster/service-catalog.yml
new file mode 100644
index 000000000..a9fc18958
--- /dev/null
+++ b/playbooks/byo/openshift-cluster/service-catalog.yml
@@ -0,0 +1,12 @@
+---
+#
+# This playbook is a preview of upcoming changes for installing
+# Hosted logging on. See inventory/byo/hosts.*.example for the
+# currently supported method.
+#
+- include: initialize_groups.yml
+
+- include: ../../common/openshift-cluster/service_catalog.yml
+ vars:
+ openshift_cluster_id: "{{ cluster_id | default('default') }}"
+ openshift_debug_level: "{{ debug_level | default(2) }}"
diff --git a/playbooks/byo/openshift-cluster/upgrades/upgrade_etcd.yml b/playbooks/byo/openshift-cluster/upgrades/upgrade_etcd.yml
index 8005a17a3..5bd5d64ab 100644
--- a/playbooks/byo/openshift-cluster/upgrades/upgrade_etcd.yml
+++ b/playbooks/byo/openshift-cluster/upgrades/upgrade_etcd.yml
@@ -1,4 +1,6 @@
---
- include: ../initialize_groups.yml
+- include: ../../../common/openshift-cluster/evaluate_groups.yml
+
- include: ../../../common/openshift-cluster/upgrades/etcd/main.yml
diff --git a/playbooks/byo/openshift-etcd/migrate.yml b/playbooks/byo/openshift-etcd/migrate.yml
new file mode 100644
index 000000000..143016159
--- /dev/null
+++ b/playbooks/byo/openshift-etcd/migrate.yml
@@ -0,0 +1,8 @@
+---
+- include: ../openshift-cluster/initialize_groups.yml
+ tags:
+ - always
+
+- include: ../../common/openshift-etcd/migrate.yml
+ tags:
+ - always
diff --git a/playbooks/common/openshift-checks/health.yml b/playbooks/common/openshift-checks/health.yml
index 1bee460e8..c7766ff04 100644
--- a/playbooks/common/openshift-checks/health.yml
+++ b/playbooks/common/openshift-checks/health.yml
@@ -1,4 +1,9 @@
---
+# openshift_health_checker depends on openshift_version which now requires group eval.
+- include: ../openshift-cluster/evaluate_groups.yml
+ tags:
+ - always
+
- name: Run OpenShift health checks
hosts: OSEv3
roles:
diff --git a/playbooks/common/openshift-checks/pre-install.yml b/playbooks/common/openshift-checks/pre-install.yml
index e01c6f38d..7ca9f7e8b 100644
--- a/playbooks/common/openshift-checks/pre-install.yml
+++ b/playbooks/common/openshift-checks/pre-install.yml
@@ -1,4 +1,9 @@
---
+# openshift_health_checker depends on openshift_version which now requires group eval.
+- include: ../openshift-cluster/evaluate_groups.yml
+ tags:
+ - always
+
- hosts: OSEv3
name: run OpenShift pre-install checks
roles:
diff --git a/playbooks/common/openshift-cluster/config.yml b/playbooks/common/openshift-cluster/config.yml
index 1482b3a3f..7224ae712 100644
--- a/playbooks/common/openshift-cluster/config.yml
+++ b/playbooks/common/openshift-cluster/config.yml
@@ -1,4 +1,23 @@
---
+# TODO: refactor this into its own include
+# and pass a variable for ctx
+- name: Verify Requirements
+ hosts: oo_all_hosts
+ roles:
+ - openshift_health_checker
+ vars:
+ - r_openshift_health_checker_playbook_context: "install"
+ post_tasks:
+ - action: openshift_health_check
+ args:
+ checks:
+ - disk_availability
+ - memory_availability
+ - package_availability
+ - package_version
+ - docker_image_availability
+ - docker_storage
+
- include: initialize_oo_option_facts.yml
tags:
- always
@@ -45,6 +64,12 @@
tags:
- hosted
+- include: service_catalog.yml
+ when:
+ - openshift_enable_service_catalog | default(false) | bool
+ tags:
+ - servicecatalog
+
- name: Re-enable excluder if it was previously enabled
hosts: oo_masters_to_config:oo_nodes_to_config
tags:
diff --git a/playbooks/common/openshift-cluster/evaluate_groups.yml b/playbooks/common/openshift-cluster/evaluate_groups.yml
index c28ce4c14..baca72c58 100644
--- a/playbooks/common/openshift-cluster/evaluate_groups.yml
+++ b/playbooks/common/openshift-cluster/evaluate_groups.yml
@@ -157,3 +157,12 @@
ansible_become: "{{ g_sudo | default(omit) }}"
with_items: "{{ g_glusterfs_hosts | union(g_glusterfs_registry_hosts | default([])) }}"
changed_when: no
+
+ - name: Evaluate oo_etcd_to_migrate
+ add_host:
+ name: "{{ item }}"
+ groups: oo_etcd_to_migrate
+ ansible_ssh_user: "{{ g_ssh_user | default(omit) }}"
+ ansible_become: "{{ g_sudo | default(omit) }}"
+ with_items: "{{ groups.oo_etcd_to_config if groups.oo_etcd_to_config | default([]) | length != 0 else groups.oo_first_master }}"
+ changed_when: no
diff --git a/playbooks/common/openshift-cluster/openshift_hosted.yml b/playbooks/common/openshift-cluster/openshift_hosted.yml
index 8d94b6509..ce7f981ab 100644
--- a/playbooks/common/openshift-cluster/openshift_hosted.yml
+++ b/playbooks/common/openshift-cluster/openshift_hosted.yml
@@ -26,6 +26,8 @@
logging_elasticsearch_cluster_size: "{{ openshift_hosted_logging_elasticsearch_cluster_size | default(1) }}"
logging_elasticsearch_ops_cluster_size: "{{ openshift_hosted_logging_elasticsearch_ops_cluster_size | default(1) }}"
roles:
+ - role: openshift_default_storage_class
+ when: openshift_cloudprovider_kind is defined and (openshift_cloudprovider_kind == 'aws' or openshift_cloudprovider_kind == 'gce')
- role: openshift_hosted
- role: openshift_metrics
when: openshift_hosted_metrics_deploy | default(false) | bool
@@ -45,8 +47,6 @@
- role: cockpit-ui
when: ( openshift.common.version_gte_3_3_or_1_3 | bool ) and ( openshift_hosted_manage_registry | default(true) | bool ) and not (openshift.docker.hosted_registry_insecure | default(false) | bool)
- - role: openshift_default_storage_class
- when: openshift_cloudprovider_kind is defined and (openshift_cloudprovider_kind == 'aws' or openshift_cloudprovider_kind == 'gce')
- name: Update master-config for publicLoggingURL
hosts: oo_masters_to_config:!oo_first_master
diff --git a/playbooks/common/openshift-cluster/openshift_metrics.yml b/playbooks/common/openshift-cluster/openshift_metrics.yml
index bcff4a1a1..2c8ad5b75 100644
--- a/playbooks/common/openshift-cluster/openshift_metrics.yml
+++ b/playbooks/common/openshift-cluster/openshift_metrics.yml
@@ -5,3 +5,12 @@
hosts: oo_first_master
roles:
- openshift_metrics
+
+- name: OpenShift Metrics
+ hosts: oo_masters:!oo_first_master
+ serial: 1
+ tasks:
+ - name: Setup the non-first masters configs
+ include_role:
+ name: openshift_metrics
+ tasks_from: update_master_config.yaml
diff --git a/playbooks/common/openshift-cluster/redeploy-certificates/masters.yml b/playbooks/common/openshift-cluster/redeploy-certificates/masters.yml
index c30889d64..51b196299 100644
--- a/playbooks/common/openshift-cluster/redeploy-certificates/masters.yml
+++ b/playbooks/common/openshift-cluster/redeploy-certificates/masters.yml
@@ -51,3 +51,13 @@
| oo_collect('openshift.common.hostname')
| default(none, true) }}"
openshift_certificates_redeploy: true
+ - role: lib_utils
+ post_tasks:
+ - yedit:
+ src: "{{ openshift.common.config_base }}/master/master-config.yaml"
+ key: servingInfo.namedCertificates
+ value: "{{ openshift.master.named_certificates | default([]) | oo_named_certificates_list }}"
+ when:
+ - ('named_certificates' in openshift.master)
+ - openshift.master.named_certificates | default([]) | length > 0
+ - openshift_master_overwrite_named_certificates | default(false) | bool
diff --git a/playbooks/common/openshift-cluster/redeploy-certificates/registry.yml b/playbooks/common/openshift-cluster/redeploy-certificates/registry.yml
index 8c8062585..afd5463b2 100644
--- a/playbooks/common/openshift-cluster/redeploy-certificates/registry.yml
+++ b/playbooks/common/openshift-cluster/redeploy-certificates/registry.yml
@@ -66,6 +66,7 @@
--signer-cert={{ openshift.common.config_base }}/master/ca.crt
--signer-key={{ openshift.common.config_base }}/master/ca.key
--signer-serial={{ openshift.common.config_base }}/master/ca.serial.txt
+ --config={{ mktemp.stdout }}/admin.kubeconfig
--hostnames="{{ docker_registry_service_ip.results.clusterip }},docker-registry.default.svc,docker-registry.default.svc.cluster.local,{{ docker_registry_route_hostname }}"
--cert={{ openshift.common.config_base }}/master/registry.crt
--key={{ openshift.common.config_base }}/master/registry.key
diff --git a/playbooks/common/openshift-cluster/redeploy-certificates/router.yml b/playbooks/common/openshift-cluster/redeploy-certificates/router.yml
index 9f14f2d69..748bbbf91 100644
--- a/playbooks/common/openshift-cluster/redeploy-certificates/router.yml
+++ b/playbooks/common/openshift-cluster/redeploy-certificates/router.yml
@@ -116,8 +116,9 @@
tls.crt="{{ mktemp.stdout }}/openshift-hosted-router-certificate.pem"
tls.key="{{ mktemp.stdout }}/openshift-hosted-router-certificate.key"
--type=kubernetes.io/tls
+ --config={{ mktemp.stdout }}/admin.kubeconfig
--confirm
- -o json | {{ openshift.common.client_binary }} replace -f -
+ -o json | {{ openshift.common.client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig replace -f -
- name: Remove temporary router certificate and key files
file:
diff --git a/playbooks/common/openshift-cluster/service_catalog.yml b/playbooks/common/openshift-cluster/service_catalog.yml
new file mode 100644
index 000000000..6c12875fe
--- /dev/null
+++ b/playbooks/common/openshift-cluster/service_catalog.yml
@@ -0,0 +1,21 @@
+---
+- include: evaluate_groups.yml
+
+- name: Update Master configs
+ hosts: oo_masters
+ serial: 1
+ tasks:
+ - block:
+ - include_role:
+ name: openshift_service_catalog
+ tasks_from: wire_aggregator
+ vars:
+ first_master: "{{ groups.oo_first_master[0] }}"
+
+- name: Service Catalog
+ hosts: oo_first_master
+ roles:
+ - openshift_service_catalog
+ - ansible_service_broker
+ vars:
+ first_master: "{{ groups.oo_first_master[0] }}"
diff --git a/playbooks/common/openshift-cluster/upgrades/docker/docker_upgrade.yml b/playbooks/common/openshift-cluster/upgrades/docker/docker_upgrade.yml
index 07db071ce..02b8a9d3c 100644
--- a/playbooks/common/openshift-cluster/upgrades/docker/docker_upgrade.yml
+++ b/playbooks/common/openshift-cluster/upgrades/docker/docker_upgrade.yml
@@ -52,9 +52,13 @@
- name: Drain Node for Kubelet upgrade
command: >
- {{ openshift.common.admin_binary }} drain {{ openshift.node.nodename }} --force --delete-local-data --ignore-daemonsets
+ {{ openshift.common.admin_binary }} drain {{ openshift.node.nodename }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig --force --delete-local-data --ignore-daemonsets
delegate_to: "{{ groups.oo_first_master.0 }}"
when: l_docker_upgrade is defined and l_docker_upgrade | bool and inventory_hostname in groups.oo_nodes_to_upgrade
+ register: l_docker_upgrade_drain_result
+ until: not l_docker_upgrade_drain_result | failed
+ retries: 60
+ delay: 60
- include: upgrade.yml
when: l_docker_upgrade is defined and l_docker_upgrade | bool
diff --git a/playbooks/common/openshift-cluster/upgrades/docker/restart.yml b/playbooks/common/openshift-cluster/upgrades/docker/restart.yml
index 1b418920f..13313377e 100644
--- a/playbooks/common/openshift-cluster/upgrades/docker/restart.yml
+++ b/playbooks/common/openshift-cluster/upgrades/docker/restart.yml
@@ -1,6 +1,10 @@
---
- name: Restart docker
service: name=docker state=restarted
+ register: l_docker_restart_docker_in_upgrade_result
+ until: not l_docker_restart_docker_in_upgrade_result | failed
+ retries: 3
+ delay: 30
- name: Update docker facts
openshift_facts:
@@ -24,4 +28,5 @@
state: started
delay: 10
port: "{{ openshift.master.api_port }}"
+ timeout: 600
when: inventory_hostname in groups.oo_masters_to_config
diff --git a/playbooks/common/openshift-cluster/upgrades/docker/upgrade.yml b/playbooks/common/openshift-cluster/upgrades/docker/upgrade.yml
index 17f8fc6e9..35d000e49 100644
--- a/playbooks/common/openshift-cluster/upgrades/docker/upgrade.yml
+++ b/playbooks/common/openshift-cluster/upgrades/docker/upgrade.yml
@@ -32,7 +32,13 @@
- debug: var=docker_image_count.stdout
when: docker_upgrade_nuke_images is defined and docker_upgrade_nuke_images | bool
-- service: name=docker state=stopped
+- service:
+ name: docker
+ state: stopped
+ register: l_pb_docker_upgrade_stop_result
+ until: not l_pb_docker_upgrade_stop_result | failed
+ retries: 3
+ delay: 30
- name: Upgrade Docker
package: name=docker{{ '-' + docker_version }} state=present
diff --git a/playbooks/common/openshift-cluster/upgrades/etcd/upgrade.yml b/playbooks/common/openshift-cluster/upgrades/etcd/upgrade.yml
index 0431c1ce0..39e82498d 100644
--- a/playbooks/common/openshift-cluster/upgrades/etcd/upgrade.yml
+++ b/playbooks/common/openshift-cluster/upgrades/etcd/upgrade.yml
@@ -36,7 +36,7 @@
- not openshift.common.is_etcd_system_container | bool
- name: Record containerized etcd version (runc)
- command: runc exec etcd_container rpm -qa --qf '%{version}' etcd\*
+ command: runc exec etcd rpm -qa --qf '%{version}' etcd\*
register: etcd_container_version_runc
failed_when: false
# AUDIT:changed_when: `false` because we are only inspecting
diff --git a/playbooks/common/openshift-cluster/upgrades/initialize_nodes_to_upgrade.yml b/playbooks/common/openshift-cluster/upgrades/initialize_nodes_to_upgrade.yml
index 046535680..72de63070 100644
--- a/playbooks/common/openshift-cluster/upgrades/initialize_nodes_to_upgrade.yml
+++ b/playbooks/common/openshift-cluster/upgrades/initialize_nodes_to_upgrade.yml
@@ -6,27 +6,32 @@
- lib_openshift
tasks:
- - name: Retrieve list of openshift nodes matching upgrade label
- oc_obj:
- state: list
- kind: node
- selector: "{{ openshift_upgrade_nodes_label }}"
- register: nodes_to_upgrade
- when: openshift_upgrade_nodes_label is defined
+ - when: openshift_upgrade_nodes_label is defined
+ block:
+ - name: Retrieve list of openshift nodes matching upgrade label
+ oc_obj:
+ state: list
+ kind: node
+ selector: "{{ openshift_upgrade_nodes_label }}"
+ register: nodes_to_upgrade
- # We got a list of nodes with the label, now we need to match these with inventory hosts
- # using their openshift.common.hostname fact.
- - name: Map labelled nodes to inventory hosts
- add_host:
- name: "{{ item }}"
- groups: temp_nodes_to_upgrade
- ansible_ssh_user: "{{ g_ssh_user | default(omit) }}"
- ansible_become: "{{ g_sudo | default(omit) }}"
- with_items: " {{ groups['oo_nodes_to_config'] }}"
- when:
- - openshift_upgrade_nodes_label is defined
- - hostvars[item].openshift.common.hostname in nodes_to_upgrade.results.results[0]['items'] | map(attribute='metadata.name') | list
- changed_when: false
+ - name: Fail if no nodes match openshift_upgrade_nodes_label
+ fail:
+ msg: "openshift_upgrade_nodes_label was specified but no nodes matched"
+ when: nodes_to_upgrade.results.results[0]['items'] | length == 0
+
+ # We got a list of nodes with the label, now we need to match these with inventory hosts
+ # using their openshift.common.hostname fact.
+ - name: Map labelled nodes to inventory hosts
+ add_host:
+ name: "{{ item }}"
+ groups: temp_nodes_to_upgrade
+ ansible_ssh_user: "{{ g_ssh_user | default(omit) }}"
+ ansible_become: "{{ g_sudo | default(omit) }}"
+ with_items: " {{ groups['oo_nodes_to_config'] }}"
+ when:
+ - hostvars[item].openshift.common.hostname in nodes_to_upgrade.results.results[0]['items'] | map(attribute='metadata.name') | list
+ changed_when: false
# Build up the oo_nodes_to_upgrade group, use the list filtered by label if
# present, otherwise hit all nodes:
diff --git a/playbooks/common/openshift-cluster/upgrades/upgrade_control_plane.yml b/playbooks/common/openshift-cluster/upgrades/upgrade_control_plane.yml
index b980909eb..6a0471948 100644
--- a/playbooks/common/openshift-cluster/upgrades/upgrade_control_plane.yml
+++ b/playbooks/common/openshift-cluster/upgrades/upgrade_control_plane.yml
@@ -3,6 +3,22 @@
# Upgrade Masters
###############################################################################
+# oc adm migrate storage should be run prior to etcd v3 upgrade
+# See: https://github.com/openshift/origin/pull/14625#issuecomment-308467060
+- name: Pre master upgrade - Upgrade all storage
+ hosts: oo_first_master
+ tasks:
+ - name: Upgrade all storage
+ command: >
+ {{ openshift.common.client_binary }} adm --config={{ openshift.common.config_base }}/master/admin.kubeconfig
+ migrate storage --include=* --confirm
+ register: l_pb_upgrade_control_plane_pre_upgrade_storage
+ when: openshift_upgrade_pre_storage_migration_enabled | default(true,true) | bool
+ failed_when:
+ - openshift_upgrade_pre_storage_migration_enabled | default(true,true) | bool
+ - l_pb_upgrade_control_plane_pre_upgrade_storage.rc != 0
+ - openshift_upgrade_pre_storage_migration_fatal | default(true,true) | bool
+
# If facts cache were for some reason deleted, this fact may not be set, and if not set
# it will always default to true. This causes problems for the etcd data dir fact detection
# so we must first make sure this is set correctly before attempting the backup.
@@ -130,6 +146,19 @@
- include: "{{ openshift_master_upgrade_post_hook }}"
when: openshift_master_upgrade_post_hook is defined
+ - name: Post master upgrade - Upgrade clusterpolicies storage
+ command: >
+ {{ openshift.common.client_binary }} adm --config={{ openshift.common.config_base }}/master/admin.kubeconfig
+ migrate storage --include=clusterpolicies --confirm
+ register: l_pb_upgrade_control_plane_post_upgrade_storage
+ when: openshift_upgrade_post_storage_migration_enabled | default(true,true) | bool
+ failed_when:
+ - openshift_upgrade_post_storage_migration_enabled | default(true,true) | bool
+ - l_pb_upgrade_control_plane_post_upgrade_storage.rc != 0
+ - openshift_upgrade_post_storage_migration_fatal | default(false,true) | bool
+ run_once: true
+ delegate_to: "{{ groups.oo_first_master.0 }}"
+
- set_fact:
master_update_complete: True
@@ -205,13 +234,25 @@
- name: Reconcile Security Context Constraints
command: >
- {{ openshift.common.client_binary }} adm policy reconcile-sccs --confirm --additive-only=true -o name
+ {{ openshift.common.client_binary }} adm policy --config={{ openshift.common.config_base }}/master/admin.kubeconfig reconcile-sccs --confirm --additive-only=true -o name
register: reconcile_scc_result
changed_when:
- reconcile_scc_result.stdout != ''
- reconcile_scc_result.rc == 0
run_once: true
+ - name: Migrate storage post policy reconciliation
+ command: >
+ {{ openshift.common.client_binary }} adm --config={{ openshift.common.config_base }}/master/admin.kubeconfig
+ migrate storage --include=* --confirm
+ run_once: true
+ register: l_pb_upgrade_control_plane_post_upgrade_storage
+ when: openshift_upgrade_post_storage_migration_enabled | default(true,true) | bool
+ failed_when:
+ - openshift_upgrade_post_storage_migration_enabled | default(true,true) | bool
+ - l_pb_upgrade_control_plane_post_upgrade_storage.rc != 0
+ - openshift_upgrade_post_storage_migration_fatal | default(false,true) | bool
+
- set_fact:
reconcile_complete: True
@@ -270,13 +311,18 @@
- name: Drain Node for Kubelet upgrade
command: >
- {{ hostvars[groups.oo_first_master.0].openshift.common.admin_binary }} drain {{ openshift.node.nodename | lower }} --force --delete-local-data --ignore-daemonsets
+ {{ hostvars[groups.oo_first_master.0].openshift.common.admin_binary }} drain {{ openshift.node.nodename | lower }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig --force --delete-local-data --ignore-daemonsets
delegate_to: "{{ groups.oo_first_master.0 }}"
+ register: l_upgrade_control_plane_drain_result
+ until: not l_upgrade_control_plane_drain_result | failed
+ retries: 60
+ delay: 60
roles:
- lib_openshift
- openshift_facts
- docker
+ - openshift_node_dnsmasq
- openshift_node_upgrade
post_tasks:
diff --git a/playbooks/common/openshift-cluster/upgrades/upgrade_nodes.yml b/playbooks/common/openshift-cluster/upgrades/upgrade_nodes.yml
index 91dbc2cd4..c93a5d89c 100644
--- a/playbooks/common/openshift-cluster/upgrades/upgrade_nodes.yml
+++ b/playbooks/common/openshift-cluster/upgrades/upgrade_nodes.yml
@@ -26,13 +26,18 @@
- name: Drain Node for Kubelet upgrade
command: >
- {{ hostvars[groups.oo_first_master.0].openshift.common.admin_binary }} drain {{ openshift.node.nodename | lower }} --force --delete-local-data --ignore-daemonsets
+ {{ hostvars[groups.oo_first_master.0].openshift.common.admin_binary }} drain {{ openshift.node.nodename | lower }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig --force --delete-local-data --ignore-daemonsets
delegate_to: "{{ groups.oo_first_master.0 }}"
+ register: l_upgrade_nodes_drain_result
+ until: not l_upgrade_nodes_drain_result | failed
+ retries: 60
+ delay: 60
roles:
- lib_openshift
- openshift_facts
- docker
+ - openshift_node_dnsmasq
- openshift_node_upgrade
- role: openshift_excluder
r_openshift_excluder_action: enable
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_5/storage_upgrade.yml b/playbooks/common/openshift-cluster/upgrades/v3_5/storage_upgrade.yml
deleted file mode 100644
index 48c69eccd..000000000
--- a/playbooks/common/openshift-cluster/upgrades/v3_5/storage_upgrade.yml
+++ /dev/null
@@ -1,18 +0,0 @@
----
-###############################################################################
-# Post upgrade - Upgrade job storage
-###############################################################################
-- name: Upgrade job storage
- hosts: oo_first_master
- roles:
- - { role: openshift_cli }
- vars:
- # Another spot where we assume docker is running and do not want to accidentally trigger an unsafe
- # restart.
- skip_docker_role: True
- tasks:
- - name: Upgrade job storage
- command: >
- {{ openshift.common.client_binary }} adm --config={{ openshift.common.config_base }}/master/admin.kubeconfig
- migrate storage --include=jobs --confirm
- run_once: true
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_5/upgrade.yml b/playbooks/common/openshift-cluster/upgrades/v3_5/upgrade.yml
index e63b03e51..4e7c14e94 100644
--- a/playbooks/common/openshift-cluster/upgrades/v3_5/upgrade.yml
+++ b/playbooks/common/openshift-cluster/upgrades/v3_5/upgrade.yml
@@ -115,5 +115,3 @@
- include: ../upgrade_nodes.yml
- include: ../post_control_plane.yml
-
-- include: storage_upgrade.yml
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_5/upgrade_control_plane.yml b/playbooks/common/openshift-cluster/upgrades/v3_5/upgrade_control_plane.yml
index 74c2964aa..45b664d06 100644
--- a/playbooks/common/openshift-cluster/upgrades/v3_5/upgrade_control_plane.yml
+++ b/playbooks/common/openshift-cluster/upgrades/v3_5/upgrade_control_plane.yml
@@ -119,5 +119,3 @@
master_config_hook: "v3_5/master_config_upgrade.yml"
- include: ../post_control_plane.yml
-
-- include: storage_upgrade.yml
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_6/storage_upgrade.yml b/playbooks/common/openshift-cluster/upgrades/v3_6/storage_upgrade.yml
deleted file mode 100644
index 48c69eccd..000000000
--- a/playbooks/common/openshift-cluster/upgrades/v3_6/storage_upgrade.yml
+++ /dev/null
@@ -1,18 +0,0 @@
----
-###############################################################################
-# Post upgrade - Upgrade job storage
-###############################################################################
-- name: Upgrade job storage
- hosts: oo_first_master
- roles:
- - { role: openshift_cli }
- vars:
- # Another spot where we assume docker is running and do not want to accidentally trigger an unsafe
- # restart.
- skip_docker_role: True
- tasks:
- - name: Upgrade job storage
- command: >
- {{ openshift.common.client_binary }} adm --config={{ openshift.common.config_base }}/master/admin.kubeconfig
- migrate storage --include=jobs --confirm
- run_once: true
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_6/upgrade.yml b/playbooks/common/openshift-cluster/upgrades/v3_6/upgrade.yml
index 5d41b84d0..5b9ac9e8f 100644
--- a/playbooks/common/openshift-cluster/upgrades/v3_6/upgrade.yml
+++ b/playbooks/common/openshift-cluster/upgrades/v3_6/upgrade.yml
@@ -115,5 +115,3 @@
- include: ../upgrade_nodes.yml
- include: ../post_control_plane.yml
-
-- include: storage_upgrade.yml
diff --git a/playbooks/common/openshift-cluster/upgrades/v3_6/upgrade_control_plane.yml b/playbooks/common/openshift-cluster/upgrades/v3_6/upgrade_control_plane.yml
index a66fb51ff..a470c7595 100644
--- a/playbooks/common/openshift-cluster/upgrades/v3_6/upgrade_control_plane.yml
+++ b/playbooks/common/openshift-cluster/upgrades/v3_6/upgrade_control_plane.yml
@@ -119,5 +119,3 @@
master_config_hook: "v3_6/master_config_upgrade.yml"
- include: ../post_control_plane.yml
-
-- include: storage_upgrade.yml
diff --git a/playbooks/common/openshift-etcd/migrate.yml b/playbooks/common/openshift-etcd/migrate.yml
new file mode 100644
index 000000000..3e7a48669
--- /dev/null
+++ b/playbooks/common/openshift-etcd/migrate.yml
@@ -0,0 +1,120 @@
+---
+- include: ../openshift-cluster/evaluate_groups.yml
+ tags:
+ - always
+
+- name: Run pre-checks
+ hosts: oo_etcd_to_migrate
+ tags:
+ - always
+ roles:
+ - role: etcd_migrate
+ r_etcd_migrate_action: check
+ r_etcd_common_embedded_etcd: "{{ groups.oo_etcd_to_config | default([]) | length == 0 }}"
+ etcd_peer: "{{ ansible_default_ipv4.address }}"
+
+- include: ../openshift-cluster/initialize_facts.yml
+ tags:
+ - always
+
+- name: Prepare masters for etcd data migration
+ hosts: oo_masters_to_config
+ tasks:
+ - set_fact:
+ master_services:
+ - "{{ openshift.common.service_type + '-master' }}"
+ - set_fact:
+ master_services:
+ - "{{ openshift.common.service_type + '-master-controllers' }}"
+ - "{{ openshift.common.service_type + '-master-api' }}"
+ when:
+ - (openshift_master_cluster_method is defined and openshift_master_cluster_method == "native") or openshift.common.is_master_system_container | bool
+ - debug:
+ msg: "master service name: {{ master_services }}"
+ - name: Stop masters
+ service:
+ name: "{{ item }}"
+ state: stopped
+ with_items: "{{ master_services }}"
+
+- name: Backup v2 data
+ hosts: oo_etcd_to_migrate
+ gather_facts: no
+ tags:
+ - always
+ roles:
+ - role: openshift_facts
+ - role: etcd_common
+ r_etcd_common_action: backup
+ r_etcd_common_etcd_runtime: "{{ openshift.common.etcd_runtime }}"
+ r_etcd_common_backup_tag: pre-migration
+ r_etcd_common_embedded_etcd: "{{ groups.oo_etcd_to_config | default([]) | length == 0 }}"
+ r_etcd_common_backup_sufix_name: "{{ lookup('pipe', 'date +%Y%m%d%H%M%S') }}"
+
+- name: Gate on etcd backup
+ hosts: localhost
+ connection: local
+ become: no
+ tasks:
+ - set_fact:
+ etcd_backup_completed: "{{ hostvars
+ | oo_select_keys(groups.oo_etcd_to_migrate)
+ | oo_collect('inventory_hostname', {'r_etcd_common_backup_complete': true}) }}"
+ - set_fact:
+ etcd_backup_failed: "{{ groups.oo_etcd_to_migrate | difference(etcd_backup_completed) }}"
+ - fail:
+ msg: "Migration cannot continue. The following hosts did not complete etcd backup: {{ etcd_backup_failed | join(',') }}"
+ when:
+ - etcd_backup_failed | length > 0
+
+- name: Migrate etcd data from v2 to v3
+ hosts: oo_etcd_to_migrate
+ gather_facts: no
+ tags:
+ - always
+ roles:
+ - role: etcd_migrate
+ r_etcd_migrate_action: migrate
+ r_etcd_common_embedded_etcd: "{{ groups.oo_etcd_to_config | default([]) | length == 0 }}"
+ etcd_peer: "{{ ansible_default_ipv4.address }}"
+
+- name: Gate on etcd migration
+ hosts: oo_masters_to_config
+ gather_facts: no
+ tasks:
+ - set_fact:
+ etcd_migration_completed: "{{ hostvars
+ | oo_select_keys(groups.oo_etcd_to_migrate)
+ | oo_collect('inventory_hostname', {'r_etcd_migrate_success': true}) }}"
+ - set_fact:
+ etcd_migration_failed: "{{ groups.oo_etcd_to_migrate | difference(etcd_migration_completed) }}"
+
+- name: Configure masters if etcd data migration is succesfull
+ hosts: oo_masters_to_config
+ roles:
+ - role: etcd_migrate
+ r_etcd_migrate_action: configure
+ when: etcd_migration_failed | length == 0
+ tasks:
+ - debug:
+ msg: "Skipping master re-configuration since migration failed."
+ when:
+ - etcd_migration_failed | length > 0
+
+- name: Start masters after etcd data migration
+ hosts: oo_masters_to_config
+ tasks:
+ - name: Start master services
+ service:
+ name: "{{ item }}"
+ state: started
+ register: service_status
+ # Sometimes the master-api, resp. master-controllers fails to start for the first time
+ until: service_status.state is defined and service_status.state == "started"
+ retries: 5
+ delay: 10
+ with_items: "{{ master_services[::-1] }}"
+ - fail:
+ msg: "Migration failed. The following hosts were not properly migrated: {{ etcd_migration_failed | join(',') }}"
+ when:
+ - etcd_migration_failed | length > 0
diff --git a/playbooks/common/openshift-etcd/restart.yml b/playbooks/common/openshift-etcd/restart.yml
index 196c86f28..af1ef245a 100644
--- a/playbooks/common/openshift-etcd/restart.yml
+++ b/playbooks/common/openshift-etcd/restart.yml
@@ -5,5 +5,5 @@
tasks:
- name: restart etcd
service:
- name: "{{ 'etcd' if not openshift.common.is_containerized | bool else 'etcd_container' }}"
+ name: "{{ 'etcd_container' if openshift.common.etcd_runtime == 'docker' else 'etcd' }}"
state: restarted
diff --git a/playbooks/common/openshift-glusterfs/config.yml b/playbooks/common/openshift-glusterfs/config.yml
index 1efdfb336..edc15a3f2 100644
--- a/playbooks/common/openshift-glusterfs/config.yml
+++ b/playbooks/common/openshift-glusterfs/config.yml
@@ -1,6 +1,6 @@
---
-- name: Open firewall ports for GlusterFS
- hosts: oo_glusterfs_to_config
+- name: Open firewall ports for GlusterFS nodes
+ hosts: glusterfs
vars:
os_firewall_allow:
- service: glusterfs_sshd
@@ -14,7 +14,24 @@
roles:
- role: os_firewall
when:
- - openshift_storage_glusterfs_is_native | default(True)
+ - openshift_storage_glusterfs_is_native | default(True) | bool
+
+- name: Open firewall ports for GlusterFS registry nodes
+ hosts: glusterfs_registry
+ vars:
+ os_firewall_allow:
+ - service: glusterfs_sshd
+ port: "2222/tcp"
+ - service: glusterfs_daemon
+ port: "24007/tcp"
+ - service: glusterfs_management
+ port: "24008/tcp"
+ - service: glusterfs_bricks
+ port: "49152-49251/tcp"
+ roles:
+ - role: os_firewall
+ when:
+ - openshift_storage_glusterfs_registry_is_native | default(True) | bool
- name: Configure GlusterFS
hosts: oo_first_master
diff --git a/playbooks/common/openshift-loadbalancer/config.yml b/playbooks/common/openshift-loadbalancer/config.yml
index c414913bf..2dacc1218 100644
--- a/playbooks/common/openshift-loadbalancer/config.yml
+++ b/playbooks/common/openshift-loadbalancer/config.yml
@@ -12,5 +12,6 @@
openshift_use_nuage | default(false),
nuage_mon_rest_server_port | default(none)))
+ openshift_loadbalancer_additional_backends | default([]) }}"
+ openshift_image_tag: "{{ hostvars[groups.oo_first_master.0].openshift_image_tag }}"
roles:
- role: openshift_loadbalancer
diff --git a/playbooks/common/openshift-master/config.yml b/playbooks/common/openshift-master/config.yml
index ddc4db8f8..5de03951c 100644
--- a/playbooks/common/openshift-master/config.yml
+++ b/playbooks/common/openshift-master/config.yml
@@ -69,7 +69,7 @@
ha: "{{ openshift_master_ha | default(groups.oo_masters | length > 1) }}"
master_count: "{{ openshift_master_count | default(groups.oo_masters | length) }}"
-- name: Determine if session secrets must be generated
+- name: Inspect state of first master session secrets and config
hosts: oo_first_master
roles:
- role: openshift_facts
@@ -79,6 +79,24 @@
local_facts:
session_auth_secrets: "{{ openshift_master_session_auth_secrets | default(openshift.master.session_auth_secrets | default(None)) }}"
session_encryption_secrets: "{{ openshift_master_session_encryption_secrets | default(openshift.master.session_encryption_secrets | default(None)) }}"
+ - name: Check for existing configuration
+ stat:
+ path: /etc/origin/master/master-config.yaml
+ register: master_config_stat
+
+ - name: Set clean install fact
+ set_fact:
+ l_clean_install: "{{ not master_config_stat.stat.exists | bool }}"
+
+ - name: Determine if etcd3 storage is in use
+ command: grep -Pzo "storage-backend:\n.*etcd3" /etc/origin/master/master-config.yaml -q
+ register: etcd3_grep
+ failed_when: false
+ changed_when: false
+
+ - name: Set etcd3 fact
+ set_fact:
+ l_etcd3_enabled: "{{ etcd3_grep.rc == 0 | bool }}"
- name: Generate master session secrets
hosts: oo_first_master
@@ -109,6 +127,9 @@
| union(groups['oo_etcd_to_config'] | default([])))
| oo_collect('openshift.common.hostname') | default([]) | join (',')
}}"
+ openshift_no_proxy_etcd_host_ips: "{{ hostvars | oo_select_keys(groups['oo_etcd_to_config'] | default([]))
+ | oo_collect('openshift.common.ip') | default([]) | join(',')
+ }}"
roles:
- role: openshift_master
openshift_ca_host: "{{ groups.oo_first_master.0 }}"
@@ -122,6 +143,8 @@
etcd_cert_subdir: "openshift-master-{{ openshift.common.hostname }}"
etcd_cert_config_dir: "{{ openshift.common.config_base }}/master"
etcd_cert_prefix: "master.etcd-"
+ r_openshift_master_clean_install: "{{ hostvars[groups.oo_first_master.0].l_clean_install }}"
+ r_openshift_master_etcd3_storage: "{{ hostvars[groups.oo_first_master.0].l_etcd3_enabled }}"
- role: nuage_master
when: openshift.common.use_nuage | bool
- role: calico_master
diff --git a/playbooks/common/openshift-master/restart_hosts.yml b/playbooks/common/openshift-master/restart_hosts.yml
index 67ba0aa2e..a5dbe0590 100644
--- a/playbooks/common/openshift-master/restart_hosts.yml
+++ b/playbooks/common/openshift-master/restart_hosts.yml
@@ -37,3 +37,4 @@
state: started
delay: 10
port: "{{ openshift.master.api_port }}"
+ timeout: 600
diff --git a/playbooks/common/openshift-master/restart_services.yml b/playbooks/common/openshift-master/restart_services.yml
index 508b5a3ac..a844fb369 100644
--- a/playbooks/common/openshift-master/restart_services.yml
+++ b/playbooks/common/openshift-master/restart_services.yml
@@ -15,6 +15,7 @@
state: started
delay: 10
port: "{{ openshift.master.api_port }}"
+ timeout: 600
when: openshift_master_ha | bool
- name: Restart master controllers
service:
diff --git a/playbooks/common/openshift-node/config.yml b/playbooks/common/openshift-node/config.yml
index acebabc91..501ba4273 100644
--- a/playbooks/common/openshift-node/config.yml
+++ b/playbooks/common/openshift-node/config.yml
@@ -47,8 +47,7 @@
| union(groups['oo_etcd_to_config'] | default([])))
| oo_collect('openshift.common.hostname') | default([]) | join (',')
}}"
- when: "{{ (openshift_http_proxy is defined or openshift_https_proxy is defined) and
- openshift_generate_no_proxy_hosts | default(True) | bool }}"
+
roles:
- role: openshift_node
openshift_ca_host: "{{ groups.oo_first_master.0 }}"
@@ -64,8 +63,6 @@
| union(groups['oo_etcd_to_config'] | default([])))
| oo_collect('openshift.common.hostname') | default([]) | join (',')
}}"
- when: "{{ (openshift_http_proxy is defined or openshift_https_proxy is defined) and
- openshift_generate_no_proxy_hosts | default(True) | bool }}"
roles:
- role: openshift_node
openshift_ca_host: "{{ groups.oo_first_master.0 }}"
diff --git a/playbooks/common/openshift-node/network_manager.yml b/playbooks/common/openshift-node/network_manager.yml
index 0014a5dbd..b3a7399dc 100644
--- a/playbooks/common/openshift-node/network_manager.yml
+++ b/playbooks/common/openshift-node/network_manager.yml
@@ -1,4 +1,6 @@
---
+- include: ../openshift-cluster/evaluate_groups.yml
+
- name: Install and configure NetworkManager
hosts: oo_all_hosts
become: yes
diff --git a/playbooks/common/openshift-node/restart.yml b/playbooks/common/openshift-node/restart.yml
index 01cf948e0..ed2473a43 100644
--- a/playbooks/common/openshift-node/restart.yml
+++ b/playbooks/common/openshift-node/restart.yml
@@ -11,6 +11,10 @@
service:
name: docker
state: restarted
+ register: l_docker_restart_docker_in_node_result
+ until: not l_docker_restart_docker_in_node_result | failed
+ retries: 3
+ delay: 30
- name: Update docker facts
openshift_facts:
@@ -36,6 +40,7 @@
state: started
delay: 10
port: "{{ openshift.master.api_port }}"
+ timeout: 600
when: inventory_hostname in groups.oo_masters_to_config
- name: restart node
diff --git a/playbooks/libvirt/openshift-cluster/config.yml b/playbooks/libvirt/openshift-cluster/config.yml
index 477213f4e..569e00da2 100644
--- a/playbooks/libvirt/openshift-cluster/config.yml
+++ b/playbooks/libvirt/openshift-cluster/config.yml
@@ -37,4 +37,3 @@
openshift_use_flannel: "{{ lookup('oo_option', 'use_flannel') }}"
openshift_use_calico: "{{ lookup('oo_option', 'use_calico') }}"
openshift_use_fluentd: "{{ lookup('oo_option', 'use_fluentd') }}"
- openshift_use_dnsmasq: false
diff --git a/playbooks/libvirt/openshift-cluster/tasks/launch_instances.yml b/playbooks/libvirt/openshift-cluster/tasks/launch_instances.yml
index ccd29be29..4df86effa 100644
--- a/playbooks/libvirt/openshift-cluster/tasks/launch_instances.yml
+++ b/playbooks/libvirt/openshift-cluster/tasks/launch_instances.yml
@@ -49,11 +49,15 @@
- '{{ instances }}'
- [ user-data, meta-data ]
+- name: Check for genisoimage
+ command: which genisoimage
+ register: which_genisoimage
+
- name: Create the cloud-init config drive
- command: 'genisoimage -output {{ libvirt_storage_pool_path }}/{{ item }}_cloud-init.iso -volid cidata -joliet -rock user-data meta-data'
+ command: "{{ 'genisoimage' if which_genisoimage.rc == 0 else 'mkisofs' }} -output {{ libvirt_storage_pool_path }}/{{ item }}_cloud-init.iso -volid cidata -joliet -rock user-data meta-data"
args:
- chdir: '{{ libvirt_storage_pool_path }}/{{ item }}_configdrive/'
- creates: '{{ libvirt_storage_pool_path }}/{{ item }}_cloud-init.iso'
+ chdir: "{{ libvirt_storage_pool_path }}/{{ item }}_configdrive/"
+ creates: "{{ libvirt_storage_pool_path }}/{{ item }}_cloud-init.iso"
with_items: '{{ instances }}'
- name: Refresh the libvirt storage pool for openshift
diff --git a/requirements.txt b/requirements.txt
index dae460713..bf95b4ff9 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,6 +1,6 @@
# Versions are pinned to prevent pypi releases arbitrarily breaking
# tests with new APIs/semantics. We want to update versions deliberately.
-ansible==2.2.2.0
+ansible==2.3.1.0
boto==2.34.0
click==6.7
pyOpenSSL==16.2.0
diff --git a/roles/ansible_service_broker/defaults/main.yml b/roles/ansible_service_broker/defaults/main.yml
new file mode 100644
index 000000000..12929b354
--- /dev/null
+++ b/roles/ansible_service_broker/defaults/main.yml
@@ -0,0 +1,10 @@
+---
+
+ansible_service_broker_remove: false
+ansible_service_broker_log_level: info
+ansible_service_broker_output_request: false
+ansible_service_broker_recovery: true
+ansible_service_broker_bootstrap_on_startup: true
+# Recommended you do not enable this for now
+ansible_service_broker_dev_broker: false
+ansible_service_broker_launch_apb_on_bind: false
diff --git a/roles/ansible_service_broker/meta/main.yml b/roles/ansible_service_broker/meta/main.yml
new file mode 100644
index 000000000..ec4aafb79
--- /dev/null
+++ b/roles/ansible_service_broker/meta/main.yml
@@ -0,0 +1,15 @@
+---
+galaxy_info:
+ author: Fabian von Feilitzsch
+ description: OpenShift Ansible Service Broker
+ company: Red Hat, Inc.
+ license: Apache License, Version 2.0
+ min_ansible_version: 2.1
+ platforms:
+ - name: EL
+ versions:
+ - 7
+ categories:
+ - cloud
+dependencies:
+- role: lib_openshift
diff --git a/roles/ansible_service_broker/tasks/install.yml b/roles/ansible_service_broker/tasks/install.yml
new file mode 100644
index 000000000..b3797ef96
--- /dev/null
+++ b/roles/ansible_service_broker/tasks/install.yml
@@ -0,0 +1,280 @@
+---
+
+# Fact setting and validations
+- name: Set default image variables based on deployment type
+ include_vars: "{{ item }}"
+ with_first_found:
+ - "{{ openshift_deployment_type | default(deployment_type) }}.yml"
+ - "default_images.yml"
+
+- name: set ansible_service_broker facts
+ set_fact:
+ ansible_service_broker_image_prefix: "{{ ansible_service_broker_image_prefix | default(__ansible_service_broker_image_prefix) }}"
+ ansible_service_broker_image_tag: "{{ ansible_service_broker_image_tag | default(__ansible_service_broker_image_tag) }}"
+
+ ansible_service_broker_etcd_image_prefix: "{{ ansible_service_broker_etcd_image_prefix | default(__ansible_service_broker_etcd_image_prefix) }}"
+ ansible_service_broker_etcd_image_tag: "{{ ansible_service_broker_etcd_image_tag | default(__ansible_service_broker_etcd_image_tag) }}"
+ ansible_service_broker_etcd_image_etcd_path: "{{ ansible_service_broker_etcd_image_etcd_path | default(__ansible_service_broker_etcd_image_etcd_path) }}"
+
+ ansible_service_broker_registry_type: "{{ ansible_service_broker_registry_type | default(__ansible_service_broker_registry_type) }}"
+ ansible_service_broker_registry_url: "{{ ansible_service_broker_registry_url | default(__ansible_service_broker_registry_url) }}"
+ ansible_service_broker_registry_user: "{{ ansible_service_broker_registry_user | default(__ansible_service_broker_registry_user) }}"
+ ansible_service_broker_registry_password: "{{ ansible_service_broker_registry_password | default(__ansible_service_broker_registry_password) }}"
+ ansible_service_broker_registry_organization: "{{ ansible_service_broker_registry_organization | default(__ansible_service_broker_registry_organization) }}"
+
+- name: set ansible-service-broker image facts using set prefix and tag
+ set_fact:
+ ansible_service_broker_image: "{{ ansible_service_broker_image_prefix }}ansible-service-broker:{{ ansible_service_broker_image_tag }}"
+ ansible_service_broker_etcd_image: "{{ ansible_service_broker_etcd_image_prefix }}etcd:{{ ansible_service_broker_etcd_image_tag }}"
+
+- include: validate_facts.yml
+
+
+# Deployment of ansible-service-broker starts here
+- name: create openshift-ansible-service-broker project
+ oc_project:
+ name: openshift-ansible-service-broker
+ state: present
+
+- name: create ansible-service-broker serviceaccount
+ oc_serviceaccount:
+ name: asb
+ namespace: openshift-ansible-service-broker
+ state: present
+
+- name: Set SA cluster-role
+ oc_adm_policy_user:
+ state: present
+ namespace: "openshift-ansible-service-broker"
+ resource_kind: cluster-role
+ resource_name: admin
+ user: "system:serviceaccount:openshift-ansible-service-broker:asb"
+
+- name: create ansible-service-broker service
+ oc_service:
+ name: asb
+ namespace: openshift-ansible-service-broker
+ state: present
+ labels:
+ app: openshift-ansible-service-broker
+ service: asb
+ ports:
+ - name: port-1338
+ port: 1338
+ selector:
+ app: openshift-ansible-service-broker
+ service: asb
+
+- name: create etcd service
+ oc_service:
+ name: etcd
+ namespace: openshift-ansible-service-broker
+ state: present
+ ports:
+ - name: etcd-advertise
+ port: 2379
+ selector:
+ app: openshift-ansible-service-broker
+ service: etcd
+
+- name: create route for ansible-service-broker service
+ oc_route:
+ name: asb-1338
+ namespace: openshift-ansible-service-broker
+ state: present
+ service_name: asb
+ port: 1338
+ register: asb_route_out
+
+- name: get ansible-service-broker route name
+ set_fact:
+ ansible_service_broker_route: "{{ asb_route_out.results.results[0].spec.host }}"
+
+- name: create persistent volume claim for etcd
+ oc_obj:
+ name: etcd
+ namespace: openshift-ansible-service-broker
+ state: present
+ kind: PersistentVolumeClaim
+ content:
+ path: /tmp/dcout
+ data:
+ apiVersion: v1
+ kind: PersistentVolumeClaim
+ metadata:
+ name: etcd
+ namespace: openshift-ansible-service-broker
+ spec:
+ accessModes:
+ - ReadWriteOnce
+ resources:
+ requests:
+ storage: 1Gi
+
+- name: create etcd deployment
+ oc_obj:
+ name: etcd
+ namespace: openshift-ansible-service-broker
+ state: present
+ kind: Deployment
+ content:
+ path: /tmp/dcout
+ data:
+ apiVersion: extensions/v1beta1
+ kind: Deployment
+ metadata:
+ name: etcd
+ namespace: openshift-ansible-service-broker
+ labels:
+ app: openshift-ansible-service-broker
+ service: etcd
+ spec:
+ selector:
+ matchLabels:
+ app: openshift-ansible-service-broker
+ service: etcd
+ strategy:
+ type: RollingUpdate
+ rollingUpdate:
+ maxSurge: 1
+ maxUnavailable: 1
+ replicas: 1
+ template:
+ metadata:
+ labels:
+ app: openshift-ansible-service-broker
+ service: etcd
+ spec:
+ restartPolicy: Always
+ containers:
+ - image: "{{ ansible_service_broker_etcd_image }}"
+ name: etcd
+ imagePullPolicy: IfNotPresent
+ terminationMessagePath: /tmp/termination-log
+ workingDir: /etcd
+ args:
+ - '{{ ansible_service_broker_etcd_image_etcd_path }}'
+ - --data-dir=/data
+ - "--listen-client-urls=http://0.0.0.0:2379"
+ - "--advertise-client-urls=http://0.0.0.0:2379"
+ ports:
+ - containerPort: 2379
+ protocol: TCP
+ env:
+ - name: ETCDCTL_API
+ value: "3"
+ volumeMounts:
+ - mountPath: /data
+ name: etcd
+ volumes:
+ - name: etcd
+ persistentVolumeClaim:
+ claimName: etcd
+
+- name: create ansible-service-broker deployment
+ oc_obj:
+ name: asb
+ namespace: openshift-ansible-service-broker
+ state: present
+ kind: Deployment
+ content:
+ path: /tmp/dcout
+ data:
+ apiVersion: extensions/v1beta1
+ kind: Deployment
+ metadata:
+ name: asb
+ namespace: openshift-ansible-service-broker
+ labels:
+ app: openshift-ansible-service-broker
+ service: asb
+ spec:
+ strategy:
+ type: Recreate
+ replicas: 1
+ template:
+ metadata:
+ labels:
+ app: openshift-ansible-service-broker
+ service: asb
+ spec:
+ serviceAccount: asb
+ restartPolicy: Always
+ containers:
+ - image: "{{ ansible_service_broker_image }}"
+ name: asb
+ imagePullPolicy: IfNotPresent
+ volumeMounts:
+ - name: config-volume
+ mountPath: /etc/ansible-service-broker
+ ports:
+ - containerPort: 1338
+ protocol: TCP
+ env:
+ - name: BROKER_CONFIG
+ value: /etc/ansible-service-broker/config.yaml
+ terminationMessagePath: /tmp/termination-log
+ volumes:
+ - name: config-volume
+ configMap:
+ name: broker-config
+ items:
+ - key: broker-config
+ path: config.yaml
+
+
+# TODO: saw a oc_configmap in the library, but didn't understand how to get it to do the following:
+- name: Create config map for ansible-service-broker
+ oc_obj:
+ name: broker-config
+ namespace: openshift-ansible-service-broker
+ state: present
+ kind: ConfigMap
+ content:
+ path: /tmp/cmout
+ data:
+ apiVersion: v1
+ kind: ConfigMap
+ metadata:
+ name: broker-config
+ namespace: openshift-ansible-service-broker
+ labels:
+ app: ansible-service-broker
+ data:
+ broker-config: |
+ registry:
+ name: "{{ ansible_service_broker_registry_type }}"
+ url: "{{ ansible_service_broker_registry_url }}"
+ user: "{{ ansible_service_broker_registry_user }}"
+ pass: "{{ ansible_service_broker_registry_password }}"
+ org: "{{ ansible_service_broker_registry_organization }}"
+ dao:
+ etcd_host: etcd
+ etcd_port: 2379
+ log:
+ logfile: /var/log/ansible-service-broker/asb.log
+ stdout: true
+ level: "{{ ansible_service_broker_log_level }}"
+ color: true
+ openshift: {}
+ broker:
+ dev_broker: {{ ansible_service_broker_dev_broker | bool | lower }}
+ launch_apb_on_bind: {{ ansible_service_broker_launch_apb_on_bind | bool | lower }}
+ recovery: {{ ansible_service_broker_recovery | bool | lower }}
+ output_request: {{ ansible_service_broker_output_request | bool | lower }}
+ bootstrap_on_startup: {{ ansible_service_broker_bootstrap_on_startup | bool | lower }}
+
+- name: Create the Broker resource in the catalog
+ oc_obj:
+ name: ansible-service-broker
+ state: present
+ kind: Broker
+ content:
+ path: /tmp/brokerout
+ data:
+ apiVersion: servicecatalog.k8s.io/v1alpha1
+ kind: Broker
+ metadata:
+ name: ansible-service-broker
+ spec:
+ url: http://asb.openshift-ansible-service-broker.svc:1338
diff --git a/roles/ansible_service_broker/tasks/main.yml b/roles/ansible_service_broker/tasks/main.yml
new file mode 100644
index 000000000..b46ce8233
--- /dev/null
+++ b/roles/ansible_service_broker/tasks/main.yml
@@ -0,0 +1,8 @@
+---
+# do any asserts here
+
+- include: install.yml
+ when: not ansible_service_broker_remove|default(false) | bool
+
+- include: remove.yml
+ when: ansible_service_broker_remove|default(false) | bool
diff --git a/roles/ansible_service_broker/tasks/remove.yml b/roles/ansible_service_broker/tasks/remove.yml
new file mode 100644
index 000000000..2519f9f4c
--- /dev/null
+++ b/roles/ansible_service_broker/tasks/remove.yml
@@ -0,0 +1,65 @@
+---
+
+- name: remove openshift-ansible-service-broker project
+ oc_project:
+ name: openshift-ansible-service-broker
+ state: absent
+
+- name: remove ansible-service-broker serviceaccount
+ oc_serviceaccount:
+ name: asb
+ namespace: openshift-ansible-service-broker
+ state: absent
+
+- name: remove ansible-service-broker service
+ oc_service:
+ name: asb
+ namespace: openshift-ansible-service-broker
+ state: absent
+
+- name: remove etcd service
+ oc_service:
+ name: etcd
+ namespace: openshift-ansible-service-broker
+ state: absent
+
+- name: remove route for ansible-service-broker service
+ oc_route:
+ name: asb-1338
+ namespace: openshift-ansible-service-broker
+ state: absent
+
+- name: remove persistent volume claim for etcd
+ oc_pvc:
+ name: etcd
+ namespace: openshift-ansible-service-broker
+ state: absent
+
+- name: remove etcd deployment
+ oc_obj:
+ name: etcd
+ namespace: openshift-ansible-service-broker
+ state: absent
+ kind: Deployment
+
+- name: remove ansible-service-broker deployment
+ oc_obj:
+ name: asb
+ namespace: openshift-ansible-service-broker
+ state: absent
+ kind: Deployment
+
+# TODO: saw a oc_configmap in the library, but didn't understand how to get it to do the following:
+- name: remove config map for ansible-service-broker
+ oc_obj:
+ name: broker-config
+ namespace: openshift-ansible-service-broker
+ state: absent
+ kind: ConfigMap
+
+# TODO: Is this going to work?
+- name: remove broker object from the catalog
+ oc_obj:
+ name: ansible-service-broker
+ state: absent
+ kind: Broker
diff --git a/roles/ansible_service_broker/tasks/validate_facts.yml b/roles/ansible_service_broker/tasks/validate_facts.yml
new file mode 100644
index 000000000..604d24e1d
--- /dev/null
+++ b/roles/ansible_service_broker/tasks/validate_facts.yml
@@ -0,0 +1,15 @@
+---
+- name: validate Dockerhub registry settings
+ fail: msg="To use the dockerhub registry, you must provide the ansible_service_broker_registry_user. ansible_service_broker_registry_password, and ansible_service_broker_registry_organization parameters"
+ when:
+ - ansible_service_broker_registry_type == 'dockerhub'
+ - not (ansible_service_broker_registry_user and
+ ansible_service_broker_registry_password and
+ ansible_service_broker_registry_organization)
+
+
+- name: validate RHCC registry settings
+ fail: msg="To use the Red Hat Container Catalog registry, you must provide the ansible_service_broker_registry_url"
+ when:
+ - ansible_service_broker_registry_type == 'rhcc'
+ - not ansible_service_broker_registry_url
diff --git a/roles/ansible_service_broker/vars/default_images.yml b/roles/ansible_service_broker/vars/default_images.yml
new file mode 100644
index 000000000..15e448515
--- /dev/null
+++ b/roles/ansible_service_broker/vars/default_images.yml
@@ -0,0 +1,14 @@
+---
+
+__ansible_service_broker_image_prefix: ansibleplaybookbundle/
+__ansible_service_broker_image_tag: latest
+
+__ansible_service_broker_etcd_image_prefix: quay.io/coreos/
+__ansible_service_broker_etcd_image_tag: latest
+__ansible_service_broker_etcd_image_etcd_path: /usr/local/bin/etcd
+
+__ansible_service_broker_registry_type: dockerhub
+__ansible_service_broker_registry_url: null
+__ansible_service_broker_registry_user: null
+__ansible_service_broker_registry_password: null
+__ansible_service_broker_registry_organization: null
diff --git a/roles/ansible_service_broker/vars/openshift-enterprise.yml b/roles/ansible_service_broker/vars/openshift-enterprise.yml
new file mode 100644
index 000000000..0b3a2a69d
--- /dev/null
+++ b/roles/ansible_service_broker/vars/openshift-enterprise.yml
@@ -0,0 +1,14 @@
+---
+
+__ansible_service_broker_image_prefix: registry.access.redhat.com/openshift3/ose-
+__ansible_service_broker_image_tag: latest
+
+__ansible_service_broker_etcd_image_prefix: rhel7/
+__ansible_service_broker_etcd_image_tag: latest
+__ansible_service_broker_etcd_image_etcd_path: /bin/etcd
+
+__ansible_service_broker_registry_type: rhcc
+__ansible_service_broker_registry_url: "https://registry.access.redhat.com"
+__ansible_service_broker_registry_user: null
+__ansible_service_broker_registry_password: null
+__ansible_service_broker_registry_organization: null
diff --git a/roles/calico/handlers/main.yml b/roles/calico/handlers/main.yml
index 53cecfcc3..67fc0065f 100644
--- a/roles/calico/handlers/main.yml
+++ b/roles/calico/handlers/main.yml
@@ -8,3 +8,7 @@
systemd:
name: "{{ openshift.docker.service_name }}"
state: restarted
+ register: l_docker_restart_docker_in_calico_result
+ until: not l_docker_restart_docker_in_calico_result | failed
+ retries: 3
+ delay: 30
diff --git a/roles/calico/tasks/gen_certs.yml b/roles/calico/tasks/gen_certs.yml
deleted file mode 100644
index 2e6aa114e..000000000
--- a/roles/calico/tasks/gen_certs.yml
+++ /dev/null
@@ -1,17 +0,0 @@
----
-- name: Calico Node | Generate OpenShift-etcd certs
- include: ../../../roles/etcd_client_certificates/tasks/main.yml
- vars:
- etcd_cert_prefix: calico.etcd-
- etcd_cert_config_dir: "{{ openshift.common.config_base }}/calico"
- embedded_etcd: "{{ hostvars[groups.oo_first_master.0].openshift.master.embedded_etcd }}"
- etcd_ca_host: "{{ groups.oo_etcd_to_config.0 }}"
- etcd_cert_subdir: "openshift-calico-{{ openshift.common.hostname }}"
-
-- name: Calico Node | Set etcd cert location facts
- set_fact:
- calico_etcd_ca_cert_file: "/etc/origin/calico/calico.etcd-ca.crt"
- calico_etcd_cert_file: "/etc/origin/calico/calico.etcd-client.crt"
- calico_etcd_key_file: "/etc/origin/calico/calico.etcd-client.key"
- calico_etcd_endpoints: "{{ hostvars[groups.oo_first_master.0].openshift.master.etcd_urls | join(',') }}"
- calico_etcd_cert_dir: "/etc/origin/calico/"
diff --git a/roles/calico/tasks/main.yml b/roles/calico/tasks/main.yml
index 8a7a61dc9..e62378532 100644
--- a/roles/calico/tasks/main.yml
+++ b/roles/calico/tasks/main.yml
@@ -4,15 +4,24 @@
msg: "Must provide all or none for the following etcd params: calico_etcd_cert_dir, calico_etcd_ca_cert_file, calico_etcd_cert_file, calico_etcd_key_file, calico_etcd_endpoints"
when: (calico_etcd_cert_dir is defined or calico_etcd_ca_cert_file is defined or calico_etcd_cert_file is defined or calico_etcd_key_file is defined or calico_etcd_endpoints is defined) and not (calico_etcd_cert_dir is defined and calico_etcd_ca_cert_file is defined and calico_etcd_cert_file is defined and calico_etcd_key_file is defined and calico_etcd_endpoints is defined)
-- name: Calico Node | Generate certs if not provided
- include: gen_certs.yml
- when: item is not defined
- with_items:
- - calico_etcd_ca_cert_file
- - calico_etcd_cert_file
- - calico_etcd_key_file
- - calico_etcd_endpoints
- - calico_etcd_cert_dir
+- name: Calico Node | Generate OpenShift-etcd certs
+ include: ../../../roles/etcd_client_certificates/tasks/main.yml
+ when: calico_etcd_ca_cert_file is not defined or calico_etcd_cert_file is not defined or calico_etcd_key_file is not defined or calico_etcd_endpoints is not defined or calico_etcd_cert_dir is not defined
+ vars:
+ etcd_cert_prefix: calico.etcd-
+ etcd_cert_config_dir: "{{ openshift.common.config_base }}/calico"
+ embedded_etcd: "{{ hostvars[groups.oo_first_master.0].openshift.master.embedded_etcd }}"
+ etcd_ca_host: "{{ groups.oo_etcd_to_config.0 }}"
+ etcd_cert_subdir: "openshift-calico-{{ openshift.common.hostname }}"
+
+- name: Calico Node | Set etcd cert location facts
+ when: calico_etcd_ca_cert_file is not defined or calico_etcd_cert_file is not defined or calico_etcd_key_file is not defined or calico_etcd_endpoints is not defined or calico_etcd_cert_dir is not defined
+ set_fact:
+ calico_etcd_ca_cert_file: "/etc/origin/calico/calico.etcd-ca.crt"
+ calico_etcd_cert_file: "/etc/origin/calico/calico.etcd-client.crt"
+ calico_etcd_key_file: "/etc/origin/calico/calico.etcd-client.key"
+ calico_etcd_endpoints: "{{ hostvars[groups.oo_first_master.0].openshift.master.etcd_urls | join(',') }}"
+ calico_etcd_cert_dir: "/etc/origin/calico/"
- name: Calico Node | Error if no certs set.
fail:
diff --git a/roles/cockpit/tasks/main.yml b/roles/cockpit/tasks/main.yml
index bddad778f..57f49ea11 100644
--- a/roles/cockpit/tasks/main.yml
+++ b/roles/cockpit/tasks/main.yml
@@ -3,7 +3,7 @@
package: name={{ item }} state=present
with_items:
- cockpit-ws
- - cockpit-shell
+ - cockpit-system
- cockpit-bridge
- cockpit-docker
- "{{ cockpit_plugins }}"
diff --git a/roles/contiv/defaults/main.yml b/roles/contiv/defaults/main.yml
index 1ccae61f2..8c4d19537 100644
--- a/roles/contiv/defaults/main.yml
+++ b/roles/contiv/defaults/main.yml
@@ -1,12 +1,12 @@
---
# The version of Contiv binaries to use
-contiv_version: 1.0.0-beta.3-02-21-2017.20-52-42.UTC
+contiv_version: 1.0.1
# The version of cni binaries
cni_version: v0.4.0
-contiv_default_subnet: "20.1.1.1/24"
-contiv_default_gw: "20.1.1.254"
+contiv_default_subnet: "10.128.0.0/16"
+contiv_default_gw: "10.128.254.254"
# TCP port that Netmaster listens for network connections
netmaster_port: 9999
@@ -69,6 +69,9 @@ netplugin_fwd_mode: bridge
# Contiv fabric mode aci|default
contiv_fabric_mode: default
+# Global VLAN range
+contiv_vlan_range: "2900-3000"
+
# Encapsulation type vlan|vxlan to use for instantiating container networks
contiv_encap_mode: vlan
@@ -78,8 +81,8 @@ netplugin_driver: ovs
# Create a default Contiv network for use by pods
contiv_default_network: true
-# VLAN/ VXLAN tag value to be used for the default network
-contiv_default_network_tag: 1
+# Statically configured tag for default network (if needed)
+contiv_default_network_tag: ""
#SRFIXME (use the openshift variables)
https_proxy: ""
@@ -95,6 +98,9 @@ apic_leaf_nodes: ""
apic_phys_dom: ""
apic_contracts_unrestricted_mode: no
apic_epg_bridge_domain: not_specified
+apic_configure_default_policy: false
+apic_default_external_contract: "uni/tn-common/brc-default"
+apic_default_app_profile: "contiv-infra-app-profile"
is_atomic: False
kube_cert_dir: "/data/src/github.com/openshift/origin/openshift.local.config/master"
master_name: "{{ groups['masters'][0] }}"
@@ -104,3 +110,12 @@ kube_ca_cert: "{{ kube_cert_dir }}/ca.crt"
kube_key: "{{ kube_cert_dir }}/admin.key"
kube_cert: "{{ kube_cert_dir }}/admin.crt"
kube_master_api_port: 8443
+
+# contivh1 default subnet and gateway
+#contiv_h1_subnet_default: "132.1.1.0/24"
+#contiv_h1_gw_default: "132.1.1.1"
+contiv_h1_subnet_default: "10.129.0.0/16"
+contiv_h1_gw_default: "10.129.0.1"
+
+# contiv default private subnet for ext access
+contiv_private_ext_subnet: "10.130.0.0/16"
diff --git a/roles/contiv/meta/main.yml b/roles/contiv/meta/main.yml
index 3223afb6e..da6409f1e 100644
--- a/roles/contiv/meta/main.yml
+++ b/roles/contiv/meta/main.yml
@@ -26,3 +26,5 @@ dependencies:
etcd_url_scheme: http
etcd_peer_url_scheme: http
when: contiv_role == "netmaster"
+- role: contiv_auth_proxy
+ when: (contiv_role == "netmaster") and (contiv_enable_auth_proxy == true)
diff --git a/roles/contiv/tasks/default_network.yml b/roles/contiv/tasks/default_network.yml
index 9cf98bb80..f679443e0 100644
--- a/roles/contiv/tasks/default_network.yml
+++ b/roles/contiv/tasks/default_network.yml
@@ -6,10 +6,53 @@
retries: 9
delay: 10
+- name: Contiv | Set globals
+ command: 'netctl --netmaster "http://{{ inventory_hostname }}:{{ netmaster_port }}" global set --fabric-mode {{ contiv_fabric_mode }} --vlan-range {{ contiv_vlan_range }} --fwd-mode {{ netplugin_fwd_mode }} --private-subnet {{ contiv_private_ext_subnet }}'
+
+- name: Contiv | Set arp mode to flood if ACI
+ command: 'netctl --netmaster "http://{{ inventory_hostname }}:{{ netmaster_port }}" global set --arp-mode flood'
+ when: contiv_fabric_mode == "aci"
+
- name: Contiv | Check if default-net exists
command: 'netctl --netmaster "http://{{ inventory_hostname }}:{{ netmaster_port }}" net ls'
register: net_result
- name: Contiv | Create default-net
- command: 'netctl --netmaster "http://{{ inventory_hostname }}:{{ netmaster_port }}" net create --subnet={{ contiv_default_subnet }} -e {{ contiv_encap_mode }} -p {{ contiv_default_network_tag }} --gateway={{ contiv_default_gw }} default-net'
+ command: 'netctl --netmaster "http://{{ inventory_hostname }}:{{ netmaster_port }}" net create --subnet={{ contiv_default_subnet }} -e {{ contiv_encap_mode }} -p {{ contiv_default_network_tag }} --gateway {{ contiv_default_gw }} default-net'
when: net_result.stdout.find("default-net") == -1
+
+- name: Contiv | Create host access infra network for VxLan routing case
+ command: 'netctl --netmaster "http://{{ inventory_hostname }}:{{ netmaster_port }}" net create --subnet={{ contiv_h1_subnet_default }} --gateway={{ contiv_h1_gw_default }} --nw-type="infra" contivh1'
+ when: (contiv_encap_mode == "vxlan") and (netplugin_fwd_mode == "routing")
+
+#- name: Contiv | Create an allow-all policy for the default-group
+# command: 'netctl --netmaster "http://{{ inventory_hostname }}:{{ netmaster_port }}" policy create ose-allow-all-policy'
+# when: contiv_fabric_mode == "aci"
+
+- name: Contiv | Set up aci external contract to consume default external contract
+ command: 'netctl --netmaster "http://{{ inventory_hostname }}:{{ netmaster_port }}" external-contracts create -c -a {{ apic_default_external_contract }} oseExtToConsume'
+ when: (contiv_fabric_mode == "aci") and (apic_configure_default_policy == true)
+
+- name: Contiv | Set up aci external contract to provide default external contract
+ command: 'netctl --netmaster "http://{{ inventory_hostname }}:{{ netmaster_port }}" external-contracts create -p -a {{ apic_default_external_contract }} oseExtToProvide'
+ when: (contiv_fabric_mode == "aci") and (apic_configure_default_policy == true)
+
+- name: Contiv | Create aci default-group
+ command: 'netctl --netmaster "http://{{ inventory_hostname }}:{{ netmaster_port }}" group create default-net default-group'
+ when: contiv_fabric_mode == "aci"
+
+- name: Contiv | Add external contracts to the default-group
+ command: 'netctl --netmaster "http://{{ inventory_hostname }}:{{ netmaster_port }}" group create -e oseExtToConsume -e oseExtToProvide default-net default-group'
+ when: (contiv_fabric_mode == "aci") and (apic_configure_default_policy == true)
+
+#- name: Contiv | Add policy rule 1 for allow-all policy
+# command: 'netctl --netmaster "http://{{ inventory_hostname }}:{{ netmaster_port }}" policy rule-add -d in --action allow ose-allow-all-policy 1'
+# when: contiv_fabric_mode == "aci"
+
+#- name: Contiv | Add policy rule 2 for allow-all policy
+# command: 'netctl --netmaster "http://{{ inventory_hostname }}:{{ netmaster_port }}" policy rule-add -d out --action allow ose-allow-all-policy 2'
+# when: contiv_fabric_mode == "aci"
+
+- name: Contiv | Create default aci app profile
+ command: 'netctl --netmaster "http://{{ inventory_hostname }}:{{ netmaster_port }}" app-profile create -g default-group {{ apic_default_app_profile }}'
+ when: contiv_fabric_mode == "aci"
diff --git a/roles/contiv/tasks/netmaster.yml b/roles/contiv/tasks/netmaster.yml
index 5057767b8..acaf7386e 100644
--- a/roles/contiv/tasks/netmaster.yml
+++ b/roles/contiv/tasks/netmaster.yml
@@ -23,7 +23,7 @@
line: "{{ hostvars[item]['ansible_' + netmaster_interface].ipv4.address }} netmaster"
state: present
when: hostvars[item]['ansible_' + netmaster_interface].ipv4.address is defined
- with_items: groups['masters']
+ with_items: "{{ groups['masters'] }}"
- name: Netmaster | Create netmaster symlinks
file:
diff --git a/roles/contiv/tasks/netplugin.yml b/roles/contiv/tasks/netplugin.yml
index 0847c92bc..e861a2591 100644
--- a/roles/contiv/tasks/netplugin.yml
+++ b/roles/contiv/tasks/netplugin.yml
@@ -108,6 +108,10 @@
name: "{{ openshift.docker.service_name }}"
state: restarted
when: docker_updated|changed
+ register: l_docker_restart_docker_in_contiv_result
+ until: not l_docker_restart_docker_in_contiv_result | failed
+ retries: 3
+ delay: 30
- name: Netplugin | Enable Netplugin
service:
diff --git a/roles/contiv/tasks/netplugin_iptables.yml b/roles/contiv/tasks/netplugin_iptables.yml
index a0b97575b..3ea34645d 100644
--- a/roles/contiv/tasks/netplugin_iptables.yml
+++ b/roles/contiv/tasks/netplugin_iptables.yml
@@ -23,7 +23,36 @@
notify: Save iptables rules
- name: Netplugin IPtables | Open vxlan port with iptables
- command: /sbin/iptables -I INPUT 1 -p udp --dport 8472 -j ACCEPT -m comment --comment "vxlan"
+ command: /sbin/iptables -I INPUT 1 -p udp --dport 8472 -j ACCEPT -m comment --comment "netplugin vxlan 8472"
+ when: iptablesrules.stdout.find("netplugin vxlan 8472") == -1
+ notify: Save iptables rules
- name: Netplugin IPtables | Open vxlan port with iptables
- command: /sbin/iptables -I INPUT 1 -p udp --dport 4789 -j ACCEPT -m comment --comment "vxlan"
+ command: /sbin/iptables -I INPUT 1 -p udp --dport 4789 -j ACCEPT -m comment --comment "netplugin vxlan 4789"
+ when: iptablesrules.stdout.find("netplugin vxlan 4789") == -1
+ notify: Save iptables rules
+
+- name: Netplugin IPtables | Allow from contivh0
+ command: /sbin/iptables -I FORWARD 1 -i contivh0 -j ACCEPT -m comment --comment "contivh0 FORWARD input"
+ when: iptablesrules.stdout.find("contivh0 FORWARD input") == -1
+ notify: Save iptables rules
+
+- name: Netplugin IPtables | Allow to contivh0
+ command: /sbin/iptables -I FORWARD 1 -o contivh0 -j ACCEPT -m comment --comment "contivh0 FORWARD output"
+ when: iptablesrules.stdout.find("contivh0 FORWARD output") == -1
+ notify: Save iptables rules
+
+- name: Netplugin IPtables | Allow from contivh1
+ command: /sbin/iptables -I FORWARD 1 -i contivh1 -j ACCEPT -m comment --comment "contivh1 FORWARD input"
+ when: iptablesrules.stdout.find("contivh1 FORWARD input") == -1
+ notify: Save iptables rules
+
+- name: Netplugin IPtables | Allow to contivh1
+ command: /sbin/iptables -I FORWARD 1 -o contivh1 -j ACCEPT -m comment --comment "contivh1 FORWARD output"
+ when: iptablesrules.stdout.find("contivh1 FORWARD output") == -1
+ notify: Save iptables rules
+
+- name: Netplugin IPtables | Allow dns
+ command: /sbin/iptables -I INPUT 1 -p udp --dport 53 -j ACCEPT -m comment --comment "contiv dns"
+ when: iptablesrules.stdout.find("contiv dns") == -1
+ notify: Save iptables rules
diff --git a/roles/contiv/tasks/packageManagerInstall.yml b/roles/contiv/tasks/packageManagerInstall.yml
index 2eff1b85f..e0d48e643 100644
--- a/roles/contiv/tasks/packageManagerInstall.yml
+++ b/roles/contiv/tasks/packageManagerInstall.yml
@@ -4,9 +4,10 @@
did_install: false
- include: pkgMgrInstallers/centos-install.yml
- when: ansible_distribution == "CentOS" and not is_atomic
+ when: (ansible_os_family == "RedHat") and
+ not is_atomic
- name: Package Manager | Set fact saying we did CentOS package install
set_fact:
did_install: true
- when: ansible_distribution == "CentOS"
+ when: (ansible_os_family == "RedHat")
diff --git a/roles/contiv/tasks/pkgMgrInstallers/centos-install.yml b/roles/contiv/tasks/pkgMgrInstallers/centos-install.yml
index 51c3d35ac..91e6aadf3 100644
--- a/roles/contiv/tasks/pkgMgrInstallers/centos-install.yml
+++ b/roles/contiv/tasks/pkgMgrInstallers/centos-install.yml
@@ -1,13 +1,13 @@
---
-- name: PkgMgr CentOS | Install net-tools pkg for route
+- name: PkgMgr RHEL/CentOS | Install net-tools pkg for route
yum:
pkg=net-tools
state=latest
-- name: PkgMgr CentOS | Get openstack kilo rpm
+- name: PkgMgr RHEL/CentOS | Get openstack ocata rpm
get_url:
- url: https://repos.fedorapeople.org/repos/openstack/openstack-kilo/rdo-release-kilo-2.noarch.rpm
- dest: /tmp/rdo-release-kilo-2.noarch.rpm
+ url: https://repos.fedorapeople.org/repos/openstack/openstack-ocata/rdo-release-ocata-2.noarch.rpm
+ dest: /tmp/rdo-release-ocata-2.noarch.rpm
validate_certs: False
environment:
http_proxy: "{{ http_proxy|default('') }}"
@@ -16,15 +16,15 @@
tags:
- ovs_install
-- name: PkgMgr CentOS | Install openstack kilo rpm
- yum: name=/tmp/rdo-release-kilo-2.noarch.rpm state=present
+- name: PkgMgr RHEL/CentOS | Install openstack ocata rpm
+ yum: name=/tmp/rdo-release-ocata-2.noarch.rpm state=present
tags:
- ovs_install
-- name: PkgMgr CentOS | Install ovs
+- name: PkgMgr RHEL/CentOS | Install ovs
yum:
- pkg=openvswitch
- state=latest
+ pkg=openvswitch-2.5.0-2.el7.x86_64
+ state=present
environment:
http_proxy: "{{ http_proxy|default('') }}"
https_proxy: "{{ https_proxy|default('') }}"
diff --git a/roles/contiv/templates/netplugin.j2 b/roles/contiv/templates/netplugin.j2
index f3d26c037..a4928cc3d 100644
--- a/roles/contiv/templates/netplugin.j2
+++ b/roles/contiv/templates/netplugin.j2
@@ -1,9 +1,7 @@
{% if contiv_encap_mode == "vlan" %}
NETPLUGIN_ARGS='-vlan-if {{ netplugin_interface }} -ctrl-ip {{ netplugin_ctrl_ip }} -plugin-mode kubernetes -cluster-store etcd://{{ etcd_url }}'
{% endif %}
-{# Note: Commenting out vxlan encap mode support until it is fully supported
{% if contiv_encap_mode == "vxlan" %}
-NETPLUGIN_ARGS='-vtep-ip {{ netplugin_ctrl_ip }} -e {{contiv_encap_mode}} -ctrl-ip {{ netplugin_ctrl_ip }} -plugin-mode kubernetes -cluster-store etcd://{{ etcd_url }}'
+NETPLUGIN_ARGS='-vtep-ip {{ netplugin_ctrl_ip }} -ctrl-ip {{ netplugin_ctrl_ip }} -plugin-mode kubernetes -cluster-store etcd://{{ etcd_url }}'
{% endif %}
-#}
diff --git a/roles/contiv_auth_proxy/README.md b/roles/contiv_auth_proxy/README.md
new file mode 100644
index 000000000..287b6c148
--- /dev/null
+++ b/roles/contiv_auth_proxy/README.md
@@ -0,0 +1,29 @@
+Role Name
+=========
+
+Role to install Contiv API Proxy and UI
+
+Requirements
+------------
+
+Docker needs to be installed to run the auth proxy container.
+
+Role Variables
+--------------
+
+auth_proxy_image specifies the image with version tag to be used to spin up the auth proxy container.
+auth_proxy_cert, auth_proxy_key specify files to use for the proxy server certificates.
+auth_proxy_port is the host port and auth_proxy_datastore the cluster data store address.
+
+Dependencies
+------------
+
+docker
+
+Example Playbook
+----------------
+
+- hosts: netplugin-node
+ become: true
+ roles:
+ - { role: auth_proxy, auth_proxy_port: 10000, auth_proxy_datastore: etcd://netmaster:22379 }
diff --git a/roles/contiv_auth_proxy/defaults/main.yml b/roles/contiv_auth_proxy/defaults/main.yml
new file mode 100644
index 000000000..4e637a947
--- /dev/null
+++ b/roles/contiv_auth_proxy/defaults/main.yml
@@ -0,0 +1,11 @@
+---
+auth_proxy_image: "contiv/auth_proxy:1.0.0-beta.2"
+auth_proxy_port: 10000
+contiv_certs: "/var/contiv/certs"
+cluster_store: "{{ hostvars[groups['masters'][0]]['ansible_' + netmaster_interface].ipv4.address }}:22379"
+auth_proxy_cert: "{{ contiv_certs }}/auth_proxy_cert.pem"
+auth_proxy_key: "{{ contiv_certs }}/auth_proxy_key.pem"
+auth_proxy_datastore: "{{ cluster_store }}"
+auth_proxy_binaries: "/var/contiv_cache"
+auth_proxy_local_install: False
+auth_proxy_rule_comment: "Contiv auth proxy service"
diff --git a/roles/contiv_auth_proxy/files/auth-proxy.service b/roles/contiv_auth_proxy/files/auth-proxy.service
new file mode 100644
index 000000000..7cd2edff1
--- /dev/null
+++ b/roles/contiv_auth_proxy/files/auth-proxy.service
@@ -0,0 +1,13 @@
+[Unit]
+Description=Contiv Proxy and UI
+After=auditd.service systemd-user-sessions.service time-sync.target docker.service
+
+[Service]
+ExecStart=/usr/bin/auth_proxy.sh start
+ExecStop=/usr/bin/auth_proxy.sh stop
+KillMode=control-group
+Restart=on-failure
+RestartSec=10
+
+[Install]
+WantedBy=multi-user.target
diff --git a/roles/contiv_auth_proxy/handlers/main.yml b/roles/contiv_auth_proxy/handlers/main.yml
new file mode 100644
index 000000000..9cb9bea49
--- /dev/null
+++ b/roles/contiv_auth_proxy/handlers/main.yml
@@ -0,0 +1,2 @@
+---
+# handlers file for auth_proxy
diff --git a/roles/contiv_auth_proxy/tasks/cleanup.yml b/roles/contiv_auth_proxy/tasks/cleanup.yml
new file mode 100644
index 000000000..a29659cc9
--- /dev/null
+++ b/roles/contiv_auth_proxy/tasks/cleanup.yml
@@ -0,0 +1,10 @@
+---
+
+- name: stop auth-proxy container
+ service: name=auth-proxy state=stopped
+
+- name: cleanup iptables for auth proxy
+ shell: iptables -D INPUT -p tcp --dport {{ item }} -j ACCEPT -m comment --comment "{{ auth_proxy_rule_comment }} ({{ item }})"
+ become: true
+ with_items:
+ - "{{ auth_proxy_port }}"
diff --git a/roles/contiv_auth_proxy/tasks/main.yml b/roles/contiv_auth_proxy/tasks/main.yml
new file mode 100644
index 000000000..74e7bf794
--- /dev/null
+++ b/roles/contiv_auth_proxy/tasks/main.yml
@@ -0,0 +1,37 @@
+---
+# tasks file for auth_proxy
+- name: setup iptables for auth proxy
+ shell: >
+ ( iptables -L INPUT | grep "{{ auth_proxy_rule_comment }} ({{ item }})" ) || \
+ iptables -I INPUT 1 -p tcp --dport {{ item }} -j ACCEPT -m comment --comment "{{ auth_proxy_rule_comment }} ({{ item }})"
+ become: true
+ with_items:
+ - "{{ auth_proxy_port }}"
+
+# Load the auth-proxy-image from local tar. Ignore any errors to handle the
+# case where the image is not built in
+- name: copy auth-proxy image
+ copy: src={{ auth_proxy_binaries }}/auth-proxy-image.tar dest=/tmp/auth-proxy-image.tar
+ when: auth_proxy_local_install == True
+
+- name: load auth-proxy image
+ shell: docker load -i /tmp/auth-proxy-image.tar
+ when: auth_proxy_local_install == True
+
+- name: create cert folder for proxy
+ file: path=/var/contiv/certs state=directory
+
+- name: copy shell script for starting auth-proxy
+ template: src=auth_proxy.j2 dest=/usr/bin/auth_proxy.sh mode=u=rwx,g=rx,o=rx
+
+- name: copy cert for starting auth-proxy
+ copy: src=cert.pem dest=/var/contiv/certs/auth_proxy_cert.pem mode=u=rw,g=r,o=r
+
+- name: copy key for starting auth-proxy
+ copy: src=key.pem dest=/var/contiv/certs/auth_proxy_key.pem mode=u=rw,g=r,o=r
+
+- name: copy systemd units for auth-proxy
+ copy: src=auth-proxy.service dest=/etc/systemd/system/auth-proxy.service
+
+- name: start auth-proxy container
+ systemd: name=auth-proxy daemon_reload=yes state=started enabled=yes
diff --git a/roles/contiv_auth_proxy/templates/auth_proxy.j2 b/roles/contiv_auth_proxy/templates/auth_proxy.j2
new file mode 100644
index 000000000..e82e5b4ab
--- /dev/null
+++ b/roles/contiv_auth_proxy/templates/auth_proxy.j2
@@ -0,0 +1,36 @@
+#!/bin/bash
+
+usage="$0 start/stop"
+if [ $# -ne 1 ]; then
+ echo USAGE: $usage
+ exit 1
+fi
+
+case $1 in
+start)
+ set -e
+
+ /usr/bin/docker run --rm \
+ -p 10000:{{ auth_proxy_port }} \
+ --net=host --name=auth-proxy \
+ -e NO_NETMASTER_STARTUP_CHECK=1 \
+ -v /var/contiv:/var/contiv \
+ {{ auth_proxy_image }} \
+ --tls-key-file={{ auth_proxy_key }} \
+ --tls-certificate={{ auth_proxy_cert }} \
+ --data-store-address={{ auth_proxy_datastore }} \
+ --netmaster-address={{ service_vip }}:9999 \
+ --listen-address=:10000
+ ;;
+
+stop)
+ # don't stop on error
+ /usr/bin/docker stop auth-proxy
+ /usr/bin/docker rm -f -v auth-proxy
+ ;;
+
+*)
+ echo USAGE: $usage
+ exit 1
+ ;;
+esac
diff --git a/roles/contiv_auth_proxy/tests/inventory b/roles/contiv_auth_proxy/tests/inventory
new file mode 100644
index 000000000..d18580b3c
--- /dev/null
+++ b/roles/contiv_auth_proxy/tests/inventory
@@ -0,0 +1 @@
+localhost \ No newline at end of file
diff --git a/roles/contiv_auth_proxy/tests/test.yml b/roles/contiv_auth_proxy/tests/test.yml
new file mode 100644
index 000000000..2af3250cd
--- /dev/null
+++ b/roles/contiv_auth_proxy/tests/test.yml
@@ -0,0 +1,5 @@
+---
+- hosts: localhost
+ remote_user: root
+ roles:
+ - auth_proxy
diff --git a/roles/contiv_auth_proxy/vars/main.yml b/roles/contiv_auth_proxy/vars/main.yml
new file mode 100644
index 000000000..9032766c4
--- /dev/null
+++ b/roles/contiv_auth_proxy/vars/main.yml
@@ -0,0 +1,2 @@
+---
+# vars file for auth_proxy
diff --git a/roles/contiv_facts/defaults/main.yaml b/roles/contiv_facts/defaults/main.yaml
index a6c08fa63..7b8150954 100644
--- a/roles/contiv_facts/defaults/main.yaml
+++ b/roles/contiv_facts/defaults/main.yaml
@@ -8,3 +8,6 @@ bin_dir: /usr/bin
ansible_temp_dir: /tmp/.ansible/files
source_type: packageManager
+
+# Whether or not to also install and enable the Contiv auth_proxy
+contiv_enable_auth_proxy: false
diff --git a/roles/docker/handlers/main.yml b/roles/docker/handlers/main.yml
index 7f91afb37..591367467 100644
--- a/roles/docker/handlers/main.yml
+++ b/roles/docker/handlers/main.yml
@@ -4,6 +4,10 @@
systemd:
name: "{{ openshift.docker.service_name }}"
state: restarted
+ register: r_docker_restart_docker_result
+ until: not r_docker_restart_docker_result | failed
+ retries: 3
+ delay: 30
when: not docker_service_status_changed | default(false) | bool
- name: restart udev
diff --git a/roles/docker/tasks/package_docker.yml b/roles/docker/tasks/package_docker.yml
index c82d8659a..bc52ab60c 100644
--- a/roles/docker/tasks/package_docker.yml
+++ b/roles/docker/tasks/package_docker.yml
@@ -93,7 +93,7 @@
dest: /etc/sysconfig/docker
regexp: '^OPTIONS=.*$'
line: "OPTIONS='\
- {% if ansible_selinux.status | default(None) == '''enabled''' and docker_selinux_enabled | default(true) %} --selinux-enabled {% endif %}\
+ {% if ansible_selinux.status | default(None) == 'enabled' and docker_selinux_enabled | default(true) | bool %} --selinux-enabled {% endif %}\
{% if docker_log_driver is defined %} --log-driver {{ docker_log_driver }}{% endif %}\
{% if docker_log_options is defined %} {{ docker_log_options | oo_split() | oo_prepend_strings_in_list('--log-opt ') | join(' ')}}{% endif %}\
{% if docker_options is defined %} {{ docker_options }}{% endif %}\
@@ -123,9 +123,12 @@
enabled: yes
state: started
daemon_reload: yes
- register: start_result
+ register: r_docker_package_docker_start_result
+ until: not r_docker_package_docker_start_result | failed
+ retries: 3
+ delay: 30
- set_fact:
- docker_service_status_changed: start_result | changed
+ docker_service_status_changed: "{{ r_docker_package_docker_start_result | changed }}"
- meta: flush_handlers
diff --git a/roles/docker/tasks/systemcontainer_docker.yml b/roles/docker/tasks/systemcontainer_docker.yml
index 650f06f86..57a84bc2c 100644
--- a/roles/docker/tasks/systemcontainer_docker.yml
+++ b/roles/docker/tasks/systemcontainer_docker.yml
@@ -12,6 +12,12 @@
traditional docker package install. Otherwise, comment out openshift_docker_options
in your inventory file.
+- name: Ensure container-selinux is installed
+ package:
+ name: container-selinux
+ state: present
+ when: not openshift.common.is_atomic | bool
+
# Used to pull and install the system container
- name: Ensure atomic is installed
package:
@@ -40,6 +46,11 @@
state: stopped
daemon_reload: yes
ignore_errors: True
+ register: r_docker_systemcontainer_docker_stop_result
+ until: not r_docker_systemcontainer_docker_stop_result | failed
+ retries: 3
+ delay: 30
+
# Set http_proxy, https_proxy, and no_proxy in /etc/atomic.conf
# regexp: the line starts with or without #, followed by the string
@@ -86,7 +97,7 @@
- name: Use Fedora Registry for image when distribution is Fedora
set_fact:
- l_docker_image_prepend: "registry.fedoraproject.org"
+ l_docker_image_prepend: "registry.fedoraproject.org/f25"
when: ansible_distribution == 'Fedora'
# For https://github.com/openshift/openshift-ansible/pull/4049#discussion_r114478504
@@ -154,9 +165,12 @@
enabled: yes
state: started
daemon_reload: yes
- register: start_result
+ register: r_docker_systemcontainer_docker_start_result
+ until: not r_docker_systemcontainer_docker_start_result | failed
+ retries: 3
+ delay: 30
- set_fact:
- docker_service_status_changed: start_result | changed
+ docker_service_status_changed: "{{ r_docker_systemcontainer_docker_start_result | changed }}"
- meta: flush_handlers
diff --git a/roles/etcd/tasks/main.yml b/roles/etcd/tasks/main.yml
index 586aebb11..8c2f392ee 100644
--- a/roles/etcd/tasks/main.yml
+++ b/roles/etcd/tasks/main.yml
@@ -10,6 +10,13 @@
package: name=etcd{{ '-' + etcd_version if etcd_version is defined else '' }} state=present
when: not etcd_is_containerized | bool
+- include_role:
+ name: etcd_common
+ vars:
+ r_etcd_common_action: drop_etcdctl
+ when:
+ - openshift_etcd_etcdctl_profile | default(true) | bool
+
- block:
- name: Pull etcd container
command: docker pull {{ openshift.etcd.etcd_image }}
@@ -120,12 +127,6 @@
enabled: yes
register: start_result
-- include_role:
- name: etcd_common
- vars:
- r_etcd_common_action: drop_etcdctl
- when: openshift_etcd_etcdctl_profile | default(true) | bool
-
- name: Set fact etcd_service_status_changed
set_fact:
etcd_service_status_changed: "{{ start_result | changed }}"
diff --git a/roles/etcd/tasks/system_container.yml b/roles/etcd/tasks/system_container.yml
index f1d948d16..e735bf50a 100644
--- a/roles/etcd/tasks/system_container.yml
+++ b/roles/etcd/tasks/system_container.yml
@@ -1,4 +1,7 @@
---
+- set_fact:
+ l_etcd_src_data_dir: "{{ '/var/lib/origin/openshift.local.etcd' if r_etcd_common_embedded_etcd | bool else '/var/lib/etcd/' }}"
+
- name: Pull etcd system container
command: atomic pull --storage=ostree {{ openshift.etcd.etcd_image }}
register: pull_result
@@ -24,26 +27,33 @@
systemd:
name: etcd
state: stopped
- enabled: yes
+ enabled: no
masked: no
daemon_reload: yes
register: task_result
failed_when: task_result|failed and 'could not' not in task_result.msg|lower
- when: "'etcd' in etcd_result.stdout"
+ when: "'etcd' not in etcd_result.stdout"
- name: Disable etcd_container
systemd:
name: etcd_container
state: stopped
enabled: no
- masked: yes
daemon_reload: yes
register: task_result
failed_when: task_result|failed and 'could not' not in task_result.msg|lower
+- name: Remove etcd_container.service
+ file:
+ path: /etc/systemd/system/etcd_container.service
+ state: absent
+
+- name: Systemd reload configuration
+ systemd: name=etcd_container daemon_reload=yes
+
- name: Check for previous etcd data store
stat:
- path: "{{ etcd_data_dir }}/member/"
+ path: "{{ l_etcd_src_data_dir }}/member/"
register: src_datastore
- name: Check for etcd system container data store
@@ -59,7 +69,7 @@
- name: Copy etcd data store
command: >
- cp -a {{ etcd_data_dir }}/member
+ cp -a {{ l_etcd_src_data_dir }}/member
{{ r_etcd_common_system_container_host_dir }}/etcd.etcd/member
when:
- src_datastore.stat.exists
diff --git a/roles/etcd_common/defaults/main.yml b/roles/etcd_common/defaults/main.yml
index 8cc7a9c20..b1bfa4592 100644
--- a/roles/etcd_common/defaults/main.yml
+++ b/roles/etcd_common/defaults/main.yml
@@ -44,6 +44,10 @@ etcd_ca_serial: "{{ etcd_ca_dir }}/serial"
etcd_ca_crl_number: "{{ etcd_ca_dir }}/crlnumber"
etcd_ca_default_days: 1825
+r_etcd_common_master_peer_cert_file: /etc/origin/master/master.etcd-client.crt
+r_etcd_common_master_peer_key_file: /etc/origin/master/master.etcd-client.key
+r_etcd_common_master_peer_ca_file: /etc/origin/master/master.etcd-ca.crt
+
# etcd server & certificate vars
etcd_hostname: "{{ inventory_hostname }}"
etcd_ip: "{{ ansible_default_ipv4.address }}"
@@ -52,7 +56,7 @@ etcd_is_containerized: False
etcd_is_thirdparty: False
# etcd dir vars
-etcd_data_dir: "{{ '/var/lib/origin/openshift.local.etcd' if r_etcd_common_embedded_etcd | bool else '/var/lib/etcd/' }}"
+etcd_data_dir: "{{ '/var/lib/origin/openshift.local.etcd' if r_etcd_common_embedded_etcd | bool else '/var/lib/etcd/' if openshift.common.etcd_runtime != 'runc' else '/var/lib/etcd/etcd.etcd/' }}"
# etcd ports and protocols
etcd_client_port: 2379
diff --git a/roles/etcd_common/tasks/backup.yml b/roles/etcd_common/tasks/backup.yml
index 4a4832275..2bc486d3f 100644
--- a/roles/etcd_common/tasks/backup.yml
+++ b/roles/etcd_common/tasks/backup.yml
@@ -1,10 +1,25 @@
---
+# set the etcd backup directory name here in case the tag or sufix consists of dynamic value that changes over time
+# e.g. openshift-backup-{{ lookup('pipe', 'date +%Y%m%d%H%M%S') }} value will change every second so if the date changes
+# right after setting l_etcd_incontainer_backup_dir and before l_etcd_backup_dir facts, the backup directory name is different
- set_fact:
- l_etcd_backup_dir: "{{ etcd_data_dir }}/openshift-backup-{{ r_etcd_common_backup_tag }}{{ r_etcd_common_backup_sufix_name }}"
+ l_backup_dir_name: "openshift-backup-{{ r_etcd_common_backup_tag }}{{ r_etcd_common_backup_sufix_name }}"
+
+- set_fact:
+ l_etcd_data_dir: "{{ etcd_data_dir }}{{ '/etcd.etcd' if r_etcd_common_etcd_runtime == 'runc' else '' }}"
+
+- set_fact:
+ l_etcd_incontainer_data_dir: "{{ etcd_data_dir }}"
+
+- set_fact:
+ l_etcd_incontainer_backup_dir: "{{ l_etcd_incontainer_data_dir }}/{{ l_backup_dir_name }}"
+
+- set_fact:
+ l_etcd_backup_dir: "{{ l_etcd_data_dir }}/{{ l_backup_dir_name }}"
# TODO: replace shell module with command and update later checks
- name: Check available disk space for etcd backup
- shell: df --output=avail -k {{ etcd_data_dir }} | tail -n 1
+ shell: df --output=avail -k {{ l_etcd_data_dir }} | tail -n 1
register: l_avail_disk
# AUDIT:changed_when: `false` because we are only inspecting
# state, not manipulating anything
@@ -12,7 +27,7 @@
# TODO: replace shell module with command and update later checks
- name: Check current etcd disk usage
- shell: du --exclude='*openshift-backup*' -k {{ etcd_data_dir }} | tail -n 1 | cut -f1
+ shell: du --exclude='*openshift-backup*' -k {{ l_etcd_data_dir }} | tail -n 1 | cut -f1
register: l_etcd_disk_usage
when: r_etcd_common_embedded_etcd | bool
# AUDIT:changed_when: `false` because we are only inspecting
@@ -46,21 +61,36 @@
- r_etcd_common_embedded_etcd | bool
- not l_ostree_booted.stat.exists | bool
+- name: Check selinux label of '{{ l_etcd_data_dir }}'
+ command: >
+ stat -c '%C' {{ l_etcd_data_dir }}
+ register: l_etcd_selinux_labels
+
+- debug:
+ msg: "{{ l_etcd_selinux_labels }}"
+
+- name: Make sure the '{{ l_etcd_data_dir }}' has the proper label
+ command: >
+ chcon -t svirt_sandbox_file_t "{{ l_etcd_data_dir }}"
+ when:
+ - l_etcd_selinux_labels.rc == 0
+ - "'svirt_sandbox_file_t' not in l_etcd_selinux_labels.stdout"
+
- name: Generate etcd backup
command: >
- {{ r_etcd_common_etcdctl_command }} backup --data-dir={{ etcd_data_dir }}
- --backup-dir={{ l_etcd_backup_dir }}
+ {{ r_etcd_common_etcdctl_command }} backup --data-dir={{ l_etcd_incontainer_data_dir }}
+ --backup-dir={{ l_etcd_incontainer_backup_dir }}
# According to the docs change you can simply copy snap/db
# https://github.com/openshift/openshift-docs/commit/b38042de02d9780842dce95cfa0ef45d53b58bc6
- name: Check for v3 data store
stat:
- path: "{{ etcd_data_dir }}/member/snap/db"
+ path: "{{ l_etcd_data_dir }}/member/snap/db"
register: l_v3_db
- name: Copy etcd v3 data store
command: >
- cp -a {{ etcd_data_dir }}/member/snap/db
+ cp -a {{ l_etcd_data_dir }}/member/snap/db
{{ l_etcd_backup_dir }}/member/snap/
when: l_v3_db.stat.exists
diff --git a/roles/etcd_migrate/README.md b/roles/etcd_migrate/README.md
new file mode 100644
index 000000000..369e78ff2
--- /dev/null
+++ b/roles/etcd_migrate/README.md
@@ -0,0 +1,53 @@
+Role Name
+=========
+
+Offline etcd migration of data from v2 to v3
+
+Requirements
+------------
+
+It is expected all consumers of the etcd data are not accessing the data.
+Otherwise the migrated data can be out-of-sync with the v2 and can result in unhealthy etcd cluster.
+
+The role itself is responsible for:
+- checking etcd cluster health and raft status before the migration
+- checking of presence of any v3 data (in that case the migration is stopped)
+- migration of v2 data to v3 data (including attaching leases of keys prefixed with "/kubernetes.io/events" and "/kubernetes.io/masterleases" string)
+- validation of migrated data (all v2 keys and in v3 keys and are set to the identical value)
+
+The migration itself requires an etcd member to be down in the process. Once the migration is done, the etcd member is started.
+
+Role Variables
+--------------
+
+TBD
+
+Dependencies
+------------
+
+- etcd_common
+- lib_utils
+
+Example Playbook
+----------------
+
+```yaml
+- name: Migrate etcd data from v2 to v3
+ hosts: oo_etcd_to_config
+ gather_facts: no
+ tasks:
+ - include_role:
+ name: openshift_etcd_migrate
+ vars:
+ etcd_peer: "{{ ansible_default_ipv4.address }}"
+```
+
+License
+-------
+
+Apache License, Version 2.0
+
+Author Information
+------------------
+
+Jan Chaloupka (jchaloup@redhat.com)
diff --git a/roles/etcd_migrate/defaults/main.yml b/roles/etcd_migrate/defaults/main.yml
new file mode 100644
index 000000000..05cf41fbb
--- /dev/null
+++ b/roles/etcd_migrate/defaults/main.yml
@@ -0,0 +1,3 @@
+---
+# Default action when calling this role, choices: check, migrate, configure
+r_etcd_migrate_action: migrate
diff --git a/roles/etcd_migrate/meta/main.yml b/roles/etcd_migrate/meta/main.yml
new file mode 100644
index 000000000..f3cabbef6
--- /dev/null
+++ b/roles/etcd_migrate/meta/main.yml
@@ -0,0 +1,17 @@
+---
+galaxy_info:
+ author: Jan Chaloupka
+ description: Etcd migration
+ company: Red Hat, Inc.
+ license: Apache License, Version 2.0
+ min_ansible_version: 2.1
+ platforms:
+ - name: EL
+ versions:
+ - 7
+ categories:
+ - cloud
+ - system
+dependencies:
+- { role: etcd_common }
+- { role: lib_utils }
diff --git a/roles/etcd_migrate/tasks/check.yml b/roles/etcd_migrate/tasks/check.yml
new file mode 100644
index 000000000..b66696b55
--- /dev/null
+++ b/roles/etcd_migrate/tasks/check.yml
@@ -0,0 +1,59 @@
+---
+- fail:
+ msg: "Currently etcd v3 migration is unsupported while we test it more thoroughly"
+ when: not openshift_enable_unsupported_configurations | default(false) | bool
+
+# Check the cluster is healthy
+- include: check_cluster_health.yml
+
+# Check if the member has v3 data already
+# Run the migration only if the data are v2
+- name: Check if there are any v3 data
+ command: >
+ etcdctl --cert {{ etcd_peer_cert_file }} --key {{ etcd_peer_key_file }} --cacert {{ etcd_peer_ca_file }} --endpoints 'https://{{ etcd_peer }}:{{ etcd_client_port }}' get "" --from-key --keys-only -w json --limit 1
+ environment:
+ ETCDCTL_API: 3
+ register: l_etcdctl_output
+
+- fail:
+ msg: "Unable to get a number of v3 keys"
+ when: l_etcdctl_output.rc != 0
+
+- fail:
+ msg: "The etcd has at least one v3 key"
+ when: "'count' in (l_etcdctl_output.stdout | from_json) and (l_etcdctl_output.stdout | from_json).count != 0"
+
+
+# TODO(jchaloup): once the until loop can be used over include/block,
+# remove the repetive code
+# - until loop not supported over include statement (nor block)
+# https://github.com/ansible/ansible/issues/17098
+# - with_items not supported over block
+
+# Check the cluster status for the first time
+- include: check_cluster_status.yml
+
+# Check the cluster status for the second time
+- block:
+ - debug:
+ msg: "l_etcd_cluster_status_ok: {{ l_etcd_cluster_status_ok }}"
+ - name: Wait a while before another check
+ pause:
+ seconds: 5
+ when: not l_etcd_cluster_status_ok | bool
+
+ - include: check_cluster_status.yml
+ when: not l_etcd_cluster_status_ok | bool
+
+
+# Check the cluster status for the third time
+- block:
+ - debug:
+ msg: "l_etcd_cluster_status_ok: {{ l_etcd_cluster_status_ok }}"
+ - name: Wait a while before another check
+ pause:
+ seconds: 5
+ when: not l_etcd_cluster_status_ok | bool
+
+ - include: check_cluster_status.yml
+ when: not l_etcd_cluster_status_ok | bool
diff --git a/roles/etcd_migrate/tasks/check_cluster_health.yml b/roles/etcd_migrate/tasks/check_cluster_health.yml
new file mode 100644
index 000000000..201d83f99
--- /dev/null
+++ b/roles/etcd_migrate/tasks/check_cluster_health.yml
@@ -0,0 +1,23 @@
+---
+- name: Check cluster health
+ command: >
+ etcdctl --cert-file {{ etcd_peer_cert_file }} --key-file {{ etcd_peer_key_file }} --ca-file {{ etcd_peer_ca_file }} --endpoint https://{{ etcd_peer }}:{{ etcd_client_port }} cluster-health
+ register: etcd_cluster_health
+ changed_when: false
+ failed_when: false
+
+- name: Assume a member is not healthy
+ set_fact:
+ etcd_member_healthy: false
+
+- name: Get member item health status
+ set_fact:
+ etcd_member_healthy: true
+ with_items: "{{ etcd_cluster_health.stdout_lines }}"
+ when: "(etcd_peer in item) and ('is healthy' in item)"
+
+- name: Check the etcd cluster health
+ # TODO(jchaloup): should we fail or ask user if he wants to continue? Or just wait until the cluster is healthy?
+ fail:
+ msg: "Etcd member {{ etcd_peer }} is not healthy"
+ when: not etcd_member_healthy
diff --git a/roles/etcd_migrate/tasks/check_cluster_status.yml b/roles/etcd_migrate/tasks/check_cluster_status.yml
new file mode 100644
index 000000000..b69fb5a52
--- /dev/null
+++ b/roles/etcd_migrate/tasks/check_cluster_status.yml
@@ -0,0 +1,32 @@
+---
+# etcd_ip originates from etcd_common role
+- name: Check cluster status
+ command: >
+ etcdctl --cert {{ etcd_peer_cert_file }} --key {{ etcd_peer_key_file }} --cacert {{ etcd_peer_ca_file }} --endpoints 'https://{{ etcd_peer }}:{{ etcd_client_port }}' -w json endpoint status
+ environment:
+ ETCDCTL_API: 3
+ register: l_etcd_cluster_status
+
+- name: Retrieve raftIndex
+ set_fact:
+ etcd_member_raft_index: "{{ (l_etcd_cluster_status.stdout | from_json)[0]['Status']['raftIndex'] }}"
+
+- block:
+ # http://docs.ansible.com/ansible/playbooks_filters.html#extracting-values-from-containers
+ - name: Group all raftIndices into a list
+ set_fact:
+ etcd_members_raft_indices: "{{ groups['oo_etcd_to_migrate'] | map('extract', hostvars, 'etcd_member_raft_index') | list | unique }}"
+
+ - name: Check the minimum and the maximum of raftIndices is at most 1
+ set_fact:
+ etcd_members_raft_indices_diff: "{{ ((etcd_members_raft_indices | max | int) - (etcd_members_raft_indices | min | int)) | int }}"
+
+ - debug:
+ msg: "Raft indices difference: {{ etcd_members_raft_indices_diff }}"
+
+ when: inventory_hostname in groups.oo_etcd_to_migrate[0]
+
+# The cluster raft status is ok if the difference of the max and min raft index is at most 1
+- name: capture the status
+ set_fact:
+ l_etcd_cluster_status_ok: "{{ hostvars[groups.oo_etcd_to_migrate[0]]['etcd_members_raft_indices_diff'] | int < 2 }}"
diff --git a/roles/etcd_migrate/tasks/configure.yml b/roles/etcd_migrate/tasks/configure.yml
new file mode 100644
index 000000000..a305d5bf3
--- /dev/null
+++ b/roles/etcd_migrate/tasks/configure.yml
@@ -0,0 +1,13 @@
+---
+- name: Configure master to use etcd3 storage backend
+ yedit:
+ src: /etc/origin/master/master-config.yaml
+ key: "{{ item.key }}"
+ value: "{{ item.value }}"
+ with_items:
+ - key: kubernetesMasterConfig.apiServerArguments.storage-backend
+ value:
+ - etcd3
+ - key: kubernetesMasterConfig.apiServerArguments.storage-media-type
+ value:
+ - application/vnd.kubernetes.protobuf
diff --git a/roles/etcd_migrate/tasks/main.yml b/roles/etcd_migrate/tasks/main.yml
new file mode 100644
index 000000000..409b0b613
--- /dev/null
+++ b/roles/etcd_migrate/tasks/main.yml
@@ -0,0 +1,25 @@
+---
+- name: Fail if invalid r_etcd_migrate_action provided
+ fail:
+ msg: "etcd_migrate role can only be called with 'check' or 'migrate' or 'configure'"
+ when: r_etcd_migrate_action not in ['check', 'migrate', 'configure']
+
+- name: Include main action task file
+ include: "{{ r_etcd_migrate_action }}.yml"
+
+# 2. migrate v2 datadir into v3:
+# ETCDCTL_API=3 ./etcdctl migrate --data-dir=${data_dir} --no-ttl
+# backup the etcd datadir first
+# Provide a way for an operator to specify transformer
+
+# 3. re-configure OpenShift master at /etc/origin/master/master-config.yml
+# set storage-backend to “etcd3”
+# 4. we could leave the master restart to current logic (there is already the code ready (single vs. HA master))
+
+# Run
+# etcdctl --cert-file /etc/etcd/peer.crt --key-file /etc/etcd/peer.key --ca-file /etc/etcd/ca.crt --endpoint https://172.16.186.45:2379 cluster-health
+# to check the cluster health (from the etcdctl.sh aliases file)
+
+# Another assumption:
+# - in order to migrate all etcd v2 data into v3, we need to shut down the cluster (let's verify that on Wednesday meeting)
+# -
diff --git a/roles/etcd_migrate/tasks/migrate.yml b/roles/etcd_migrate/tasks/migrate.yml
new file mode 100644
index 000000000..b2cf6d20a
--- /dev/null
+++ b/roles/etcd_migrate/tasks/migrate.yml
@@ -0,0 +1,64 @@
+---
+# Should this be run in a serial manner?
+- set_fact:
+ l_etcd_service: "{{ 'etcd_container' if openshift.common.is_containerized else 'etcd' }}"
+
+- name: Disable etcd members
+ service:
+ name: "{{ l_etcd_service }}"
+ state: stopped
+
+# Should we skip all TTL keys? https://bugzilla.redhat.com/show_bug.cgi?id=1389773
+- name: Migrate etcd data
+ command: >
+ etcdctl migrate --data-dir={{ etcd_data_dir }}
+ environment:
+ ETCDCTL_API: 3
+ register: l_etcdctl_migrate
+
+# TODO(jchaloup): If any of the members fails, we need to restore all members to v2 from the pre-migrate backup
+- name: Check the etcd v2 data are correctly migrated
+ fail:
+ msg: "Failed to migrate a member"
+ when: "'finished transforming keys' not in l_etcdctl_migrate.stdout and 'no v2 keys to migrate' not in l_etcdctl_migrate.stdout"
+
+- name: Migration message
+ debug:
+ msg: "Etcd migration finished with: {{ l_etcdctl_migrate.stdout }}"
+
+- name: Enable etcd member
+ service:
+ name: "{{ l_etcd_service }}"
+ state: started
+
+- name: Wait for cluster to become healthy after migration
+ command: >
+ etcdctl --cert-file {{ etcd_peer_cert_file }} --key-file {{ etcd_peer_key_file }} --ca-file {{ etcd_peer_ca_file }} --endpoint https://{{ etcd_peer }}:{{ etcd_client_port }} cluster-health
+ register: l_etcd_migrate_health
+ until: l_etcd_migrate_health.rc == 0
+ retries: 3
+ delay: 30
+ run_once: true
+
+# NOTE: /usr/local/bin may be removed from the PATH by ansible hence why
+# it's added to the environment in this task.
+- name: Re-introduce leases (as a replacement for key TTLs)
+ command: >
+ oadm migrate etcd-ttl \
+ --cert {{ r_etcd_common_master_peer_cert_file }} \
+ --key {{ r_etcd_common_master_peer_key_file }} \
+ --cacert {{ r_etcd_common_master_peer_ca_file }} \
+ --etcd-address 'https://{{ etcd_peer }}:{{ etcd_client_port }}' \
+ --ttl-keys-prefix {{ item }} \
+ --lease-duration 1h
+ environment:
+ ETCDCTL_API: 3
+ PATH: "/usr/local/bin:/var/usrlocal/bin:{{ ansible_env.PATH }}"
+ with_items:
+ - "/kubernetes.io/events"
+ - "/kubernetes.io/masterleases"
+ delegate_to: "{{ groups.oo_first_master[0] }}"
+ run_once: true
+
+- set_fact:
+ r_etcd_migrate_success: true
diff --git a/roles/flannel/handlers/main.yml b/roles/flannel/handlers/main.yml
index c60c2115a..02f5a5f64 100644
--- a/roles/flannel/handlers/main.yml
+++ b/roles/flannel/handlers/main.yml
@@ -8,3 +8,7 @@
systemd:
name: "{{ openshift.docker.service_name }}"
state: restarted
+ register: l_docker_restart_docker_in_flannel_result
+ until: not l_docker_restart_docker_in_flannel_result | failed
+ retries: 3
+ delay: 30
diff --git a/roles/lib_openshift/library/oc_atomic_container.py b/roles/lib_openshift/library/oc_atomic_container.py
index 1e017a576..955c6313e 100644
--- a/roles/lib_openshift/library/oc_atomic_container.py
+++ b/roles/lib_openshift/library/oc_atomic_container.py
@@ -65,8 +65,11 @@ options:
# -*- -*- -*- Begin included fragment: ansible/oc_atomic_container.py -*- -*- -*-
-# pylint: disable=wrong-import-position,too-many-branches,invalid-name
+# pylint: disable=wrong-import-position,too-many-branches,invalid-name,no-name-in-module, import-error
import json
+
+from distutils.version import StrictVersion
+
from ansible.module_utils.basic import AnsibleModule
@@ -191,9 +194,15 @@ def main():
)
# Verify that the platform supports atomic command
- rc, _, err = module.run_command('atomic -v', check_rc=False)
+ rc, version_out, err = module.run_command('rpm -q --queryformat "%{VERSION}\n" atomic', check_rc=False)
if rc != 0:
module.fail_json(msg="Error in running atomic command", err=err)
+ # This module requires atomic version 1.17.2 or later
+ atomic_version = StrictVersion(version_out.replace('\n', ''))
+ if atomic_version < StrictVersion('1.17.2'):
+ module.fail_json(
+ msg="atomic version 1.17.2+ is required",
+ err=str(atomic_version))
try:
core(module)
diff --git a/roles/lib_openshift/library/oc_storageclass.py b/roles/lib_openshift/library/oc_storageclass.py
new file mode 100644
index 000000000..d5375e27a
--- /dev/null
+++ b/roles/lib_openshift/library/oc_storageclass.py
@@ -0,0 +1,1688 @@
+#!/usr/bin/env python
+# pylint: disable=missing-docstring
+# flake8: noqa: T001
+# ___ ___ _ _ ___ ___ _ _____ ___ ___
+# / __| __| \| | __| _ \ /_\_ _| __| \
+# | (_ | _|| .` | _|| / / _ \| | | _|| |) |
+# \___|___|_|\_|___|_|_\/_/_\_\_|_|___|___/_ _____
+# | \ / _ \ | \| |/ _ \_ _| | __| \_ _|_ _|
+# | |) | (_) | | .` | (_) || | | _|| |) | | | |
+# |___/ \___/ |_|\_|\___/ |_| |___|___/___| |_|
+#
+# Copyright 2016 Red Hat, Inc. and/or its affiliates
+# and other contributors as indicated by the @author tags.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+# -*- -*- -*- Begin included fragment: lib/import.py -*- -*- -*-
+'''
+ OpenShiftCLI class that wraps the oc commands in a subprocess
+'''
+# pylint: disable=too-many-lines
+
+from __future__ import print_function
+import atexit
+import copy
+import json
+import os
+import re
+import shutil
+import subprocess
+import tempfile
+# pylint: disable=import-error
+try:
+ import ruamel.yaml as yaml
+except ImportError:
+ import yaml
+
+from ansible.module_utils.basic import AnsibleModule
+
+# -*- -*- -*- End included fragment: lib/import.py -*- -*- -*-
+
+# -*- -*- -*- Begin included fragment: doc/storageclass -*- -*- -*-
+
+DOCUMENTATION = '''
+---
+module: oc_storageclass
+short_description: Create, modify, and idempotently manage openshift storageclasses.
+description:
+ - Manage openshift storageclass objects programmatically.
+options:
+ state:
+ description:
+ - State represents whether to create, modify, delete, or list
+ required: False
+ default: present
+ choices: ["present", "absent", "list"]
+ aliases: []
+ kubeconfig:
+ description:
+ - The path for the kubeconfig file to use for authentication
+ required: false
+ default: /etc/origin/master/admin.kubeconfig
+ aliases: []
+ debug:
+ description:
+ - Turn on debug output.
+ required: false
+ default: False
+ aliases: []
+ name:
+ description:
+ - Name of the object that is being queried.
+ required: false
+ default: None
+ aliases: []
+ provisioner:
+ description:
+ - Any annotations to add to the storageclass
+ required: false
+ default: 'aws-ebs'
+ aliases: []
+ default_storage_class:
+ description:
+ - Whether or not this is the default storage class
+ required: false
+ default: False
+ aliases: []
+ parameters:
+ description:
+ - A dictionary with the parameters to configure the storageclass. This will be based on provisioner
+ required: false
+ default: None
+ aliases: []
+ api_version:
+ description:
+ - The api version.
+ required: false
+ default: v1
+ aliases: []
+author:
+- "Kenny Woodson <kwoodson@redhat.com>"
+extends_documentation_fragment: []
+'''
+
+EXAMPLES = '''
+- name: get storageclass
+ run_once: true
+ oc_storageclass:
+ name: gp2
+ state: list
+ register: registry_sc_out
+
+- name: create the storageclass
+ oc_storageclass:
+ run_once: true
+ name: gp2
+ parameters:
+ type: gp2
+ encrypted: 'true'
+ kmsKeyId: '<full kms key arn>'
+ provisioner: aws-ebs
+ default_storage_class: False
+ register: sc_out
+ notify:
+ - restart openshift master services
+'''
+
+# -*- -*- -*- End included fragment: doc/storageclass -*- -*- -*-
+
+# -*- -*- -*- Begin included fragment: ../../lib_utils/src/class/yedit.py -*- -*- -*-
+
+
+class YeditException(Exception): # pragma: no cover
+ ''' Exception class for Yedit '''
+ pass
+
+
+# pylint: disable=too-many-public-methods
+class Yedit(object): # pragma: no cover
+ ''' Class to modify yaml files '''
+ re_valid_key = r"(((\[-?\d+\])|([0-9a-zA-Z%s/_-]+)).?)+$"
+ re_key = r"(?:\[(-?\d+)\])|([0-9a-zA-Z{}/_-]+)"
+ com_sep = set(['.', '#', '|', ':'])
+
+ # pylint: disable=too-many-arguments
+ def __init__(self,
+ filename=None,
+ content=None,
+ content_type='yaml',
+ separator='.',
+ backup=False):
+ self.content = content
+ self._separator = separator
+ self.filename = filename
+ self.__yaml_dict = content
+ self.content_type = content_type
+ self.backup = backup
+ self.load(content_type=self.content_type)
+ if self.__yaml_dict is None:
+ self.__yaml_dict = {}
+
+ @property
+ def separator(self):
+ ''' getter method for separator '''
+ return self._separator
+
+ @separator.setter
+ def separator(self, inc_sep):
+ ''' setter method for separator '''
+ self._separator = inc_sep
+
+ @property
+ def yaml_dict(self):
+ ''' getter method for yaml_dict '''
+ return self.__yaml_dict
+
+ @yaml_dict.setter
+ def yaml_dict(self, value):
+ ''' setter method for yaml_dict '''
+ self.__yaml_dict = value
+
+ @staticmethod
+ def parse_key(key, sep='.'):
+ '''parse the key allowing the appropriate separator'''
+ common_separators = list(Yedit.com_sep - set([sep]))
+ return re.findall(Yedit.re_key.format(''.join(common_separators)), key)
+
+ @staticmethod
+ def valid_key(key, sep='.'):
+ '''validate the incoming key'''
+ common_separators = list(Yedit.com_sep - set([sep]))
+ if not re.match(Yedit.re_valid_key.format(''.join(common_separators)), key):
+ return False
+
+ return True
+
+ @staticmethod
+ def remove_entry(data, key, sep='.'):
+ ''' remove data at location key '''
+ if key == '' and isinstance(data, dict):
+ data.clear()
+ return True
+ elif key == '' and isinstance(data, list):
+ del data[:]
+ return True
+
+ if not (key and Yedit.valid_key(key, sep)) and \
+ isinstance(data, (list, dict)):
+ return None
+
+ key_indexes = Yedit.parse_key(key, sep)
+ for arr_ind, dict_key in key_indexes[:-1]:
+ if dict_key and isinstance(data, dict):
+ data = data.get(dict_key)
+ elif (arr_ind and isinstance(data, list) and
+ int(arr_ind) <= len(data) - 1):
+ data = data[int(arr_ind)]
+ else:
+ return None
+
+ # process last index for remove
+ # expected list entry
+ if key_indexes[-1][0]:
+ if isinstance(data, list) and int(key_indexes[-1][0]) <= len(data) - 1: # noqa: E501
+ del data[int(key_indexes[-1][0])]
+ return True
+
+ # expected dict entry
+ elif key_indexes[-1][1]:
+ if isinstance(data, dict):
+ del data[key_indexes[-1][1]]
+ return True
+
+ @staticmethod
+ def add_entry(data, key, item=None, sep='.'):
+ ''' Get an item from a dictionary with key notation a.b.c
+ d = {'a': {'b': 'c'}}}
+ key = a#b
+ return c
+ '''
+ if key == '':
+ pass
+ elif (not (key and Yedit.valid_key(key, sep)) and
+ isinstance(data, (list, dict))):
+ return None
+
+ key_indexes = Yedit.parse_key(key, sep)
+ for arr_ind, dict_key in key_indexes[:-1]:
+ if dict_key:
+ if isinstance(data, dict) and dict_key in data and data[dict_key]: # noqa: E501
+ data = data[dict_key]
+ continue
+
+ elif data and not isinstance(data, dict):
+ raise YeditException("Unexpected item type found while going through key " +
+ "path: {} (at key: {})".format(key, dict_key))
+
+ data[dict_key] = {}
+ data = data[dict_key]
+
+ elif (arr_ind and isinstance(data, list) and
+ int(arr_ind) <= len(data) - 1):
+ data = data[int(arr_ind)]
+ else:
+ raise YeditException("Unexpected item type found while going through key path: {}".format(key))
+
+ if key == '':
+ data = item
+
+ # process last index for add
+ # expected list entry
+ elif key_indexes[-1][0] and isinstance(data, list) and int(key_indexes[-1][0]) <= len(data) - 1: # noqa: E501
+ data[int(key_indexes[-1][0])] = item
+
+ # expected dict entry
+ elif key_indexes[-1][1] and isinstance(data, dict):
+ data[key_indexes[-1][1]] = item
+
+ # didn't add/update to an existing list, nor add/update key to a dict
+ # so we must have been provided some syntax like a.b.c[<int>] = "data" for a
+ # non-existent array
+ else:
+ raise YeditException("Error adding to object at path: {}".format(key))
+
+ return data
+
+ @staticmethod
+ def get_entry(data, key, sep='.'):
+ ''' Get an item from a dictionary with key notation a.b.c
+ d = {'a': {'b': 'c'}}}
+ key = a.b
+ return c
+ '''
+ if key == '':
+ pass
+ elif (not (key and Yedit.valid_key(key, sep)) and
+ isinstance(data, (list, dict))):
+ return None
+
+ key_indexes = Yedit.parse_key(key, sep)
+ for arr_ind, dict_key in key_indexes:
+ if dict_key and isinstance(data, dict):
+ data = data.get(dict_key)
+ elif (arr_ind and isinstance(data, list) and
+ int(arr_ind) <= len(data) - 1):
+ data = data[int(arr_ind)]
+ else:
+ return None
+
+ return data
+
+ @staticmethod
+ def _write(filename, contents):
+ ''' Actually write the file contents to disk. This helps with mocking. '''
+
+ tmp_filename = filename + '.yedit'
+
+ with open(tmp_filename, 'w') as yfd:
+ yfd.write(contents)
+
+ os.rename(tmp_filename, filename)
+
+ def write(self):
+ ''' write to file '''
+ if not self.filename:
+ raise YeditException('Please specify a filename.')
+
+ if self.backup and self.file_exists():
+ shutil.copy(self.filename, self.filename + '.orig')
+
+ # Try to set format attributes if supported
+ try:
+ self.yaml_dict.fa.set_block_style()
+ except AttributeError:
+ pass
+
+ # Try to use RoundTripDumper if supported.
+ try:
+ Yedit._write(self.filename, yaml.dump(self.yaml_dict, Dumper=yaml.RoundTripDumper))
+ except AttributeError:
+ Yedit._write(self.filename, yaml.safe_dump(self.yaml_dict, default_flow_style=False))
+
+ return (True, self.yaml_dict)
+
+ def read(self):
+ ''' read from file '''
+ # check if it exists
+ if self.filename is None or not self.file_exists():
+ return None
+
+ contents = None
+ with open(self.filename) as yfd:
+ contents = yfd.read()
+
+ return contents
+
+ def file_exists(self):
+ ''' return whether file exists '''
+ if os.path.exists(self.filename):
+ return True
+
+ return False
+
+ def load(self, content_type='yaml'):
+ ''' return yaml file '''
+ contents = self.read()
+
+ if not contents and not self.content:
+ return None
+
+ if self.content:
+ if isinstance(self.content, dict):
+ self.yaml_dict = self.content
+ return self.yaml_dict
+ elif isinstance(self.content, str):
+ contents = self.content
+
+ # check if it is yaml
+ try:
+ if content_type == 'yaml' and contents:
+ # Try to set format attributes if supported
+ try:
+ self.yaml_dict.fa.set_block_style()
+ except AttributeError:
+ pass
+
+ # Try to use RoundTripLoader if supported.
+ try:
+ self.yaml_dict = yaml.safe_load(contents, yaml.RoundTripLoader)
+ except AttributeError:
+ self.yaml_dict = yaml.safe_load(contents)
+
+ # Try to set format attributes if supported
+ try:
+ self.yaml_dict.fa.set_block_style()
+ except AttributeError:
+ pass
+
+ elif content_type == 'json' and contents:
+ self.yaml_dict = json.loads(contents)
+ except yaml.YAMLError as err:
+ # Error loading yaml or json
+ raise YeditException('Problem with loading yaml file. {}'.format(err))
+
+ return self.yaml_dict
+
+ def get(self, key):
+ ''' get a specified key'''
+ try:
+ entry = Yedit.get_entry(self.yaml_dict, key, self.separator)
+ except KeyError:
+ entry = None
+
+ return entry
+
+ def pop(self, path, key_or_item):
+ ''' remove a key, value pair from a dict or an item for a list'''
+ try:
+ entry = Yedit.get_entry(self.yaml_dict, path, self.separator)
+ except KeyError:
+ entry = None
+
+ if entry is None:
+ return (False, self.yaml_dict)
+
+ if isinstance(entry, dict):
+ # AUDIT:maybe-no-member makes sense due to fuzzy types
+ # pylint: disable=maybe-no-member
+ if key_or_item in entry:
+ entry.pop(key_or_item)
+ return (True, self.yaml_dict)
+ return (False, self.yaml_dict)
+
+ elif isinstance(entry, list):
+ # AUDIT:maybe-no-member makes sense due to fuzzy types
+ # pylint: disable=maybe-no-member
+ ind = None
+ try:
+ ind = entry.index(key_or_item)
+ except ValueError:
+ return (False, self.yaml_dict)
+
+ entry.pop(ind)
+ return (True, self.yaml_dict)
+
+ return (False, self.yaml_dict)
+
+ def delete(self, path):
+ ''' remove path from a dict'''
+ try:
+ entry = Yedit.get_entry(self.yaml_dict, path, self.separator)
+ except KeyError:
+ entry = None
+
+ if entry is None:
+ return (False, self.yaml_dict)
+
+ result = Yedit.remove_entry(self.yaml_dict, path, self.separator)
+ if not result:
+ return (False, self.yaml_dict)
+
+ return (True, self.yaml_dict)
+
+ def exists(self, path, value):
+ ''' check if value exists at path'''
+ try:
+ entry = Yedit.get_entry(self.yaml_dict, path, self.separator)
+ except KeyError:
+ entry = None
+
+ if isinstance(entry, list):
+ if value in entry:
+ return True
+ return False
+
+ elif isinstance(entry, dict):
+ if isinstance(value, dict):
+ rval = False
+ for key, val in value.items():
+ if entry[key] != val:
+ rval = False
+ break
+ else:
+ rval = True
+ return rval
+
+ return value in entry
+
+ return entry == value
+
+ def append(self, path, value):
+ '''append value to a list'''
+ try:
+ entry = Yedit.get_entry(self.yaml_dict, path, self.separator)
+ except KeyError:
+ entry = None
+
+ if entry is None:
+ self.put(path, [])
+ entry = Yedit.get_entry(self.yaml_dict, path, self.separator)
+ if not isinstance(entry, list):
+ return (False, self.yaml_dict)
+
+ # AUDIT:maybe-no-member makes sense due to loading data from
+ # a serialized format.
+ # pylint: disable=maybe-no-member
+ entry.append(value)
+ return (True, self.yaml_dict)
+
+ # pylint: disable=too-many-arguments
+ def update(self, path, value, index=None, curr_value=None):
+ ''' put path, value into a dict '''
+ try:
+ entry = Yedit.get_entry(self.yaml_dict, path, self.separator)
+ except KeyError:
+ entry = None
+
+ if isinstance(entry, dict):
+ # AUDIT:maybe-no-member makes sense due to fuzzy types
+ # pylint: disable=maybe-no-member
+ if not isinstance(value, dict):
+ raise YeditException('Cannot replace key, value entry in dict with non-dict type. ' +
+ 'value=[{}] type=[{}]'.format(value, type(value)))
+
+ entry.update(value)
+ return (True, self.yaml_dict)
+
+ elif isinstance(entry, list):
+ # AUDIT:maybe-no-member makes sense due to fuzzy types
+ # pylint: disable=maybe-no-member
+ ind = None
+ if curr_value:
+ try:
+ ind = entry.index(curr_value)
+ except ValueError:
+ return (False, self.yaml_dict)
+
+ elif index is not None:
+ ind = index
+
+ if ind is not None and entry[ind] != value:
+ entry[ind] = value
+ return (True, self.yaml_dict)
+
+ # see if it exists in the list
+ try:
+ ind = entry.index(value)
+ except ValueError:
+ # doesn't exist, append it
+ entry.append(value)
+ return (True, self.yaml_dict)
+
+ # already exists, return
+ if ind is not None:
+ return (False, self.yaml_dict)
+ return (False, self.yaml_dict)
+
+ def put(self, path, value):
+ ''' put path, value into a dict '''
+ try:
+ entry = Yedit.get_entry(self.yaml_dict, path, self.separator)
+ except KeyError:
+ entry = None
+
+ if entry == value:
+ return (False, self.yaml_dict)
+
+ # deepcopy didn't work
+ # Try to use ruamel.yaml and fallback to pyyaml
+ try:
+ tmp_copy = yaml.load(yaml.round_trip_dump(self.yaml_dict,
+ default_flow_style=False),
+ yaml.RoundTripLoader)
+ except AttributeError:
+ tmp_copy = copy.deepcopy(self.yaml_dict)
+
+ # set the format attributes if available
+ try:
+ tmp_copy.fa.set_block_style()
+ except AttributeError:
+ pass
+
+ result = Yedit.add_entry(tmp_copy, path, value, self.separator)
+ if result is None:
+ return (False, self.yaml_dict)
+
+ # When path equals "" it is a special case.
+ # "" refers to the root of the document
+ # Only update the root path (entire document) when its a list or dict
+ if path == '':
+ if isinstance(result, list) or isinstance(result, dict):
+ self.yaml_dict = result
+ return (True, self.yaml_dict)
+
+ return (False, self.yaml_dict)
+
+ self.yaml_dict = tmp_copy
+
+ return (True, self.yaml_dict)
+
+ def create(self, path, value):
+ ''' create a yaml file '''
+ if not self.file_exists():
+ # deepcopy didn't work
+ # Try to use ruamel.yaml and fallback to pyyaml
+ try:
+ tmp_copy = yaml.load(yaml.round_trip_dump(self.yaml_dict,
+ default_flow_style=False),
+ yaml.RoundTripLoader)
+ except AttributeError:
+ tmp_copy = copy.deepcopy(self.yaml_dict)
+
+ # set the format attributes if available
+ try:
+ tmp_copy.fa.set_block_style()
+ except AttributeError:
+ pass
+
+ result = Yedit.add_entry(tmp_copy, path, value, self.separator)
+ if result is not None:
+ self.yaml_dict = tmp_copy
+ return (True, self.yaml_dict)
+
+ return (False, self.yaml_dict)
+
+ @staticmethod
+ def get_curr_value(invalue, val_type):
+ '''return the current value'''
+ if invalue is None:
+ return None
+
+ curr_value = invalue
+ if val_type == 'yaml':
+ curr_value = yaml.load(invalue)
+ elif val_type == 'json':
+ curr_value = json.loads(invalue)
+
+ return curr_value
+
+ @staticmethod
+ def parse_value(inc_value, vtype=''):
+ '''determine value type passed'''
+ true_bools = ['y', 'Y', 'yes', 'Yes', 'YES', 'true', 'True', 'TRUE',
+ 'on', 'On', 'ON', ]
+ false_bools = ['n', 'N', 'no', 'No', 'NO', 'false', 'False', 'FALSE',
+ 'off', 'Off', 'OFF']
+
+ # It came in as a string but you didn't specify value_type as string
+ # we will convert to bool if it matches any of the above cases
+ if isinstance(inc_value, str) and 'bool' in vtype:
+ if inc_value not in true_bools and inc_value not in false_bools:
+ raise YeditException('Not a boolean type. str=[{}] vtype=[{}]'.format(inc_value, vtype))
+ elif isinstance(inc_value, bool) and 'str' in vtype:
+ inc_value = str(inc_value)
+
+ # There is a special case where '' will turn into None after yaml loading it so skip
+ if isinstance(inc_value, str) and inc_value == '':
+ pass
+ # If vtype is not str then go ahead and attempt to yaml load it.
+ elif isinstance(inc_value, str) and 'str' not in vtype:
+ try:
+ inc_value = yaml.safe_load(inc_value)
+ except Exception:
+ raise YeditException('Could not determine type of incoming value. ' +
+ 'value=[{}] vtype=[{}]'.format(type(inc_value), vtype))
+
+ return inc_value
+
+ @staticmethod
+ def process_edits(edits, yamlfile):
+ '''run through a list of edits and process them one-by-one'''
+ results = []
+ for edit in edits:
+ value = Yedit.parse_value(edit['value'], edit.get('value_type', ''))
+ if edit.get('action') == 'update':
+ # pylint: disable=line-too-long
+ curr_value = Yedit.get_curr_value(
+ Yedit.parse_value(edit.get('curr_value')),
+ edit.get('curr_value_format'))
+
+ rval = yamlfile.update(edit['key'],
+ value,
+ edit.get('index'),
+ curr_value)
+
+ elif edit.get('action') == 'append':
+ rval = yamlfile.append(edit['key'], value)
+
+ else:
+ rval = yamlfile.put(edit['key'], value)
+
+ if rval[0]:
+ results.append({'key': edit['key'], 'edit': rval[1]})
+
+ return {'changed': len(results) > 0, 'results': results}
+
+ # pylint: disable=too-many-return-statements,too-many-branches
+ @staticmethod
+ def run_ansible(params):
+ '''perform the idempotent crud operations'''
+ yamlfile = Yedit(filename=params['src'],
+ backup=params['backup'],
+ separator=params['separator'])
+
+ state = params['state']
+
+ if params['src']:
+ rval = yamlfile.load()
+
+ if yamlfile.yaml_dict is None and state != 'present':
+ return {'failed': True,
+ 'msg': 'Error opening file [{}]. Verify that the '.format(params['src']) +
+ 'file exists, that it is has correct permissions, and is valid yaml.'}
+
+ if state == 'list':
+ if params['content']:
+ content = Yedit.parse_value(params['content'], params['content_type'])
+ yamlfile.yaml_dict = content
+
+ if params['key']:
+ rval = yamlfile.get(params['key']) or {}
+
+ return {'changed': False, 'result': rval, 'state': state}
+
+ elif state == 'absent':
+ if params['content']:
+ content = Yedit.parse_value(params['content'], params['content_type'])
+ yamlfile.yaml_dict = content
+
+ if params['update']:
+ rval = yamlfile.pop(params['key'], params['value'])
+ else:
+ rval = yamlfile.delete(params['key'])
+
+ if rval[0] and params['src']:
+ yamlfile.write()
+
+ return {'changed': rval[0], 'result': rval[1], 'state': state}
+
+ elif state == 'present':
+ # check if content is different than what is in the file
+ if params['content']:
+ content = Yedit.parse_value(params['content'], params['content_type'])
+
+ # We had no edits to make and the contents are the same
+ if yamlfile.yaml_dict == content and \
+ params['value'] is None:
+ return {'changed': False, 'result': yamlfile.yaml_dict, 'state': state}
+
+ yamlfile.yaml_dict = content
+
+ # If we were passed a key, value then
+ # we enapsulate it in a list and process it
+ # Key, Value passed to the module : Converted to Edits list #
+ edits = []
+ _edit = {}
+ if params['value'] is not None:
+ _edit['value'] = params['value']
+ _edit['value_type'] = params['value_type']
+ _edit['key'] = params['key']
+
+ if params['update']:
+ _edit['action'] = 'update'
+ _edit['curr_value'] = params['curr_value']
+ _edit['curr_value_format'] = params['curr_value_format']
+ _edit['index'] = params['index']
+
+ elif params['append']:
+ _edit['action'] = 'append'
+
+ edits.append(_edit)
+
+ elif params['edits'] is not None:
+ edits = params['edits']
+
+ if edits:
+ results = Yedit.process_edits(edits, yamlfile)
+
+ # if there were changes and a src provided to us we need to write
+ if results['changed'] and params['src']:
+ yamlfile.write()
+
+ return {'changed': results['changed'], 'result': results['results'], 'state': state}
+
+ # no edits to make
+ if params['src']:
+ # pylint: disable=redefined-variable-type
+ rval = yamlfile.write()
+ return {'changed': rval[0],
+ 'result': rval[1],
+ 'state': state}
+
+ # We were passed content but no src, key or value, or edits. Return contents in memory
+ return {'changed': False, 'result': yamlfile.yaml_dict, 'state': state}
+ return {'failed': True, 'msg': 'Unkown state passed'}
+
+# -*- -*- -*- End included fragment: ../../lib_utils/src/class/yedit.py -*- -*- -*-
+
+# -*- -*- -*- Begin included fragment: lib/base.py -*- -*- -*-
+# pylint: disable=too-many-lines
+# noqa: E301,E302,E303,T001
+
+
+class OpenShiftCLIError(Exception):
+ '''Exception class for openshiftcli'''
+ pass
+
+
+ADDITIONAL_PATH_LOOKUPS = ['/usr/local/bin', os.path.expanduser('~/bin')]
+
+
+def locate_oc_binary():
+ ''' Find and return oc binary file '''
+ # https://github.com/openshift/openshift-ansible/issues/3410
+ # oc can be in /usr/local/bin in some cases, but that may not
+ # be in $PATH due to ansible/sudo
+ paths = os.environ.get("PATH", os.defpath).split(os.pathsep) + ADDITIONAL_PATH_LOOKUPS
+
+ oc_binary = 'oc'
+
+ # Use shutil.which if it is available, otherwise fallback to a naive path search
+ try:
+ which_result = shutil.which(oc_binary, path=os.pathsep.join(paths))
+ if which_result is not None:
+ oc_binary = which_result
+ except AttributeError:
+ for path in paths:
+ if os.path.exists(os.path.join(path, oc_binary)):
+ oc_binary = os.path.join(path, oc_binary)
+ break
+
+ return oc_binary
+
+
+# pylint: disable=too-few-public-methods
+class OpenShiftCLI(object):
+ ''' Class to wrap the command line tools '''
+ def __init__(self,
+ namespace,
+ kubeconfig='/etc/origin/master/admin.kubeconfig',
+ verbose=False,
+ all_namespaces=False):
+ ''' Constructor for OpenshiftCLI '''
+ self.namespace = namespace
+ self.verbose = verbose
+ self.kubeconfig = Utils.create_tmpfile_copy(kubeconfig)
+ self.all_namespaces = all_namespaces
+ self.oc_binary = locate_oc_binary()
+
+ # Pylint allows only 5 arguments to be passed.
+ # pylint: disable=too-many-arguments
+ def _replace_content(self, resource, rname, content, force=False, sep='.'):
+ ''' replace the current object with the content '''
+ res = self._get(resource, rname)
+ if not res['results']:
+ return res
+
+ fname = Utils.create_tmpfile(rname + '-')
+
+ yed = Yedit(fname, res['results'][0], separator=sep)
+ changes = []
+ for key, value in content.items():
+ changes.append(yed.put(key, value))
+
+ if any([change[0] for change in changes]):
+ yed.write()
+
+ atexit.register(Utils.cleanup, [fname])
+
+ return self._replace(fname, force)
+
+ return {'returncode': 0, 'updated': False}
+
+ def _replace(self, fname, force=False):
+ '''replace the current object with oc replace'''
+ # We are removing the 'resourceVersion' to handle
+ # a race condition when modifying oc objects
+ yed = Yedit(fname)
+ results = yed.delete('metadata.resourceVersion')
+ if results[0]:
+ yed.write()
+
+ cmd = ['replace', '-f', fname]
+ if force:
+ cmd.append('--force')
+ return self.openshift_cmd(cmd)
+
+ def _create_from_content(self, rname, content):
+ '''create a temporary file and then call oc create on it'''
+ fname = Utils.create_tmpfile(rname + '-')
+ yed = Yedit(fname, content=content)
+ yed.write()
+
+ atexit.register(Utils.cleanup, [fname])
+
+ return self._create(fname)
+
+ def _create(self, fname):
+ '''call oc create on a filename'''
+ return self.openshift_cmd(['create', '-f', fname])
+
+ def _delete(self, resource, name=None, selector=None):
+ '''call oc delete on a resource'''
+ cmd = ['delete', resource]
+ if selector is not None:
+ cmd.append('--selector={}'.format(selector))
+ elif name is not None:
+ cmd.append(name)
+ else:
+ raise OpenShiftCLIError('Either name or selector is required when calling delete.')
+
+ return self.openshift_cmd(cmd)
+
+ def _process(self, template_name, create=False, params=None, template_data=None): # noqa: E501
+ '''process a template
+
+ template_name: the name of the template to process
+ create: whether to send to oc create after processing
+ params: the parameters for the template
+ template_data: the incoming template's data; instead of a file
+ '''
+ cmd = ['process']
+ if template_data:
+ cmd.extend(['-f', '-'])
+ else:
+ cmd.append(template_name)
+ if params:
+ param_str = ["{}={}".format(key, str(value).replace("'", r'"')) for key, value in params.items()]
+ cmd.append('-v')
+ cmd.extend(param_str)
+
+ results = self.openshift_cmd(cmd, output=True, input_data=template_data)
+
+ if results['returncode'] != 0 or not create:
+ return results
+
+ fname = Utils.create_tmpfile(template_name + '-')
+ yed = Yedit(fname, results['results'])
+ yed.write()
+
+ atexit.register(Utils.cleanup, [fname])
+
+ return self.openshift_cmd(['create', '-f', fname])
+
+ def _get(self, resource, name=None, selector=None):
+ '''return a resource by name '''
+ cmd = ['get', resource]
+ if selector is not None:
+ cmd.append('--selector={}'.format(selector))
+ elif name is not None:
+ cmd.append(name)
+
+ cmd.extend(['-o', 'json'])
+
+ rval = self.openshift_cmd(cmd, output=True)
+
+ # Ensure results are retuned in an array
+ if 'items' in rval:
+ rval['results'] = rval['items']
+ elif not isinstance(rval['results'], list):
+ rval['results'] = [rval['results']]
+
+ return rval
+
+ def _schedulable(self, node=None, selector=None, schedulable=True):
+ ''' perform oadm manage-node scheduable '''
+ cmd = ['manage-node']
+ if node:
+ cmd.extend(node)
+ else:
+ cmd.append('--selector={}'.format(selector))
+
+ cmd.append('--schedulable={}'.format(schedulable))
+
+ return self.openshift_cmd(cmd, oadm=True, output=True, output_type='raw') # noqa: E501
+
+ def _list_pods(self, node=None, selector=None, pod_selector=None):
+ ''' perform oadm list pods
+
+ node: the node in which to list pods
+ selector: the label selector filter if provided
+ pod_selector: the pod selector filter if provided
+ '''
+ cmd = ['manage-node']
+ if node:
+ cmd.extend(node)
+ else:
+ cmd.append('--selector={}'.format(selector))
+
+ if pod_selector:
+ cmd.append('--pod-selector={}'.format(pod_selector))
+
+ cmd.extend(['--list-pods', '-o', 'json'])
+
+ return self.openshift_cmd(cmd, oadm=True, output=True, output_type='raw')
+
+ # pylint: disable=too-many-arguments
+ def _evacuate(self, node=None, selector=None, pod_selector=None, dry_run=False, grace_period=None, force=False):
+ ''' perform oadm manage-node evacuate '''
+ cmd = ['manage-node']
+ if node:
+ cmd.extend(node)
+ else:
+ cmd.append('--selector={}'.format(selector))
+
+ if dry_run:
+ cmd.append('--dry-run')
+
+ if pod_selector:
+ cmd.append('--pod-selector={}'.format(pod_selector))
+
+ if grace_period:
+ cmd.append('--grace-period={}'.format(int(grace_period)))
+
+ if force:
+ cmd.append('--force')
+
+ cmd.append('--evacuate')
+
+ return self.openshift_cmd(cmd, oadm=True, output=True, output_type='raw')
+
+ def _version(self):
+ ''' return the openshift version'''
+ return self.openshift_cmd(['version'], output=True, output_type='raw')
+
+ def _import_image(self, url=None, name=None, tag=None):
+ ''' perform image import '''
+ cmd = ['import-image']
+
+ image = '{0}'.format(name)
+ if tag:
+ image += ':{0}'.format(tag)
+
+ cmd.append(image)
+
+ if url:
+ cmd.append('--from={0}/{1}'.format(url, image))
+
+ cmd.append('-n{0}'.format(self.namespace))
+
+ cmd.append('--confirm')
+ return self.openshift_cmd(cmd)
+
+ def _run(self, cmds, input_data):
+ ''' Actually executes the command. This makes mocking easier. '''
+ curr_env = os.environ.copy()
+ curr_env.update({'KUBECONFIG': self.kubeconfig})
+ proc = subprocess.Popen(cmds,
+ stdin=subprocess.PIPE,
+ stdout=subprocess.PIPE,
+ stderr=subprocess.PIPE,
+ env=curr_env)
+
+ stdout, stderr = proc.communicate(input_data)
+
+ return proc.returncode, stdout.decode('utf-8'), stderr.decode('utf-8')
+
+ # pylint: disable=too-many-arguments,too-many-branches
+ def openshift_cmd(self, cmd, oadm=False, output=False, output_type='json', input_data=None):
+ '''Base command for oc '''
+ cmds = [self.oc_binary]
+
+ if oadm:
+ cmds.append('adm')
+
+ cmds.extend(cmd)
+
+ if self.all_namespaces:
+ cmds.extend(['--all-namespaces'])
+ elif self.namespace is not None and self.namespace.lower() not in ['none', 'emtpy']: # E501
+ cmds.extend(['-n', self.namespace])
+
+ if self.verbose:
+ print(' '.join(cmds))
+
+ try:
+ returncode, stdout, stderr = self._run(cmds, input_data)
+ except OSError as ex:
+ returncode, stdout, stderr = 1, '', 'Failed to execute {}: {}'.format(subprocess.list2cmdline(cmds), ex)
+
+ rval = {"returncode": returncode,
+ "cmd": ' '.join(cmds)}
+
+ if output_type == 'json':
+ rval['results'] = {}
+ if output and stdout:
+ try:
+ rval['results'] = json.loads(stdout)
+ except ValueError as verr:
+ if "No JSON object could be decoded" in verr.args:
+ rval['err'] = verr.args
+ elif output_type == 'raw':
+ rval['results'] = stdout if output else ''
+
+ if self.verbose:
+ print("STDOUT: {0}".format(stdout))
+ print("STDERR: {0}".format(stderr))
+
+ if 'err' in rval or returncode != 0:
+ rval.update({"stderr": stderr,
+ "stdout": stdout})
+
+ return rval
+
+
+class Utils(object): # pragma: no cover
+ ''' utilities for openshiftcli modules '''
+
+ @staticmethod
+ def _write(filename, contents):
+ ''' Actually write the file contents to disk. This helps with mocking. '''
+
+ with open(filename, 'w') as sfd:
+ sfd.write(contents)
+
+ @staticmethod
+ def create_tmp_file_from_contents(rname, data, ftype='yaml'):
+ ''' create a file in tmp with name and contents'''
+
+ tmp = Utils.create_tmpfile(prefix=rname)
+
+ if ftype == 'yaml':
+ # AUDIT:no-member makes sense here due to ruamel.YAML/PyYAML usage
+ # pylint: disable=no-member
+ if hasattr(yaml, 'RoundTripDumper'):
+ Utils._write(tmp, yaml.dump(data, Dumper=yaml.RoundTripDumper))
+ else:
+ Utils._write(tmp, yaml.safe_dump(data, default_flow_style=False))
+
+ elif ftype == 'json':
+ Utils._write(tmp, json.dumps(data))
+ else:
+ Utils._write(tmp, data)
+
+ # Register cleanup when module is done
+ atexit.register(Utils.cleanup, [tmp])
+ return tmp
+
+ @staticmethod
+ def create_tmpfile_copy(inc_file):
+ '''create a temporary copy of a file'''
+ tmpfile = Utils.create_tmpfile('lib_openshift-')
+ Utils._write(tmpfile, open(inc_file).read())
+
+ # Cleanup the tmpfile
+ atexit.register(Utils.cleanup, [tmpfile])
+
+ return tmpfile
+
+ @staticmethod
+ def create_tmpfile(prefix='tmp'):
+ ''' Generates and returns a temporary file name '''
+
+ with tempfile.NamedTemporaryFile(prefix=prefix, delete=False) as tmp:
+ return tmp.name
+
+ @staticmethod
+ def create_tmp_files_from_contents(content, content_type=None):
+ '''Turn an array of dict: filename, content into a files array'''
+ if not isinstance(content, list):
+ content = [content]
+ files = []
+ for item in content:
+ path = Utils.create_tmp_file_from_contents(item['path'] + '-',
+ item['data'],
+ ftype=content_type)
+ files.append({'name': os.path.basename(item['path']),
+ 'path': path})
+ return files
+
+ @staticmethod
+ def cleanup(files):
+ '''Clean up on exit '''
+ for sfile in files:
+ if os.path.exists(sfile):
+ if os.path.isdir(sfile):
+ shutil.rmtree(sfile)
+ elif os.path.isfile(sfile):
+ os.remove(sfile)
+
+ @staticmethod
+ def exists(results, _name):
+ ''' Check to see if the results include the name '''
+ if not results:
+ return False
+
+ if Utils.find_result(results, _name):
+ return True
+
+ return False
+
+ @staticmethod
+ def find_result(results, _name):
+ ''' Find the specified result by name'''
+ rval = None
+ for result in results:
+ if 'metadata' in result and result['metadata']['name'] == _name:
+ rval = result
+ break
+
+ return rval
+
+ @staticmethod
+ def get_resource_file(sfile, sfile_type='yaml'):
+ ''' return the service file '''
+ contents = None
+ with open(sfile) as sfd:
+ contents = sfd.read()
+
+ if sfile_type == 'yaml':
+ # AUDIT:no-member makes sense here due to ruamel.YAML/PyYAML usage
+ # pylint: disable=no-member
+ if hasattr(yaml, 'RoundTripLoader'):
+ contents = yaml.load(contents, yaml.RoundTripLoader)
+ else:
+ contents = yaml.safe_load(contents)
+ elif sfile_type == 'json':
+ contents = json.loads(contents)
+
+ return contents
+
+ @staticmethod
+ def filter_versions(stdout):
+ ''' filter the oc version output '''
+
+ version_dict = {}
+ version_search = ['oc', 'openshift', 'kubernetes']
+
+ for line in stdout.strip().split('\n'):
+ for term in version_search:
+ if not line:
+ continue
+ if line.startswith(term):
+ version_dict[term] = line.split()[-1]
+
+ # horrible hack to get openshift version in Openshift 3.2
+ # By default "oc version in 3.2 does not return an "openshift" version
+ if "openshift" not in version_dict:
+ version_dict["openshift"] = version_dict["oc"]
+
+ return version_dict
+
+ @staticmethod
+ def add_custom_versions(versions):
+ ''' create custom versions strings '''
+
+ versions_dict = {}
+
+ for tech, version in versions.items():
+ # clean up "-" from version
+ if "-" in version:
+ version = version.split("-")[0]
+
+ if version.startswith('v'):
+ versions_dict[tech + '_numeric'] = version[1:].split('+')[0]
+ # "v3.3.0.33" is what we have, we want "3.3"
+ versions_dict[tech + '_short'] = version[1:4]
+
+ return versions_dict
+
+ @staticmethod
+ def openshift_installed():
+ ''' check if openshift is installed '''
+ import yum
+
+ yum_base = yum.YumBase()
+ if yum_base.rpmdb.searchNevra(name='atomic-openshift'):
+ return True
+
+ return False
+
+ # Disabling too-many-branches. This is a yaml dictionary comparison function
+ # pylint: disable=too-many-branches,too-many-return-statements,too-many-statements
+ @staticmethod
+ def check_def_equal(user_def, result_def, skip_keys=None, debug=False):
+ ''' Given a user defined definition, compare it with the results given back by our query. '''
+
+ # Currently these values are autogenerated and we do not need to check them
+ skip = ['metadata', 'status']
+ if skip_keys:
+ skip.extend(skip_keys)
+
+ for key, value in result_def.items():
+ if key in skip:
+ continue
+
+ # Both are lists
+ if isinstance(value, list):
+ if key not in user_def:
+ if debug:
+ print('User data does not have key [%s]' % key)
+ print('User data: %s' % user_def)
+ return False
+
+ if not isinstance(user_def[key], list):
+ if debug:
+ print('user_def[key] is not a list key=[%s] user_def[key]=%s' % (key, user_def[key]))
+ return False
+
+ if len(user_def[key]) != len(value):
+ if debug:
+ print("List lengths are not equal.")
+ print("key=[%s]: user_def[%s] != value[%s]" % (key, len(user_def[key]), len(value)))
+ print("user_def: %s" % user_def[key])
+ print("value: %s" % value)
+ return False
+
+ for values in zip(user_def[key], value):
+ if isinstance(values[0], dict) and isinstance(values[1], dict):
+ if debug:
+ print('sending list - list')
+ print(type(values[0]))
+ print(type(values[1]))
+ result = Utils.check_def_equal(values[0], values[1], skip_keys=skip_keys, debug=debug)
+ if not result:
+ print('list compare returned false')
+ return False
+
+ elif value != user_def[key]:
+ if debug:
+ print('value should be identical')
+ print(user_def[key])
+ print(value)
+ return False
+
+ # recurse on a dictionary
+ elif isinstance(value, dict):
+ if key not in user_def:
+ if debug:
+ print("user_def does not have key [%s]" % key)
+ return False
+ if not isinstance(user_def[key], dict):
+ if debug:
+ print("dict returned false: not instance of dict")
+ return False
+
+ # before passing ensure keys match
+ api_values = set(value.keys()) - set(skip)
+ user_values = set(user_def[key].keys()) - set(skip)
+ if api_values != user_values:
+ if debug:
+ print("keys are not equal in dict")
+ print(user_values)
+ print(api_values)
+ return False
+
+ result = Utils.check_def_equal(user_def[key], value, skip_keys=skip_keys, debug=debug)
+ if not result:
+ if debug:
+ print("dict returned false")
+ print(result)
+ return False
+
+ # Verify each key, value pair is the same
+ else:
+ if key not in user_def or value != user_def[key]:
+ if debug:
+ print("value not equal; user_def does not have key")
+ print(key)
+ print(value)
+ if key in user_def:
+ print(user_def[key])
+ return False
+
+ if debug:
+ print('returning true')
+ return True
+
+class OpenShiftCLIConfig(object):
+ '''Generic Config'''
+ def __init__(self, rname, namespace, kubeconfig, options):
+ self.kubeconfig = kubeconfig
+ self.name = rname
+ self.namespace = namespace
+ self._options = options
+
+ @property
+ def config_options(self):
+ ''' return config options '''
+ return self._options
+
+ def to_option_list(self, ascommalist=''):
+ '''return all options as a string
+ if ascommalist is set to the name of a key, and
+ the value of that key is a dict, format the dict
+ as a list of comma delimited key=value pairs'''
+ return self.stringify(ascommalist)
+
+ def stringify(self, ascommalist=''):
+ ''' return the options hash as cli params in a string
+ if ascommalist is set to the name of a key, and
+ the value of that key is a dict, format the dict
+ as a list of comma delimited key=value pairs '''
+ rval = []
+ for key in sorted(self.config_options.keys()):
+ data = self.config_options[key]
+ if data['include'] \
+ and (data['value'] or isinstance(data['value'], int)):
+ if key == ascommalist:
+ val = ','.join(['{}={}'.format(kk, vv) for kk, vv in sorted(data['value'].items())])
+ else:
+ val = data['value']
+ rval.append('--{}={}'.format(key.replace('_', '-'), val))
+
+ return rval
+
+
+# -*- -*- -*- End included fragment: lib/base.py -*- -*- -*-
+
+# -*- -*- -*- Begin included fragment: lib/storageclass.py -*- -*- -*-
+
+
+# pylint: disable=too-many-instance-attributes
+class StorageClassConfig(object):
+ ''' Handle service options '''
+ # pylint: disable=too-many-arguments
+ def __init__(self,
+ name,
+ provisioner=None,
+ parameters=None,
+ annotations=None,
+ default_storage_class="false",
+ api_version='v1',
+ kubeconfig='/etc/origin/master/admin.kubeconfig'):
+ ''' constructor for handling storageclass options '''
+ self.name = name
+ self.parameters = parameters
+ self.annotations = annotations
+ self.provisioner = provisioner
+ self.api_version = api_version
+ self.default_storage_class = str(default_storage_class).lower()
+ self.kubeconfig = kubeconfig
+ self.data = {}
+
+ self.create_dict()
+
+ def create_dict(self):
+ ''' instantiates a storageclass dict '''
+ self.data['apiVersion'] = self.api_version
+ self.data['kind'] = 'StorageClass'
+ self.data['metadata'] = {}
+ self.data['metadata']['name'] = self.name
+
+ self.data['metadata']['annotations'] = {}
+ if self.annotations is not None:
+ self.data['metadata']['annotations'] = self.annotations
+
+ self.data['metadata']['annotations']['storageclass.beta.kubernetes.io/is-default-class'] = \
+ self.default_storage_class
+
+ if self.provisioner is None:
+ self.data['provisioner'] = 'kubernetes.io/aws-ebs'
+ else:
+ self.data['provisioner'] = self.provisioner
+
+ self.data['parameters'] = {}
+ if self.parameters is not None:
+ self.data['parameters'].update(self.parameters)
+
+ # default to aws if no params were passed
+ else:
+ self.data['parameters']['type'] = 'gp2'
+
+
+
+# pylint: disable=too-many-instance-attributes,too-many-public-methods
+class StorageClass(Yedit):
+ ''' Class to model the oc storageclass object '''
+ annotations_path = "metadata.annotations"
+ provisioner_path = "provisioner"
+ parameters_path = "parameters"
+ kind = 'StorageClass'
+
+ def __init__(self, content):
+ '''StorageClass constructor'''
+ super(StorageClass, self).__init__(content=content)
+
+ def get_annotations(self):
+ ''' get a list of ports '''
+ return self.get(StorageClass.annotations_path) or {}
+
+ def get_parameters(self):
+ ''' get the service selector'''
+ return self.get(StorageClass.parameters_path) or {}
+
+# -*- -*- -*- End included fragment: lib/storageclass.py -*- -*- -*-
+
+# -*- -*- -*- Begin included fragment: class/oc_storageclass.py -*- -*- -*-
+
+# pylint: disable=too-many-instance-attributes
+class OCStorageClass(OpenShiftCLI):
+ ''' Class to wrap the oc command line tools '''
+ kind = 'storageclass'
+
+ # pylint allows 5
+ # pylint: disable=too-many-arguments
+ def __init__(self,
+ config,
+ verbose=False):
+ ''' Constructor for OCStorageClass '''
+ super(OCStorageClass, self).__init__(None, kubeconfig=config.kubeconfig, verbose=verbose)
+ self.config = config
+ self.storage_class = None
+
+ def exists(self):
+ ''' return whether a storageclass exists'''
+ if self.storage_class:
+ return True
+
+ return False
+
+ def get(self):
+ '''return storageclass '''
+ result = self._get(self.kind, self.config.name)
+ if result['returncode'] == 0:
+ self.storage_class = StorageClass(content=result['results'][0])
+ elif '\"%s\" not found' % self.config.name in result['stderr']:
+ result['returncode'] = 0
+ result['results'] = [{}]
+
+ return result
+
+ def delete(self):
+ '''delete the object'''
+ return self._delete(self.kind, self.config.name)
+
+ def create(self):
+ '''create the object'''
+ return self._create_from_content(self.config.name, self.config.data)
+
+ def update(self):
+ '''update the object'''
+ # parameters are currently unable to be updated. need to delete and recreate
+ self.delete()
+ # pause here and attempt to wait for delete.
+ # Better option would be to poll
+ import time
+ time.sleep(5)
+ return self.create()
+
+ def needs_update(self):
+ ''' verify an update is needed '''
+ # check if params have updated
+ if self.storage_class.get_parameters() != self.config.parameters:
+ return True
+
+ for anno_key, anno_value in self.storage_class.get_annotations().items():
+ if 'is-default-class' in anno_key and anno_value != self.config.default_storage_class:
+ return True
+
+ return False
+
+ @staticmethod
+ # pylint: disable=too-many-return-statements,too-many-branches
+ # TODO: This function should be refactored into its individual parts.
+ def run_ansible(params, check_mode):
+ '''run the ansible idempotent code'''
+
+ rconfig = StorageClassConfig(params['name'],
+ provisioner="kubernetes.io/{}".format(params['provisioner']),
+ parameters=params['parameters'],
+ annotations=params['annotations'],
+ api_version="storage.k8s.io/{}".format(params['api_version']),
+ default_storage_class=params.get('default_storage_class', 'false'),
+ kubeconfig=params['kubeconfig'],
+ )
+
+ oc_sc = OCStorageClass(rconfig, verbose=params['debug'])
+
+ state = params['state']
+
+ api_rval = oc_sc.get()
+
+ #####
+ # Get
+ #####
+ if state == 'list':
+ return {'changed': False, 'results': api_rval['results'], 'state': 'list'}
+
+ ########
+ # Delete
+ ########
+ if state == 'absent':
+ if oc_sc.exists():
+
+ if check_mode:
+ return {'changed': True, 'msg': 'Would have performed a delete.'}
+
+ api_rval = oc_sc.delete()
+
+ return {'changed': True, 'results': api_rval, 'state': 'absent'}
+
+ return {'changed': False, 'state': 'absent'}
+
+ if state == 'present':
+ ########
+ # Create
+ ########
+ if not oc_sc.exists():
+
+ if check_mode:
+ return {'changed': True, 'msg': 'Would have performed a create.'}
+
+ # Create it here
+ api_rval = oc_sc.create()
+
+ if api_rval['returncode'] != 0:
+ return {'failed': True, 'msg': api_rval}
+
+ # return the created object
+ api_rval = oc_sc.get()
+
+ if api_rval['returncode'] != 0:
+ return {'failed': True, 'msg': api_rval}
+
+ return {'changed': True, 'results': api_rval, 'state': 'present'}
+
+ ########
+ # Update
+ ########
+ if oc_sc.needs_update():
+ api_rval = oc_sc.update()
+
+ if api_rval['returncode'] != 0:
+ return {'failed': True, 'msg': api_rval}
+
+ # return the created object
+ api_rval = oc_sc.get()
+
+ if api_rval['returncode'] != 0:
+ return {'failed': True, 'msg': api_rval}
+
+ return {'changed': True, 'results': api_rval, 'state': 'present'}
+
+ return {'changed': False, 'results': api_rval, 'state': 'present'}
+
+
+ return {'failed': True,
+ 'changed': False,
+ 'msg': 'Unknown state passed. %s' % state,
+ 'state': 'unknown'}
+
+# -*- -*- -*- End included fragment: class/oc_storageclass.py -*- -*- -*-
+
+# -*- -*- -*- Begin included fragment: ansible/oc_storageclass.py -*- -*- -*-
+
+def main():
+ '''
+ ansible oc module for storageclass
+ '''
+
+ module = AnsibleModule(
+ argument_spec=dict(
+ kubeconfig=dict(default='/etc/origin/master/admin.kubeconfig', type='str'),
+ state=dict(default='present', type='str', choices=['present', 'absent', 'list']),
+ debug=dict(default=False, type='bool'),
+ name=dict(default=None, type='str'),
+ annotations=dict(default=None, type='dict'),
+ parameters=dict(default=None, type='dict'),
+ provisioner=dict(default='aws-ebs', type='str', choices=['aws-ebs', 'gce-pd', 'glusterfs', 'cinder']),
+ api_version=dict(default='v1', type='str'),
+ default_storage_class=dict(default="false", type='str'),
+ ),
+ supports_check_mode=True,
+ )
+
+ rval = OCStorageClass.run_ansible(module.params, module.check_mode)
+ if 'failed' in rval:
+ return module.fail_json(**rval)
+
+ return module.exit_json(**rval)
+
+
+if __name__ == '__main__':
+ main()
+
+# -*- -*- -*- End included fragment: ansible/oc_storageclass.py -*- -*- -*-
diff --git a/roles/lib_openshift/src/ansible/oc_atomic_container.py b/roles/lib_openshift/src/ansible/oc_atomic_container.py
index 1a5ab6869..7b81760df 100644
--- a/roles/lib_openshift/src/ansible/oc_atomic_container.py
+++ b/roles/lib_openshift/src/ansible/oc_atomic_container.py
@@ -1,8 +1,11 @@
# pylint: skip-file
# flake8: noqa
-# pylint: disable=wrong-import-position,too-many-branches,invalid-name
+# pylint: disable=wrong-import-position,too-many-branches,invalid-name,no-name-in-module, import-error
import json
+
+from distutils.version import StrictVersion
+
from ansible.module_utils.basic import AnsibleModule
@@ -127,9 +130,15 @@ def main():
)
# Verify that the platform supports atomic command
- rc, _, err = module.run_command('atomic -v', check_rc=False)
+ rc, version_out, err = module.run_command('rpm -q --queryformat "%{VERSION}\n" atomic', check_rc=False)
if rc != 0:
module.fail_json(msg="Error in running atomic command", err=err)
+ # This module requires atomic version 1.17.2 or later
+ atomic_version = StrictVersion(version_out.replace('\n', ''))
+ if atomic_version < StrictVersion('1.17.2'):
+ module.fail_json(
+ msg="atomic version 1.17.2+ is required",
+ err=str(atomic_version))
try:
core(module)
diff --git a/roles/lib_openshift/src/ansible/oc_storageclass.py b/roles/lib_openshift/src/ansible/oc_storageclass.py
new file mode 100644
index 000000000..2bd8f18d5
--- /dev/null
+++ b/roles/lib_openshift/src/ansible/oc_storageclass.py
@@ -0,0 +1,32 @@
+# pylint: skip-file
+# flake8: noqa
+
+def main():
+ '''
+ ansible oc module for storageclass
+ '''
+
+ module = AnsibleModule(
+ argument_spec=dict(
+ kubeconfig=dict(default='/etc/origin/master/admin.kubeconfig', type='str'),
+ state=dict(default='present', type='str', choices=['present', 'absent', 'list']),
+ debug=dict(default=False, type='bool'),
+ name=dict(default=None, type='str'),
+ annotations=dict(default=None, type='dict'),
+ parameters=dict(default=None, type='dict'),
+ provisioner=dict(default='aws-ebs', type='str', choices=['aws-ebs', 'gce-pd', 'glusterfs', 'cinder']),
+ api_version=dict(default='v1', type='str'),
+ default_storage_class=dict(default="false", type='str'),
+ ),
+ supports_check_mode=True,
+ )
+
+ rval = OCStorageClass.run_ansible(module.params, module.check_mode)
+ if 'failed' in rval:
+ return module.fail_json(**rval)
+
+ return module.exit_json(**rval)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/roles/lib_openshift/src/class/oc_storageclass.py b/roles/lib_openshift/src/class/oc_storageclass.py
new file mode 100644
index 000000000..aced586ae
--- /dev/null
+++ b/roles/lib_openshift/src/class/oc_storageclass.py
@@ -0,0 +1,155 @@
+# pylint: skip-file
+# flake8: noqa
+
+# pylint: disable=too-many-instance-attributes
+class OCStorageClass(OpenShiftCLI):
+ ''' Class to wrap the oc command line tools '''
+ kind = 'storageclass'
+
+ # pylint allows 5
+ # pylint: disable=too-many-arguments
+ def __init__(self,
+ config,
+ verbose=False):
+ ''' Constructor for OCStorageClass '''
+ super(OCStorageClass, self).__init__(None, kubeconfig=config.kubeconfig, verbose=verbose)
+ self.config = config
+ self.storage_class = None
+
+ def exists(self):
+ ''' return whether a storageclass exists'''
+ if self.storage_class:
+ return True
+
+ return False
+
+ def get(self):
+ '''return storageclass '''
+ result = self._get(self.kind, self.config.name)
+ if result['returncode'] == 0:
+ self.storage_class = StorageClass(content=result['results'][0])
+ elif '\"%s\" not found' % self.config.name in result['stderr']:
+ result['returncode'] = 0
+ result['results'] = [{}]
+
+ return result
+
+ def delete(self):
+ '''delete the object'''
+ return self._delete(self.kind, self.config.name)
+
+ def create(self):
+ '''create the object'''
+ return self._create_from_content(self.config.name, self.config.data)
+
+ def update(self):
+ '''update the object'''
+ # parameters are currently unable to be updated. need to delete and recreate
+ self.delete()
+ # pause here and attempt to wait for delete.
+ # Better option would be to poll
+ import time
+ time.sleep(5)
+ return self.create()
+
+ def needs_update(self):
+ ''' verify an update is needed '''
+ # check if params have updated
+ if self.storage_class.get_parameters() != self.config.parameters:
+ return True
+
+ for anno_key, anno_value in self.storage_class.get_annotations().items():
+ if 'is-default-class' in anno_key and anno_value != self.config.default_storage_class:
+ return True
+
+ return False
+
+ @staticmethod
+ # pylint: disable=too-many-return-statements,too-many-branches
+ # TODO: This function should be refactored into its individual parts.
+ def run_ansible(params, check_mode):
+ '''run the ansible idempotent code'''
+
+ rconfig = StorageClassConfig(params['name'],
+ provisioner="kubernetes.io/{}".format(params['provisioner']),
+ parameters=params['parameters'],
+ annotations=params['annotations'],
+ api_version="storage.k8s.io/{}".format(params['api_version']),
+ default_storage_class=params.get('default_storage_class', 'false'),
+ kubeconfig=params['kubeconfig'],
+ )
+
+ oc_sc = OCStorageClass(rconfig, verbose=params['debug'])
+
+ state = params['state']
+
+ api_rval = oc_sc.get()
+
+ #####
+ # Get
+ #####
+ if state == 'list':
+ return {'changed': False, 'results': api_rval['results'], 'state': 'list'}
+
+ ########
+ # Delete
+ ########
+ if state == 'absent':
+ if oc_sc.exists():
+
+ if check_mode:
+ return {'changed': True, 'msg': 'Would have performed a delete.'}
+
+ api_rval = oc_sc.delete()
+
+ return {'changed': True, 'results': api_rval, 'state': 'absent'}
+
+ return {'changed': False, 'state': 'absent'}
+
+ if state == 'present':
+ ########
+ # Create
+ ########
+ if not oc_sc.exists():
+
+ if check_mode:
+ return {'changed': True, 'msg': 'Would have performed a create.'}
+
+ # Create it here
+ api_rval = oc_sc.create()
+
+ if api_rval['returncode'] != 0:
+ return {'failed': True, 'msg': api_rval}
+
+ # return the created object
+ api_rval = oc_sc.get()
+
+ if api_rval['returncode'] != 0:
+ return {'failed': True, 'msg': api_rval}
+
+ return {'changed': True, 'results': api_rval, 'state': 'present'}
+
+ ########
+ # Update
+ ########
+ if oc_sc.needs_update():
+ api_rval = oc_sc.update()
+
+ if api_rval['returncode'] != 0:
+ return {'failed': True, 'msg': api_rval}
+
+ # return the created object
+ api_rval = oc_sc.get()
+
+ if api_rval['returncode'] != 0:
+ return {'failed': True, 'msg': api_rval}
+
+ return {'changed': True, 'results': api_rval, 'state': 'present'}
+
+ return {'changed': False, 'results': api_rval, 'state': 'present'}
+
+
+ return {'failed': True,
+ 'changed': False,
+ 'msg': 'Unknown state passed. %s' % state,
+ 'state': 'unknown'}
diff --git a/roles/lib_openshift/src/doc/storageclass b/roles/lib_openshift/src/doc/storageclass
new file mode 100644
index 000000000..5a7320d55
--- /dev/null
+++ b/roles/lib_openshift/src/doc/storageclass
@@ -0,0 +1,86 @@
+# flake8: noqa
+# pylint: skip-file
+
+DOCUMENTATION = '''
+---
+module: oc_storageclass
+short_description: Create, modify, and idempotently manage openshift storageclasses.
+description:
+ - Manage openshift storageclass objects programmatically.
+options:
+ state:
+ description:
+ - State represents whether to create, modify, delete, or list
+ required: False
+ default: present
+ choices: ["present", "absent", "list"]
+ aliases: []
+ kubeconfig:
+ description:
+ - The path for the kubeconfig file to use for authentication
+ required: false
+ default: /etc/origin/master/admin.kubeconfig
+ aliases: []
+ debug:
+ description:
+ - Turn on debug output.
+ required: false
+ default: False
+ aliases: []
+ name:
+ description:
+ - Name of the object that is being queried.
+ required: false
+ default: None
+ aliases: []
+ provisioner:
+ description:
+ - Any annotations to add to the storageclass
+ required: false
+ default: 'aws-ebs'
+ aliases: []
+ default_storage_class:
+ description:
+ - Whether or not this is the default storage class
+ required: false
+ default: False
+ aliases: []
+ parameters:
+ description:
+ - A dictionary with the parameters to configure the storageclass. This will be based on provisioner
+ required: false
+ default: None
+ aliases: []
+ api_version:
+ description:
+ - The api version.
+ required: false
+ default: v1
+ aliases: []
+author:
+- "Kenny Woodson <kwoodson@redhat.com>"
+extends_documentation_fragment: []
+'''
+
+EXAMPLES = '''
+- name: get storageclass
+ run_once: true
+ oc_storageclass:
+ name: gp2
+ state: list
+ register: registry_sc_out
+
+- name: create the storageclass
+ oc_storageclass:
+ run_once: true
+ name: gp2
+ parameters:
+ type: gp2
+ encrypted: 'true'
+ kmsKeyId: '<full kms key arn>'
+ provisioner: aws-ebs
+ default_storage_class: False
+ register: sc_out
+ notify:
+ - restart openshift master services
+'''
diff --git a/roles/lib_openshift/src/lib/storageclass.py b/roles/lib_openshift/src/lib/storageclass.py
new file mode 100644
index 000000000..ef12a8d2d
--- /dev/null
+++ b/roles/lib_openshift/src/lib/storageclass.py
@@ -0,0 +1,76 @@
+# pylint: skip-file
+# flake8: noqa
+
+
+# pylint: disable=too-many-instance-attributes
+class StorageClassConfig(object):
+ ''' Handle service options '''
+ # pylint: disable=too-many-arguments
+ def __init__(self,
+ name,
+ provisioner=None,
+ parameters=None,
+ annotations=None,
+ default_storage_class="false",
+ api_version='v1',
+ kubeconfig='/etc/origin/master/admin.kubeconfig'):
+ ''' constructor for handling storageclass options '''
+ self.name = name
+ self.parameters = parameters
+ self.annotations = annotations
+ self.provisioner = provisioner
+ self.api_version = api_version
+ self.default_storage_class = str(default_storage_class).lower()
+ self.kubeconfig = kubeconfig
+ self.data = {}
+
+ self.create_dict()
+
+ def create_dict(self):
+ ''' instantiates a storageclass dict '''
+ self.data['apiVersion'] = self.api_version
+ self.data['kind'] = 'StorageClass'
+ self.data['metadata'] = {}
+ self.data['metadata']['name'] = self.name
+
+ self.data['metadata']['annotations'] = {}
+ if self.annotations is not None:
+ self.data['metadata']['annotations'] = self.annotations
+
+ self.data['metadata']['annotations']['storageclass.beta.kubernetes.io/is-default-class'] = \
+ self.default_storage_class
+
+ if self.provisioner is None:
+ self.data['provisioner'] = 'kubernetes.io/aws-ebs'
+ else:
+ self.data['provisioner'] = self.provisioner
+
+ self.data['parameters'] = {}
+ if self.parameters is not None:
+ self.data['parameters'].update(self.parameters)
+
+ # default to aws if no params were passed
+ else:
+ self.data['parameters']['type'] = 'gp2'
+
+
+
+# pylint: disable=too-many-instance-attributes,too-many-public-methods
+class StorageClass(Yedit):
+ ''' Class to model the oc storageclass object '''
+ annotations_path = "metadata.annotations"
+ provisioner_path = "provisioner"
+ parameters_path = "parameters"
+ kind = 'StorageClass'
+
+ def __init__(self, content):
+ '''StorageClass constructor'''
+ super(StorageClass, self).__init__(content=content)
+
+ def get_annotations(self):
+ ''' get a list of ports '''
+ return self.get(StorageClass.annotations_path) or {}
+
+ def get_parameters(self):
+ ''' get the service selector'''
+ return self.get(StorageClass.parameters_path) or {}
diff --git a/roles/lib_openshift/src/sources.yml b/roles/lib_openshift/src/sources.yml
index 9fa2a6c0e..e9b6bf261 100644
--- a/roles/lib_openshift/src/sources.yml
+++ b/roles/lib_openshift/src/sources.yml
@@ -263,6 +263,17 @@ oc_service.py:
- class/oc_service.py
- ansible/oc_service.py
+oc_storageclass.py:
+- doc/generated
+- doc/license
+- lib/import.py
+- doc/storageclass
+- ../../lib_utils/src/class/yedit.py
+- lib/base.py
+- lib/storageclass.py
+- class/oc_storageclass.py
+- ansible/oc_storageclass.py
+
oc_user.py:
- doc/generated
- doc/license
diff --git a/roles/lib_openshift/src/test/integration/oc_storageclass.yml b/roles/lib_openshift/src/test/integration/oc_storageclass.yml
new file mode 100755
index 000000000..c82f9dedb
--- /dev/null
+++ b/roles/lib_openshift/src/test/integration/oc_storageclass.yml
@@ -0,0 +1,87 @@
+#!/usr/bin/ansible-playbook --module-path=../../../library/
+# ./oc_storageclass.yml -M ../../../library -e "cli_master_test=$OPENSHIFT_MASTER
+---
+- hosts: "{{ cli_master_test }}"
+ gather_facts: no
+ user: root
+ tasks:
+ - name: create a storageclass
+ oc_storageclass:
+ name: testsc
+ parameters:
+ type: gp2
+ default_storage_class: "true"
+ register: sc_out
+ - debug: var=sc_out
+
+ - assert:
+ that:
+ - "sc_out.results.results[0]['metadata']['name'] == 'testsc'"
+ - sc_out.changed
+ - "sc_out.results.results[0]['parameters']['type'] == 'gp2'"
+ msg: storageclass create failed.
+
+ # Test idempotent create
+ - name: NOOP create the storageclass
+ oc_storageclass:
+ name: testsc
+ parameters:
+ type: gp2
+ default_storage_class: "true"
+ register: sc_out
+
+ - assert:
+ that:
+ - "sc_out.results.results[0]['metadata']['name'] == 'testsc'"
+ - sc_out.changed == False
+ msg: storageclass create failed. No changes expected
+
+ - name: test list storageclass
+ oc_storageclass:
+ name: testsc
+ state: list
+ register: sc_out
+ - debug: var=sc_out
+
+ - assert:
+ that: "sc_out.results[0]['metadata']['name'] == 'testsc'"
+ msg: storageclass list failed
+
+ - name: update the storageclass
+ oc_storageclass:
+ name: testsc
+ parameters:
+ type: gp2
+ encrypted: "true"
+ default_storage_class: "true"
+ register: sc_out
+
+ - assert:
+ that: "sc_out.results.results[0]['parameters']['encrypted'] == 'true'"
+ msg: storageclass update failed
+
+ - name: oc delete storageclass
+ oc_storageclass:
+ name: testsc
+ state: absent
+ register: sc_out
+ - debug: var=sc_out
+
+ - assert:
+ that:
+ - "sc_out.results['returncode'] == 0"
+ - "sc_out.results.results == {}"
+ msg: storageclass delete failed
+
+ - name: oc get storageclass
+ oc_storageclass:
+ name: testsc
+ state: list
+ register: sc_out
+ - debug: var=sc_out
+
+ - assert:
+ that:
+ - sc_out.changed == False
+ - "sc_out.results == [{}]"
+ msg: storageclass get failed
diff --git a/roles/lib_openshift/src/test/unit/test_oc_storageclass.py b/roles/lib_openshift/src/test/unit/test_oc_storageclass.py
new file mode 100755
index 000000000..4fd02a8b1
--- /dev/null
+++ b/roles/lib_openshift/src/test/unit/test_oc_storageclass.py
@@ -0,0 +1,93 @@
+'''
+ Unit tests for oc serviceaccount
+'''
+
+import os
+import sys
+import unittest
+import mock
+
+# Removing invalid variable names for tests so that I can
+# keep them brief
+# pylint: disable=invalid-name,no-name-in-module
+# Disable import-error b/c our libraries aren't loaded in jenkins
+# pylint: disable=import-error
+# place class in our python path
+module_path = os.path.join('/'.join(os.path.realpath(__file__).split('/')[:-4]), 'library') # noqa: E501
+sys.path.insert(0, module_path)
+from oc_storageclass import OCStorageClass # noqa: E402
+
+
+class OCStorageClassTest(unittest.TestCase):
+ '''
+ Test class for OCStorageClass
+ '''
+ params = {'kubeconfig': '/etc/origin/master/admin.kubeconfig',
+ 'state': 'present',
+ 'debug': False,
+ 'name': 'testsc',
+ 'provisioner': 'kubernetes.io/aws-ebs',
+ 'annotations': {'storageclass.beta.kubernetes.io/is-default-class': "true"},
+ 'parameters': {'type': 'gp2'},
+ 'api_version': 'v1',
+ 'default_storage_class': 'true'}
+
+ @mock.patch('oc_storageclass.locate_oc_binary')
+ @mock.patch('oc_storageclass.Utils.create_tmpfile_copy')
+ @mock.patch('oc_storageclass.OCStorageClass._run')
+ def test_adding_a_storageclass(self, mock_cmd, mock_tmpfile_copy, mock_oc_binary):
+ ''' Testing adding a storageclass '''
+
+ # Arrange
+
+ # run_ansible input parameters
+
+ valid_result_json = '''{
+ "kind": "StorageClass",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "testsc",
+ "selfLink": "/apis/storage.k8s.io/v1/storageclasses/gp2",
+ "uid": "4d8320c9-e66f-11e6-8edc-0eece8f2ce22",
+ "resourceVersion": "2828",
+ "creationTimestamp": "2017-01-29T22:07:19Z",
+ "annotations": {"storageclass.beta.kubernetes.io/is-default-class": "true"}
+ },
+ "provisioner": "kubernetes.io/aws-ebs",
+ "parameters": {"type": "gp2"}
+ }'''
+
+ # Return values of our mocked function call. These get returned once per call.
+ mock_cmd.side_effect = [
+ # First call to mock
+ (1, '', 'Error from server: storageclass "testsc" not found'),
+
+ # Second call to mock
+ (0, 'storageclass "testsc" created', ''),
+
+ # Third call to mock
+ (0, valid_result_json, ''),
+ ]
+
+ mock_oc_binary.side_effect = [
+ 'oc'
+ ]
+
+ mock_tmpfile_copy.side_effect = [
+ '/tmp/mocked_kubeconfig',
+ ]
+
+ # Act
+ results = OCStorageClass.run_ansible(OCStorageClassTest.params, False)
+
+ # Assert
+ self.assertTrue(results['changed'])
+ self.assertEqual(results['results']['returncode'], 0)
+ self.assertEqual(results['state'], 'present')
+
+ # Making sure our mock was called as we expected
+ mock_cmd.assert_has_calls([
+ mock.call(['oc', 'get', 'storageclass', 'testsc', '-o', 'json'], None),
+ mock.call(['oc', 'create', '-f', mock.ANY], None),
+ mock.call(['oc', 'get', 'storageclass', 'testsc', '-o', 'json'], None),
+ ])
diff --git a/roles/openshift_ca/tasks/main.yml b/roles/openshift_ca/tasks/main.yml
index b9a7ec32f..419679bc2 100644
--- a/roles/openshift_ca/tasks/main.yml
+++ b/roles/openshift_ca/tasks/main.yml
@@ -117,25 +117,46 @@
delegate_to: "{{ openshift_ca_host }}"
run_once: true
-- name: Generate the loopback master client config
- command: >
- {{ hostvars[openshift_ca_host].openshift.common.client_binary }} adm create-api-client-config
- {% for named_ca_certificate in openshift.master.named_certificates | default([]) | oo_collect('cafile') %}
- --certificate-authority {{ named_ca_certificate }}
- {% endfor %}
- --certificate-authority={{ openshift_ca_cert }}
- --client-dir={{ openshift_ca_config_dir }}
- --groups=system:masters,system:openshift-master
- --master={{ hostvars[openshift_ca_host].openshift.master.loopback_api_url }}
- --public-master={{ hostvars[openshift_ca_host].openshift.master.loopback_api_url }}
- --signer-cert={{ openshift_ca_cert }}
- --signer-key={{ openshift_ca_key }}
- --signer-serial={{ openshift_ca_serial }}
- --user=system:openshift-master
- --basename=openshift-master
- {% if openshift_version | oo_version_gte_3_5_or_1_5(openshift.common.deployment_type) | bool %}
- --expire-days={{ openshift_master_cert_expire_days }}
- {% endif %}
+# create-api-client-config generates a ca.crt file which will
+# overwrite the OpenShift CA certificate. Generate the loopback
+# kubeconfig in a temporary directory and then copy files into the
+# master config dir to avoid overwriting ca.crt.
+- block:
+ - name: Create temp directory for loopback master client config
+ command: mktemp -d /tmp/openshift-ansible-XXXXXX
+ register: openshift_ca_loopback_tmpdir
+ - name: Generate the loopback master client config
+ command: >
+ {{ hostvars[openshift_ca_host].openshift.common.client_binary }} adm create-api-client-config
+ --certificate-authority={{ openshift_ca_cert }}
+ {% for named_ca_certificate in openshift.master.named_certificates | default([]) | oo_collect('cafile') %}
+ --certificate-authority {{ named_ca_certificate }}
+ {% endfor %}
+ --client-dir={{ openshift_ca_loopback_tmpdir.stdout }}
+ --groups=system:masters,system:openshift-master
+ --master={{ hostvars[openshift_ca_host].openshift.master.loopback_api_url }}
+ --public-master={{ hostvars[openshift_ca_host].openshift.master.loopback_api_url }}
+ --signer-cert={{ openshift_ca_cert }}
+ --signer-key={{ openshift_ca_key }}
+ --signer-serial={{ openshift_ca_serial }}
+ --user=system:openshift-master
+ --basename=openshift-master
+ {% if openshift_version | oo_version_gte_3_5_or_1_5(openshift.common.deployment_type) | bool %}
+ --expire-days={{ openshift_master_cert_expire_days }}
+ {% endif %}
+ - name: Copy generated loopback master client config to master config dir
+ copy:
+ src: "{{ openshift_ca_loopback_tmpdir.stdout }}/{{ item }}"
+ dest: "{{ openshift_ca_config_dir }}"
+ remote_src: true
+ with_items:
+ - openshift-master.crt
+ - openshift-master.key
+ - openshift-master.kubeconfig
+ - name: Delete temp directory
+ file:
+ name: "{{ openshift_ca_loopback_tmpdir.stdout }}"
+ state: absent
when: loopback_context_string not in loopback_config.stdout
delegate_to: "{{ openshift_ca_host }}"
run_once: true
diff --git a/roles/openshift_certificate_expiry/library/openshift_cert_expiry.py b/roles/openshift_certificate_expiry/library/openshift_cert_expiry.py
index 0242f5b43..44a8fa29b 100644
--- a/roles/openshift_certificate_expiry/library/openshift_cert_expiry.py
+++ b/roles/openshift_certificate_expiry/library/openshift_cert_expiry.py
@@ -104,6 +104,7 @@ platforms missing the Python OpenSSL library.
self.extensions = []
PARSING_ALT_NAMES = False
+ PARSING_HEX_SERIAL = False
for line in self.cert_string.split('\n'):
l = line.strip()
if PARSING_ALT_NAMES:
@@ -114,10 +115,26 @@ platforms missing the Python OpenSSL library.
PARSING_ALT_NAMES = False
continue
+ if PARSING_HEX_SERIAL:
+ # Hex serials arrive colon-delimited
+ serial_raw = l.replace(':', '')
+ # Convert to decimal
+ self.serial = int('0x' + serial_raw, base=16)
+ PARSING_HEX_SERIAL = False
+ continue
+
# parse out the bits that we can
if l.startswith('Serial Number:'):
- # Serial Number: 11 (0xb)
- # => 11
+ # Decimal format:
+ # Serial Number: 11 (0xb)
+ # => 11
+ # Hex Format (large serials):
+ # Serial Number:
+ # 0a:de:eb:24:04:75:ab:56:39:14:e9:5a:22:e2:85:bf
+ # => 14449739080294792594019643629255165375
+ if l.endswith(':'):
+ PARSING_HEX_SERIAL = True
+ continue
self.serial = int(l.split()[-2])
elif l.startswith('Not After :'):
diff --git a/roles/openshift_certificate_expiry/test/conftest.py b/roles/openshift_certificate_expiry/test/conftest.py
index 4ca35ecbc..df948fff0 100644
--- a/roles/openshift_certificate_expiry/test/conftest.py
+++ b/roles/openshift_certificate_expiry/test/conftest.py
@@ -23,7 +23,10 @@ VALID_CERTIFICATE_PARAMS = [
{
'short_name': 'combined',
'cn': 'combined.example.com',
- 'serial': 6,
+ # Verify that HUGE serials parse correctly.
+ # Frobs PARSING_HEX_SERIAL in _parse_cert
+ # See https://bugzilla.redhat.com/show_bug.cgi?id=1464240
+ 'serial': 14449739080294792594019643629255165375,
'uses': b'clientAuth, serverAuth',
'dns': ['etcd'],
'ip': ['10.0.0.2', '192.168.0.2']
diff --git a/roles/openshift_default_storage_class/defaults/main.yml b/roles/openshift_default_storage_class/defaults/main.yml
index 66ffd2a73..bdece7640 100644
--- a/roles/openshift_default_storage_class/defaults/main.yml
+++ b/roles/openshift_default_storage_class/defaults/main.yml
@@ -1,14 +1,19 @@
---
openshift_storageclass_defaults:
aws:
+ provisioner: aws-ebs
name: gp2
- provisioner: kubernetes.io/aws-ebs
- type: gp2
+ parameters:
+ type: gp2
+ kmsKeyId: ''
+ encrypted: 'false'
gce:
name: standard
- provisioner: kubernetes.io/gce-pd
- type: pd-standard
+ provisioner: gce-pd
+ parameters:
+ type: pd-standard
+openshift_storageclass_default: "true"
openshift_storageclass_name: "{{ openshift_storageclass_defaults[openshift_cloudprovider_kind]['name'] }}"
openshift_storageclass_provisioner: "{{ openshift_storageclass_defaults[openshift_cloudprovider_kind]['provisioner'] }}"
-openshift_storageclass_type: "{{ openshift_storageclass_defaults[openshift_cloudprovider_kind]['type'] }}"
+openshift_storageclass_parameters: "{{ openshift_storageclass_defaults[openshift_cloudprovider_kind]['parameters'] }}"
diff --git a/roles/openshift_default_storage_class/tasks/main.yml b/roles/openshift_default_storage_class/tasks/main.yml
index 408fc17c7..172e2ac25 100644
--- a/roles/openshift_default_storage_class/tasks/main.yml
+++ b/roles/openshift_default_storage_class/tasks/main.yml
@@ -1,19 +1,9 @@
---
# Install default storage classes in GCE & AWS
- name: Ensure storageclass object
- oc_obj:
- kind: storageclass
+ oc_storageclass:
name: "{{ openshift_storageclass_name }}"
- content:
- path: /tmp/openshift_storageclass
- data:
- kind: StorageClass
- apiVersion: storage.k8s.io/v1beta1
- metadata:
- name: "{{ openshift_storageclass_name }}"
- annotations:
- storageclass.beta.kubernetes.io/is-default-class: "true"
- provisioner: "{{ openshift_storageclass_provisioner }}"
- parameters:
- type: "{{ openshift_storageclass_type }}"
+ default_storage_class: "{{ openshift_storageclass_default | default('true') | string}}"
+ parameters: "{{ openshift_storageclass_parameters }}"
+ provisioner: "{{ openshift_storageclass_provisioner }}"
run_once: true
diff --git a/roles/openshift_examples/examples-sync.sh b/roles/openshift_examples/examples-sync.sh
index f3f270c40..e8d687877 100755
--- a/roles/openshift_examples/examples-sync.sh
+++ b/roles/openshift_examples/examples-sync.sh
@@ -5,7 +5,7 @@
#
# This script should be run from openshift-ansible/roles/openshift_examples
-XPAAS_VERSION=ose-v1.3.6
+XPAAS_VERSION=ose-v1.4.1
ORIGIN_VERSION=${1:-v3.6}
RHAMP_TAG=2.0.0.GA
EXAMPLES_BASE=$(pwd)/files/examples/${ORIGIN_VERSION}
diff --git a/roles/openshift_examples/files/examples/v1.4/cfme-templates/cfme-template.yaml b/roles/openshift_examples/files/examples/v1.4/cfme-templates/cfme-template.yaml
index 4f25a9c8f..982bd9530 100644
--- a/roles/openshift_examples/files/examples/v1.4/cfme-templates/cfme-template.yaml
+++ b/roles/openshift_examples/files/examples/v1.4/cfme-templates/cfme-template.yaml
@@ -48,7 +48,7 @@ objects:
annotations:
description: "Keeps track of changes in the CloudForms app image"
spec:
- dockerImageRepository: registry.access.redhat.com/cloudforms/cfme-openshift-app
+ dockerImageRepository: registry.access.redhat.com/cloudforms42/cfme-openshift-app
- apiVersion: v1
kind: PersistentVolumeClaim
metadata:
@@ -188,7 +188,7 @@ objects:
annotations:
description: "Keeps track of changes in the CloudForms memcached image"
spec:
- dockerImageRepository: registry.access.redhat.com/cloudforms/cfme-openshift-memcached
+ dockerImageRepository: registry.access.redhat.com/cloudforms42/cfme-openshift-memcached
- apiVersion: v1
kind: "DeploymentConfig"
metadata:
@@ -272,7 +272,7 @@ objects:
annotations:
description: "Keeps track of changes in the CloudForms postgresql image"
spec:
- dockerImageRepository: registry.access.redhat.com/cloudforms/cfme-openshift-postgresql
+ dockerImageRepository: registry.access.redhat.com/cloudforms42/cfme-openshift-postgresql
- apiVersion: v1
kind: "DeploymentConfig"
metadata:
diff --git a/roles/openshift_examples/files/examples/v1.4/db-templates/mariadb-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.4/db-templates/mariadb-ephemeral-template.json
index f347f1f9f..536f7275e 100644
--- a/roles/openshift_examples/files/examples/v1.4/db-templates/mariadb-ephemeral-template.json
+++ b/roles/openshift_examples/files/examples/v1.4/db-templates/mariadb-ephemeral-template.json
@@ -23,7 +23,12 @@
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
- "name": "${DATABASE_SERVICE_NAME}"
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['database-user']}",
+ "template.openshift.io/expose-password": "{.data['database-password']}",
+ "template.openshift.io/expose-root_password": "{.data['database-root-password']}"
+ }
},
"stringData" : {
"database-user" : "${MYSQL_USER}",
@@ -35,7 +40,10 @@
"kind": "Service",
"apiVersion": "v1",
"metadata": {
- "name": "${DATABASE_SERVICE_NAME}"
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "mysql://{.spec.clusterIP}:{.spec.ports[?(.name==\"mariadb\")].port}"
+ }
},
"spec": {
"ports": [
diff --git a/roles/openshift_examples/files/examples/v1.4/db-templates/mariadb-persistent-template.json b/roles/openshift_examples/files/examples/v1.4/db-templates/mariadb-persistent-template.json
index 6ed744777..3b7fdccce 100644
--- a/roles/openshift_examples/files/examples/v1.4/db-templates/mariadb-persistent-template.json
+++ b/roles/openshift_examples/files/examples/v1.4/db-templates/mariadb-persistent-template.json
@@ -23,7 +23,12 @@
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
- "name": "${DATABASE_SERVICE_NAME}"
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['database-user']}",
+ "template.openshift.io/expose-password": "{.data['database-password']}",
+ "template.openshift.io/expose-root_password": "{.data['database-root-password']}"
+ }
},
"stringData" : {
"database-user" : "${MYSQL_USER}",
@@ -35,7 +40,10 @@
"kind": "Service",
"apiVersion": "v1",
"metadata": {
- "name": "${DATABASE_SERVICE_NAME}"
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "mysql://{.spec.clusterIP}:{.spec.ports[?(.name==\"mariadb\")].port}"
+ }
},
"spec": {
"ports": [
diff --git a/roles/openshift_examples/files/examples/v1.4/db-templates/mongodb-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.4/db-templates/mongodb-ephemeral-template.json
index 97a8abf6d..ee274194f 100644
--- a/roles/openshift_examples/files/examples/v1.4/db-templates/mongodb-ephemeral-template.json
+++ b/roles/openshift_examples/files/examples/v1.4/db-templates/mongodb-ephemeral-template.json
@@ -24,7 +24,12 @@
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
- "name": "${DATABASE_SERVICE_NAME}"
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['database-user']}",
+ "template.openshift.io/expose-password": "{.data['database-password']}",
+ "template.openshift.io/expose-admin_password": "{.data['database-admin-password']}"
+ }
},
"stringData" : {
"database-user" : "${MONGODB_USER}",
@@ -37,7 +42,10 @@
"apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
- "creationTimestamp": null
+ "creationTimestamp": null,
+ "annotations": {
+ "template.openshift.io/expose-uri": "mongodb://{.spec.clusterIP}:{.spec.ports[?(.name==\"mongo\")].port}"
+ }
},
"spec": {
"ports": [
diff --git a/roles/openshift_examples/files/examples/v1.4/db-templates/mongodb-persistent-template.json b/roles/openshift_examples/files/examples/v1.4/db-templates/mongodb-persistent-template.json
index 0656219fb..e5ba43669 100644
--- a/roles/openshift_examples/files/examples/v1.4/db-templates/mongodb-persistent-template.json
+++ b/roles/openshift_examples/files/examples/v1.4/db-templates/mongodb-persistent-template.json
@@ -24,7 +24,12 @@
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
- "name": "${DATABASE_SERVICE_NAME}"
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['database-user']}",
+ "template.openshift.io/expose-password": "{.data['database-password']}",
+ "template.openshift.io/expose-admin_password": "{.data['database-admin-password']}"
+ }
},
"stringData" : {
"database-user" : "${MONGODB_USER}",
@@ -37,7 +42,10 @@
"apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
- "creationTimestamp": null
+ "creationTimestamp": null,
+ "annotations": {
+ "template.openshift.io/expose-uri": "mongodb://{.spec.clusterIP}:{.spec.ports[?(.name==\"mongo\")].port}"
+ }
},
"spec": {
"ports": [
diff --git a/roles/openshift_examples/files/examples/v1.4/db-templates/mysql-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.4/db-templates/mysql-ephemeral-template.json
index d60b4647d..969e62ac5 100644
--- a/roles/openshift_examples/files/examples/v1.4/db-templates/mysql-ephemeral-template.json
+++ b/roles/openshift_examples/files/examples/v1.4/db-templates/mysql-ephemeral-template.json
@@ -23,7 +23,12 @@
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
- "name": "${DATABASE_SERVICE_NAME}"
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['database-user']}",
+ "template.openshift.io/expose-password": "{.data['database-password']}",
+ "template.openshift.io/expose-root_password": "{.data['database-root-password']}"
+ }
},
"stringData" : {
"database-user" : "${MYSQL_USER}",
@@ -36,7 +41,10 @@
"apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
- "creationTimestamp": null
+ "creationTimestamp": null,
+ "annotations": {
+ "template.openshift.io/expose-uri": "mysql://{.spec.clusterIP}:{.spec.ports[?(.name==\"mysql\")].port}"
+ }
},
"spec": {
"ports": [
diff --git a/roles/openshift_examples/files/examples/v1.4/db-templates/mysql-persistent-template.json b/roles/openshift_examples/files/examples/v1.4/db-templates/mysql-persistent-template.json
index c2bfa40fd..4f39d41a5 100644
--- a/roles/openshift_examples/files/examples/v1.4/db-templates/mysql-persistent-template.json
+++ b/roles/openshift_examples/files/examples/v1.4/db-templates/mysql-persistent-template.json
@@ -23,7 +23,12 @@
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
- "name": "${DATABASE_SERVICE_NAME}"
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['database-user']}",
+ "template.openshift.io/expose-password": "{.data['database-password']}",
+ "template.openshift.io/expose-root_password": "{.data['database-root-password']}"
+ }
},
"stringData" : {
"database-user" : "${MYSQL_USER}",
@@ -35,7 +40,10 @@
"kind": "Service",
"apiVersion": "v1",
"metadata": {
- "name": "${DATABASE_SERVICE_NAME}"
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "mysql://{.spec.clusterIP}:{.spec.ports[?(.name==\"mysql\")].port}"
+ }
},
"spec": {
"ports": [
diff --git a/roles/openshift_examples/files/examples/v1.4/db-templates/postgresql-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.4/db-templates/postgresql-ephemeral-template.json
index 7a16e742a..c37102cb0 100644
--- a/roles/openshift_examples/files/examples/v1.4/db-templates/postgresql-ephemeral-template.json
+++ b/roles/openshift_examples/files/examples/v1.4/db-templates/postgresql-ephemeral-template.json
@@ -24,7 +24,11 @@
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
- "name": "${DATABASE_SERVICE_NAME}"
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['database-user']}",
+ "template.openshift.io/expose-password": "{.data['database-password']}"
+ }
},
"stringData" : {
"database-user" : "${POSTGRESQL_USER}",
@@ -36,7 +40,10 @@
"apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
- "creationTimestamp": null
+ "creationTimestamp": null,
+ "annotations": {
+ "template.openshift.io/expose-uri": "postgres://{.spec.clusterIP}:{.spec.ports[?(.name==\"postgresql\")].port}"
+ }
},
"spec": {
"ports": [
diff --git a/roles/openshift_examples/files/examples/v1.4/db-templates/postgresql-persistent-template.json b/roles/openshift_examples/files/examples/v1.4/db-templates/postgresql-persistent-template.json
index 242212d6f..32dc93a95 100644
--- a/roles/openshift_examples/files/examples/v1.4/db-templates/postgresql-persistent-template.json
+++ b/roles/openshift_examples/files/examples/v1.4/db-templates/postgresql-persistent-template.json
@@ -24,7 +24,11 @@
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
- "name": "${DATABASE_SERVICE_NAME}"
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['database-user']}",
+ "template.openshift.io/expose-password": "{.data['database-password']}"
+ }
},
"stringData" : {
"database-user" : "${POSTGRESQL_USER}",
@@ -36,7 +40,10 @@
"apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
- "creationTimestamp": null
+ "creationTimestamp": null,
+ "annotations": {
+ "template.openshift.io/expose-uri": "postgres://{.spec.clusterIP}:{.spec.ports[?(.name==\"postgresql\")].port}"
+ }
},
"spec": {
"ports": [
diff --git a/roles/openshift_examples/files/examples/v1.4/db-templates/redis-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.4/db-templates/redis-ephemeral-template.json
index 82a09a3ec..6bb683e52 100644
--- a/roles/openshift_examples/files/examples/v1.4/db-templates/redis-ephemeral-template.json
+++ b/roles/openshift_examples/files/examples/v1.4/db-templates/redis-ephemeral-template.json
@@ -21,11 +21,27 @@
},
"objects": [
{
+ "kind": "Secret",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-password": "{.data['database-password']}"
+ }
+ },
+ "stringData" : {
+ "database-password" : "${REDIS_PASSWORD}"
+ }
+ },
+ {
"kind": "Service",
"apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
- "creationTimestamp": null
+ "creationTimestamp": null,
+ "annotations": {
+ "template.openshift.io/expose-uri": "redis://{.spec.clusterIP}:{.spec.ports[?(.name==\"redis\")].port}"
+ }
},
"spec": {
"ports": [
@@ -117,7 +133,12 @@
"env": [
{
"name": "REDIS_PASSWORD",
- "value": "${REDIS_PASSWORD}"
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-password"
+ }
+ }
}
],
"resources": {
diff --git a/roles/openshift_examples/files/examples/v1.4/db-templates/redis-persistent-template.json b/roles/openshift_examples/files/examples/v1.4/db-templates/redis-persistent-template.json
index 1d5f59188..9e8be2309 100644
--- a/roles/openshift_examples/files/examples/v1.4/db-templates/redis-persistent-template.json
+++ b/roles/openshift_examples/files/examples/v1.4/db-templates/redis-persistent-template.json
@@ -21,11 +21,27 @@
},
"objects": [
{
+ "kind": "Secret",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-password": "{.data['database-password']}"
+ }
+ },
+ "stringData" : {
+ "database-password" : "${REDIS_PASSWORD}"
+ }
+ },
+ {
"kind": "Service",
"apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
- "creationTimestamp": null
+ "creationTimestamp": null,
+ "annotations": {
+ "template.openshift.io/expose-uri": "redis://{.spec.clusterIP}:{.spec.ports[?(.name==\"redis\")].port}"
+ }
},
"spec": {
"ports": [
@@ -134,7 +150,12 @@
"env": [
{
"name": "REDIS_PASSWORD",
- "value": "${REDIS_PASSWORD}"
+ "valueFrom": {
+ "secretKeyRef" : {
+ "name" : "${DATABASE_SERVICE_NAME}",
+ "key" : "database-password"
+ }
+ }
}
],
"resources": {
diff --git a/roles/openshift_examples/files/examples/v1.4/image-streams/dotnet_imagestreams.json b/roles/openshift_examples/files/examples/v1.4/image-streams/dotnet_imagestreams.json
index 0d5ac21d8..857ffa980 100644
--- a/roles/openshift_examples/files/examples/v1.4/image-streams/dotnet_imagestreams.json
+++ b/roles/openshift_examples/files/examples/v1.4/image-streams/dotnet_imagestreams.json
@@ -27,8 +27,9 @@
"iconClass": "icon-dotnet",
"tags": "builder,.net,dotnet,dotnetcore",
"supports":"dotnet",
- "sampleRepo": "https://github.com/redhat-developer/s2i-dotnetcore.git",
- "sampleContextDir": "1.1/test/asp-net-hello-world"
+ "sampleRepo": "https://github.com/redhat-developer/s2i-dotnetcore-ex.git",
+ "sampleContextDir": "app",
+ "sampleRef": "dotnetcore-1.1"
},
"from": {
"kind": "ImageStreamTag",
@@ -43,8 +44,9 @@
"iconClass": "icon-dotnet",
"tags": "builder,.net,dotnet,dotnetcore,rh-dotnetcore11",
"supports":"dotnet:1.1,dotnet",
- "sampleRepo": "https://github.com/redhat-developer/s2i-dotnetcore.git",
- "sampleContextDir": "1.1/test/asp-net-hello-world",
+ "sampleRepo": "https://github.com/redhat-developer/s2i-dotnetcore-ex.git",
+ "sampleContextDir": "app",
+ "sampleRef": "dotnetcore-1.1",
"version": "1.1"
},
"from": {
@@ -60,8 +62,9 @@
"iconClass": "icon-dotnet",
"tags": "builder,.net,dotnet,dotnetcore,rh-dotnetcore10",
"supports":"dotnet:1.0,dotnet",
- "sampleRepo": "https://github.com/redhat-developer/s2i-dotnetcore.git",
- "sampleContextDir": "1.0/test/asp-net-hello-world",
+ "sampleRepo": "https://github.com/redhat-developer/s2i-dotnetcore-ex.git",
+ "sampleContextDir": "app",
+ "sampleRef": "dotnetcore-1.0",
"version": "1.0"
},
"from": {
diff --git a/roles/openshift_examples/files/examples/v1.4/image-streams/image-streams-centos7.json b/roles/openshift_examples/files/examples/v1.4/image-streams/image-streams-centos7.json
index 1a90a9409..6cef21945 100644
--- a/roles/openshift_examples/files/examples/v1.4/image-streams/image-streams-centos7.json
+++ b/roles/openshift_examples/files/examples/v1.4/image-streams/image-streams-centos7.json
@@ -7,6 +7,51 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
+ "name": "httpd",
+ "annotations": {
+ "openshift.io/display-name": "Httpd"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": "Httpd (Latest)",
+ "description": "Build and serve static content via Httpd on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/httpd-container/blob/master/2.4/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of Httpd available on OpenShift, including major versions updates.",
+ "iconClass": "icon-apache",
+ "tags": "builder,httpd",
+ "supports":"httpd",
+ "sampleRepo": "https://github.com/openshift/httpd-ex.git"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "2.4"
+ }
+ },
+ {
+ "name": "2.4",
+ "annotations": {
+ "openshift.io/display-name": "Httpd 2.4",
+ "description": "Build and serve static content via Httpd on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/httpd-container/blob/master/2.4/README.md.",
+ "iconClass": "icon-apache",
+ "tags": "builder,httpd",
+ "supports":"httpd",
+ "version": "2.4",
+ "sampleRepo": "https://github.com/openshift/httpd-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "centos/httpd-24-centos7:latest"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
"name": "ruby",
"annotations": {
"openshift.io/display-name": "Ruby"
@@ -103,7 +148,7 @@
},
"from": {
"kind": "ImageStreamTag",
- "name": "4"
+ "name": "6"
}
},
{
@@ -137,6 +182,22 @@
"kind": "DockerImage",
"name": "centos/nodejs-4-centos7:latest"
}
+ },
+ {
+ "name": "6",
+ "annotations": {
+ "openshift.io/display-name": "Node.js 6",
+ "description": "Build and run Node.js 6 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-nodejs-container/blob/master/6/README.md.",
+ "iconClass": "icon-nodejs",
+ "tags": "builder,nodejs",
+ "supports":"nodejs:6,nodejs",
+ "version": "6",
+ "sampleRepo": "https://github.com/openshift/nodejs-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "centos/nodejs-6-centos7:latest"
+ }
}
]
}
@@ -407,7 +468,7 @@
"iconClass": "icon-wildfly",
"tags": "builder,wildfly,java",
"supports":"jee,java",
- "sampleRepo": "https://github.com/bparees/openshift-jee-sample.git"
+ "sampleRepo": "https://github.com/openshift/openshift-jee-sample.git"
},
"from": {
"kind": "ImageStreamTag",
@@ -423,7 +484,7 @@
"tags": "builder,wildfly,java",
"supports":"wildfly:8.1,jee,java",
"version": "8.1",
- "sampleRepo": "https://github.com/bparees/openshift-jee-sample.git"
+ "sampleRepo": "https://github.com/openshift/openshift-jee-sample.git"
},
"from": {
"kind": "DockerImage",
@@ -439,7 +500,7 @@
"tags": "builder,wildfly,java",
"supports":"wildfly:9.0,jee,java",
"version": "9.0",
- "sampleRepo": "https://github.com/bparees/openshift-jee-sample.git"
+ "sampleRepo": "https://github.com/openshift/openshift-jee-sample.git"
},
"from": {
"kind": "DockerImage",
@@ -455,7 +516,7 @@
"tags": "builder,wildfly,java",
"supports":"wildfly:10.0,jee,java",
"version": "10.0",
- "sampleRepo": "https://github.com/bparees/openshift-jee-sample.git"
+ "sampleRepo": "https://github.com/openshift/openshift-jee-sample.git"
},
"from": {
"kind": "DockerImage",
@@ -471,7 +532,7 @@
"tags": "builder,wildfly,java",
"supports":"wildfly:10.1,jee,java",
"version": "10.1",
- "sampleRepo": "https://github.com/bparees/openshift-jee-sample.git"
+ "sampleRepo": "https://github.com/openshift/openshift-jee-sample.git"
},
"from": {
"kind": "DockerImage",
@@ -800,7 +861,7 @@
"openshift.io/display-name": "Jenkins 1.X",
"description": "Provides a Jenkins 1.X server on CentOS 7. For more information about using this container image, including OpenShift considerations, see https://github.com/openshift/jenkins/blob/master/README.md.",
"iconClass": "icon-jenkins",
- "tags": "jenkins",
+ "tags": "hidden,jenkins",
"version": "1.x"
},
"from": {
diff --git a/roles/openshift_examples/files/examples/v1.4/image-streams/image-streams-rhel7.json b/roles/openshift_examples/files/examples/v1.4/image-streams/image-streams-rhel7.json
index eb94c3bb4..abdae01e3 100644
--- a/roles/openshift_examples/files/examples/v1.4/image-streams/image-streams-rhel7.json
+++ b/roles/openshift_examples/files/examples/v1.4/image-streams/image-streams-rhel7.json
@@ -7,6 +7,51 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
+ "name": "httpd",
+ "annotations": {
+ "openshift.io/display-name": "Httpd"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": "Httpd (Latest)",
+ "description": "Build and serve static content via Httpd on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/httpd-container/blob/master/2.4/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of Httpd available on OpenShift, including major versions updates.",
+ "iconClass": "icon-apache",
+ "tags": "builder,httpd",
+ "supports":"httpd",
+ "sampleRepo": "https://github.com/openshift/httpd-ex.git"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "2.4"
+ }
+ },
+ {
+ "name": "2.4",
+ "annotations": {
+ "openshift.io/display-name": "Httpd 2.4",
+ "description": "Build and serve static content via Httpd on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/httpd-container/blob/master/2.4/README.md.",
+ "iconClass": "icon-apache",
+ "tags": "builder,httpd",
+ "supports":"httpd",
+ "version": "2.4",
+ "sampleRepo": "https://github.com/openshift/httpd-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/rhscl/httpd-24-rhel7"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
"name": "ruby",
"annotations": {
"openshift.io/display-name": "Ruby"
@@ -103,7 +148,7 @@
},
"from": {
"kind": "ImageStreamTag",
- "name": "4"
+ "name": "6"
}
},
{
@@ -137,6 +182,22 @@
"kind": "DockerImage",
"name": "registry.access.redhat.com/rhscl/nodejs-4-rhel7:latest"
}
+ },
+ {
+ "name": "6",
+ "annotations": {
+ "openshift.io/display-name": "Node.js 6",
+ "description": "Build and run Node.js 6 applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-nodejs-container.",
+ "iconClass": "icon-nodejs",
+ "tags": "builder,nodejs",
+ "supports":"nodejs:6,nodejs",
+ "version": "6",
+ "sampleRepo": "https://github.com/openshift/nodejs-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/rhscl/nodejs-6-rhel7:latest"
+ }
}
]
}
@@ -253,7 +314,7 @@
"tags": "hidden,builder,php",
"supports":"php:5.5,php",
"version": "5.5",
- "sampleRepo": "https://github.com/openshift/cakephp-ex.git"
+ "sampleRepo": "https://github.com/openshift/cakephp-ex.git"
},
"from": {
"kind": "DockerImage",
@@ -707,7 +768,7 @@
"openshift.io/display-name": "Jenkins 1.X",
"description": "Provides a Jenkins 1.X server on RHEL 7. For more information about using this container image, including OpenShift considerations, see https://github.com/openshift/jenkins/blob/master/README.md.",
"iconClass": "icon-jenkins",
- "tags": "jenkins",
+ "tags": "hidden,jenkins",
"version": "1.x"
},
"from": {
diff --git a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/README.md b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/README.md
index f48d8d4a8..6d2ccbf7f 100644
--- a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/README.md
+++ b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/README.md
@@ -17,6 +17,7 @@ instantiating them.
* [Dancer persistent](https://raw.githubusercontent.com/openshift/dancer-ex/master/openshift/templates/dancer-mysql-persistent.json) - Provides a basic Dancer (Perl) application with a persistent MySQL database. Note: requires available persistent volumes. For more information see the [source repository](https://github.com/openshift/dancer-ex).
* [Django](https://raw.githubusercontent.com/openshift/django-ex/master/openshift/templates/django-postgresql.json) - Provides a basic Django (Python) application with a PostgreSQL database. For more information see the [source repository](https://github.com/openshift/django-ex).
* [Django persistent](https://raw.githubusercontent.com/openshift/django-ex/master/openshift/templates/django-postgresql-persistent.json) - Provides a basic Django (Python) application with a persistent PostgreSQL database. Note: requires available persistent volumes. For more information see the [source repository](https://github.com/openshift/django-ex).
+* [Httpd](https://raw.githubusercontent.com/openshift/httpd-ex/master/openshift/templates/httpd.json) - Provides a basic Httpd static content application. For more information see the [source repository](https://github.com/openshift/httpd-ex).
* [NodeJS](https://raw.githubusercontent.com/openshift/nodejs-ex/master/openshift/templates/nodejs-mongodb.json) - Provides a basic NodeJS application with a MongoDB database. For more information see the [source repository](https://github.com/openshift/nodejs-ex).
* [NodeJS persistent](https://raw.githubusercontent.com/openshift/nodejs-ex/master/openshift/templates/nodejs-mongodb-persistent.json) - Provides a basic NodeJS application with a persistent MongoDB database. Note: requires available persistent volumes. For more information see the [source repository](https://github.com/openshift/nodejs-ex).
* [Rails](https://raw.githubusercontent.com/openshift/rails-ex/master/openshift/templates/rails-postgresql.json) - Provides a basic Rails (Ruby) application with a PostgreSQL database. For more information see the [source repository](https://github.com/openshift/rails-ex).
diff --git a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/amp.yml b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/amp.yml
new file mode 100644
index 000000000..4e469f6e8
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/amp.yml
@@ -0,0 +1,1261 @@
+base_env: &base_env
+- name: RAILS_ENV
+ value: "production"
+- name: DATABASE_URL
+ value: "mysql2://root:${MYSQL_ROOT_PASSWORD}@system-mysql/${MYSQL_DATABASE}"
+- name: FORCE_SSL
+ value: "true"
+- name: THREESCALE_SUPERDOMAIN
+ value: "${WILDCARD_DOMAIN}"
+- name: TENANT_NAME
+ value: "${TENANT_NAME}"
+- name: APICAST_ACCESS_TOKEN
+ value: "${APICAST_ACCESS_TOKEN}"
+- name: ADMIN_ACCESS_TOKEN
+ value: "${ADMIN_ACCESS_TOKEN}"
+- name: PROVIDER_PLAN
+ value: 'enterprise'
+- name: USER_LOGIN
+ value: "${ADMIN_USERNAME}"
+- name: USER_PASSWORD
+ value: "${ADMIN_PASSWORD}"
+- name: RAILS_LOG_TO_STDOUT
+ value: "true"
+- name: RAILS_LOG_LEVEL
+ value: "info"
+- name: THINKING_SPHINX_ADDRESS
+ value: "system-sphinx"
+- name: THINKING_SPHINX_PORT
+ value: "9306"
+- name: THINKING_SPHINX_CONFIGURATION_FILE
+ value: "/tmp/sphinx.conf"
+- name: EVENTS_SHARED_SECRET
+ value: "${SYSTEM_BACKEND_SHARED_SECRET}"
+- name: THREESCALE_SANDBOX_PROXY_OPENSSL_VERIFY_MODE
+ value: "VERIFY_NONE"
+- name: APICAST_BACKEND_ROOT_ENDPOINT
+ value: "https://backend-${TENANT_NAME}.${WILDCARD_DOMAIN}"
+- name: CONFIG_INTERNAL_API_USER
+ value: "${SYSTEM_BACKEND_USERNAME}"
+- name: CONFIG_INTERNAL_API_PASSWORD
+ value: "${SYSTEM_BACKEND_PASSWORD}"
+- name: SECRET_KEY_BASE
+ value: "${SYSTEM_APP_SECRET_KEY_BASE}"
+- name: AMP_RELEASE
+ value: "${AMP_RELEASE}"
+- name: SMTP_ADDRESS
+ valueFrom:
+ configMapKeyRef:
+ name: smtp
+ key: address
+- name: SMTP_USER_NAME
+ valueFrom:
+ configMapKeyRef:
+ name: smtp
+ key: username
+- name: SMTP_PASSWORD
+ valueFrom:
+ configMapKeyRef:
+ name: smtp
+ key: password
+- name: SMTP_DOMAIN
+ valueFrom:
+ configMapKeyRef:
+ name: smtp
+ key: domain
+- name: SMTP_PORT
+ valueFrom:
+ configMapKeyRef:
+ name: smtp
+ key: port
+- name: SMTP_AUTHENTICATION
+ valueFrom:
+ configMapKeyRef:
+ name: smtp
+ key: authentication
+- name: SMTP_OPENSSL_VERIFY_MODE
+ valueFrom:
+ configMapKeyRef:
+ name: smtp
+ key: openssl.verify.mode
+- name: BACKEND_ROUTE
+ value: "https://backend-${TENANT_NAME}.${WILDCARD_DOMAIN}"
+
+apiVersion: v1
+kind: Template
+metadata:
+ name: "system"
+message: "Login on https://${TENANT_NAME}-admin.${WILDCARD_DOMAIN} as ${ADMIN_USERNAME}/${ADMIN_PASSWORD}"
+objects:
+
+- apiVersion: "v1"
+ kind: "PersistentVolumeClaim"
+ metadata:
+ name: "system-storage"
+ spec:
+ accessModes:
+ - "ReadWriteMany"
+ resources:
+ requests:
+ storage: "100Mi"
+
+- apiVersion: "v1"
+ kind: "PersistentVolumeClaim"
+ metadata:
+ name: "mysql-storage"
+ spec:
+ accessModes:
+ - "ReadWriteOnce"
+ resources:
+ requests:
+ storage: "1Gi"
+
+- apiVersion: "v1"
+ kind: "PersistentVolumeClaim"
+ metadata:
+ name: "system-redis-storage"
+ spec:
+ accessModes:
+ - "ReadWriteOnce"
+ resources:
+ requests:
+ storage: "1Gi"
+
+- apiVersion: "v1"
+ kind: "PersistentVolumeClaim"
+ metadata:
+ name: "backend-redis-storage"
+ spec:
+ accessModes:
+ - "ReadWriteOnce"
+ resources:
+ requests:
+ storage: "1Gi"
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: backend-cron
+ spec:
+ replicas: 1
+ selector:
+ name: backend-cron
+ strategy:
+ rollingParams:
+ intervalSeconds: 1
+ maxSurge: 25%
+ maxUnavailable: 25%
+ timeoutSeconds: 600
+ updatePeriodSeconds: 1
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ name: backend-cron
+ spec:
+ containers:
+ - args:
+ - backend-cron
+ env:
+ - name: CONFIG_REDIS_PROXY
+ value: "backend-redis:6379"
+ - name: CONFIG_QUEUES_MASTER_NAME
+ value: "backend-redis:6379/1"
+ - name: RACK_ENV
+ value: "production"
+ image: 3scale-amp20/backend:1.0-2
+ imagePullPolicy: IfNotPresent
+ name: backend-cron
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: backend-redis
+ spec:
+ replicas: 1
+ selector:
+ name: backend-redis
+ strategy:
+ type: Recreate
+ template:
+ metadata:
+ labels:
+ name: backend-redis
+ spec:
+ containers:
+ - image: ${REDIS_IMAGE}
+ imagePullPolicy: IfNotPresent
+ name: backend-redis
+ readinessProbe:
+ exec:
+ command:
+ - "container-entrypoint"
+ - "bash"
+ - "-c"
+ - "redis-cli set liveness-probe \"`date`\" | grep OK"
+ initialDelaySeconds: 10
+ periodSeconds: 30
+ timeoutSeconds: 1
+ livenessProbe:
+ tcpSocket:
+ port: 6379
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ volumeMounts:
+ - name: backend-redis-storage
+ mountPath: "/var/lib/redis/data"
+ - name: redis-config
+ mountPath: /etc/redis.conf
+ subPath: redis.conf
+ volumes:
+ - name: backend-redis-storage
+ persistentVolumeClaim:
+ claimName: backend-redis-storage
+ - name: redis-config
+ configMap:
+ name: redis-config
+ items:
+ - key: redis.conf
+ path: redis.conf
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: backend-listener
+ spec:
+ replicas: 1
+ selector:
+ name: backend-listener
+ strategy:
+ rollingParams:
+ intervalSeconds: 1
+ maxSurge: 25%
+ maxUnavailable: 25%
+ timeoutSeconds: 600
+ updatePeriodSeconds: 1
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ name: backend-listener
+ spec:
+ containers:
+ - args:
+ - 3scale_backend
+ - start
+ - "-e"
+ - production
+ - "-p"
+ - '3000'
+ - "-x"
+ - "/dev/stdout"
+ env:
+ - name: CONFIG_REDIS_PROXY
+ value: "backend-redis:6379"
+ - name: CONFIG_QUEUES_MASTER_NAME
+ value: "backend-redis:6379/1"
+ - name: RACK_ENV
+ value: "production"
+ - name: CONFIG_INTERNAL_API_USER
+ value: "${SYSTEM_BACKEND_USERNAME}"
+ - name: CONFIG_INTERNAL_API_PASSWORD
+ value: "${SYSTEM_BACKEND_PASSWORD}"
+ image: 3scale-amp20/backend:1.0-2
+ imagePullPolicy: IfNotPresent
+ name: backend-listener
+ livenessProbe:
+ initialDelaySeconds: 30
+ periodSeconds: 10
+ tcpSocket:
+ port: 3000
+ readinessProbe:
+ httpGet:
+ path: "/status"
+ port: 3000
+ initialDelaySeconds: 30
+ timeoutSeconds: 5
+ ports:
+ - containerPort: 3000
+ protocol: TCP
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: backend-redis
+ spec:
+ ports:
+ - port: 6379
+ protocol: TCP
+ targetPort: 6379
+ selector:
+ name: backend-redis
+
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: backend-listener
+ spec:
+ ports:
+ - port: 3000
+ protocol: TCP
+ targetPort: 3000
+ name: http
+ selector:
+ name: backend-listener
+
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: system-provider
+ spec:
+ ports:
+ - port: 3000
+ protocol: TCP
+ targetPort: provider
+ name: http
+ selector:
+ name: system-app
+
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: system-developer
+ spec:
+ ports:
+ - port: 3000
+ protocol: TCP
+ targetPort: developer
+ name: http
+ selector:
+ name: system-app
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: backend-worker
+ spec:
+ replicas: 1
+ selector:
+ name: backend-worker
+ strategy:
+ rollingParams:
+ intervalSeconds: 1
+ maxSurge: 25%
+ maxUnavailable: 25%
+ timeoutSeconds: 600
+ updatePeriodSeconds: 1
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ name: backend-worker
+ spec:
+ containers:
+ - args:
+ - 3scale_backend_worker
+ - run
+ env:
+ - name: CONFIG_REDIS_PROXY
+ value: "backend-redis:6379"
+ - name: CONFIG_QUEUES_MASTER_NAME
+ value: "backend-redis:6379/1"
+ - name: RACK_ENV
+ value: "production"
+ - name: CONFIG_EVENTS_HOOK
+ value: http://system-provider:3000/master/events/import
+ - name: CONFIG_EVENTS_HOOK_SHARED_SECRET
+ value: ${SYSTEM_BACKEND_SHARED_SECRET}
+ image: 3scale-amp20/backend:1.0-2
+ imagePullPolicy: IfNotPresent
+ name: backend-worker
+ triggers:
+ - type: ConfigChange
+
+- kind: Service
+ apiVersion: v1
+ metadata:
+ name: 'system-mysql'
+ spec:
+ ports:
+ - name: system-mysql
+ protocol: TCP
+ port: 3306
+ targetPort: 3306
+ nodePort: 0
+ selector:
+ name: 'system-mysql'
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: system-redis
+ spec:
+ ports:
+ - port: 6379
+ protocol: TCP
+ targetPort: 6379
+ name: redis
+ selector:
+ name: system-redis
+
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: system-redis
+ spec:
+ replicas: 1
+ selector:
+ name: system-redis
+ strategy:
+ type: Recreate
+ template:
+ metadata:
+ labels:
+ name: system-redis
+ spec:
+ containers:
+ - args:
+ image: ${REDIS_IMAGE}
+ imagePullPolicy: IfNotPresent
+ name: system-redis
+ terminationMessagePath: /dev/termination-log
+ volumeMounts:
+ - name: system-redis-storage
+ mountPath: "/var/lib/redis/data"
+ - name: redis-config
+ mountPath: /etc/redis.conf
+ subPath: redis.conf
+ readinessProbe:
+ exec:
+ command:
+ - "container-entrypoint"
+ - "bash"
+ - "-c"
+ - "redis-cli set liveness-probe \"`date`\" | grep OK"
+ initialDelaySeconds: 30
+ periodSeconds: 10
+ timeoutSeconds: 5
+ livenessProbe:
+ tcpSocket:
+ port: 6379
+ initialDelaySeconds: 10
+ periodSeconds: 5
+ volumes:
+ - name: system-redis-storage
+ persistentVolumeClaim:
+ claimName: system-redis-storage
+ - name: redis-config
+ configMap:
+ name: redis-config
+ items:
+ - key: redis.conf
+ path: redis.conf
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: system-sphinx
+ spec:
+ ports:
+ - port: 9306
+ protocol: TCP
+ targetPort: 9306
+ name: sphinx
+ selector:
+ name: system-sphinx
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: system-sphinx
+ spec:
+ replicas: 1
+ selector:
+ name: system-sphinx
+ strategy:
+ rollingParams:
+ intervalSeconds: 1
+ maxSurge: 25%
+ maxUnavailable: 25%
+ timeoutSeconds: 600
+ updatePeriodSeconds: 1
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ name: system-sphinx
+ spec:
+ volumes:
+ - name: system-sphinx-database
+ emptyDir: {}
+ containers:
+ - args:
+ - rake
+ - 'openshift:thinking_sphinx:start'
+ volumeMounts:
+ - name: system-sphinx-database
+ mountPath: "/opt/system/db/sphinx"
+ env:
+ - name: RAILS_ENV
+ value: production
+ - name: DATABASE_URL
+ value: "mysql2://root:${MYSQL_ROOT_PASSWORD}@system-mysql/${MYSQL_DATABASE}"
+ - name: THINKING_SPHINX_ADDRESS
+ value: 0.0.0.0
+ - name: THINKING_SPHINX_CONFIGURATION_FILE
+ value: "db/sphinx/production.conf"
+ - name: THINKING_SPHINX_PID_FILE
+ value: db/sphinx/searchd.pid
+ - name: DELTA_INDEX_INTERVAL
+ value: '5'
+ - name: FULL_REINDEX_INTERVAL
+ value: '60'
+ image: 3scale-amp20/system:1.0-2
+ imagePullPolicy: IfNotPresent
+ name: system-sphinx
+ livenessProbe:
+ tcpSocket:
+ port: 9306
+ initialDelaySeconds: 60
+ periodSeconds: 10
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: system-memcache
+ spec:
+ ports:
+ - port: 11211
+ protocol: TCP
+ targetPort: 11211
+ name: memcache
+ selector:
+ name: system-memcache
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: system-memcache
+ spec:
+ replicas: 1
+ selector:
+ name: system-memcache
+ strategy:
+ rollingParams:
+ intervalSeconds: 1
+ maxSurge: 25%
+ maxUnavailable: 25%
+ timeoutSeconds: 600
+ updatePeriodSeconds: 1
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ name: system-memcache
+ spec:
+ containers:
+ - args:
+ env:
+ image: 3scale-amp20/memcached:1.4.15-7
+ imagePullPolicy: IfNotPresent
+ name: memcache
+ readinessProbe:
+ exec:
+ command:
+ - "sh"
+ - "-c"
+ - "echo version | nc $HOSTNAME 11211 | grep VERSION"
+ initialDelaySeconds: 10
+ periodSeconds: 30
+ timeoutSeconds: 5
+ livenessProbe:
+ tcpSocket:
+ port: 11211
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ command:
+ - "memcached"
+ - "-m"
+ - "64"
+ ports:
+ - containerPort: 6379
+ protocol: TCP
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: Route
+ metadata:
+ name: system-provider-admin-route
+ labels:
+ app: system-route
+ spec:
+ host: ${TENANT_NAME}-admin.${WILDCARD_DOMAIN}
+ to:
+ kind: Service
+ name: system-provider
+ port:
+ targetPort: http
+ tls:
+ termination: edge
+ insecureEdgeTerminationPolicy: Allow
+
+- apiVersion: v1
+ kind: Route
+ metadata:
+ name: backend-route
+ labels:
+ app: system-route
+ spec:
+ host: backend-${TENANT_NAME}.${WILDCARD_DOMAIN}
+ to:
+ kind: Service
+ name: backend-listener
+ port:
+ targetPort: http
+ tls:
+ termination: edge
+ insecureEdgeTerminationPolicy: Allow
+
+- apiVersion: v1
+ kind: Route
+ metadata:
+ name: system-developer-route
+ labels:
+ app: system-route
+ spec:
+ host: ${TENANT_NAME}.${WILDCARD_DOMAIN}
+ to:
+ kind: Service
+ name: system-developer
+ port:
+ targetPort: http
+ tls:
+ termination: edge
+ insecureEdgeTerminationPolicy: Allow
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: apicast-staging
+ spec:
+ replicas: 1
+ selector:
+ deploymentconfig: apicast-staging
+ strategy:
+ rollingParams:
+ intervalSeconds: 1
+ maxSurge: 25%
+ maxUnavailable: 25%
+ timeoutSeconds: 1800
+ updatePeriodSeconds: 1
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ deploymentconfig: apicast-staging
+ spec:
+ containers:
+ - env:
+ - name: THREESCALE_PORTAL_ENDPOINT
+ value: http://${APICAST_ACCESS_TOKEN}@system-provider:3000
+ - name: APICAST_CONFIGURATION_LOADER
+ value: "lazy"
+ - name: APICAST_CONFIGURATION_CACHE
+ value: "0"
+ - name: THREESCALE_DEPLOYMENT_ENV
+ value: "sandbox"
+ - name: APICAST_MANAGEMENT_API
+ value: "${APICAST_MANAGEMENT_API}"
+ - name: BACKEND_ENDPOINT_OVERRIDE
+ value: http://backend-listener:3000
+ - name: OPENSSL_VERIFY
+ value: '${APICAST_OPENSSL_VERIFY}'
+ - name: APICAST_RESPONSE_CODES
+ value: '${APICAST_RESPONSE_CODES}'
+ - name: REDIS_URL
+ value: "redis://system-redis:6379/2"
+ image: 3scale-amp20/apicast-gateway:1.0-3
+ imagePullPolicy: IfNotPresent
+ name: apicast-staging
+ livenessProbe:
+ httpGet:
+ path: /status/live
+ port: 8090
+ initialDelaySeconds: 10
+ timeoutSeconds: 5
+ periodSeconds: 10
+ readinessProbe:
+ httpGet:
+ path: /status/ready
+ port: 8090
+ initialDelaySeconds: 15
+ timeoutSeconds: 5
+ periodSeconds: 30
+ ports:
+ - containerPort: 8080
+ protocol: TCP
+ - containerPort: 8090
+ protocol: TCP
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: apicast-staging
+ spec:
+ ports:
+ - name: gateway
+ port: 8080
+ protocol: TCP
+ targetPort: 8080
+ - name: management
+ port: 8090
+ protocol: TCP
+ targetPort: 8090
+ selector:
+ deploymentconfig: apicast-staging
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: apicast-production
+ spec:
+ replicas: 1
+ selector:
+ deploymentconfig: apicast-production
+ strategy:
+ rollingParams:
+ intervalSeconds: 1
+ maxSurge: 25%
+ maxUnavailable: 25%
+ timeoutSeconds: 1800
+ updatePeriodSeconds: 1
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ deploymentconfig: apicast-production
+ spec:
+ containers:
+ - env:
+ - name: THREESCALE_PORTAL_ENDPOINT
+ value: "http://${APICAST_ACCESS_TOKEN}@system-provider:3000"
+ - name: APICAST_CONFIGURATION_LOADER
+ value: "boot"
+ - name: APICAST_CONFIGURATION_CACHE
+ value: "300"
+ - name: THREESCALE_DEPLOYMENT_ENV
+ value: "production"
+ - name: APICAST_MANAGEMENT_API
+ value: "${APICAST_MANAGEMENT_API}"
+ - name: BACKEND_ENDPOINT_OVERRIDE
+ value: http://backend-listener:3000
+ - name: OPENSSL_VERIFY
+ value: '${APICAST_OPENSSL_VERIFY}'
+ - name: APICAST_RESPONSE_CODES
+ value: '${APICAST_RESPONSE_CODES}'
+ - name: REDIS_URL
+ value: "redis://system-redis:6379/1"
+ image: 3scale-amp20/apicast-gateway:1.0-3
+ imagePullPolicy: IfNotPresent
+ name: apicast-production
+ livenessProbe:
+ httpGet:
+ path: /status/live
+ port: 8090
+ initialDelaySeconds: 10
+ timeoutSeconds: 5
+ periodSeconds: 10
+ readinessProbe:
+ httpGet:
+ path: /status/ready
+ port: 8090
+ initialDelaySeconds: 15
+ timeoutSeconds: 5
+ periodSeconds: 30
+ ports:
+ - containerPort: 8080
+ protocol: TCP
+ - containerPort: 8090
+ protocol: TCP
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: apicast-production
+ spec:
+ ports:
+ - name: gateway
+ port: 8080
+ protocol: TCP
+ targetPort: 8080
+ - name: management
+ port: 8090
+ protocol: TCP
+ targetPort: 8090
+ selector:
+ deploymentconfig: apicast-production
+
+- apiVersion: v1
+ kind: Route
+ metadata:
+ name: api-apicast-staging-route
+ labels:
+ app: apicast-staging
+ spec:
+ host: api-${TENANT_NAME}-apicast-staging.${WILDCARD_DOMAIN}
+ to:
+ kind: Service
+ name: apicast-staging
+ port:
+ targetPort: gateway
+ tls:
+ termination: edge
+ insecureEdgeTerminationPolicy: Allow
+
+- apiVersion: v1
+ kind: Route
+ metadata:
+ name: api-apicast-production-route
+ labels:
+ app: apicast-production
+ spec:
+ host: api-${TENANT_NAME}-apicast-production.${WILDCARD_DOMAIN}
+ to:
+ kind: Service
+ name: apicast-production
+ port:
+ targetPort: gateway
+ tls:
+ termination: edge
+ insecureEdgeTerminationPolicy: Allow
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: system-app
+ spec:
+ replicas: 1
+ selector:
+ name: system-app
+ strategy:
+ rollingParams:
+ intervalSeconds: 1
+ maxSurge: 25%
+ maxUnavailable: 25%
+ timeoutSeconds: 600
+ updatePeriodSeconds: 1
+ pre:
+ failurePolicy: Retry
+ execNewPod:
+ containerName: system-provider
+ command:
+ - bash
+ - -c
+ - bundle exec rake boot openshift:deploy
+ env: *base_env
+ volumes:
+ - system-storage
+ post:
+ failurePolicy: Abort
+ execNewPod:
+ containerName: system-provider
+ command:
+ - bash
+ - -c
+ - bundle exec rake boot openshift:post_deploy
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ name: system-app
+ spec:
+ containers:
+ - args:
+ env: *base_env
+ image: 3scale-amp20/system:1.0-2
+ imagePullPolicy: IfNotPresent
+ command: ['env', 'TENANT_MODE=provider', 'PORT=3000', 'container-entrypoint', 'bundle', 'exec', 'unicorn', '-c', 'config/unicorn.rb']
+ name: system-provider
+ livenessProbe:
+ timeoutSeconds: 10
+ initialDelaySeconds: 20
+ tcpSocket:
+ port: provider
+ periodSeconds: 10
+ readinessProbe:
+ httpGet:
+ path: /check.txt
+ port: provider
+ scheme: HTTP
+ httpHeaders:
+ - name: X-Forwarded-Proto
+ value: https
+ initialDelaySeconds: 30
+ timeoutSeconds: 10
+ periodSeconds: 30
+ ports:
+ - containerPort: 3000
+ protocol: TCP
+ name: provider
+ volumeMounts:
+ - name: system-storage
+ mountPath: /opt/system/public/system
+ - args:
+ env: *base_env
+ image: 3scale-amp20/system:1.0-2
+ command: ['env', 'TENANT_MODE=developer', 'PORT=3001', 'container-entrypoint', 'bundle', 'exec', 'unicorn', '-c', 'config/unicorn.rb']
+ imagePullPolicy: IfNotPresent
+ name: system-developer
+ livenessProbe:
+ timeoutSeconds: 10
+ initialDelaySeconds: 20
+ tcpSocket:
+ port: developer
+ periodSeconds: 10
+ readinessProbe:
+ httpGet:
+ path: /check.txt
+ port: developer
+ scheme: HTTP
+ httpHeaders:
+ - name: X-Forwarded-Proto
+ value: https
+ initialDelaySeconds: 30
+ timeoutSeconds: 10
+ periodSeconds: 30
+ ports:
+ - containerPort: 3001
+ protocol: TCP
+ name: developer
+ volumeMounts:
+ - name: system-storage
+ mountPath: /opt/system/public/system
+ readOnly: true
+ volumes:
+ - name: system-storage
+ persistentVolumeClaim:
+ claimName: system-storage
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: system-resque
+ spec:
+ replicas: 1
+ selector:
+ name: system-resque
+ strategy:
+ rollingParams:
+ intervalSeconds: 1
+ maxSurge: 25%
+ maxUnavailable: 25%
+ timeoutSeconds: 600
+ updatePeriodSeconds: 1
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ name: system-resque
+ spec:
+ containers:
+ - args:
+ - 'rake'
+ - 'resque:work'
+ - 'QUEUE=*'
+ env: *base_env
+ image: 3scale-amp20/system:1.0-2
+ imagePullPolicy: IfNotPresent
+ name: system-resque
+ volumeMounts:
+ - name: system-storage
+ mountPath: /opt/system/public/system
+ - args:
+ - 'rake'
+ - 'resque:scheduler'
+ - 'QUEUE=*'
+ env: *base_env
+ image: 3scale-amp20/system:1.0-2
+ imagePullPolicy: IfNotPresent
+ name: system-scheduler
+ volumes:
+ - name: system-storage
+ persistentVolumeClaim:
+ claimName: system-storage
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: system-sidekiq
+ spec:
+ replicas: 1
+ selector:
+ name: system-sidekiq
+ strategy:
+ rollingParams:
+ intervalSeconds: 1
+ maxSurge: 25%
+ maxUnavailable: 25%
+ timeoutSeconds: 600
+ updatePeriodSeconds: 1
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ name: system-sidekiq
+ spec:
+ containers:
+ - args:
+ - rake
+ - sidekiq:worker
+ env: *base_env
+ image: 3scale-amp20/system:1.0-2
+ imagePullPolicy: IfNotPresent
+ name: system-sidekiq
+ volumeMounts:
+ - name: system-storage
+ mountPath: /opt/system/public/system
+ volumes:
+ - name: system-storage
+ persistentVolumeClaim:
+ claimName: system-storage
+ triggers:
+ - type: ConfigChange
+
+
+- kind: DeploymentConfig
+ apiVersion: v1
+ metadata:
+ name: 'system-mysql'
+ spec:
+ strategy:
+ type: Recreate
+ triggers:
+ - type: ConfigChange
+ replicas: 1
+ selector:
+ name: 'system-mysql'
+ template:
+ metadata:
+ labels:
+ name: 'system-mysql'
+ spec:
+ containers:
+ - name: system-mysql
+ image: ${MYSQL_IMAGE}
+ ports:
+ - containerPort: 3306
+ protocol: TCP
+ resources:
+ limits:
+ memory: 2Gi
+ requests:
+ cpu: '1'
+ memory: 1Gi
+ readinessProbe:
+ timeoutSeconds: 5
+ initialDelaySeconds: 10
+ periodSeconds: 30
+ exec:
+ command:
+ - /bin/sh
+ - '-i'
+ - '-c'
+ - MYSQL_PWD="$MYSQL_PASSWORD" mysql -h 127.0.0.1 -u $MYSQL_USER -D $MYSQL_DATABASE -e 'SELECT 1'
+ livenessProbe:
+ initialDelaySeconds: 30
+ periodSeconds: 10
+ tcpSocket:
+ port: 3306
+ env:
+ - name: MYSQL_USER
+ value: ${MYSQL_USER}
+ - name: MYSQL_PASSWORD
+ value: ${MYSQL_PASSWORD}
+ - name: MYSQL_DATABASE
+ value: ${MYSQL_DATABASE}
+ - name: MYSQL_ROOT_PASSWORD
+ value: ${MYSQL_ROOT_PASSWORD}
+ - name: MYSQL_LOWER_CASE_TABLE_NAMES
+ value: "1"
+ volumeMounts:
+ - name: 'mysql-storage'
+ mountPath: /var/lib/mysql/data
+ imagePullPolicy: IfNotPresent
+ volumes:
+ - name: 'mysql-storage'
+ persistentVolumeClaim:
+ claimName: 'mysql-storage'
+- kind: ConfigMap
+ apiVersion: v1
+ metadata:
+ name: redis-config
+ data:
+ redis.conf: |
+ protected-mode no
+
+ port 6379
+
+ timeout 0
+ tcp-keepalive 300
+
+ daemonize no
+ supervised no
+
+ loglevel notice
+
+ databases 16
+
+ save 900 1
+ save 300 10
+ save 60 10000
+
+ stop-writes-on-bgsave-error yes
+
+ rdbcompression yes
+ rdbchecksum yes
+
+ dbfilename dump.rdb
+
+ slave-serve-stale-data yes
+ slave-read-only yes
+
+ repl-diskless-sync no
+ repl-disable-tcp-nodelay no
+
+ appendonly yes
+ appendfilename "appendonly.aof"
+ appendfsync everysec
+ no-appendfsync-on-rewrite no
+ auto-aof-rewrite-percentage 100
+ auto-aof-rewrite-min-size 64mb
+ aof-load-truncated yes
+
+ lua-time-limit 5000
+
+ activerehashing no
+
+ aof-rewrite-incremental-fsync yes
+ dir /var/lib/redis/data
+
+- kind: ConfigMap
+
+ apiVersion: v1
+ metadata:
+ name: smtp
+ data:
+ address: ""
+ username: ""
+ password: ""
+ domain: ""
+ port: ""
+ authentication: ""
+ openssl.verify.mode: ""
+
+parameters:
+- name: AMP_RELEASE
+ description: "AMP release tag."
+ value: 2.0.0-CR2-redhat-1
+ required: true
+- name: ADMIN_PASSWORD
+ required: true
+ generate: expression
+ from: "[a-z0-9]{8}"
+- name: ADMIN_USERNAME
+ value: admin
+ required: true
+- name: APICAST_ACCESS_TOKEN
+ required: true
+ generate: expression
+ from: "[a-z0-9]{8}"
+ description: "Read Only Access Token that is APIcast going to use to download its configuration."
+- name: ADMIN_ACCESS_TOKEN
+ required: false
+ generate: expression
+ from: "[a-z0-9]{16}"
+ description: "Admin Access Token with all scopes and write permissions for API access."
+- name: WILDCARD_DOMAIN
+ description: Root domain for the wildcard routes. Eg. example.com will generate 3scale-admin.example.com.
+ required: true
+- name: TENANT_NAME
+ description: "Tenant name under the root that Admin UI will be available with -admin suffix."
+ required: true
+ value: "3scale"
+- name: MYSQL_USER
+ displayName: MySQL User
+ description: Username for MySQL user that will be used for accessing the database.
+ value: "mysql"
+ required: true
+- name: MYSQL_PASSWORD
+ displayName: MySQL Password
+ description: Password for the MySQL user.
+ generate: expression
+ from: "[a-z0-9]{8}"
+ required: true
+- name: MYSQL_DATABASE
+ displayName: MySQL Database Name
+ description: Name of the MySQL database accessed.
+ value: "system"
+ required: true
+- name: MYSQL_ROOT_PASSWORD
+ displayName: MySQL Root password.
+ description: Password for Root user.
+ generate: expression
+ from: "[a-z0-9]{8}"
+ required: true
+- name: SYSTEM_BACKEND_USERNAME
+ description: Internal 3scale API username for internal 3scale api auth.
+ value: "3scale_api_user"
+ required: true
+- name: SYSTEM_BACKEND_PASSWORD
+ description: Internal 3scale API password for internal 3scale api auth.
+ generate: expression
+ from: "[a-z0-9]{8}"
+ required: true
+- name: REDIS_IMAGE
+ description: Redis image to use
+ required: true
+ value: rhscl/redis-32-rhel7:3.2-5.7
+- name: MYSQL_IMAGE
+ description: Mysql image to use
+ required: true
+ value: rhscl/mysql-56-rhel7:5.6-13.14
+- name: SYSTEM_BACKEND_SHARED_SECRET
+ description: Shared secret to import events from backend to system.
+ generate: expression
+ from: "[a-z0-9]{8}"
+ required: true
+- name: SYSTEM_APP_SECRET_KEY_BASE
+ description: System application secret key base
+ generate: expression
+ from: "[a-f0-9]{128}"
+ required: true
+- name: APICAST_MANAGEMENT_API
+ description: "Scope of the APIcast Management API. Can be disabled, status or debug. At least status required for health checks."
+ required: false
+ value: "status"
+- name: APICAST_OPENSSL_VERIFY
+ description: "Turn on/off the OpenSSL peer verification when downloading the configuration. Can be set to true/false."
+ required: false
+ value: "false"
+- name: APICAST_RESPONSE_CODES
+ description: "Enable logging response codes in APIcast."
+ value: "true"
+ required: false
diff --git a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/apicast-gateway-template.yml b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/apicast-gateway-template.yml
deleted file mode 100644
index 34f5fcbcc..000000000
--- a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/apicast-gateway-template.yml
+++ /dev/null
@@ -1,149 +0,0 @@
-apiVersion: v1
-kind: Template
-metadata:
- creationTimestamp: null
- name: 3scale-gateway
- annotations:
- description: "3scale API Gateway"
- iconClass: "icon-load-balancer"
- tags: "api,gateway,3scale"
-objects:
-- apiVersion: v1
- kind: DeploymentConfig
- metadata:
- name: ${THREESCALE_GATEWAY_NAME}
- spec:
- replicas: 2
- selector:
- deploymentconfig: ${THREESCALE_GATEWAY_NAME}
- strategy:
- resources: {}
- rollingParams:
- intervalSeconds: 1
- maxSurge: 25%
- maxUnavailable: 25%
- timeoutSeconds: 600
- updatePeriodSeconds: 1
- type: Rolling
- template:
- metadata:
- labels:
- deploymentconfig: ${THREESCALE_GATEWAY_NAME}
- spec:
- containers:
- - env:
- - name: THREESCALE_PORTAL_ENDPOINT
- valueFrom:
- secretKeyRef:
- name: ${THREESCALE_PORTAL_ENDPOINT_SECRET}
- key: password
- - name: THREESCALE_CONFIG_FILE
- value: ${THREESCALE_CONFIG_FILE}
- - name: RESOLVER
- value: ${RESOLVER}
- - name: APICAST_SERVICES
- value: ${APICAST_SERVICES}
- - name: APICAST_MISSING_CONFIGURATION
- value: ${MISSING_CONFIGURATION}
- - name: APICAST_LOG_LEVEL
- value: ${APICAST_LOG_LEVEL}
- - name: APICAST_PATH_ROUTING_ENABLED
- value: ${PATH_ROUTING}
- - name: APICAST_RESPONSE_CODES
- value: ${RESPONSE_CODES}
- - name: APICAST_REQUEST_LOGS
- value: ${REQUEST_LOGS}
- - name: APICAST_RELOAD_CONFIG
- value: ${APICAST_RELOAD_CONFIG}
- image: ${THREESCALE_GATEWAY_IMAGE}
- imagePullPolicy: Always
- name: ${THREESCALE_GATEWAY_NAME}
- livenessProbe:
- httpGet:
- path: /status/live
- port: 8090
- initialDelaySeconds: 10
- timeoutSeconds: 1
- readinessProbe:
- httpGet:
- path: /status/ready
- port: 8090
- initialDelaySeconds: 15
- timeoutSeconds: 1
- ports:
- - containerPort: 8080
- protocol: TCP
- resources: {}
- terminationMessagePath: /dev/termination-log
- dnsPolicy: ClusterFirst
- restartPolicy: Always
- securityContext: {}
- terminationGracePeriodSeconds: 30
- triggers:
- - type: ConfigChange
- status: {}
-- apiVersion: v1
- kind: Service
- metadata:
- creationTimestamp: null
- name: ${THREESCALE_GATEWAY_NAME}
- spec:
- ports:
- - name: 8080-tcp
- port: 8080
- protocol: TCP
- targetPort: 8080
- selector:
- deploymentconfig: ${THREESCALE_GATEWAY_NAME}
- sessionAffinity: None
- type: ClusterIP
- status:
- loadBalancer: {}
-parameters:
-- description: "Name of the secret containing the THREESCALE_PORTAL_ENDPOINT with the access-token or provider key"
- value: threescale-portal-endpoint-secret
- name: THREESCALE_PORTAL_ENDPOINT_SECRET
- required: true
-- description: "Path to saved JSON file with configuration for the gateway. Has to be injected to the docker image as read only volume."
- value:
- name: THREESCALE_CONFIG_FILE
- required: false
-- description: "Name for the 3scale API Gateway"
- value: threescalegw
- name: THREESCALE_GATEWAY_NAME
- required: true
-- description: "Docker image to use."
- value: 'rhamp10/apicast-gateway:1.0.0-4'
- name: THREESCALE_GATEWAY_IMAGE
- required: true
-- description: "DNS Resolver for openresty, if empty it will be autodiscovered"
- value:
- name: RESOLVER
- required: false
-- description: "Subset of services to run. Use comma separated list of service ids (eg. 42,1337)"
- value:
- name: APICAST_SERVICES
- required: false
-- description: "What to do on missing or invalid configuration. Allowed values are: log, exit."
- value: exit
- required: false
- name: MISSING_CONFIGURATION
-- description: "Log level. One of the following: debug, info, notice, warn, error, crit, alert, or emerg."
- name: APICAST_LOG_LEVEL
- required: false
-- description: "Enable path routing. Experimental feature."
- name: PATH_ROUTING
- required: false
- value: "false"
-- description: "Enable traffic logging to 3scale. Includes whole request and response."
- value: "false"
- name: REQUEST_LOGS
- required: false
-- description: "Enable logging response codes to 3scale."
- value: "false"
- name: RESPONSE_CODES
- required: false
-- description: "Reload config on every request"
- value: "false"
- name: APICAST_RELOAD_CONFIG
- required: false
diff --git a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/apicast.yml b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/apicast.yml
new file mode 100644
index 000000000..8e8051c0b
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/apicast.yml
@@ -0,0 +1,157 @@
+apiVersion: v1
+kind: Template
+metadata:
+ name: 3scale-gateway
+ annotations:
+ description: "3scale API Gateway"
+ iconClass: "icon-load-balancer"
+ tags: "api,gateway,3scale"
+objects:
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: "${APICAST_NAME}"
+ spec:
+ replicas: 2
+ selector:
+ deploymentconfig: "${APICAST_NAME}"
+ strategy:
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ deploymentconfig: "${APICAST_NAME}"
+ spec:
+ containers:
+ - env:
+ - name: THREESCALE_PORTAL_ENDPOINT
+ valueFrom:
+ secretKeyRef:
+ name: "${CONFIGURATION_URL_SECRET}"
+ key: password
+ - name: THREESCALE_CONFIG_FILE
+ value: "${CONFIGURATION_FILE_PATH}"
+ - name: THREESCALE_DEPLOYMENT_ENV
+ value: "${DEPLOYMENT_ENVIRONMENT}"
+ - name: RESOLVER
+ value: "${RESOLVER}"
+ - name: APICAST_SERVICES
+ value: "${SERVICES_LIST}"
+ - name: APICAST_CONFIGURATION_LOADER
+ value: "${CONFIGURATION_LOADER}"
+ - name: APICAST_LOG_LEVEL
+ value: "${LOG_LEVEL}"
+ - name: APICAST_PATH_ROUTING_ENABLED
+ value: "${PATH_ROUTING}"
+ - name: APICAST_RESPONSE_CODES
+ value: "${RESPONSE_CODES}"
+ - name: APICAST_CONFIGURATION_CACHE
+ value: "${CONFIGURATION_CACHE}"
+ - name: REDIS_URL
+ value: "${REDIS_URL}"
+ - name: APICAST_MANAGEMENT_API
+ value: "${MANAGEMENT_API}"
+ - name: OPENSSL_VERIFY
+ value: "${OPENSSL_VERIFY}"
+ image: 3scale-amp20/apicast-gateway:1.0-3
+ imagePullPolicy: IfNotPresent
+ name: "${APICAST_NAME}"
+ livenessProbe:
+ httpGet:
+ path: /status/live
+ port: management
+ initialDelaySeconds: 10
+ timeoutSeconds: 1
+ readinessProbe:
+ httpGet:
+ path: /status/ready
+ port: management
+ initialDelaySeconds: 15
+ timeoutSeconds: 1
+ ports:
+ - name: proxy
+ containerPort: 8080
+ protocol: TCP
+ - name: management
+ containerPort: 8090
+ protocol: TCP
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: "${APICAST_NAME}"
+ spec:
+ ports:
+ - name: proxy
+ port: 8080
+ protocol: TCP
+ targetPort: 8080
+ - name: management
+ port: 8090
+ protocol: TCP
+ targetPort: 8090
+ selector:
+ deploymentconfig: "${APICAST_NAME}"
+
+parameters:
+- name: AMP_RELEASE
+ description: "AMP release tag."
+ value: 2.0.0-CR2-redhat-1
+ required: true
+- description: "Name of the secret containing the THREESCALE_PORTAL_ENDPOINT with the access-token or provider key"
+ value: apicast-configuration-url-secret
+ name: CONFIGURATION_URL_SECRET
+ required: true
+- description: "Path to saved JSON file with configuration for the gateway. Has to be injected to the docker image as read only volume."
+ value:
+ name: CONFIGURATION_FILE_PATH
+ required: false
+- description: "Deployment environment. Can be sandbox or production."
+ value: production
+ name: DEPLOYMENT_ENVIRONMENT
+ required: true
+- description: "Name for the 3scale API Gateway"
+ value: apicast
+ name: APICAST_NAME
+ required: true
+- description: "DNS Resolver for openresty, if empty it will be autodiscovered"
+ value:
+ name: RESOLVER
+ required: false
+- description: "Subset of services to run. Use comma separated list of service ids (eg. 42,1337)"
+ value:
+ name: SERVICES_LIST
+ required: false
+- name: CONFIGURATION_LOADER
+ description: "When to load configuration. If on gateway start or incoming request. Allowed values are: lazy, boot."
+ value: boot
+ required: false
+- description: "Log level. One of the following: debug, info, notice, warn, error, crit, alert, or emerg."
+ name: LOG_LEVEL
+ required: false
+- description: "Enable path routing. Experimental feature."
+ name: PATH_ROUTING
+ required: false
+ value: "false"
+- description: "Enable logging response codes to 3scale."
+ value: "false"
+ name: RESPONSE_CODES
+ required: false
+- name: CONFIGURATION_CACHE
+ description: "For how long to cache the downloaded configuration in seconds. Can be left empty, 0 or greater than 60."
+ value: ""
+ required: false
+- description: "Redis URL. Required for OAuth2 integration. ex: redis://PASSWORD@127.0.0.1:6379/0"
+ name: REDIS_URL
+ required: false
+- name: MANAGEMENT_API
+ description: "Scope of the Management API. Can be disabled, status or debug. At least status required for health checks."
+ required: false
+ value: "status"
+- name: OPENSSL_VERIFY
+ description: "Turn on/off the OpenSSL peer verification. Can be set to true/false."
+ required: true
+ value: "false"
diff --git a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/cakephp-mysql-persistent.json b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/cakephp-mysql-persistent.json
index eb3d296be..6d987ee33 100644
--- a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/cakephp-mysql-persistent.json
+++ b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/cakephp-mysql-persistent.json
@@ -60,7 +60,10 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}"
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
@@ -510,7 +513,7 @@
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
- "description": "A secret string used to configure the GitHub webhook.",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
diff --git a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/cakephp-mysql.json b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/cakephp-mysql.json
index da2454d2e..fb2ef206e 100644
--- a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/cakephp-mysql.json
+++ b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/cakephp-mysql.json
@@ -60,7 +60,10 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}"
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
@@ -484,7 +487,7 @@
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
- "description": "A secret string used to configure the GitHub webhook.",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
diff --git a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/dancer-mysql-persistent.json b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/dancer-mysql-persistent.json
index 81ae63416..7ffb25e14 100644
--- a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/dancer-mysql-persistent.json
+++ b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/dancer-mysql-persistent.json
@@ -58,7 +58,10 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}"
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
@@ -147,6 +150,9 @@
}
},
"spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
"triggers": [
{
"type": "ImageChange",
@@ -472,7 +478,7 @@
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
- "description": "A secret string used to configure the GitHub webhook.",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
diff --git a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/dancer-mysql.json b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/dancer-mysql.json
index 7a285dba8..d787e376b 100644
--- a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/dancer-mysql.json
+++ b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/dancer-mysql.json
@@ -58,7 +58,10 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}"
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
@@ -147,6 +150,9 @@
}
},
"spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
"triggers": [
{
"type": "ImageChange",
@@ -446,7 +452,7 @@
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
- "description": "A secret string used to configure the GitHub webhook.",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
diff --git a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/django-postgresql-persistent.json b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/django-postgresql-persistent.json
index 9f982c286..a2070207b 100644
--- a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/django-postgresql-persistent.json
+++ b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/django-postgresql-persistent.json
@@ -58,7 +58,10 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}"
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
@@ -148,7 +151,7 @@
},
"spec": {
"strategy": {
- "type": "Rolling"
+ "type": "Recreate"
},
"triggers": [
{
@@ -479,7 +482,7 @@
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
- "description": "A secret string used to configure the GitHub webhook.",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
diff --git a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/django-postgresql.json b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/django-postgresql.json
index 7bee85ddd..0d33c6e0e 100644
--- a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/django-postgresql.json
+++ b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/django-postgresql.json
@@ -58,7 +58,10 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}"
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
@@ -148,7 +151,7 @@
},
"spec": {
"strategy": {
- "type": "Rolling"
+ "type": "Recreate"
},
"triggers": [
{
@@ -453,7 +456,7 @@
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
- "description": "A secret string used to configure the GitHub webhook.",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
diff --git a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/dotnet-example.json b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/dotnet-example.json
new file mode 100644
index 000000000..af46579c8
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/dotnet-example.json
@@ -0,0 +1,333 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "dotnet-example",
+ "annotations": {
+ "openshift.io/display-name": ".NET Core Example",
+ "description": "An example .NET Core application.",
+ "tags": "quickstart,dotnet,.net",
+ "iconClass": "icon-dotnet",
+ "template.openshift.io/provider-display-name": "Red Hat, Inc.",
+ "template.openshift.io/documentation-url": "https://github.com/redhat-developer/s2i-dotnetcore",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ }
+ },
+ "objects": [
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}"
+ },
+ "spec": {
+ "host": "${APPLICATION_DOMAIN}",
+ "to": {
+ "kind": "Service",
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Exposes and load balances the application pods"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "web",
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Keeps track of changes in the application image"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to build the application"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${NAMESPACE}",
+ "name": "${DOTNET_IMAGE_STREAM_TAG}"
+ },
+ "env": [
+ {
+ "name": "DOTNET_STARTUP_PROJECT",
+ "value": "${DOTNET_STARTUP_PROJECT}"
+ },
+ {
+ "name": "DOTNET_ASSEMBLY_NAME",
+ "value": "${DOTNET_ASSEMBLY_NAME}"
+ },
+ {
+ "name": "DOTNET_NPM_TOOLS",
+ "value": "${DOTNET_NPM_TOOLS}"
+ },
+ {
+ "name": "DOTNET_TEST_PROJECTS",
+ "value": "${DOTNET_TEST_PROJECTS}"
+ },
+ {
+ "name": "DOTNET_CONFIGURATION",
+ "value": "${DOTNET_CONFIGURATION}"
+ },
+ {
+ "name": "DOTNET_PUBLISH",
+ "value": "true"
+ },
+ {
+ "name": "DOTNET_RESTORE_SOURCES",
+ "value": "${DOTNET_RESTORE_SOURCES}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange"
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to deploy the application server"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Rolling"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "dotnet-app"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${NAME}",
+ "labels": {
+ "name": "${NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "dotnet-app",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 8080
+ }
+ ],
+ "livenessProbe": {
+ "httpGet": {
+ "path": "/",
+ "port": 8080,
+ "scheme": "HTTP"
+ },
+ "initialDelaySeconds": 40,
+ "timeoutSeconds": 15
+ },
+ "readinessProbe": {
+ "httpGet": {
+ "path": "/",
+ "port": 8080,
+ "scheme": "HTTP"
+ },
+ "initialDelaySeconds": 10,
+ "timeoutSeconds": 30
+ },
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ },
+ "env": []
+ }
+ ]
+ }
+ }
+ }
+ }
+ ],
+ "parameters": [
+ {
+ "name": "NAME",
+ "displayName": "Name",
+ "description": "The name assigned to all of the frontend objects defined in this template.",
+ "required": true,
+ "value": "dotnet-example"
+ },
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory Limit",
+ "description": "Maximum amount of memory the container can use.",
+ "required": true,
+ "value": "512Mi"
+ },
+ {
+ "name": "DOTNET_IMAGE_STREAM_TAG",
+ "displayName": ".NET builder",
+ "required": true,
+ "description": "The image stream tag which is used to build the code.",
+ "value": "dotnet:1.0"
+ },
+ {
+ "name": "NAMESPACE",
+ "displayName": "Namespace",
+ "description": "The OpenShift Namespace where the ImageStream resides.",
+ "required": true,
+ "value": "openshift"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_URL",
+ "displayName": "Git Repository URL",
+ "description": "The URL of the repository with your application source code.",
+ "required": true,
+ "value": "https://github.com/redhat-developer/s2i-dotnetcore-ex.git"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_REF",
+ "displayName": "Git Reference",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch.",
+ "value": "dotnetcore-1.0"
+ },
+ {
+ "name": "CONTEXT_DIR",
+ "displayName": "Context Directory",
+ "description": "Set this to use a subdirectory of the source code repository"
+ },
+ {
+ "name": "APPLICATION_DOMAIN",
+ "displayName": "Application Hostname",
+ "description": "The exposed hostname that will route to the .NET Core service, if left blank a value will be defaulted.",
+ "value": ""
+ },
+ {
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "displayName": "GitHub Webhook Secret",
+ "description": "A secret string used to configure the GitHub webhook.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "displayName": "Generic Webhook Secret",
+ "description": "A secret string used to configure the Generic webhook.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "DOTNET_STARTUP_PROJECT",
+ "displayName": "Startup Project",
+ "description": "Set this to the folder containing your startup project.",
+ "value": "app"
+ },
+ {
+ "name": "DOTNET_ASSEMBLY_NAME",
+ "displayName": "Startup Assembly",
+ "description": "Set this when the assembly name is overridden in the project file."
+ },
+ {
+ "name": "DOTNET_NPM_TOOLS",
+ "displayName": "Npm Tools",
+ "description": "Set this to a space separated list of npm tools needed to publish.",
+ "value": "bower gulp"
+ },
+ {
+ "name": "DOTNET_TEST_PROJECTS",
+ "displayName": "Test projects",
+ "description": "Set this to a space separated list of test projects to run before publishing."
+ },
+ {
+ "name": "DOTNET_CONFIGURATION",
+ "displayName": "Configuration",
+ "description": "Set this to configuration (Release/Debug).",
+ "value": "Release"
+ },
+ {
+ "name": "DOTNET_RESTORE_SOURCES",
+ "displayName": "NuGet package sources",
+ "description": "Set this to override the NuGet.config sources."
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/dotnet-pgsql-persistent.json b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/dotnet-pgsql-persistent.json
new file mode 100644
index 000000000..a2b59c2d3
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/dotnet-pgsql-persistent.json
@@ -0,0 +1,565 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "dotnet-pgsql-persistent",
+ "annotations": {
+ "openshift.io/display-name": ".NET Core + PostgreSQL (Persistent)",
+ "description": "An example .NET Core application with a PostgreSQL database. For more information about using this template, including OpenShift considerations, see https://github.com/redhat-developer/s2i-dotnetcore.",
+ "tags": "quickstart,dotnet",
+ "iconClass": "icon-dotnet",
+ "template.openshift.io/provider-display-name": "Red Hat, Inc.",
+ "template.openshift.io/documentation-url": "https://github.com/redhat-developer/s2i-dotnetcore",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ }
+ },
+ "message": "The following service(s) have been created in your project: ${NAME}, ${DATABASE_SERVICE_NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/redhat-developer/s2i-dotnetcore.",
+ "labels": {
+ "template": "dotnet-pgsql-persistent"
+ },
+ "objects": [
+ {
+ "kind": "Secret",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}"
+ },
+ "stringData": {
+ "database-password": "${DATABASE_PASSWORD}",
+ "connect-string": "Host=${DATABASE_SERVICE_NAME};Database=${DATABASE_NAME};Username=${DATABASE_USER};Password=${DATABASE_PASSWORD}"
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Exposes and load balances the application pods",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${DATABASE_SERVICE_NAME}\", \"kind\": \"Service\"}]"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "web",
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}"
+ },
+ "spec": {
+ "host": "${APPLICATION_DOMAIN}",
+ "to": {
+ "kind": "Service",
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Keeps track of changes in the application image"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to build the application"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${NAMESPACE}",
+ "name": "${DOTNET_IMAGE_STREAM_TAG}"
+ },
+ "env": [
+ {
+ "name": "DOTNET_STARTUP_PROJECT",
+ "value": "${DOTNET_STARTUP_PROJECT}"
+ },
+ {
+ "name": "DOTNET_ASSEMBLY_NAME",
+ "value": "${DOTNET_ASSEMBLY_NAME}"
+ },
+ {
+ "name": "DOTNET_NPM_TOOLS",
+ "value": "${DOTNET_NPM_TOOLS}"
+ },
+ {
+ "name": "DOTNET_TEST_PROJECTS",
+ "value": "${DOTNET_TEST_PROJECTS}"
+ },
+ {
+ "name": "DOTNET_CONFIGURATION",
+ "value": "${DOTNET_CONFIGURATION}"
+ },
+ {
+ "name": "DOTNET_PUBLISH",
+ "value": "true"
+ },
+ {
+ "name": "DOTNET_RESTORE_SOURCES",
+ "value": "${DOTNET_RESTORE_SOURCES}"
+ }
+ ]
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange"
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ }
+ ],
+ "postCommit": {}
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to deploy the application server"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Rolling",
+ "rollingParams": {
+ "updatePeriodSeconds": 1,
+ "intervalSeconds": 1,
+ "timeoutSeconds": 600,
+ "maxUnavailable": "25%",
+ "maxSurge": "25%"
+ },
+ "resources": {}
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "dotnet-pgsql-persistent"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${NAME}",
+ "labels": {
+ "name": "${NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "dotnet-pgsql-persistent",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 8080
+ }
+ ],
+ "env": [
+ {
+ "name": "ConnectionString",
+ "valueFrom": {
+ "secretKeyRef": {
+ "name": "${NAME}",
+ "key": "connect-string"
+ }
+ }
+ }
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ },
+ "livenessProbe": {
+ "httpGet": {
+ "path": "/",
+ "port": 8080,
+ "scheme": "HTTP"
+ },
+ "initialDelaySeconds": 40,
+ "timeoutSeconds": 10
+ },
+ "readinessProbe": {
+ "httpGet": {
+ "path": "/",
+ "port": 8080,
+ "scheme": "HTTP"
+ },
+ "initialDelaySeconds": 10,
+ "timeoutSeconds": 30
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "PersistentVolumeClaim",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "description": "Exposes the database server"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "postgresql",
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "description": "Defines how to deploy the database"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "openshift",
+ "name": "postgresql:9.5"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${DATABASE_SERVICE_NAME}",
+ "labels": {
+ "name": "${DATABASE_SERVICE_NAME}"
+ }
+ },
+ "spec": {
+ "volumes": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "persistentVolumeClaim": {
+ "claimName": "${DATABASE_SERVICE_NAME}"
+ }
+ }
+ ],
+ "containers": [
+ {
+ "name": "postgresql",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 5432
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 5,
+ "exec": {
+ "command": [
+ "/bin/sh",
+ "-i",
+ "-c",
+ "psql -h 127.0.0.1 -U ${POSTGRESQL_USER} -q -d ${POSTGRESQL_DATABASE} -c 'SELECT 1'"
+ ]
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 1,
+ "initialDelaySeconds": 30,
+ "tcpSocket": {
+ "port": 5432
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "${DATABASE_SERVICE_NAME}-data",
+ "mountPath": "/var/lib/pgsql/data"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DATABASE_USER}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "valueFrom": {
+ "secretKeyRef": {
+ "name": "${NAME}",
+ "key": "database-password"
+ }
+ }
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DATABASE_NAME}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_POSTGRESQL_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ],
+ "parameters": [
+ {
+ "name": "NAME",
+ "displayName": "Name",
+ "description": "The name assigned to all of the frontend objects defined in this template.",
+ "required": true,
+ "value": "musicstore"
+ },
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory Limit",
+ "required": true,
+ "description": "Maximum amount of memory the .NET Core container can use.",
+ "value": "512Mi"
+ },
+ {
+ "name": "MEMORY_POSTGRESQL_LIMIT",
+ "displayName": "Memory Limit (PostgreSQL)",
+ "required": true,
+ "description": "Maximum amount of memory the PostgreSQL container can use.",
+ "value": "512Mi"
+ },
+ {
+ "name": "VOLUME_CAPACITY",
+ "displayName": "Volume Capacity",
+ "description": "Volume space available for data, e.g. 512Mi, 2Gi",
+ "value": "1Gi",
+ "required": true
+ },
+ {
+ "name": "DOTNET_IMAGE_STREAM_TAG",
+ "displayName": ".NET builder",
+ "required": true,
+ "description": "The image stream tag which is used to build the code.",
+ "value": "dotnet:1.1"
+ },
+ {
+ "name": "NAMESPACE",
+ "displayName": "Namespace",
+ "required": true,
+ "description": "The OpenShift Namespace where the .NET builder ImageStream resides.",
+ "value": "openshift"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_URL",
+ "displayName": "Git Repository URL",
+ "required": true,
+ "description": "The URL of the repository with your application source code.",
+ "value": "https://github.com/redhat-developer/s2i-aspnet-musicstore-ex.git"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_REF",
+ "displayName": "Git Reference",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch.",
+ "value": "rel/1.1-example"
+ },
+ {
+ "name": "CONTEXT_DIR",
+ "displayName": "Context Directory",
+ "description": "Set this to the relative path to your project if it is not in the root of your repository."
+ },
+ {
+ "name": "DOTNET_STARTUP_PROJECT",
+ "displayName": "Startup Project",
+ "description": "Set this to the folder containing your startup project.",
+ "value": "samples/MusicStore"
+ },
+ {
+ "name": "DOTNET_ASSEMBLY_NAME",
+ "displayName": "Startup Assembly",
+ "description": "Set this when the assembly name is overridden in the project file."
+ },
+ {
+ "name": "DOTNET_NPM_TOOLS",
+ "displayName": "Npm Tools",
+ "description": "Set this to a space separated list of npm tools needed to publish."
+ },
+ {
+ "name": "DOTNET_TEST_PROJECTS",
+ "displayName": "Test projects",
+ "description": "Set this to a space separated list of test projects to run before publishing."
+ },
+ {
+ "name": "DOTNET_CONFIGURATION",
+ "displayName": "Configuration",
+ "description": "Set this to configuration (Release/Debug).",
+ "value": "Release"
+ },
+ {
+ "name": "DOTNET_RESTORE_SOURCES",
+ "displayName": "NuGet package sources",
+ "description": "Set this to override the NuGet.config sources."
+ },
+ {
+ "name": "APPLICATION_DOMAIN",
+ "displayName": "Application Hostname",
+ "description": "The exposed hostname that will route to the .NET Core service, if left blank a value will be defaulted.",
+ "value": ""
+ },
+ {
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "displayName": "GitHub Webhook Secret",
+ "description": "A secret string used to configure the GitHub webhook.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "DATABASE_SERVICE_NAME",
+ "required": true,
+ "displayName": "Database Service Name",
+ "value": "postgresql"
+ },
+ {
+ "name": "DATABASE_USER",
+ "displayName": "Database Username",
+ "generate": "expression",
+ "from": "user[A-Z0-9]{3}"
+ },
+ {
+ "name": "DATABASE_PASSWORD",
+ "displayName": "Database Password",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{8}"
+ },
+ {
+ "name": "DATABASE_NAME",
+ "required": true,
+ "displayName": "Database Name",
+ "value": "musicstore"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "displayName": "Maximum Database Connections",
+ "value": "100"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "displayName": "Shared Buffer Amount",
+ "value": "12MB"
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/httpd.json b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/httpd.json
new file mode 100644
index 000000000..ac671cc06
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/httpd.json
@@ -0,0 +1,274 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "httpd-example",
+ "annotations": {
+ "openshift.io/display-name": "Httpd",
+ "description": "An example Httpd application that serves static content. For more information about using this template, including OpenShift considerations, see https://github.com/openshift/httpd-ex/blob/master/README.md.",
+ "tags": "quickstart,httpd",
+ "iconClass": "icon-apache",
+ "template.openshift.io/long-description": "This template defines resources needed to develop a static application served by httpd, including a build configuration and application deployment configuration.",
+ "template.openshift.io/provider-display-name": "Red Hat, Inc.",
+ "template.openshift.io/documentation-url": "https://github.com/openshift/httpd-ex",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ }
+ },
+ "message": "The following service(s) have been created in your project: ${NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/httpd-ex/blob/master/README.md.",
+ "labels": {
+ "template": "httpd-example"
+ },
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Exposes and load balances the application pods"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "web",
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
+ },
+ "spec": {
+ "host": "${APPLICATION_DOMAIN}",
+ "to": {
+ "kind": "Service",
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Keeps track of changes in the application image"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to build the application"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${NAMESPACE}",
+ "name": "httpd:2.4"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange"
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to deploy the application server"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Rolling"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "httpd-example"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${NAME}",
+ "labels": {
+ "name": "${NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "httpd-example",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 8080
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 3,
+ "httpGet": {
+ "path": "/",
+ "port": 8080
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 30,
+ "httpGet": {
+ "path": "/",
+ "port": 8080
+ }
+ },
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ },
+ "env": [
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ],
+ "parameters": [
+ {
+ "name": "NAME",
+ "displayName": "Name",
+ "description": "The name assigned to all of the frontend objects defined in this template.",
+ "required": true,
+ "value": "httpd-example"
+ },
+ {
+ "name": "NAMESPACE",
+ "displayName": "Namespace",
+ "description": "The OpenShift Namespace where the ImageStream resides.",
+ "required": true,
+ "value": "openshift"
+ },
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory Limit",
+ "description": "Maximum amount of memory the container can use.",
+ "required": true,
+ "value": "512Mi"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_URL",
+ "displayName": "Git Repository URL",
+ "description": "The URL of the repository with your application source code.",
+ "required": true,
+ "value": "https://github.com/openshift/httpd-ex.git"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_REF",
+ "displayName": "Git Reference",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch."
+ },
+ {
+ "name": "CONTEXT_DIR",
+ "displayName": "Context Directory",
+ "description": "Set this to the relative path to your project if it is not in the root of your repository."
+ },
+ {
+ "name": "APPLICATION_DOMAIN",
+ "displayName": "Application Hostname",
+ "description": "The exposed hostname that will route to the httpd service, if left blank a value will be defaulted.",
+ "value": ""
+ },
+ {
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "displayName": "GitHub Webhook Secret",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "displayName": "Generic Webhook Secret",
+ "description": "A secret string used to configure the Generic webhook.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{40}"
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/jenkins-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/jenkins-ephemeral-template.json
index b0aef3cfc..ce96684a9 100644
--- a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/jenkins-ephemeral-template.json
+++ b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/jenkins-ephemeral-template.json
@@ -22,7 +22,10 @@
"apiVersion": "v1",
"metadata": {
"name": "${JENKINS_SERVICE_NAME}",
- "creationTimestamp": null
+ "creationTimestamp": null,
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
},
"spec": {
"to": {
@@ -110,6 +113,10 @@
"value": "true"
},
{
+ "name": "OPENSHIFT_JENKINS_JVM_ARCH",
+ "value": "${JVM_ARCH}"
+ },
+ {
"name": "KUBERNETES_MASTER",
"value": "https://kubernetes.default:443"
},
@@ -255,6 +262,12 @@
"value": "true"
},
{
+ "name": "JVM_ARCH",
+ "displayName": "Jenkins JVM Architecture",
+ "description": "Whether Jenkins runs with a 32 bit (i386) or 64 bit (x86_64) JVM.",
+ "value": "i386"
+ },
+ {
"name": "MEMORY_LIMIT",
"displayName": "Memory Limit",
"description": "Maximum amount of memory the container can use.",
diff --git a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/jenkins-persistent-template.json b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/jenkins-persistent-template.json
index a542de219..34b2b920b 100644
--- a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/jenkins-persistent-template.json
+++ b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/jenkins-persistent-template.json
@@ -22,7 +22,10 @@
"apiVersion": "v1",
"metadata": {
"name": "${JENKINS_SERVICE_NAME}",
- "creationTimestamp": null
+ "creationTimestamp": null,
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
},
"spec": {
"to": {
@@ -127,6 +130,10 @@
"value": "true"
},
{
+ "name": "OPENSHIFT_JENKINS_JVM_ARCH",
+ "value": "${JVM_ARCH}"
+ },
+ {
"name": "KUBERNETES_MASTER",
"value": "https://kubernetes.default:443"
},
@@ -272,6 +279,12 @@
"value": "true"
},
{
+ "name": "JVM_ARCH",
+ "displayName": "Jenkins JVM Architecture",
+ "description": "Whether Jenkins runs with a 32 bit (i386) or 64 bit (x86_64) JVM.",
+ "value": "i386"
+ },
+ {
"name": "MEMORY_LIMIT",
"displayName": "Memory Limit",
"description": "Maximum amount of memory the container can use.",
diff --git a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/nodejs-mongodb-persistent.json b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/nodejs-mongodb-persistent.json
index 6ee999cb1..a9c365361 100644
--- a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/nodejs-mongodb-persistent.json
+++ b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/nodejs-mongodb-persistent.json
@@ -58,7 +58,10 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}"
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
@@ -102,7 +105,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${NAMESPACE}",
- "name": "nodejs:4"
+ "name": "nodejs:6"
},
"env": [
{
@@ -154,7 +157,7 @@
},
"spec": {
"strategy": {
- "type": "Rolling"
+ "type": "Recreate"
},
"triggers": [
{
@@ -491,7 +494,7 @@
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
- "description": "A secret string used to configure the GitHub webhook.",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
diff --git a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/nodejs-mongodb.json b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/nodejs-mongodb.json
index 5c177a7e0..53a6147d5 100644
--- a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/nodejs-mongodb.json
+++ b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/nodejs-mongodb.json
@@ -58,7 +58,10 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}"
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
@@ -102,7 +105,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${NAMESPACE}",
- "name": "nodejs:4"
+ "name": "nodejs:6"
},
"env": [
{
@@ -154,7 +157,7 @@
},
"spec": {
"strategy": {
- "type": "Rolling"
+ "type": "Recreate"
},
"triggers": [
{
@@ -467,7 +470,7 @@
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
- "description": "A secret string used to configure the GitHub webhook.",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
diff --git a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/pvc.yml b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/pvc.yml
new file mode 100644
index 000000000..0bbb8e625
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/pvc.yml
@@ -0,0 +1,49 @@
+apiVersion: v1
+kind: Template
+metadata:
+ name: "amp-pvc"
+objects:
+
+- apiVersion: "v1"
+ kind: "PersistentVolumeClaim"
+ metadata:
+ name: "system-storage"
+ spec:
+ accessModes:
+ - "ReadWriteMany"
+ resources:
+ requests:
+ storage: "100Mi"
+
+- apiVersion: "v1"
+ kind: "PersistentVolumeClaim"
+ metadata:
+ name: "mysql-storage"
+ spec:
+ accessModes:
+ - "ReadWriteOnce"
+ resources:
+ requests:
+ storage: "1Gi"
+
+- apiVersion: "v1"
+ kind: "PersistentVolumeClaim"
+ metadata:
+ name: "system-redis-storage"
+ spec:
+ accessModes:
+ - "ReadWriteOnce"
+ resources:
+ requests:
+ storage: "1Gi"
+
+- apiVersion: "v1"
+ kind: "PersistentVolumeClaim"
+ metadata:
+ name: "backend-redis-storage"
+ spec:
+ accessModes:
+ - "ReadWriteOnce"
+ resources:
+ requests:
+ storage: "1Gi"
diff --git a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/rails-postgresql-persistent.json b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/rails-postgresql-persistent.json
index b400cfdb3..f07a43071 100644
--- a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/rails-postgresql-persistent.json
+++ b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/rails-postgresql-persistent.json
@@ -23,7 +23,11 @@
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}"
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['application-user']}",
+ "template.openshift.io/expose-password": "{.data['application-password']}"
+ }
},
"stringData" : {
"database-user" : "${DATABASE_USER}",
@@ -60,7 +64,10 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}"
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
@@ -526,7 +533,7 @@
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
- "description": "A secret string used to configure the GitHub webhook.",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
diff --git a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/rails-postgresql.json b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/rails-postgresql.json
index fa67412ff..a7992c988 100644
--- a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/rails-postgresql.json
+++ b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/rails-postgresql.json
@@ -23,7 +23,11 @@
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}"
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['application-user']}",
+ "template.openshift.io/expose-password": "{.data['application-password']}"
+ }
},
"stringData" : {
"database-user" : "${DATABASE_USER}",
@@ -60,7 +64,10 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}"
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
@@ -500,7 +507,7 @@
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
- "description": "A secret string used to configure the GitHub webhook.",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
diff --git a/roles/openshift_examples/files/examples/v1.4/quickstart-templates/wildcard.yml b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/wildcard.yml
new file mode 100644
index 000000000..00dedecd5
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.4/quickstart-templates/wildcard.yml
@@ -0,0 +1,158 @@
+apiVersion: v1
+kind: Template
+metadata:
+ name: "amp-apicast-wildcard-router"
+objects:
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: apicast-router
+ spec:
+ replicas: 1
+ selector:
+ deploymentconfig: apicast-router
+ strategy:
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ deploymentconfig: apicast-router
+ spec:
+ volumes:
+ - name: apicast-router-config
+ configMap:
+ name: apicast-router-config
+ items:
+ - key: router.conf
+ path: router.conf
+ containers:
+ - env:
+ - name: APICAST_CONFIGURATION_LOADER
+ value: "lazy"
+ - name: APICAST_CONFIGURATION_CACHE
+ value: "0"
+ image: 3scale-amp20/apicast-gateway:1.0-3
+ imagePullPolicy: IfNotPresent
+ name: apicast-router
+ command: ['bin/apicast']
+ livenessProbe:
+ tcpSocket:
+ port: router
+ initialDelaySeconds: 5
+ timeoutSeconds: 5
+ periodSeconds: 10
+ readinessProbe:
+ httpGet:
+ path: /status/ready
+ port: management
+ initialDelaySeconds: 5
+ timeoutSeconds: 5
+ periodSeconds: 30
+ volumeMounts:
+ - name: apicast-router-config
+ mountPath: /opt/app-root/src/sites.d/
+ readOnly: true
+ ports:
+ - containerPort: 8082
+ name: router
+ protocol: TCP
+ - containerPort: 8090
+ name: management
+ protocol: TCP
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: apicast-router
+ spec:
+ ports:
+ - name: router
+ port: 80
+ protocol: TCP
+ targetPort: router
+ selector:
+ deploymentconfig: apicast-router
+
+- apiVersion: v1
+ kind: ConfigMap
+ metadata:
+ name: apicast-router-config
+ data:
+ router.conf: |-
+ upstream wildcard {
+ server 0.0.0.1:1;
+
+ balancer_by_lua_block {
+ local round_robin = require 'resty.balancer.round_robin'
+ local balancer = round_robin.new()
+ local peers = balancer:peers(ngx.ctx.apicast)
+
+ local peer, err = balancer:set_peer(peers)
+
+ if not peer then
+ ngx.status = ngx.HTTP_SERVICE_UNAVAILABLE
+ ngx.log(ngx.ERR, "failed to set current backend peer: ", err)
+ ngx.exit(ngx.status)
+ end
+ }
+
+ keepalive 1024;
+ }
+
+ server {
+ listen 8082;
+ server_name ~-(?<apicast>apicast-(staging|production))\.;
+ access_log /dev/stdout combined;
+
+ location / {
+ access_by_lua_block {
+ local resolver = require('resty.resolver'):instance()
+ local servers = resolver:get_servers(ngx.var.apicast, { port = 8080 })
+
+ if #servers == 0 then
+ ngx.status = ngx.HTTP_BAD_GATEWAY
+ ngx.exit(ngx.HTTP_OK)
+ end
+
+ ngx.ctx.apicast = servers
+ }
+ proxy_http_version 1.1;
+ proxy_pass $scheme://wildcard;
+ proxy_set_header Host $host;
+ proxy_set_header Connection "";
+ }
+ }
+
+- apiVersion: v1
+ kind: Route
+ metadata:
+ name: apicast-wildcard-router
+ labels:
+ app: apicast-wildcard-router
+ spec:
+ host: apicast-${TENANT_NAME}.${WILDCARD_DOMAIN}
+ to:
+ kind: Service
+ name: apicast-router
+ port:
+ targetPort: router
+ wildcardPolicy: Subdomain
+ tls:
+ termination: edge
+ insecureEdgeTerminationPolicy: Allow
+
+parameters:
+- name: AMP_RELEASE
+ description: "AMP release tag."
+ value: 2.0.0-CR2-redhat-1
+ required: true
+- name: WILDCARD_DOMAIN
+ description: Root domain for the wildcard routes. Eg. example.com will generate 3scale-admin.example.com.
+ required: true
+- name: TENANT_NAME
+ description: "Domain name under the root that Admin UI will be available with -admin suffix."
+ required: true
+ value: "3scale"
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-streams/jboss-image-streams.json b/roles/openshift_examples/files/examples/v1.4/xpaas-streams/jboss-image-streams.json
index 049f3f884..0bb56452b 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-streams/jboss-image-streams.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-streams/jboss-image-streams.json
@@ -12,7 +12,10 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-webserver30-tomcat7-openshift"
+ "name": "jboss-webserver30-tomcat7-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/jboss-webserver-3/webserver30-tomcat7-openshift",
@@ -23,10 +26,11 @@
"description": "JBoss Web Server 3.0 Tomcat 7 S2I images.",
"iconClass": "icon-jboss",
"tags": "builder,tomcat,tomcat7,java,jboss,xpaas",
- "supports":"tomcat7:3.0,tomcat:7,java:8,xpaas:1.1",
+ "supports": "tomcat7:3.0,tomcat:7,java:8,xpaas:1.1",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "tomcat-websocket-chat",
- "version": "1.1"
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7"
}
},
{
@@ -35,10 +39,23 @@
"description": "JBoss Web Server 3.0 Tomcat 7 S2I images.",
"iconClass": "icon-jboss",
"tags": "builder,tomcat,tomcat7,java,jboss,xpaas",
- "supports":"tomcat7:3.0,tomcat:7,java:8,xpaas:1.2",
+ "supports": "tomcat7:3.0,tomcat:7,java:8,xpaas:1.2",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "tomcat-websocket-chat",
- "version": "1.2"
+ "version": "1.2",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7"
+ }
+ },
+ {
+ "name": "1.3",
+ "annotations": {
+ "description": "JBoss Web Server 3.0 Tomcat 7 S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "builder,tomcat,tomcat7,java,jboss,xpaas",
+ "supports":"tomcat7:3.0,tomcat:7,java:8,xpaas:1.3",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "tomcat-websocket-chat",
+ "version": "1.3"
}
}
]
@@ -48,7 +65,10 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-webserver30-tomcat8-openshift"
+ "name": "jboss-webserver30-tomcat8-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/jboss-webserver-3/webserver30-tomcat8-openshift",
@@ -59,10 +79,11 @@
"description": "JBoss Web Server 3.0 Tomcat 8 S2I images.",
"iconClass": "icon-jboss",
"tags": "builder,tomcat,tomcat8,java,jboss,xpaas",
- "supports":"tomcat8:3.0,tomcat:8,java:8,xpaas:1.1",
+ "supports": "tomcat8:3.0,tomcat:8,java:8,xpaas:1.1",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "tomcat-websocket-chat",
- "version": "1.1"
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8"
}
},
{
@@ -71,10 +92,23 @@
"description": "JBoss Web Server 3.0 Tomcat 8 S2I images.",
"iconClass": "icon-jboss",
"tags": "builder,tomcat,tomcat8,java,jboss,xpaas",
- "supports":"tomcat8:3.0,tomcat:8,java:8,xpaas:1.2",
+ "supports": "tomcat8:3.0,tomcat:8,java:8,xpaas:1.2",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "tomcat-websocket-chat",
- "version": "1.2"
+ "version": "1.2",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8"
+ }
+ },
+ {
+ "name": "1.3",
+ "annotations": {
+ "description": "JBoss Web Server 3.0 Tomcat 8 S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "builder,tomcat,tomcat8,java,jboss,xpaas",
+ "supports":"tomcat8:3.0,tomcat:8,java:8,xpaas:1.3",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "tomcat-websocket-chat",
+ "version": "1.3"
}
}
]
@@ -84,7 +118,66 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-eap64-openshift"
+ "name": "jboss-webserver31-tomcat7-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 7"
+ }
+ },
+ "spec": {
+ "dockerImageRepository": "registry.access.redhat.com/jboss-webserver-3/webserver31-tomcat7-openshift",
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "description": "JBoss Web Server 3.1 Tomcat 7 S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "builder,tomcat,tomcat7,java,jboss,xpaas",
+ "supports": "tomcat7:3.1,tomcat:7,java:8,xpaas:1.4",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "tomcat-websocket-chat",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 7"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-webserver31-tomcat8-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 8"
+ }
+ },
+ "spec": {
+ "dockerImageRepository": "registry.access.redhat.com/jboss-webserver-3/webserver31-tomcat8-openshift",
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "description": "JBoss Web Server 3.1 Tomcat 8 S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "builder,tomcat,tomcat8,java,jboss,xpaas",
+ "supports": "tomcat8:3.1,tomcat:8,java:8,xpaas:1.4",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "tomcat-websocket-chat",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 8"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-eap64-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/jboss-eap-6/eap64-openshift",
@@ -95,11 +188,12 @@
"description": "JBoss EAP 6.4 S2I images.",
"iconClass": "icon-jboss",
"tags": "builder,eap,javaee,java,jboss,xpaas",
- "supports":"eap:6.4,javaee:6,java:8,xpaas:1.1",
+ "supports": "eap:6.4,javaee:6,java:8,xpaas:1.1",
"sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
"sampleContextDir": "kitchensink",
"sampleRef": "6.4.x",
- "version": "1.1"
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4"
}
},
{
@@ -108,11 +202,12 @@
"description": "JBoss EAP 6.4 S2I images.",
"iconClass": "icon-jboss",
"tags": "builder,eap,javaee,java,jboss,xpaas",
- "supports":"eap:6.4,javaee:6,java:8,xpaas:1.2",
+ "supports": "eap:6.4,javaee:6,java:8,xpaas:1.2",
"sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
"sampleContextDir": "kitchensink",
"sampleRef": "6.4.x",
- "version": "1.2"
+ "version": "1.2",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4"
}
},
{
@@ -121,11 +216,12 @@
"description": "JBoss EAP 6.4 S2I images.",
"iconClass": "icon-jboss",
"tags": "builder,eap,javaee,java,jboss,xpaas",
- "supports":"eap:6.4,javaee:6,java:8,xpaas:1.3",
+ "supports": "eap:6.4,javaee:6,java:8,xpaas:1.3",
"sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
"sampleContextDir": "kitchensink",
"sampleRef": "6.4.x",
- "version": "1.3"
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4"
}
},
{
@@ -134,11 +230,25 @@
"description": "JBoss EAP 6.4 S2I images.",
"iconClass": "icon-jboss",
"tags": "builder,eap,javaee,java,jboss,xpaas",
- "supports":"eap:6.4,javaee:6,java:8,xpaas:1.4",
+ "supports": "eap:6.4,javaee:6,java:8,xpaas:1.4",
"sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
"sampleContextDir": "kitchensink",
"sampleRef": "6.4.x",
- "version": "1.4"
+ "version": "1.4",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4"
+ }
+ },
+ {
+ "name": "1.5",
+ "annotations": {
+ "description": "JBoss EAP 6.4 S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "builder,eap,javaee,java,jboss,xpaas",
+ "supports":"eap:6.4,javaee:6,java:8,xpaas:1.5",
+ "sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
+ "sampleContextDir": "kitchensink",
+ "sampleRef": "6.4.x",
+ "version": "1.5"
}
}
]
@@ -148,7 +258,10 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-eap70-openshift"
+ "name": "jboss-eap70-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/jboss-eap-7/eap70-openshift",
@@ -159,11 +272,12 @@
"description": "JBoss EAP 7.0 S2I images.",
"iconClass": "icon-jboss",
"tags": "builder,eap,javaee,java,jboss,xpaas",
- "supports":"eap:7.0,javaee:7,java:8,xpaas:1.3",
+ "supports": "eap:7.0,javaee:7,java:8,xpaas:1.3",
"sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
"sampleContextDir": "kitchensink",
"sampleRef": "7.0.0.GA",
- "version": "1.3"
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0"
}
},
{
@@ -172,11 +286,25 @@
"description": "JBoss EAP 7.0 S2I images.",
"iconClass": "icon-jboss",
"tags": "builder,eap,javaee,java,jboss,xpaas",
- "supports":"eap:7.0,javaee:7,java:8,xpaas:1.4",
+ "supports": "eap:7.0,javaee:7,java:8,xpaas:1.4",
"sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
"sampleContextDir": "kitchensink",
"sampleRef": "7.0.0.GA",
- "version": "1.4"
+ "version": "1.4",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0"
+ }
+ },
+ {
+ "name": "1.5",
+ "annotations": {
+ "description": "JBoss EAP 7.0 S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "builder,eap,javaee,java,jboss,xpaas",
+ "supports":"eap:7.0,javaee:7,java:8,xpaas:1.5",
+ "sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
+ "sampleContextDir": "kitchensink",
+ "sampleRef": "7.0.0.GA",
+ "version": "1.5"
}
}
]
@@ -186,7 +314,10 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-decisionserver62-openshift"
+ "name": "jboss-decisionserver62-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.2 decision server"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/jboss-decisionserver-6/decisionserver62-openshift",
@@ -196,12 +327,13 @@
"annotations": {
"description": "Red Hat JBoss BRMS 6.2 decision server S2I images.",
"iconClass": "icon-jboss",
- "tags": "builder,decisionserver,java,xpaas",
- "supports":"decisionserver:6.2,java:8,xpaas:1.2",
+ "tags": "builder,decisionserver,xpaas",
+ "supports": "decisionserver:6.2,xpaas:1.2",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "decisionserver/hellorules",
"sampleRef": "1.2",
- "version": "1.2"
+ "version": "1.2",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.2 decision server"
}
}
]
@@ -211,7 +343,10 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-decisionserver63-openshift"
+ "name": "jboss-decisionserver63-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.3 decision server"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/jboss-decisionserver-6/decisionserver63-openshift",
@@ -221,12 +356,51 @@
"annotations": {
"description": "Red Hat JBoss BRMS 6.3 decision server S2I images.",
"iconClass": "icon-jboss",
+ "tags": "builder,decisionserver,xpaas",
+ "supports": "decisionserver:6.3,xpaas:1.3",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "decisionserver/hellorules",
+ "sampleRef": "1.3",
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.3 decision server"
+ }
+ },
+ {
+ "name": "1.4",
+ "annotations": {
+ "description": "Red Hat JBoss BRMS 6.3 decision server S2I images.",
+ "iconClass": "icon-jboss",
"tags": "builder,decisionserver,java,xpaas",
- "supports":"decisionserver:6.3,java:8,xpaas:1.3",
+ "supports":"decisionserver:6.3,java:8,xpaas:1.4",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "decisionserver/hellorules",
"sampleRef": "1.3",
- "version": "1.3"
+ "version": "1.4"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-decisionserver64-openshift"
+ },
+ "spec": {
+ "dockerImageRepository": "registry.access.redhat.com/jboss-decisionserver-6/decisionserver64-openshift",
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "description": "Red Hat JBoss BRMS 6.4 decision server S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "builder,decisionserver,java,xpaas",
+ "supports":"decisionserver:6.4,java:8,xpaas:1.4",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "decisionserver/hellorules",
+ "sampleRef": "1.3",
+ "version": "1.0"
}
}
]
@@ -236,7 +410,10 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-processserver63-openshift"
+ "name": "jboss-processserver63-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/jboss-processserver-6/processserver63-openshift",
@@ -246,12 +423,26 @@
"annotations": {
"description": "Red Hat JBoss BPM Suite 6.3 intelligent process server S2I images.",
"iconClass": "icon-jboss",
+ "tags": "builder,processserver,xpaas",
+ "supports": "processserver:6.3,xpaas:1.3",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "processserver/library",
+ "sampleRef": "1.3",
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server"
+ }
+ },
+ {
+ "name": "1.4",
+ "annotations": {
+ "description": "Red Hat JBoss BPM Suite 6.3 intelligent process server S2I images.",
+ "iconClass": "icon-jboss",
"tags": "builder,processserver,java,xpaas",
- "supports":"processserver:6.3,java:8,xpaas:1.3",
+ "supports":"processserver:6.3,java:8,xpaas:1.4",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "processserver/library",
"sampleRef": "1.3",
- "version": "1.3"
+ "version": "1.4"
}
}
]
@@ -261,7 +452,35 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-datagrid65-openshift"
+ "name": "jboss-processserver64-openshift"
+ },
+ "spec": {
+ "dockerImageRepository": "registry.access.redhat.com/jboss-processserver-6/processserver64-openshift",
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "description": "Red Hat JBoss BPM Suite 6.4 intelligent process server S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "builder,processserver,java,xpaas",
+ "supports":"processserver:6.4,java:8,xpaas:1.4",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "processserver/library",
+ "sampleRef": "1.3",
+ "version": "1.0"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-datagrid65-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/jboss-datagrid-6/datagrid65-openshift",
@@ -271,9 +490,56 @@
"annotations": {
"description": "JBoss Data Grid 6.5 S2I images.",
"iconClass": "icon-jboss",
- "tags": "datagrid,java,jboss,xpaas",
- "supports":"datagrid:6.5,java:8,xpaas:1.2",
- "version": "1.2"
+ "tags": "datagrid,jboss,xpaas",
+ "supports": "datagrid:6.5,xpaas:1.2",
+ "version": "1.2",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5"
+ }
+ },
+ {
+ "name": "1.3",
+ "annotations": {
+ "description": "JBoss Data Grid 6.5 S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "datagrid,jboss,xpaas",
+ "supports": "datagrid:6.5,xpaas:1.4",
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5"
+ }
+ },
+ {
+ "name": "1.4",
+ "annotations": {
+ "description": "JBoss Data Grid 6.5 S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "datagrid,jboss,xpaas",
+ "supports":"datagrid:6.5,xpaas:1.4",
+ "version": "1.4"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-datagrid65-client-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 Client Modules for EAP"
+ }
+ },
+ "spec": {
+ "dockerImageRepository": "registry.access.redhat.com/jboss-datagrid-6/datagrid65-client-openshift",
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "description": "JBoss Data Grid 6.5 Client Modules for EAP.",
+ "iconClass": "icon-jboss",
+ "tags": "client,jboss,xpaas",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 Client Modules for EAP"
}
}
]
@@ -283,7 +549,10 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-datavirt63-openshift"
+ "name": "jboss-datavirt63-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.3"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/jboss-datavirt-6/datavirt63-openshift",
@@ -293,9 +562,56 @@
"annotations": {
"description": "Red Hat JBoss Data Virtualization 6.3 S2I images.",
"iconClass": "icon-jboss",
- "tags": "datavirt,java,jboss,xpaas",
- "supports":"datavirt:6.3,java:8,xpaas:1.4",
- "version": "1.0"
+ "tags": "datavirt,jboss,xpaas",
+ "supports": "datavirt:6.3,xpaas:1.4",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.3"
+ }
+ },
+ {
+ "name": "1.1",
+ "annotations": {
+ "description": "Red Hat JBoss Data Virtualization 6.3 S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "datavirt,jboss,xpaas",
+ "supports": "datavirt:6.3,xpaas:1.4",
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.3"
+ }
+ },
+ {
+ "name": "1.2",
+ "annotations": {
+ "description": "Red Hat JBoss Data Virtualization 6.3 S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "datavirt,jboss,xpaas",
+ "supports":"datavirt:6.3,xpaas:1.4",
+ "version": "1.2"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-datavirt63-driver-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.5 JDBC Driver Modules for EAP"
+ }
+ },
+ "spec": {
+ "dockerImageRepository": "registry.access.redhat.com/jboss-datavirt-6/datavirt63-driver-openshift",
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "description": "JBoss Data Virtualization 6.5 JDBC Driver Modules for EAP.",
+ "iconClass": "icon-jboss",
+ "tags": "client,jboss,xpaas",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.5 JDBC Driver Modules for EAP"
}
}
]
@@ -305,7 +621,10 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-amq-62"
+ "name": "jboss-amq-62",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/jboss-amq-6/amq62-openshift",
@@ -316,8 +635,9 @@
"description": "JBoss A-MQ 6.2 broker image.",
"iconClass": "icon-jboss",
"tags": "messaging,amq,jboss,xpaas",
- "supports":"amq:6.2,messaging,xpaas:1.1",
- "version": "1.1"
+ "supports": "amq:6.2,messaging,xpaas:1.1",
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2"
}
},
{
@@ -326,8 +646,9 @@
"description": "JBoss A-MQ 6.2 broker image.",
"iconClass": "icon-jboss",
"tags": "messaging,amq,jboss,xpaas",
- "supports":"amq:6.2,messaging,xpaas:1.2",
- "version": "1.2"
+ "supports": "amq:6.2,messaging,xpaas:1.2",
+ "version": "1.2",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2"
}
},
{
@@ -336,8 +657,45 @@
"description": "JBoss A-MQ 6.2 broker image.",
"iconClass": "icon-jboss",
"tags": "messaging,amq,jboss,xpaas",
- "supports":"amq:6.2,messaging,xpaas:1.3",
- "version": "1.3"
+ "supports": "amq:6.2,messaging,xpaas:1.3",
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2"
+ }
+ },
+ {
+ "name": "1.4",
+ "annotations": {
+ "description": "JBoss A-MQ 6.2 broker image.",
+ "iconClass": "icon-jboss",
+ "tags": "messaging,amq,jboss,xpaas",
+ "supports":"amq:6.2,messaging,xpaas:1.4",
+ "version": "1.4"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-amq-63",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.3"
+ }
+ },
+ "spec": {
+ "dockerImageRepository": "registry.access.redhat.com/jboss-amq-6/amq63-openshift",
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "description": "JBoss A-MQ 6.3 broker image.",
+ "iconClass": "icon-jboss",
+ "tags": "messaging,amq,jboss,xpaas",
+ "supports": "amq:6.3,messaging,xpaas:1.0",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.3"
}
}
]
@@ -348,8 +706,9 @@
"apiVersion": "v1",
"metadata": {
"name": "redhat-sso70-openshift",
- "annotations": {
- "description": "Red Hat SSO 7.0"
+ "annotations": {
+ "description": "Red Hat SSO 7.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.0"
}
},
"spec": {
@@ -361,8 +720,20 @@
"description": "Red Hat SSO 7.0",
"iconClass": "icon-jboss",
"tags": "sso,keycloak,redhat",
- "supports":"sso:7.0,xpaas:1.3",
- "version": "1.3"
+ "supports": "sso:7.0,xpaas:1.3",
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.0"
+ }
+ },
+ {
+ "name": "1.4",
+ "annotations": {
+ "description": "Red Hat SSO 7.0",
+ "iconClass": "icon-jboss",
+ "tags": "sso,keycloak,redhat",
+ "supports": "sso:7.0,xpaas:1.4",
+ "version": "1.4",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.0"
}
}
]
@@ -372,7 +743,48 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "redhat-openjdk18-openshift"
+ "name": "redhat-sso71-openshift",
+ "annotations": {
+ "description": "Red Hat SSO 7.1",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.1"
+ }
+ },
+ "spec": {
+ "dockerImageRepository": "registry.access.redhat.com/redhat-sso-7/sso71-openshift",
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "description": "Red Hat SSO 7.1",
+ "iconClass": "icon-jboss",
+ "tags": "sso,keycloak,redhat",
+ "supports": "sso:7.1,xpaas:1.4",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.1"
+ }
+ },
+ {
+ "name": "1.1",
+ "annotations": {
+ "description": "Red Hat SSO 7.1",
+ "iconClass": "icon-jboss",
+ "tags": "sso,keycloak,redhat",
+ "supports": "sso:7.1,xpaas:1.4",
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.1"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "redhat-openjdk18-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat OpenJDK 8"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/redhat-openjdk-18/openjdk18-openshift",
@@ -384,11 +796,24 @@
"description": "Build and run Java applications using Maven and OpenJDK 8.",
"iconClass": "icon-jboss",
"tags": "builder,java,xpaas,openjdk",
- "supports":"java:8,xpaas:1.0",
+ "supports": "java:8,xpaas:1.0",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts",
"sampleContextDir": "undertow-servlet",
"version": "1.0"
}
+ },
+ {
+ "name": "1.1",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat OpenJDK 8",
+ "description": "Build and run Java applications using Maven and OpenJDK 8.",
+ "iconClass": "icon-jboss",
+ "tags": "builder,java,xpaas,openjdk",
+ "supports": "java:8,xpaas:1.4",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "sampleContextDir": "undertow-servlet",
+ "version": "1.1"
+ }
}
]
}
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/amq62-basic.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/amq62-basic.json
index ab35afead..af20b373a 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/amq62-basic.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/amq62-basic.json
@@ -6,46 +6,54 @@
"description": "Application template for JBoss A-MQ brokers. These can be deployed as standalone or in a mesh. This template doesn't feature SSL support.",
"iconClass": "icon-jboss",
"tags": "messaging,amq,jboss,xpaas",
- "version": "1.3.1"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2 (Ephemeral, no SSL)"
},
"name": "amq62-basic"
},
"labels": {
"template": "amq62-basic",
- "xpaas": "1.3.1"
+ "xpaas": "1.4.0"
},
+ "message": "A new messaging service has been created in your project. It will handle the protocol(s) \"${MQ_PROTOCOL}\". The username/password for accessing the service is ${MQ_USERNAME}/${MQ_PASSWORD}.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "broker",
"required": true
},
{
+ "displayName": "A-MQ Protocols",
"description": "Protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. If left empty, queues will be still created dynamically.",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. If left empty, topics will be still created dynamically.",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ Serializable Packages",
"description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
"name": "MQ_SERIALIZABLE_PACKAGES",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -53,6 +61,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -60,18 +69,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
@@ -171,7 +183,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The broker's OpenWire port."
+ "description": "The broker's OpenWire port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-amqp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp\", \"kind\": \"Service\"}]"
}
}
},
@@ -202,7 +215,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/amq62-persistent-ssl.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/amq62-persistent-ssl.json
index c12f06dec..5acdbfabf 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/amq62-persistent-ssl.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/amq62-persistent-ssl.json
@@ -6,58 +6,68 @@
"description": "Application template for JBoss A-MQ brokers. These are deployed as standalone and use persistent storage for saving messages. This template supports SSL and requires usage of OpenShift secrets.",
"iconClass": "icon-jboss",
"tags": "messaging,amq,jboss,xpaas",
- "version": "1.3.1"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2 (Persistent with SSL)"
},
"name": "amq62-persistent-ssl"
},
"labels": {
"template": "amq62-persistent-ssl",
- "xpaas": "1.3.1"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent messaging service with SSL support has been created in your project. It will handle the protocol(s) \"${MQ_PROTOCOL}\". The username/password for accessing the service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"amq-service-account\" service account and a secret named \"${AMQ_SECRET}\" containing the trust store and key store files (\"${AMQ_TRUSTSTORE}\" and \"${AMQ_KEYSTORE}\") used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "broker",
"required": true
},
{
+ "displayName": "Split Data?",
"description": "Split the data directory for each node in a mesh.",
"name": "AMQ_SPLIT",
"value": "false",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. If left empty, queues will be still created dynamically.",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. If left empty, topics will be still created dynamically.",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ Serializable Packages",
"description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
"name": "MQ_SERIALIZABLE_PACKAGES",
"value": "",
"required": false
},
{
- "description": "Size of persistent storage for database volume.",
+ "displayName": "A-MQ Volume Size",
+ "description": "Size of the volume used by A-MQ for persisting messages.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -65,6 +75,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -72,48 +83,56 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "Secret Name",
"description": "Name of a secret containing SSL related files",
"name": "AMQ_SECRET",
"value": "amq-app-secret",
"required": true
},
{
+ "displayName": "Trust Store Filename",
"description": "SSL trust store filename",
"name": "AMQ_TRUSTSTORE",
"value": "broker.ts",
"required": true
},
{
+ "displayName": "Trust Store Password",
"description": "SSL trust store password",
"name": "AMQ_TRUSTSTORE_PASSWORD",
"value": "",
"required": true
},
{
+ "displayName": "A-MQ Keystore Filename",
"description": "SSL key store filename",
"name": "AMQ_KEYSTORE",
"value": "broker.ks",
"required": true
},
{
+ "displayName": "A-MQ Keystore Password",
"description": "Password for accessing SSL keystore",
"name": "AMQ_KEYSTORE_PASSWORD",
"value": "",
"required": true
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
@@ -309,7 +328,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The broker's OpenWire (SSL) port."
+ "description": "The broker's OpenWire (SSL) port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-amqp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-amqp-ssl\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt-ssl\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp-ssl\", \"kind\": \"Service\"}]"
}
}
},
@@ -340,7 +360,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/amq62-persistent.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/amq62-persistent.json
index 897ce0395..b8089cd6d 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/amq62-persistent.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/amq62-persistent.json
@@ -6,58 +6,68 @@
"description": "Application template for JBoss A-MQ brokers. These can be deployed as standalone and use persistent storage for saving messages. This template doesn't feature SSL support.",
"iconClass": "icon-jboss",
"tags": "messaging,amq,jboss,xpaas",
- "version": "1.3.1"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2 (Persistent, no SSL)"
},
"name": "amq62-persistent"
},
"labels": {
"template": "amq62-persistent",
- "xpaas": "1.3.1"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent messaging service has been created in your project. It will handle the protocol(s) \"${MQ_PROTOCOL}\". The username/password for accessing the service is ${MQ_USERNAME}/${MQ_PASSWORD}.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "broker",
"required": true
},
{
+ "displayName": "Split Data?",
"description": "Split the data directory for each node in a mesh.",
"name": "AMQ_SPLIT",
"value": "false",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. If left empty, queues will be still created dynamically.",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. If left empty, topics will be still created dynamically.",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ Serializable Packages",
"description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
"name": "MQ_SERIALIZABLE_PACKAGES",
"value": "",
"required": false
},
{
- "description": "Size of persistent storage for database volume.",
+ "displayName": "A-MQ Volume Size",
+ "description": "Size of the volume used by A-MQ for persisting messages.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -65,6 +75,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -72,18 +83,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
@@ -183,7 +197,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The broker's OpenWire port."
+ "description": "The broker's OpenWire port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-amqp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp\", \"kind\": \"Service\"}]"
}
}
},
@@ -214,7 +229,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/amq62-ssl.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/amq62-ssl.json
index 97d110286..b52fdbfb0 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/amq62-ssl.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/amq62-ssl.json
@@ -6,46 +6,54 @@
"description": "Application template for JBoss A-MQ brokers. These can be deployed as standalone or in a mesh. This template supports SSL and requires usage of OpenShift secrets.",
"iconClass": "icon-jboss",
"tags": "messaging,amq,jboss,xpaas",
- "version": "1.3.1"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2 (Ephemeral with SSL)"
},
"name": "amq62-ssl"
},
"labels": {
"template": "amq62-ssl",
- "xpaas": "1.3.1"
+ "xpaas": "1.4.0"
},
+ "message": "A new messaging service with SSL support has been created in your project. It will handle the protocol(s) \"${MQ_PROTOCOL}\". The username/password for accessing the service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"amq-service-account\" service account and a secret named \"${AMQ_SECRET}\" containing the trust store and key store files (\"${AMQ_TRUSTSTORE}\" and \"${AMQ_KEYSTORE}\") used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "broker",
"required": true
},
{
+ "displayName": "A-MQ Protocols",
"description": "Protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. SSL variants of these protocols will be configured automaticaly.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. If left empty, queues will be still created dynamically.",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. If left empty, topics will be still created dynamically.",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ Serializable Packages",
"description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
"name": "MQ_SERIALIZABLE_PACKAGES",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -53,6 +61,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -60,48 +69,56 @@
"required": false
},
{
+ "displayName": "Secret Name",
"description": "Name of a secret containing SSL related files",
"name": "AMQ_SECRET",
"value": "amq-app-secret",
"required": true
},
{
+ "displayName": "Trust Store Filename",
"description": "SSL trust store filename",
"name": "AMQ_TRUSTSTORE",
"value": "broker.ts",
"required": true
},
{
+ "displayName": "Trust Store Password",
"description": "SSL trust store password",
"name": "AMQ_TRUSTSTORE_PASSWORD",
"value": "",
"required": true
},
{
+ "displayName": "A-MQ Keystore Filename",
"description": "SSL key store filename",
"name": "AMQ_KEYSTORE",
"value": "broker.ks",
"required": true
},
{
+ "displayName": "A-MQ Keystore Password",
"description": "Password for accessing SSL keystore",
"name": "AMQ_KEYSTORE_PASSWORD",
"value": "",
"required": true
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
@@ -297,7 +314,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The broker's OpenWire (SSL) port."
+ "description": "The broker's OpenWire (SSL) port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-amqp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-amqp-ssl\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt-ssl\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp-ssl\", \"kind\": \"Service\"}]"
}
}
},
@@ -328,7 +346,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/amq63-basic.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/amq63-basic.json
new file mode 100644
index 000000000..d29f6a300
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/amq63-basic.json
@@ -0,0 +1,334 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for JBoss A-MQ brokers. These can be deployed as standalone or in a mesh. This template doesn't feature SSL support.",
+ "iconClass": "icon-jboss",
+ "tags": "messaging,amq,jboss,xpaas",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.3 (Ephemeral, no SSL)"
+ },
+ "name": "amq63-basic"
+ },
+ "labels": {
+ "template": "amq63-basic",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new messaging service has been created in your project. It will handle the protocol(s) \"${MQ_PROTOCOL}\". The username/password for accessing the service is ${MQ_USERNAME}/${MQ_PASSWORD}.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "broker",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. If left empty, queues will be still created dynamically.",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. If left empty, topics will be still created dynamically.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Serializable Packages",
+ "description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5672,
+ "targetPort": 5672
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-amqp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's AMQP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 1883,
+ "targetPort": 1883
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-mqtt",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's MQTT port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61613,
+ "targetPort": 61613
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-stomp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's STOMP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-amqp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Rolling",
+ "rollingParams": {
+ "maxSurge": 0
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-63:1.0"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-63",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "AMQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "${MQ_SERIALIZABLE_PACKAGES}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/amq63-persistent-ssl.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/amq63-persistent-ssl.json
new file mode 100644
index 000000000..47f6396dd
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/amq63-persistent-ssl.json
@@ -0,0 +1,569 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for JBoss A-MQ brokers. These are deployed as standalone and use persistent storage for saving messages. This template supports SSL and requires usage of OpenShift secrets.",
+ "iconClass": "icon-jboss",
+ "tags": "messaging,amq,jboss,xpaas",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.3 (Persistent with SSL)"
+ },
+ "name": "amq63-persistent-ssl"
+ },
+ "labels": {
+ "template": "amq63-persistent-ssl",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new persistent messaging service with SSL support has been created in your project. It will handle the protocol(s) \"${MQ_PROTOCOL}\". The username/password for accessing the service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"amq-service-account\" service account and a secret named \"${AMQ_SECRET}\" containing the trust store and key store files (\"${AMQ_TRUSTSTORE}\" and \"${AMQ_KEYSTORE}\") used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "broker",
+ "required": true
+ },
+ {
+ "displayName": "Split Data?",
+ "description": "Split the data directory for each node in a mesh.",
+ "name": "AMQ_SPLIT",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. If left empty, queues will be still created dynamically.",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. If left empty, topics will be still created dynamically.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Serializable Packages",
+ "description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Volume Size",
+ "description": "Size of the volume used by A-MQ for persisting messages.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "Name of a secret containing SSL related files",
+ "name": "AMQ_SECRET",
+ "value": "amq-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Trust Store Filename",
+ "description": "SSL trust store filename",
+ "name": "AMQ_TRUSTSTORE",
+ "value": "broker.ts",
+ "required": true
+ },
+ {
+ "displayName": "Trust Store Password",
+ "description": "SSL trust store password",
+ "name": "AMQ_TRUSTSTORE_PASSWORD",
+ "value": "",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Keystore Filename",
+ "description": "SSL key store filename",
+ "name": "AMQ_KEYSTORE",
+ "value": "broker.ks",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Keystore Password",
+ "description": "Password for accessing SSL keystore",
+ "name": "AMQ_KEYSTORE_PASSWORD",
+ "value": "",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5672,
+ "targetPort": 5672
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-amqp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's AMQP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5671,
+ "targetPort": 5671
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-amqp-ssl",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's AMQP SSL port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 1883,
+ "targetPort": 1883
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-mqtt",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's MQTT port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8883,
+ "targetPort": 8883
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-mqtt-ssl",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's MQTT SSL port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61613,
+ "targetPort": 61613
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-stomp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's STOMP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61612,
+ "targetPort": 61612
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-stomp-ssl",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's STOMP SSL port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61617,
+ "targetPort": 61617
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp-ssl",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire (SSL) port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-amqp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-amqp-ssl\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt-ssl\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp-ssl\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Rolling",
+ "rollingParams": {
+ "maxSurge": 0
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-63:1.0"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "amq-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-63",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "broker-secret-volume",
+ "mountPath": "/etc/amq-secret-volume",
+ "readOnly": true
+ },
+ {
+ "mountPath": "/opt/amq/data",
+ "name": "${APPLICATION_NAME}-amq-pvol"
+ }
+ ],
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp-ssl",
+ "containerPort": 5671,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt-ssl",
+ "containerPort": 8883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp-ssl",
+ "containerPort": 61612,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp-ssl",
+ "containerPort": 61617,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "AMQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "${MQ_SERIALIZABLE_PACKAGES}"
+ },
+ {
+ "name": "AMQ_SPLIT",
+ "value": "${AMQ_SPLIT}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_KEYSTORE_TRUSTSTORE_DIR",
+ "value": "/etc/amq-secret-volume"
+ },
+ {
+ "name": "AMQ_TRUSTSTORE",
+ "value": "${AMQ_TRUSTSTORE}"
+ },
+ {
+ "name": "AMQ_TRUSTSTORE_PASSWORD",
+ "value": "${AMQ_TRUSTSTORE_PASSWORD}"
+ },
+ {
+ "name": "AMQ_KEYSTORE",
+ "value": "${AMQ_KEYSTORE}"
+ },
+ {
+ "name": "AMQ_KEYSTORE_PASSWORD",
+ "value": "${AMQ_KEYSTORE_PASSWORD}"
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "broker-secret-volume",
+ "secret": {
+ "secretName": "${AMQ_SECRET}"
+ }
+ },
+ {
+ "name": "${APPLICATION_NAME}-amq-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-amq-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteMany"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/amq63-persistent.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/amq63-persistent.json
new file mode 100644
index 000000000..4b64203c4
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/amq63-persistent.json
@@ -0,0 +1,386 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for JBoss A-MQ brokers. These can be deployed as standalone and use persistent storage for saving messages. This template doesn't feature SSL support.",
+ "iconClass": "icon-jboss",
+ "tags": "messaging,amq,jboss,xpaas",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.3 (Persistent, no SSL)"
+ },
+ "name": "amq63-persistent"
+ },
+ "labels": {
+ "template": "amq63-persistent",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new persistent messaging service has been created in your project. It will handle the protocol(s) \"${MQ_PROTOCOL}\". The username/password for accessing the service is ${MQ_USERNAME}/${MQ_PASSWORD}.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "broker",
+ "required": true
+ },
+ {
+ "displayName": "Split Data?",
+ "description": "Split the data directory for each node in a mesh.",
+ "name": "AMQ_SPLIT",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. If left empty, queues will be still created dynamically.",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. If left empty, topics will be still created dynamically.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Serializable Packages",
+ "description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Volume Size",
+ "description": "Size of the volume used by A-MQ for persisting messages.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5672,
+ "targetPort": 5672
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-amqp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's AMQP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 1883,
+ "targetPort": 1883
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-mqtt",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's MQTT port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61613,
+ "targetPort": 61613
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-stomp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's STOMP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-amqp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Rolling",
+ "rollingParams": {
+ "maxSurge": 0
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-63:1.0"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-63",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "mountPath": "/opt/amq/data",
+ "name": "${APPLICATION_NAME}-amq-pvol"
+ }
+ ],
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "AMQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "${MQ_SERIALIZABLE_PACKAGES}"
+ },
+ {
+ "name": "AMQ_SPLIT",
+ "value": "${AMQ_SPLIT}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-amq-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-amq-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteMany"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/amq63-ssl.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/amq63-ssl.json
new file mode 100644
index 000000000..20ad50016
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/amq63-ssl.json
@@ -0,0 +1,521 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for JBoss A-MQ brokers. These can be deployed as standalone or in a mesh. This template supports SSL and requires usage of OpenShift secrets.",
+ "iconClass": "icon-jboss",
+ "tags": "messaging,amq,jboss,xpaas",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.3 (Ephemeral with SSL)"
+ },
+ "name": "amq63-ssl"
+ },
+ "labels": {
+ "template": "amq63-ssl",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new messaging service with SSL support has been created in your project. It will handle the protocol(s) \"${MQ_PROTOCOL}\". The username/password for accessing the service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"amq-service-account\" service account and a secret named \"${AMQ_SECRET}\" containing the trust store and key store files (\"${AMQ_TRUSTSTORE}\" and \"${AMQ_KEYSTORE}\") used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "broker",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. SSL variants of these protocols will be configured automaticaly.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. If left empty, queues will be still created dynamically.",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. If left empty, topics will be still created dynamically.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Serializable Packages",
+ "description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "Name of a secret containing SSL related files",
+ "name": "AMQ_SECRET",
+ "value": "amq-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Trust Store Filename",
+ "description": "SSL trust store filename",
+ "name": "AMQ_TRUSTSTORE",
+ "value": "broker.ts",
+ "required": true
+ },
+ {
+ "displayName": "Trust Store Password",
+ "description": "SSL trust store password",
+ "name": "AMQ_TRUSTSTORE_PASSWORD",
+ "value": "",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Keystore Filename",
+ "description": "SSL key store filename",
+ "name": "AMQ_KEYSTORE",
+ "value": "broker.ks",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Keystore Password",
+ "description": "Password for accessing SSL keystore",
+ "name": "AMQ_KEYSTORE_PASSWORD",
+ "value": "",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5672,
+ "targetPort": 5672
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-amqp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's AMQP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5671,
+ "targetPort": 5671
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-amqp-ssl",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's AMQP SSL port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 1883,
+ "targetPort": 1883
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-mqtt",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's MQTT port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8883,
+ "targetPort": 8883
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-mqtt-ssl",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's MQTT SSL port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61613,
+ "targetPort": 61613
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-stomp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's STOMP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61612,
+ "targetPort": 61612
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-stomp-ssl",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's STOMP SSL port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61617,
+ "targetPort": 61617
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp-ssl",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire (SSL) port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-amqp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-amqp-ssl\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt-ssl\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp-ssl\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Rolling",
+ "rollingParams": {
+ "maxSurge": 0
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-63:1.0"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "amq-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-63",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "broker-secret-volume",
+ "mountPath": "/etc/amq-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp-ssl",
+ "containerPort": 5671,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt-ssl",
+ "containerPort": 8883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp-ssl",
+ "containerPort": 61612,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp-ssl",
+ "containerPort": 61617,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "AMQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "${MQ_SERIALIZABLE_PACKAGES}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_KEYSTORE_TRUSTSTORE_DIR",
+ "value": "/etc/amq-secret-volume"
+ },
+ {
+ "name": "AMQ_TRUSTSTORE",
+ "value": "${AMQ_TRUSTSTORE}"
+ },
+ {
+ "name": "AMQ_TRUSTSTORE_PASSWORD",
+ "value": "${AMQ_TRUSTSTORE_PASSWORD}"
+ },
+ {
+ "name": "AMQ_KEYSTORE",
+ "value": "${AMQ_KEYSTORE}"
+ },
+ {
+ "name": "AMQ_KEYSTORE_PASSWORD",
+ "value": "${AMQ_KEYSTORE_PASSWORD}"
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "broker-secret-volume",
+ "secret": {
+ "secretName": "${AMQ_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datagrid65-basic.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datagrid65-basic.json
index 56e76016f..32433bef0 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datagrid65-basic.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datagrid65-basic.json
@@ -6,76 +6,103 @@
"iconClass": "icon-jboss",
"description": "Application template for JDG 6.5 applications.",
"tags": "datagrid,jboss,xpaas",
- "version": "1.2.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 (Ephemeral, no https)"
},
"name": "datagrid65-basic"
},
"labels": {
"template": "datagrid65-basic",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new data grid service has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\".",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "datagrid-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Username",
"description": "User name for JDG user.",
"name": "USERNAME",
"value": "",
"required": false
},
{
- "description": "Password for JDG user.",
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
"name": "PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "Infinispan Connectors",
"description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
"name": "INFINISPAN_CONNECTORS",
"value": "hotrod,memcached,rest",
"required": false
},
{
+ "displayName": "Cache Names",
"description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.",
"name": "CACHE_NAMES",
"value": "",
"required": false
},
{
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
"description": "",
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "",
"required": false
},
{
+ "displayName": "Memcached Cache Name",
"description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
"name": "MEMCACHED_CACHE",
"value": "default",
"required": false
},
{
+ "displayName": "REST Security Domain",
"description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
"name": "REST_SECURITY_DOMAIN",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -200,7 +227,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datagrid65-openshift:1.2"
+ "name": "jboss-datagrid65-openshift:1.4"
}
}
},
@@ -267,9 +294,14 @@
"protocol": "TCP"
},
{
- "name": "hotrod",
+ "name": "hotrod-internal",
"containerPort": 11222,
"protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
}
],
"env": [
@@ -302,6 +334,14 @@
"value": "${CACHE_NAMES}"
},
{
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datagrid65-https.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datagrid65-https.json
index 639ac2e11..e6f020400 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datagrid65-https.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datagrid65-https.json
@@ -6,130 +6,166 @@
"iconClass": "icon-jboss",
"description": "Application template for JDG 6.5 applications.",
"tags": "datagrid,jboss,xpaas",
- "version": "1.2.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 (Ephemeral with https)"
},
"name": "datagrid65-https"
},
"labels": {
"template": "datagrid65-https",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new data grid service has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". Please be sure to create the \"datagrid-service-account\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "datagrid-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Username",
"description": "User name for JDG user.",
"name": "USERNAME",
"value": "",
"required": false
},
{
- "description": "Password for JDG user.",
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
"name": "PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "datagrid-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "Infinispan Connectors",
"description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
"name": "INFINISPAN_CONNECTORS",
"value": "hotrod,memcached,rest",
"required": false
},
{
+ "displayName": "Cache Names",
"description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.",
"name": "CACHE_NAMES",
"value": "",
"required": false
},
{
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
"description": "",
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "",
"required": false
},
{
+ "displayName": "Memcached Cache Name",
"description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
"name": "MEMCACHED_CACHE",
"value": "default",
"required": false
},
{
+ "displayName": "REST Security Domain",
"description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
"name": "REST_SECURITY_DOMAIN",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "datagrid-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -301,7 +337,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datagrid65-openshift:1.2"
+ "name": "jboss-datagrid65-openshift:1.4"
}
}
},
@@ -386,9 +422,14 @@
"protocol": "TCP"
},
{
- "name": "hotrod",
+ "name": "hotrod-internal",
"containerPort": 11222,
"protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
}
],
"env": [
@@ -437,6 +478,14 @@
"value": "${CACHE_NAMES}"
},
{
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datagrid65-mysql-persistent.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datagrid65-mysql-persistent.json
index 22ca3f0a0..ff57a7936 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datagrid65-mysql-persistent.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datagrid65-mysql-persistent.json
@@ -6,82 +6,96 @@
"iconClass": "icon-jboss",
"description": "Application template for JDG 6.5 and MySQL applications with persistent storage.",
"tags": "datagrid,jboss,xpaas",
- "version": "1.2.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 + MySQL (Persistent with https)"
},
"name": "datagrid65-mysql-persistent"
},
"labels": {
"template": "datagrid65-mysql-persistent",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new data grid service (using MySQL with persistent storage) has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"datagrid-service-account\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "datagrid-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Username",
"description": "User name for JDG user.",
"name": "USERNAME",
"value": "",
"required": false
},
{
- "description": "Password for JDG user.",
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
"name": "PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "datagrid-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
"name": "DB_JNDI",
"value": "java:/jboss/datasources/mysql",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -89,6 +103,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -96,117 +111,158 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "Infinispan Connectors",
"description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
"name": "INFINISPAN_CONNECTORS",
"value": "hotrod,memcached,rest",
"required": false
},
{
+ "displayName": "Cache Names",
"description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.",
"name": "CACHE_NAMES",
"value": "",
"required": false
},
{
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
"description": "",
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "",
"required": false
},
{
+ "displayName": "Memcached Cache Name",
"description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
"name": "MEMCACHED_CACHE",
"value": "default",
"required": false
},
{
+ "displayName": "REST Security Domain",
"description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
"name": "REST_SECURITY_DOMAIN",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "datagrid-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
"generate": "expression",
"required": true
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -230,7 +286,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTP port."
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -254,7 +311,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTPS port."
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -278,7 +336,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "Memcached service for clustered applications."
+ "description": "Memcached service for clustered applications.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -302,7 +361,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "Hot Rod service for clustered applications."
+ "description": "Hot Rod service for clustered applications.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -397,7 +457,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datagrid65-openshift:1.2"
+ "name": "jboss-datagrid65-openshift:1.4"
}
}
},
@@ -482,9 +542,14 @@
"protocol": "TCP"
},
{
- "name": "hotrod",
+ "name": "hotrod-internal",
"containerPort": 11222,
"protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
}
],
"env": [
@@ -585,6 +650,14 @@
"value": "${CACHE_NAMES}"
},
{
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
},
@@ -669,7 +742,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datagrid65-mysql.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datagrid65-mysql.json
index e1a585d24..44902de25 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datagrid65-mysql.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datagrid65-mysql.json
@@ -6,82 +6,96 @@
"iconClass": "icon-jboss",
"description": "Application template for JDG 6.5 and MySQL applications.",
"tags": "datagrid,jboss,xpaas",
- "version": "1.2.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 + MySQL (Ephemeral with https)"
},
"name": "datagrid65-mysql"
},
"labels": {
"template": "datagrid65-mysql",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new data grid service (using MySQL) has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"datagrid-service-account\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "datagrid-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Username",
"description": "User name for JDG user.",
"name": "USERNAME",
"value": "",
"required": false
},
{
- "description": "Password for JDG user.",
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
"name": "PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "datagrid-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
"name": "DB_JNDI",
"value": "java:/jboss/datasources/mysql",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -89,6 +103,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -96,111 +111,151 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "Infinispan Connectors",
"description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
"name": "INFINISPAN_CONNECTORS",
"value": "hotrod,memcached,rest",
"required": false
},
{
+ "displayName": "Cache Names",
"description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.",
"name": "CACHE_NAMES",
"value": "",
"required": false
},
{
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
"description": "",
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "",
"required": false
},
{
+ "displayName": "Memcached Cache Name",
"description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
"name": "MEMCACHED_CACHE",
"value": "default",
"required": false
},
{
+ "displayName": "REST Security Domain",
"description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
"name": "REST_SECURITY_DOMAIN",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "datagrid-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
"generate": "expression",
"required": true
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -224,7 +279,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTP port."
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -248,7 +304,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTPS port."
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -272,7 +329,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "Memcached service for clustered applications."
+ "description": "Memcached service for clustered applications.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -296,7 +354,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "Hot Rod service for clustered applications."
+ "description": "Hot Rod service for clustered applications.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -391,7 +450,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datagrid65-openshift:1.2"
+ "name": "jboss-datagrid65-openshift:1.4"
}
}
},
@@ -476,9 +535,14 @@
"protocol": "TCP"
},
{
- "name": "hotrod",
+ "name": "hotrod-internal",
"containerPort": 11222,
"protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
}
],
"env": [
@@ -579,6 +643,14 @@
"value": "${CACHE_NAMES}"
},
{
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
},
@@ -663,7 +735,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datagrid65-postgresql-persistent.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datagrid65-postgresql-persistent.json
index 12720eb19..6b90e1370 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datagrid65-postgresql-persistent.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datagrid65-postgresql-persistent.json
@@ -6,82 +6,96 @@
"iconClass": "icon-jboss",
"description": "Application template for JDG 6.5 and PostgreSQL applications with persistent storage.",
"tags": "datagrid,jboss,xpaas",
- "version": "1.3.2"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 + PostgreSQL (Persistent with https)"
},
"name": "datagrid65-postgresql-persistent"
},
"labels": {
"template": "datagrid65-postgresql-persistent",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new data grid service (using PostgreSQL with persistent storage) has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"datagrid-service-account\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "datagrid-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Username",
"description": "User name for JDG user.",
"name": "USERNAME",
"value": "",
"required": false
},
{
- "description": "Password for JDG user.",
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
"name": "PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "datagrid-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/postgresql",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -89,6 +103,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -96,102 +111,140 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "Infinispan Connectors",
"description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
"name": "INFINISPAN_CONNECTORS",
"value": "hotrod,memcached,rest",
"required": false
},
{
+ "displayName": "Cache Names",
"description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.",
"name": "CACHE_NAMES",
"value": "",
"required": false
},
{
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
"description": "",
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "",
"required": false
},
{
+ "displayName": "Memcached Cache Name",
"description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
"name": "MEMCACHED_CACHE",
"value": "default",
"required": false
},
{
+ "displayName": "REST Security Domain",
"description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
"name": "REST_SECURITY_DOMAIN",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "datagrid-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
"generate": "expression",
"required": true
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -215,7 +268,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTP port."
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -239,7 +293,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTPS port."
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -382,7 +437,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datagrid65-openshift:1.2"
+ "name": "jboss-datagrid65-openshift:1.4"
}
}
},
@@ -467,9 +522,14 @@
"protocol": "TCP"
},
{
- "name": "hotrod",
+ "name": "hotrod-internal",
"containerPort": 11222,
"protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
}
],
"env": [
@@ -570,6 +630,14 @@
"value": "${CACHE_NAMES}"
},
{
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
},
@@ -654,7 +722,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datagrid65-postgresql.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datagrid65-postgresql.json
index da8015fb0..ae36376db 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datagrid65-postgresql.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datagrid65-postgresql.json
@@ -6,82 +6,96 @@
"iconClass": "icon-jboss",
"description": "Application template for JDG 6.5 and PostgreSQL applications built using.",
"tags": "datagrid,jboss,xpaas",
- "version": "1.3.2"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 + PostgreSQL (Ephemeral with https)"
},
"name": "datagrid65-postgresql"
},
"labels": {
"template": "datagrid65-postgresql",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new data grid service (using PostgreSQL) has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"datagrid-service-account\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "datagrid-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Username",
"description": "User name for JDG user.",
"name": "USERNAME",
"value": "",
"required": false
},
{
- "description": "Password for JDG user.",
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
"name": "PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "datagrid-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/postgresql",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -89,6 +103,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -96,96 +111,133 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "Infinispan Connectors",
"description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
"name": "INFINISPAN_CONNECTORS",
"value": "hotrod,memcached,rest",
"required": false
},
{
+ "displayName": "Cache Names",
"description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configurd for each entry.",
"name": "CACHE_NAMES",
"value": "",
"required": false
},
{
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
"description": "",
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "",
"required": false
},
{
+ "displayName": "Memcached Cache Name",
"description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
"name": "MEMCACHED_CACHE",
"value": "default",
"required": false
},
{
+ "displayName": "REST Security Domain",
"description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
"name": "REST_SECURITY_DOMAIN",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "datagrid-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
"generate": "expression",
"required": true
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -209,7 +261,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTP port."
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -233,7 +286,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTPS port."
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -376,7 +430,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datagrid65-openshift:1.2"
+ "name": "jboss-datagrid65-openshift:1.4"
}
}
},
@@ -461,9 +515,14 @@
"protocol": "TCP"
},
{
- "name": "hotrod",
+ "name": "hotrod-internal",
"containerPort": 11222,
"protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
}
],
"env": [
@@ -564,6 +623,14 @@
"value": "${CACHE_NAMES}"
},
{
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
},
@@ -648,7 +715,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datavirt63-basic-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datavirt63-basic-s2i.json
index 7d64dac98..ea2f13742 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datavirt63-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datavirt63-basic-s2i.json
@@ -6,7 +6,8 @@
"iconClass": "icon-jboss",
"description": "Application template for JBoss Data Virtualization 6.3 services built using S2I.",
"tags": "jdv,datavirt,jboss,xpaas",
- "version": "1.4.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.3 (no SSL)"
},
"name": "datavirt63-basic-s2i"
},
@@ -60,6 +61,7 @@
},
{
"description": "The name of the service account to use for the deployment. The service account should be configured to allow usage of the secret specified by CONFIGURATION_NAME.",
+ "displayName": "Service Account Name",
"name": "SERVICE_ACCOUNT_NAME",
"value": "datavirt-service-account",
"required": true
@@ -133,6 +135,27 @@
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "description": "Comma delimited list of source directories containing VDBs for deployment",
+ "displayName": "VDB Deployment Directories",
+ "name": "VDB_DIRS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Artifact Directories",
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -215,7 +238,22 @@
"uri": "${SOURCE_REPOSITORY_URL}",
"ref": "${SOURCE_REPOSITORY_REF}"
},
- "contextDir": "${CONTEXT_DIR}"
+ "contextDir": "${CONTEXT_DIR}",
+ "images": [
+ {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-datagrid65-client-openshift:1.0"
+ },
+ "paths": [
+ {
+ "destinationDir": "./${CONTEXT_DIR}/extensions/datagrid65",
+ "sourcePath": "/extensions/."
+ }
+ ]
+ }
+ ]
},
"strategy": {
"type": "Source",
@@ -224,8 +262,26 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datavirt63-openshift:1.0"
- }
+ "name": "jboss-datavirt63-openshift:1.2"
+ },
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "CUSTOM_INSTALL_DIRECTORIES",
+ "value": "extensions/*"
+ },
+ {
+ "name": "VDB_DIRS",
+ "value": "${VDB_DIRS}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ]
}
},
"output": {
@@ -252,6 +308,15 @@
"imageChange": {}
},
{
+ "type": "ImageChange",
+ "imageChange": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "jboss-datagrid65-client-openshift:1.0"
+ }
+ }
+ },
+ {
"type": "ConfigChange"
}
]
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datavirt63-extensions-support-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datavirt63-extensions-support-s2i.json
index 1e7c03b99..22b579ecc 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datavirt63-extensions-support-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datavirt63-extensions-support-s2i.json
@@ -6,7 +6,8 @@
"iconClass": "icon-jboss",
"description": "Application template for JBoss Data Virtualization 6.3 services built using S2I. Includes support for installing extensions (e.g. third-party DB drivers) and the ability to configure certificates for serving secure content.",
"tags": "jdv,datavirt,jboss,xpaas",
- "version": "1.4.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.3 (with SSL and Extensions)"
},
"name": "datavirt63-extensions-support-s2i"
},
@@ -102,6 +103,7 @@
},
{
"description": "The name of the service account to use for the deployment. The service account should be configured to allow usage of the secret(s) specified by CONFIGURATION_NAME, HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "displayName": "Service Account Name",
"name": "SERVICE_ACCOUNT_NAME",
"value": "datavirt-service-account",
"required": true
@@ -238,6 +240,27 @@
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "description": "Comma delimited list of source directories containing VDBs for deployment",
+ "displayName": "VDB Deployment Directories",
+ "name": "VDB_DIRS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Artifact Directories",
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -446,6 +469,19 @@
{
"from": {
"kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-datagrid65-client-openshift:1.0"
+ },
+ "paths": [
+ {
+ "destinationDir": "./${CONTEXT_DIR}/extensions/datagrid65",
+ "sourcePath": "/extensions/."
+ }
+ ]
+ },
+ {
+ "from": {
+ "kind": "ImageStreamTag",
"name": "${APPLICATION_NAME}-ext:latest"
},
"paths": [
@@ -464,12 +500,24 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datavirt63-openshift:1.0"
+ "name": "jboss-datavirt63-openshift:1.2"
},
"env": [
{
"name": "CUSTOM_INSTALL_DIRECTORIES",
"value": "extensions/*"
+ },
+ {
+ "name": "VDB_DIRS",
+ "value": "${VDB_DIRS}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
]
}
@@ -507,6 +555,15 @@
}
},
{
+ "type": "ImageChange",
+ "imageChange": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "jboss-datagrid65-client-openshift:1.0"
+ }
+ }
+ },
+ {
"type": "ConfigChange"
}
]
@@ -713,7 +770,7 @@
},
{
"name": "DATAVIRT_TRANSPORT_KEYSTORE",
- "value": "/etc/datavirt-secret-volume/${HTTPS_KEYSTORE}"
+ "value": "${HTTPS_KEYSTORE}"
},
{
"name": "DATAVIRT_TRANSPORT_KEYSTORE_TYPE",
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datavirt63-secure-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datavirt63-secure-s2i.json
index 07f926ff3..9392c20a6 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datavirt63-secure-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/datavirt63-secure-s2i.json
@@ -6,7 +6,8 @@
"iconClass": "icon-jboss",
"description": "Application template for JBoss Data Virtualization 6.3 services built using S2I. Includes ability to configure certificates for serving secure content.",
"tags": "jdv,datavirt,jboss,xpaas",
- "version": "1.4.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.3 (with SSL)"
},
"name": "datavirt63-secure-s2i"
},
@@ -74,6 +75,7 @@
},
{
"description": "The name of the service account to use for the deployment. The service account should be configured to allow usage of the secret(s) specified by CONFIGURATION_NAME, HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "displayName": "Service Account Name",
"name": "SERVICE_ACCOUNT_NAME",
"value": "datavirt-service-account",
"required": true
@@ -210,6 +212,168 @@
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "description": "Comma delimited list of source directories containing VDBs for deployment",
+ "displayName": "VDB Deployment Directories",
+ "name": "VDB_DIRS",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The URL for the SSO server (e.g. https://secure-sso-myproject.example.com/auth). This is the URL through which the user will be redirected when a login or token is required by the application.",
+ "displayName": "SSO Server URL",
+ "name": "SSO_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The URL for the interal SSO service, where secure-sso is the kubernetes service exposed by the SSO server. This is used to create the application client(s) (see SSO_USERNAME). This can also be the same as SSO_URL.",
+ "displayName": "SSO Server Service URL",
+ "name": "SSO_SERVICE_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The SSO realm to which the application client(s) should be associated (e.g. demo).",
+ "displayName": "SSO Realm",
+ "name": "SSO_REALM",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The username used to access the SSO service. This is used to create the appliction client(s) within the specified SSO realm. This should match the SSO_SERVICE_USERNAME specified through one of the sso70-* templates.",
+ "displayName": "SSO Username",
+ "name": "SSO_USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The password for the SSO service user.",
+ "displayName": "SSO User's Password",
+ "name": "SSO_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "SSO Realm Public Key. Public key is recommended to be passed into the template to avoid man-in-the-middle security vulnerability. This can be retrieved from the SSO server, for the specified realm.",
+ "displayName": "SSO Realm Public Key",
+ "name": "SSO_PUBLIC_KEY",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "SSO Client Access Type. true or false",
+ "displayName": "SSO Bearer Only",
+ "name": "SSO_BEARER_ONLY",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The name of the secret containing the keystore file",
+ "displayName": "SSO SAML Keystore Secret",
+ "name": "SSO_SAML_KEYSTORE_SECRET",
+ "value": "datavirt-app-secret",
+ "required": false
+ },
+ {
+ "description": "The name of the keystore file within the secret",
+ "displayName": "SSO SAML Keystore File",
+ "name": "SSO_SAML_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "description": "The name associated with the server certificate",
+ "displayName": "SSO SAML Certificate Alias",
+ "name": "SSO_SAML_CERTIFICATE_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The password for the keystore and certificate",
+ "name": "SSO_SAML_KEYSTORE_PASSWORD",
+ "displayName": "SSO SAML Keystore Password",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The SSO Client Secret for Confidential Access",
+ "name": "SSO_SECRET",
+ "displayName": "SSO Client Secret",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "description": "Enable CORS for SSO applications. true or false",
+ "name": "SSO_ENABLE_CORS",
+ "displayName": "SSO Enable CORS",
+ "value": "false",
+ "required": false
+ },
+ {
+ "description": "SSO logout page for SAML applications",
+ "name": "SSO_SAML_LOGOUT_PAGE",
+ "displayName": "SSO SAML Logout Page",
+ "value": "/",
+ "required": false
+ },
+ {
+ "description": "If true SSL communication between EAP and the SSO Server will be insecure (i.e. certificate validation is disabled with curl)",
+ "name": "SSO_DISABLE_SSL_CERTIFICATE_VALIDATION",
+ "displayName": "SSO Disable SSL Certificate Validation",
+ "value": "true",
+ "required": false
+ },
+ {
+ "description": "The name of the truststore file within the secret (e.g. truststore.jks)",
+ "name": "SSO_TRUSTSTORE",
+ "displayName": "SSO Truststore File",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The password for the truststore and certificate (e.g. mykeystorepass)",
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "displayName": "SSO Truststore Password",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
+ "name": "SSO_TRUSTSTORE_SECRET",
+ "displayName": "SSO Truststore Secret",
+ "value": "datavirt-app-secret",
+ "required": false
+ },
+ {
+ "description": "Comma delimited list of deployments that shoulds be exploded and enabled for SSO OpenIDConnect via auth-method",
+ "name": "SSO_OPENIDCONNECT_DEPLOYMENTS",
+ "displayName": "SSO OpenIDConnect Deployments",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Comma delimited list of deployments that shoulds be exploded and enabled for SSO SAML via auth-method",
+ "name": "SSO_SAML_DEPLOYMENTS",
+ "displayName": "SSO SAML Deployments",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Artifact Directories",
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -354,7 +518,22 @@
"uri": "${SOURCE_REPOSITORY_URL}",
"ref": "${SOURCE_REPOSITORY_REF}"
},
- "contextDir": "${CONTEXT_DIR}"
+ "contextDir": "${CONTEXT_DIR}",
+ "images": [
+ {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-datagrid65-client-openshift:1.0"
+ },
+ "paths": [
+ {
+ "destinationDir": "./${CONTEXT_DIR}/extensions/datagrid65",
+ "sourcePath": "/extensions/."
+ }
+ ]
+ }
+ ]
},
"strategy": {
"type": "Source",
@@ -363,8 +542,26 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datavirt63-openshift:1.0"
- }
+ "name": "jboss-datavirt63-openshift:1.2"
+ },
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "CUSTOM_INSTALL_DIRECTORIES",
+ "value": "extensions/*"
+ },
+ {
+ "name": "VDB_DIRS",
+ "value": "${VDB_DIRS}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ]
}
},
"output": {
@@ -391,6 +588,15 @@
"imageChange": {}
},
{
+ "type": "ImageChange",
+ "imageChange": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "jboss-datagrid65-client-openshift:1.0"
+ }
+ }
+ },
+ {
"type": "ConfigChange"
}
]
@@ -597,7 +803,7 @@
},
{
"name": "DATAVIRT_TRANSPORT_KEYSTORE",
- "value": "/etc/datavirt-secret-volume/${HTTPS_KEYSTORE}"
+ "value": "${HTTPS_KEYSTORE}"
},
{
"name": "DATAVIRT_TRANSPORT_KEYSTORE_TYPE",
@@ -610,6 +816,98 @@
{
"name": "DATAVIRT_TRANSPORT_KEYSTORE_PASSWORD",
"value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "SSO_URL",
+ "value": "${SSO_URL}"
+ },
+ {
+ "name": "SSO_SERVICE_URL",
+ "value": "${SSO_SERVICE_URL}"
+ },
+ {
+ "name": "SSO_REALM",
+ "value": "${SSO_REALM}"
+ },
+ {
+ "name": "SSO_USERNAME",
+ "value": "${SSO_USERNAME}"
+ },
+ {
+ "name": "SSO_PASSWORD",
+ "value": "${SSO_PASSWORD}"
+ },
+ {
+ "name": "SSO_PUBLIC_KEY",
+ "value": "${SSO_PUBLIC_KEY}"
+ },
+ {
+ "name": "SSO_BEARER_ONLY",
+ "value": "${SSO_BEARER_ONLY}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE_SECRET",
+ "value": "${SSO_SAML_KEYSTORE_SECRET}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE",
+ "value": "${SSO_SAML_KEYSTORE}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE_DIR",
+ "value": "/etc/sso-saml-secret-volume"
+ },
+ {
+ "name": "SSO_SAML_CERTIFICATE_NAME",
+ "value": "${SSO_SAML_CERTIFICATE_NAME}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE_PASSWORD",
+ "value": "${SSO_SAML_KEYSTORE_PASSWORD}"
+ },
+ {
+ "name": "SSO_SECRET",
+ "value": "${SSO_SECRET}"
+ },
+ {
+ "name": "SSO_ENABLE_CORS",
+ "value": "${SSO_ENABLE_CORS}"
+ },
+ {
+ "name": "SSO_SAML_LOGOUT_PAGE",
+ "value": "${SSO_SAML_LOGOUT_PAGE}"
+ },
+ {
+ "name": "SSO_DISABLE_SSL_CERTIFICATE_VALIDATION",
+ "value": "${SSO_DISABLE_SSL_CERTIFICATE_VALIDATION}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE",
+ "value": "${SSO_TRUSTSTORE}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_DIR",
+ "value": "/etc/sso-secret-volume"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "${SSO_TRUSTSTORE_PASSWORD}"
+ },
+ {
+ "name": "SSO_OPENIDCONNECT_DEPLOYMENTS",
+ "value": "${SSO_OPENIDCONNECT_DEPLOYMENTS}"
+ },
+ {
+ "name": "SSO_SAML_DEPLOYMENTS",
+ "value": "${SSO_SAML_DEPLOYMENTS}"
+ },
+ {
+ "name": "HOSTNAME_HTTP",
+ "value": "${HOSTNAME_HTTP}"
+ },
+ {
+ "name": "HOSTNAME_HTTPS",
+ "value": "${HOSTNAME_HTTPS}"
}
]
}
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver62-amq-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver62-amq-s2i.json
index 754a3b4c0..1989036fa 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver62-amq-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver62-amq-s2i.json
@@ -5,8 +5,9 @@
"annotations": {
"description": "Application template for Red Hat JBoss BRMS 6.2 decision server A-MQ applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "decisionserver,amq,java,messaging,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "decisionserver,jboss,xpaas",
+ "version": "1.3.3",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.2 decision server + A-MQ (with https)"
},
"name": "decisionserver62-amq-s2i"
},
@@ -14,20 +15,24 @@
"template": "decisionserver62-amq-s2i",
"xpaas": "1.3.3"
},
+ "message": "A new BRMS/A-MQ application with SSL support has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"decisionserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "HelloRulesContainer=org.openshift.quickstarts:decisionserver-hellorules:1.2.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -35,102 +40,119 @@
"required": false
},
{
+ "displayName": "KIE Server Domain",
"description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
"name": "KIE_SERVER_DOMAIN",
"value": "other",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Response",
"description": "JNDI name of response queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
"value": "queue/KIE.SERVER.RESPONSE",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "decisionserver/hellorules",
"required": false
},
{
+ "displayName": "JMS Connection Factory JNDI Name",
"description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
"name": "MQ_JNDI",
"value": "java:/JmsXA",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_QUEUES",
"value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "decisionserver-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -138,6 +160,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -145,18 +168,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -164,6 +190,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -171,6 +198,7 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
@@ -198,7 +226,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTP port."
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -222,7 +251,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTPS port."
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -564,7 +594,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver62-basic-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver62-basic-s2i.json
index 8be4ac90b..25b2c162c 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver62-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver62-basic-s2i.json
@@ -5,8 +5,9 @@
"annotations": {
"description": "Application template for Red Hat JBoss BRMS 6.2 decision server applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "decisionserver,java,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "decisionserver,jboss,xpaas",
+ "version": "1.3.3",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.2 decision server (no https)"
},
"name": "decisionserver62-basic-s2i"
},
@@ -14,20 +15,24 @@
"template": "decisionserver62-basic-s2i",
"xpaas": "1.3.3"
},
+ "message": "A new BRMS application has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "HelloRulesContainer=org.openshift.quickstarts:decisionserver-hellorules:1.2.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -35,48 +40,56 @@
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "decisionserver/hellorules",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -84,6 +97,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -91,6 +105,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -98,6 +113,7 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver62-https-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver62-https-s2i.json
index bf9047599..85605d642 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver62-https-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver62-https-s2i.json
@@ -5,8 +5,9 @@
"annotations": {
"description": "Application template for Red Hat JBoss BRMS 6.2 decision server HTTPS applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "decisionserver,java,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "decisionserver,jboss,xpaas",
+ "version": "1.3.3",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.2 decision server (with https)"
},
"name": "decisionserver62-https-s2i"
},
@@ -14,32 +15,38 @@
"template": "decisionserver62-https-s2i",
"xpaas": "1.3.3"
},
+ "message": "A new BRMS application with SSL support has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. Please be sure to create the \"decisionserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "HelloRulesContainer=org.openshift.quickstarts:decisionserver-hellorules:1.2.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Protocol",
"description": "The protocol to access the KIE Server REST interface.",
"name": "KIE_SERVER_PROTOCOL",
"value": "https",
"required": false
},
{
+ "displayName": "KIE Server Port",
"description": "The port to access the KIE Server REST interface.",
"name": "KIE_SERVER_PORT",
"value": "8443",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -47,78 +54,91 @@
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "decisionserver/hellorules",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "decisionserver-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -126,6 +146,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -133,6 +154,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -140,6 +162,7 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver63-amq-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver63-amq-s2i.json
index 51e667e02..ecea54d94 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver63-amq-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver63-amq-s2i.json
@@ -5,29 +5,34 @@
"annotations": {
"description": "Application template for Red Hat JBoss BRMS 6.3 decision server A-MQ applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "decisionserver,amq,java,messaging,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "decisionserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.3 decision server + A-MQ (with https)"
},
"name": "decisionserver63-amq-s2i"
},
"labels": {
"template": "decisionserver63-amq-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new BRMS/A-MQ application with SSL support has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"decisionserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "decisionserver-hellorules=org.openshift.quickstarts:decisionserver-hellorules:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -35,108 +40,126 @@
"required": false
},
{
+ "displayName": "KIE Server Domain",
"description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
"name": "KIE_SERVER_DOMAIN",
"value": "other",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Request",
"description": "JNDI name of request queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_REQUEST",
"value": "queue/KIE.SERVER.REQUEST",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Response",
"description": "JNDI name of response queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
"value": "queue/KIE.SERVER.RESPONSE",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "decisionserver/hellorules",
"required": false
},
{
+ "displayName": "JMS Connection Factory JNDI Name",
"description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
"name": "MQ_JNDI",
"value": "java:/JmsXA",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_QUEUES",
"value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "decisionserver-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -144,6 +167,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -151,18 +175,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -170,6 +197,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -177,10 +205,24 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -204,7 +246,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTP port."
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -228,7 +271,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTPS port."
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -334,13 +378,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-decisionserver63-openshift:1.3"
+ "name": "jboss-decisionserver63-openshift:1.4"
}
}
},
@@ -574,7 +626,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver63-basic-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver63-basic-s2i.json
index c5f0d006a..d655dbe94 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver63-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver63-basic-s2i.json
@@ -5,29 +5,34 @@
"annotations": {
"description": "Application template for Red Hat JBoss BRMS 6.3 decision server applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "decisionserver,java,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "decisionserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.3 decision server (no https)"
},
"name": "decisionserver63-basic-s2i"
},
"labels": {
"template": "decisionserver63-basic-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new BRMS application has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "decisionserver-hellorules=org.openshift.quickstarts:decisionserver-hellorules:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -35,48 +40,56 @@
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "decisionserver/hellorules",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -84,6 +97,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -91,6 +105,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -98,10 +113,24 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -184,13 +213,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-decisionserver63-openshift:1.3"
+ "name": "jboss-decisionserver63-openshift:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver63-https-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver63-https-s2i.json
index 3db0e4c84..78e79c0cf 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver63-https-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver63-https-s2i.json
@@ -5,41 +5,48 @@
"annotations": {
"description": "Application template for Red Hat JBoss BRMS 6.3 decision server HTTPS applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "decisionserver,java,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "decisionserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.3 decision server (with https)"
},
"name": "decisionserver63-https-s2i"
},
"labels": {
"template": "decisionserver63-https-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new BRMS application with SSL support has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. Please be sure to create the \"decisionserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "decisionserver-hellorules=org.openshift.quickstarts:decisionserver-hellorules:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Protocol",
"description": "The protocol to access the KIE Server REST interface.",
"name": "KIE_SERVER_PROTOCOL",
"value": "https",
"required": false
},
{
+ "displayName": "KIE Server Port",
"description": "The port to access the KIE Server REST interface.",
"name": "KIE_SERVER_PORT",
"value": "8443",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -47,78 +54,91 @@
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "decisionserver/hellorules",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "decisionserver-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -126,6 +146,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -133,6 +154,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -140,10 +162,24 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -273,13 +309,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-decisionserver63-openshift:1.3"
+ "name": "jboss-decisionserver63-openshift:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver64-amq-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver64-amq-s2i.json
new file mode 100644
index 000000000..c688a2a67
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver64-amq-s2i.json
@@ -0,0 +1,748 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for Red Hat JBoss BRMS 6.4 decision server A-MQ applications built using S2I.",
+ "iconClass": "icon-jboss",
+ "tags": "decisionserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.4 decision server + A-MQ (with https)"
+ },
+ "name": "decisionserver64-amq-s2i"
+ },
+ "labels": {
+ "template": "decisionserver64-amq-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new BRMS/A-MQ application with SSL support has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"decisionserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "KIE Container Deployment",
+ "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "decisionserver-hellorules=org.openshift.quickstarts:decisionserver-hellorules:1.3.0.Final",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Username",
+ "description": "The user name to access the KIE Server REST or JMS interface.",
+ "name": "KIE_SERVER_USER",
+ "value": "kieserver",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Password",
+ "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
+ "name": "KIE_SERVER_PASSWORD",
+ "from": "[a-zA-Z]{6}[0-9]{1}!",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Domain",
+ "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "other",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server JMS Queues Request",
+ "description": "JNDI name of request queue for JMS.",
+ "name": "KIE_SERVER_JMS_QUEUES_REQUEST",
+ "value": "queue/KIE.SERVER.REQUEST",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server JMS Queues Response",
+ "description": "JNDI name of response queue for JMS.",
+ "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
+ "value": "queue/KIE.SERVER.RESPONSE",
+ "required": false
+ },
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "kie-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "decisionserver/hellorules",
+ "required": false
+ },
+ {
+ "displayName": "JMS Connection Factory JNDI Name",
+ "description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
+ "name": "MQ_JNDI",
+ "value": "java:/JmsXA",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_QUEUES",
+ "value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "decisionserver-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTP service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTPS service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-decisionserver64-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "decisionserver-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "decisionserver-keystore-volume",
+ "mountPath": "/etc/decisionserver-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "KIE_SERVER_USER",
+ "value": "${KIE_SERVER_USER}"
+ },
+ {
+ "name": "KIE_SERVER_PASSWORD",
+ "value": "${KIE_SERVER_PASSWORD}"
+ },
+ {
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "${KIE_SERVER_DOMAIN}"
+ },
+ {
+ "name": "KIE_SERVER_JMS_QUEUES_REQUEST",
+ "value": "${KIE_SERVER_JMS_QUEUES_REQUEST}"
+ },
+ {
+ "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
+ "value": "${KIE_SERVER_JMS_QUEUES_RESPONSE}"
+ },
+ {
+ "name": "MQ_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-amq=MQ"
+ },
+ {
+ "name": "MQ_JNDI",
+ "value": "${MQ_JNDI}"
+ },
+ {
+ "name": "MQ_USERNAME",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "MQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "MQ_PROTOCOL",
+ "value": "tcp"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/decisionserver-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "decisionserver-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-63:1.0"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-63",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp-ssl",
+ "containerPort": 5671,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp-ssl",
+ "containerPort": 61612,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp-ssl",
+ "containerPort": 61617,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver64-basic-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver64-basic-s2i.json
new file mode 100644
index 000000000..778c51844
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver64-basic-s2i.json
@@ -0,0 +1,376 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for Red Hat JBoss BRMS 6.4 decision server applications built using S2I.",
+ "iconClass": "icon-jboss",
+ "tags": "decisionserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.4 decision server (no https)"
+ },
+ "name": "decisionserver64-basic-s2i"
+ },
+ "labels": {
+ "template": "decisionserver64-basic-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new BRMS application has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}.",
+ "parameters": [
+ {
+ "displayName": "KIE Container Deployment",
+ "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "decisionserver-hellorules=org.openshift.quickstarts:decisionserver-hellorules:1.3.0.Final",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Username",
+ "description": "The user name to access the KIE Server REST or JMS interface.",
+ "name": "KIE_SERVER_USER",
+ "value": "kieserver",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Password",
+ "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
+ "name": "KIE_SERVER_PASSWORD",
+ "from": "[a-zA-Z]{6}[0-9]{1}!",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "kie-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "decisionserver/hellorules",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Password",
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-decisionserver64-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "KIE_SERVER_USER",
+ "value": "${KIE_SERVER_USER}"
+ },
+ {
+ "name": "KIE_SERVER_PASSWORD",
+ "value": "${KIE_SERVER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver64-https-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver64-https-s2i.json
new file mode 100644
index 000000000..e6c6961c1
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/decisionserver64-https-s2i.json
@@ -0,0 +1,517 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for Red Hat JBoss BRMS 6.4 decision server HTTPS applications built using S2I.",
+ "iconClass": "icon-jboss",
+ "tags": "decisionserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.4 decision server (with https)"
+ },
+ "name": "decisionserver64-https-s2i"
+ },
+ "labels": {
+ "template": "decisionserver64-https-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new BRMS application with SSL support has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. Please be sure to create the \"decisionserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "KIE Container Deployment",
+ "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "decisionserver-hellorules=org.openshift.quickstarts:decisionserver-hellorules:1.3.0.Final",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Protocol",
+ "description": "The protocol to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "https",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Port",
+ "description": "The port to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PORT",
+ "value": "8443",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Username",
+ "description": "The user name to access the KIE Server REST or JMS interface.",
+ "name": "KIE_SERVER_USER",
+ "value": "kieserver",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Password",
+ "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
+ "name": "KIE_SERVER_PASSWORD",
+ "from": "[a-zA-Z]{6}[0-9]{1}!",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "kie-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "decisionserver/hellorules",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "decisionserver-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Password",
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-decisionserver64-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "decisionserver-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "decisionserver-keystore-volume",
+ "mountPath": "/etc/decisionserver-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "${KIE_SERVER_PROTOCOL}"
+ },
+ {
+ "name": "KIE_SERVER_PORT",
+ "value": "${KIE_SERVER_PORT}"
+ },
+ {
+ "name": "KIE_SERVER_USER",
+ "value": "${KIE_SERVER_USER}"
+ },
+ {
+ "name": "KIE_SERVER_PASSWORD",
+ "value": "${KIE_SERVER_PASSWORD}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/decisionserver-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "decisionserver-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-amq-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-amq-persistent-s2i.json
index 72dbb4302..912838175 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-amq-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-amq-persistent-s2i.json
@@ -5,131 +5,153 @@
"annotations": {
"description": "Application template for EAP 6 A-MQ applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,amq,javaee,java,messaging,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + A-MQ (Persistent with https)"
},
"name": "eap64-amq-persistent-s2i"
},
"labels": {
"template": "eap64-amq-persistent-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 and A-MQ persistent based application with SSL support has been created in your project. The username/password for accessing the A-MQ service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "6.4.x",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "helloworld-mdb",
"required": false
},
{
- "description": "Size of persistent storage for database volume.",
+ "displayName": "A-MQ Volume Size",
+ "description": "Size of the volume used by A-MQ for persisting messages.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "JMS Connection Factory JNDI Name",
"description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/ConnectionFactory",
"name": "MQ_JNDI",
"value": "java:/ConnectionFactory",
"required": false
},
{
+ "displayName": "Split Data?",
"description": "Split the data directory for each node in a mesh.",
"name": "AMQ_SPLIT",
"value": "false",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_QUEUES",
"value": "HELLOWORLDMDBQueue",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_TOPICS",
"value": "HELLOWORLDMDBTopic",
"required": false
},
{
+ "displayName": "A-MQ Serializable Packages",
"description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
"name": "MQ_SERIALIZABLE_PACKAGES",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -137,6 +159,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -144,18 +167,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -163,6 +189,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -170,36 +197,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -207,10 +240,24 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -234,7 +281,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTP port."
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -258,7 +306,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTPS port."
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -360,11 +409,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
}
}
},
@@ -641,7 +700,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-amq-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-amq-s2i.json
index 9dd847451..dd4c7a27b 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-amq-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-amq-s2i.json
@@ -5,119 +5,139 @@
"annotations": {
"description": "Application template for EAP 6 A-MQ applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,amq,javaee,java,messaging,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + A-MQ (Ephemeral with https)"
},
"name": "eap64-amq-s2i"
},
"labels": {
"template": "eap64-amq-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 and A-MQ based application with SSL support has been created in your project. The username/password for accessing the A-MQ service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "6.4.x",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "helloworld-mdb",
"required": false
},
{
+ "displayName": "JMS Connection Factory JNDI Name",
"description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/ConnectionFactory",
"name": "MQ_JNDI",
"value": "java:/ConnectionFactory",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_QUEUES",
"value": "HELLOWORLDMDBQueue",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_TOPICS",
"value": "HELLOWORLDMDBTopic",
"required": false
},
{
+ "displayName": "A-MQ Serializable Packages",
"description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
"name": "MQ_SERIALIZABLE_PACKAGES",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -125,6 +145,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -132,18 +153,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -151,6 +175,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -158,36 +183,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -195,10 +226,24 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -222,7 +267,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTP port."
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -246,7 +292,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTPS port."
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -348,11 +395,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
}
}
},
@@ -626,7 +683,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-basic-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-basic-s2i.json
index 7b1800b7b..e13b3851b 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-basic-s2i.json
@@ -6,58 +6,68 @@
"iconClass": "icon-jboss",
"description": "Application template for EAP 6 applications built using S2I.",
"tags": "eap,javaee,java,jboss,xpaas",
- "version": "1.3.2"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 (no https)"
},
"name": "eap64-basic-s2i"
},
"labels": {
"template": "eap64-basic-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 based application has been created in your project.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-developer/jboss-eap-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "6.4.x",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "kitchensink",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -65,6 +75,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -72,6 +83,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -79,12 +91,14 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -92,10 +106,24 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -174,11 +202,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-https-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-https-s2i.json
index 31716d84c..0da32eb40 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-https-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-https-s2i.json
@@ -6,100 +6,117 @@
"iconClass": "icon-jboss",
"description": "Application template for EAP 6 applications built using S2I.",
"tags": "eap,javaee,java,jboss,xpaas",
- "version": "1.3.2"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 (with https)"
},
"name": "eap64-https-s2i"
},
"labels": {
"template": "eap64-https-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 based application with SSL support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-developer/jboss-eap-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "6.4.x",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "kitchensink",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -107,6 +124,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -114,6 +132,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -121,36 +140,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -158,10 +183,24 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -287,11 +326,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-mongodb-persistent-s2i.json
index 212431056..77b75466d 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-mongodb-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-mongodb-persistent-s2i.json
@@ -5,149 +5,175 @@
"annotations": {
"description": "Application template for EAP 6 MongoDB applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,mongodb,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + MongoDB (Persistent with https)"
},
"name": "eap64-mongodb-persistent-s2i"
},
"labels": {
"template": "eap64-mongodb-persistent-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 and MongoDB persistent based application with SSL support has been created in your project. The username/password for accessing the MongoDB database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-mongodb",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
"name": "DB_JNDI",
"value": "",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MongoDB No Preallocation",
"description": "Disable data file preallocation.",
"name": "MONGODB_NOPREALLOC",
"required": false
},
{
+ "displayName": "MongoDB Small Files",
"description": "Set MongoDB to use a smaller default data file size.",
"name": "MONGODB_SMALLFILES",
"required": false
},
{
+ "displayName": "MongoDB Quiet",
"description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
"name": "MONGODB_QUIET",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -155,6 +181,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -162,6 +189,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -169,6 +197,7 @@
"required": true
},
{
+ "displayName": "Database admin password",
"description": "Database admin password",
"name": "DB_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -176,6 +205,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -183,6 +213,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -190,36 +221,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -227,10 +264,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
}
],
"objects": [
@@ -254,7 +312,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -278,7 +337,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -380,11 +440,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
}
}
},
@@ -674,7 +744,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mongodb:latest"
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-mongodb-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-mongodb-s2i.json
index 13fbbdd93..2785782d4 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-mongodb-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-mongodb-s2i.json
@@ -5,143 +5,168 @@
"annotations": {
"description": "Application template for EAP 6 MongoDB applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,mongodb,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + MongoDB (Ephemeral with https)"
},
"name": "eap64-mongodb-s2i"
},
"labels": {
"template": "eap64-mongodb-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 and MongoDB based application with SSL support has been created in your project. The username/password for accessing the MongoDB database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-mongodb",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
"name": "DB_JNDI",
"value": "",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MongoDB No Preallocation",
"description": "Disable data file preallocation.",
"name": "MONGODB_NOPREALLOC",
"required": false
},
{
+ "displayName": "MongoDB Small Files",
"description": "Set MongoDB to use a smaller default data file size.",
"name": "MONGODB_SMALLFILES",
"required": false
},
{
+ "displayName": "MongoDB Quiet",
"description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
"name": "MONGODB_QUIET",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -149,6 +174,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -156,6 +182,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -163,6 +190,7 @@
"required": true
},
{
+ "displayName": "Database admin password",
"description": "Database admin password",
"name": "DB_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -170,6 +198,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -177,6 +206,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -184,36 +214,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -221,10 +257,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
}
],
"objects": [
@@ -248,7 +305,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -272,7 +330,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -374,11 +433,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
}
}
},
@@ -668,7 +737,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mongodb:latest"
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-mysql-persistent-s2i.json
index 69fdec206..cca0f9c2b 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-mysql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-mysql-persistent-s2i.json
@@ -5,159 +5,187 @@
"annotations": {
"description": "Application template for EAP 6 MySQL applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,mysql,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + MySQL (Persistent with https)"
},
"name": "eap64-mysql-persistent-s2i"
},
"labels": {
"template": "eap64-mysql-persistent-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 and MySQL persistent based application with SSL support has been created in your project. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/TodoListDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -165,6 +193,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -172,6 +201,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -179,6 +209,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -186,6 +217,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -193,36 +225,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -230,10 +268,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -257,7 +316,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -281,7 +341,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -383,11 +444,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
}
}
},
@@ -681,7 +752,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-mysql-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-mysql-s2i.json
index 2bd3c249f..5766506fd 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-mysql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-mysql-s2i.json
@@ -5,153 +5,180 @@
"annotations": {
"description": "Application template for EAP 6 MySQL applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,mysql,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + MySQL (Ephemeral with https)"
},
"name": "eap64-mysql-s2i"
},
"labels": {
"template": "eap64-mysql-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 and MySQL based application with SSL support has been created in your project. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/TodoListDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -159,6 +186,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -166,6 +194,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -173,6 +202,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -180,6 +210,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -187,36 +218,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -224,10 +261,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -251,7 +309,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -275,7 +334,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -377,11 +437,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
}
}
},
@@ -675,7 +745,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-postgresql-persistent-s2i.json
index 31f245950..01891774d 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-postgresql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-postgresql-persistent-s2i.json
@@ -5,144 +5,169 @@
"annotations": {
"description": "Application template for EAP 6 PostgreSQL applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,postgresql,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + PostgreSQL (Persistent with https)"
},
"name": "eap64-postgresql-persistent-s2i"
},
"labels": {
"template": "eap64-postgresql-persistent-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 and PostgreSQL persistent based application with SSL support has been created in your project. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/TodoListDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -150,6 +175,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -157,6 +183,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -164,6 +191,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -171,6 +199,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -178,36 +207,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -215,10 +250,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -242,7 +298,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -266,7 +323,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -368,11 +426,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
}
}
},
@@ -666,7 +734,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-postgresql-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-postgresql-s2i.json
index eac964697..e00f2b0e3 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-postgresql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-postgresql-s2i.json
@@ -5,138 +5,162 @@
"annotations": {
"description": "Application template for EAP 6 PostgreSQL applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,postgresql,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + PostgreSQL (Ephemeral with https)"
},
"name": "eap64-postgresql-s2i"
},
"labels": {
"template": "eap64-postgresql-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 and PostgreSQL based application with SSL support has been created in your project. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/TodoListDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -144,6 +168,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -151,6 +176,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -158,6 +184,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -165,6 +192,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -172,36 +200,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -209,10 +243,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -236,7 +291,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -260,7 +316,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -362,11 +419,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
}
}
},
@@ -660,7 +727,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-sso-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-sso-s2i.json
index 09023be71..ec0739d04 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-sso-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-sso-s2i.json
@@ -3,103 +3,120 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "iconClass" : "icon-jboss",
+ "iconClass": "icon-jboss",
"description": "Application template for EAP 6 applications built using S2I, enabled for SSO.",
- "tags": "eap,javaee,java,jboss,xpaas,sso,keycloak",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + Single Sign-On (with https)"
},
"name": "eap64-sso-s2i"
},
"labels": {
"template": "eap64-sso-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 based application with SSL and SSO support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Hostname for http service route (e.g. eap-app-myproject.example.com). Required for SSO-enabled applications. This is added to the white list of redirects in the SSO server.",
"name": "HOSTNAME_HTTP",
"value": "",
"required": true
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Hostname for https service route (e.g. secure-eap-app-myproject.example.com). Required for SSO-enabled applications. This is added to the white list of redirects in the SSO server.",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": true
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/redhat-developer/redhat-sso-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "7.0.x-ose",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate (e.g. jboss)",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate (e.g. mykeystorepass)",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -107,6 +124,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -114,6 +132,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -121,36 +140,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate (e.g. secret-key)",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate (e.g. password)",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -158,84 +183,98 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
},
{
+ "displayName": "URL for SSO",
"description": "The URL for the SSO server (e.g. https://secure-sso-myproject.example.com/auth). This is the URL through which the user will be redirected when a login or token is required by the application.",
"name": "SSO_URL",
"value": "",
"required": true
},
{
- "description": "The URL for the interal SSO service, where secure-sso is the kubernetes service exposed by the SSO server. This is used to create the application client(s) (see SSO_USERNAME). This can also be the same as SSO_URL.",
+ "displayName": "URL for SSO (internal service)",
+ "description": "The URL for the internal SSO service, where secure-sso is the kubernetes service exposed by the SSO server. This is used to create the application client(s) (see SSO_USERNAME). This can also be the same as SSO_URL.",
"name": "SSO_SERVICE_URL",
"value": "https://secure-sso:8443/auth",
"required": false
},
{
+ "displayName": "SSO Realm",
"description": "The SSO realm to which the application client(s) should be associated (e.g. demo).",
"name": "SSO_REALM",
"value": "",
"required": true
},
{
+ "displayName": "SSO Username",
"description": "The username used to access the SSO service. This is used to create the appliction client(s) within the specified SSO realm. This should match the SSO_SERVICE_USERNAME specified through one of the sso70-* templates.",
"name": "SSO_USERNAME",
"value": "",
"required": false
},
{
+ "displayName": "SSO Password",
"description": "The password for the SSO service user.",
"name": "SSO_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Public Key",
"description": "SSO Public Key. Public key is recommended to be passed into the template to avoid man-in-the-middle security vulnerability. This can be retrieved from the SSO server, for the specified realm.",
"name": "SSO_PUBLIC_KEY",
"value": "",
"required": false
},
{
+ "displayName": "SSO Bearer Only?",
"description": "SSO Client Access Type",
"name": "SSO_BEARER_ONLY",
"value": "",
"required": false
},
{
+ "displayName": "Artifact Directories",
"description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
"name": "ARTIFACT_DIR",
"value": "app-jee-jsp/target,service-jee-jaxrs/target,app-profile-jee-jsp/target,app-profile-saml-jee-jsp/target",
"required": false
},
{
+ "displayName": "SSO SAML Keystore Secret",
"description": "The name of the secret containing the keystore file",
"name": "SSO_SAML_KEYSTORE_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "SSO SAML Keystore",
"description": "The name of the keystore file within the secret",
"name": "SSO_SAML_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "SSO SAML Certificate Name",
"description": "The name associated with the server certificate",
"name": "SSO_SAML_CERTIFICATE_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "SSO SAML Keystore Password",
"description": "The password for the keystore and certificate",
"name": "SSO_SAML_KEYSTORE_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "SSO Client Secret",
"description": "The SSO Client Secret for Confidential Access",
"name": "SSO_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -243,42 +282,55 @@
"required": true
},
{
+ "displayName": "Enable CORS for SSO?",
"description": "Enable CORS for SSO applications",
"name": "SSO_ENABLE_CORS",
"value": "false",
"required": false
},
{
+ "displayName": "SSO SAML Logout Page",
"description": "SSO logout page for SAML applications",
"name": "SSO_SAML_LOGOUT_PAGE",
"value": "/",
"required": false
},
{
+ "displayName": "Disable SSL Validation in EAP->SSO communication",
"description": "If true SSL communication between EAP and the SSO Server will be insecure (i.e. certificate validation is disabled with curl)",
"name": "SSO_DISABLE_SSL_CERTIFICATE_VALIDATION",
"value": "true",
"required": false
},
{
+ "displayName": "SSO Trust Store",
"description": "The name of the truststore file within the secret (e.g. truststore.jks)",
"name": "SSO_TRUSTSTORE",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Password",
"description": "The password for the truststore and certificate (e.g. mykeystorepass)",
"name": "SSO_TRUSTSTORE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Secret",
"description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
"name": "SSO_TRUSTSTORE_SECRET",
"value": "eap-app-secret",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
}
- ],
+ ],
"objects": [
{
"kind": "Service",
@@ -406,7 +458,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
},
"env": [
{
@@ -416,6 +468,10 @@
{
"name": "MAVEN_ARGS_APPEND",
"value": ""
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
}
]
}
@@ -615,7 +671,7 @@
"name": "HORNETQ_TOPICS",
"value": "${HORNETQ_TOPICS}"
},
- {
+ {
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "${JGROUPS_ENCRYPT_SECRET}"
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-third-party-db-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-third-party-db-s2i.json
new file mode 100644
index 000000000..e8f6d6585
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap64-third-party-db-s2i.json
@@ -0,0 +1,646 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-jboss",
+ "description": "Application template for EAP 6 DB applications built using S2I. Includes support for installing third-party DB drivers.",
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 (with https, supporting third-party DB drivers)"
+ },
+ "name": "eap64-third-party-db-s2i"
+ },
+ "labels": {
+ "template": "eap64-third-party-db-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new EAP 6 based application with SSL support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets:\"${CONFIGURATION_NAME}\" containing the datasource configuration details required by the deployed application(s); \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Configuration Secret Name",
+ "description": "The name of the secret containing configuration properties for the datasources.",
+ "name": "CONFIGURATION_NAME",
+ "value": "eap-app-config",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "master",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "datavirt/hibernate-webapp",
+ "required": false
+ },
+ {
+ "displayName": "Drivers ImageStreamTag",
+ "description": "ImageStreamTag definition for the image containing the drivers and configuration, e.g. jboss-datavirt63-openshift:1.0-driver",
+ "name": "EXTENSIONS_IMAGE",
+ "value": "jboss-datavirt63-driver-openshift:1.0",
+ "required": true
+ },
+ {
+ "displayName": "Drivers ImageStream Namespace",
+ "description": "Namespace within which the ImageStream definition for the image containing the drivers and configuration is located.",
+ "name": "EXTENSIONS_IMAGE_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Drivers Image Install Directory",
+ "description": "Full path to the directory within the extensions image where the extensions are located (e.g. install.sh, modules/, etc.)",
+ "name": "EXTENSIONS_INSTALL_DIR",
+ "value": "/extensions",
+ "required": true
+ },
+ {
+ "displayName": "Queue Names",
+ "description": "Queue names to preconfigure within HornetQ subsystem.",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topic Names",
+ "description": "Topic names to preconfigure within HornetQ subsystem.",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Cluster Admin Password",
+ "description": "Admin password for HornetQ cluster.",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "A secret string used to configure the GitHub webhook.",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "A secret string used to configure the Generic webhook.",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore to be used for securing JGroups communications.",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the JGroups secret.",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the JGroups server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "secret-key",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "password",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "Password used by JGroups to authenticate nodes in the cluster.",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}",
+ "images": [
+ {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${EXTENSIONS_IMAGE_NAMESPACE}",
+ "name": "${EXTENSIONS_IMAGE}"
+ },
+ "paths": [
+ {
+ "destinationDir": "./${CONTEXT_DIR}/extensions/extras",
+ "sourcePath": "${EXTENSIONS_INSTALL_DIR}/."
+ }
+ ]
+ }
+ ]
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "CUSTOM_INSTALL_DIRECTORIES",
+ "value": "extensions/*"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap64-openshift:1.5"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${EXTENSIONS_IMAGE_NAMESPACE}",
+ "name": "${EXTENSIONS_IMAGE}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "configuration",
+ "mountPath": "/etc/eap-environment",
+ "readOnly": true
+ },
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "ENV_FILES",
+ "value": "/etc/eap-environment/*"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "configuration",
+ "secret": {
+ "secretName": "${CONFIGURATION_NAME}"
+ }
+ },
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-amq-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-amq-persistent-s2i.json
index f08cdf2f9..3f0eba6e3 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-amq-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-amq-persistent-s2i.json
@@ -5,131 +5,153 @@
"annotations": {
"description": "Application template for EAP 7 A-MQ applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,amq,javaee,java,messaging,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + A-MQ (Persistent with https)"
},
"name": "eap70-amq-persistent-s2i"
},
"labels": {
"template": "eap70-amq-persistent-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 and A-MQ persistent based application with SSL support has been created in your project. The username/password for accessing the A-MQ service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "helloworld-mdb",
"required": false
},
{
- "description": "Size of persistent storage for database volume.",
+ "displayName": "A-MQ Volume Size",
+ "description": "Size of the volume used by A-MQ for persisting messages.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "JMS Connection Factory JNDI Name",
"description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/ConnectionFactory",
"name": "MQ_JNDI",
"value": "java:/ConnectionFactory",
"required": false
},
{
+ "displayName": "Split Data?",
"description": "Split the data directory for each node in a mesh.",
"name": "AMQ_SPLIT",
"value": "false",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_QUEUES",
"value": "HELLOWORLDMDBQueue",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_TOPICS",
"value": "HELLOWORLDMDBTopic",
"required": false
},
{
+ "displayName": "A-MQ Serializable Packages",
"description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
"name": "MQ_SERIALIZABLE_PACKAGES",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap7-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -137,6 +159,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -144,18 +167,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -163,6 +189,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -170,36 +197,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -207,10 +240,24 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -234,7 +281,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTP port."
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -258,7 +306,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTPS port."
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -360,11 +409,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
}
}
},
@@ -641,7 +700,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-amq-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-amq-s2i.json
index 3ca9e9fab..f2d65f353 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-amq-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-amq-s2i.json
@@ -5,119 +5,139 @@
"annotations": {
"description": "Application template for EAP 7 A-MQ applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,amq,javaee,java,messaging,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + A-MQ (with https)"
},
"name": "eap70-amq-s2i"
},
"labels": {
"template": "eap70-amq-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 and A-MQ based application with SSL support has been created in your project. The username/password for accessing the A-MQ service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "helloworld-mdb",
"required": false
},
{
+ "displayName": "JMS Connection Factory JNDI Name",
"description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/ConnectionFactory",
"name": "MQ_JNDI",
"value": "java:/ConnectionFactory",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_QUEUES",
"value": "HELLOWORLDMDBQueue",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_TOPICS",
"value": "HELLOWORLDMDBTopic",
"required": false
},
{
+ "displayName": "A-MQ Serializable Packages",
"description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
"name": "MQ_SERIALIZABLE_PACKAGES",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap7-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap7-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -125,6 +145,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -132,18 +153,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -151,6 +175,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -158,36 +183,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -195,10 +226,24 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -222,7 +267,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTP port."
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -246,7 +292,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTPS port."
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -348,11 +395,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
}
}
},
@@ -626,7 +683,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-basic-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-basic-s2i.json
index 83b4d5b24..c33e3f7cb 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-basic-s2i.json
@@ -6,58 +6,68 @@
"iconClass": "icon-jboss",
"description": "Application template for EAP 7 applications built using S2I.",
"tags": "eap,javaee,java,jboss,xpaas",
- "version": "1.3.2"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 (no https)"
},
"name": "eap70-basic-s2i"
},
"labels": {
"template": "eap70-basic-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 based application has been created in your project.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-developer/jboss-eap-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "7.0.0.GA",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "kitchensink",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ cluster password",
"description": "A-MQ cluster admin password",
"name": "MQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -65,6 +75,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -72,6 +83,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -79,12 +91,14 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -92,10 +106,24 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -174,11 +202,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-https-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-https-s2i.json
index 1292442a4..7542d31c8 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-https-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-https-s2i.json
@@ -6,100 +6,117 @@
"iconClass": "icon-jboss",
"description": "Application template for EAP 7 applications built using S2I.",
"tags": "eap,javaee,java,jboss,xpaas",
- "version": "1.3.2"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 (with https)"
},
"name": "eap70-https-s2i"
},
"labels": {
"template": "eap70-https-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 based application with SSL support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-developer/jboss-eap-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "7.0.0.GA",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "kitchensink",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap7-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap7-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ cluster password",
"description": "A-MQ cluster admin password",
"name": "MQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -107,6 +124,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -114,6 +132,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -121,36 +140,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -158,10 +183,24 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -287,11 +326,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-mongodb-persistent-s2i.json
index 99db77d58..8a7da66c1 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-mongodb-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-mongodb-persistent-s2i.json
@@ -5,149 +5,175 @@
"annotations": {
"description": "Application template for EAP 7 MongoDB applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,mongodb,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + MongoDB (Persistent with https)"
},
"name": "eap70-mongodb-persistent-s2i"
},
"labels": {
"template": "eap70-mongodb-persistent-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 and MongoDB persistent based application with SSL support has been created in your project. The username/password for accessing the MongoDB database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-mongodb",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
"name": "DB_JNDI",
"value": "",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap7-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap7-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MongoDB No Preallocation",
"description": "Disable data file preallocation.",
"name": "MONGODB_NOPREALLOC",
"required": false
},
{
+ "displayName": "MongoDB Small Files",
"description": "Set MongoDB to use a smaller default data file size.",
"name": "MONGODB_SMALLFILES",
"required": false
},
{
+ "displayName": "MongoDB Quiet",
"description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
"name": "MONGODB_QUIET",
"required": false
},
{
+ "displayName": "A-MQ cluster password",
"description": "A-MQ cluster admin password",
"name": "MQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -155,6 +181,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -162,6 +189,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -169,6 +197,7 @@
"required": true
},
{
+ "displayName": "Database admin password",
"description": "Database admin password",
"name": "DB_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -176,6 +205,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -183,6 +213,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -190,36 +221,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -227,10 +264,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
}
],
"objects": [
@@ -254,7 +312,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -278,7 +337,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -380,11 +440,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
}
}
},
@@ -685,7 +755,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mongodb:latest"
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-mongodb-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-mongodb-s2i.json
index c8150c231..ae52a3deb 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-mongodb-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-mongodb-s2i.json
@@ -5,143 +5,168 @@
"annotations": {
"description": "Application template for EAP 7 MongoDB applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,mongodb,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + MongoDB (Ephemeral with https)"
},
"name": "eap70-mongodb-s2i"
},
"labels": {
"template": "eap70-mongodb-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 and MongoDB based application with SSL support has been created in your project. The username/password for accessing the MongoDB database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-mongodb",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
"name": "DB_JNDI",
"value": "",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap7-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap7-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MongoDB No Preallocation",
"description": "Disable data file preallocation.",
"name": "MONGODB_NOPREALLOC",
"required": false
},
{
+ "displayName": "MongoDB Small Files",
"description": "Set MongoDB to use a smaller default data file size.",
"name": "MONGODB_SMALLFILES",
"required": false
},
{
+ "displayName": "MongoDB Quiet",
"description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
"name": "MONGODB_QUIET",
"required": false
},
{
+ "displayName": "A-MQ cluster password",
"description": "A-MQ cluster admin password",
"name": "MQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -149,6 +174,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -156,6 +182,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -163,6 +190,7 @@
"required": true
},
{
+ "displayName": "Database admin password",
"description": "Database admin password",
"name": "DB_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -170,6 +198,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -177,6 +206,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -184,36 +214,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -221,10 +257,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
}
],
"objects": [
@@ -248,7 +305,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -272,7 +330,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -374,11 +433,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
}
}
},
@@ -679,7 +748,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mongodb:latest"
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-mysql-persistent-s2i.json
index f8e5c2b04..a0a3d7717 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-mysql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-mysql-persistent-s2i.json
@@ -5,159 +5,187 @@
"annotations": {
"description": "Application template for EAP 7 MySQL applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,mysql,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + MySQL (Persistent with https)"
},
"name": "eap70-mysql-persistent-s2i"
},
"labels": {
"template": "eap70-mysql-persistent-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 and MySQL persistent based application with SSL support has been created in your project. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/TodoListDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap7-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap7-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "A-MQ cluster password",
"description": "A-MQ cluster admin password",
"name": "MQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -165,6 +193,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -172,6 +201,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -179,6 +209,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -186,6 +217,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -193,36 +225,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -230,10 +268,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -257,7 +316,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -281,7 +341,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -383,11 +444,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
}
}
},
@@ -696,7 +767,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-mysql-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-mysql-s2i.json
index 1edeb62e7..8255ade5d 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-mysql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-mysql-s2i.json
@@ -5,153 +5,180 @@
"annotations": {
"description": "Application template for EAP 7 MySQL applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,mysql,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + MySQL (Ephemeral with https)"
},
"name": "eap70-mysql-s2i"
},
"labels": {
"template": "eap70-mysql-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 and MySQL based application with SSL support has been created in your project. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/TodoListDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap7-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap7-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "A-MQ cluster password",
"description": "A-MQ cluster admin password",
"name": "MQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -159,6 +186,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -166,6 +194,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -173,6 +202,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -180,6 +210,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -187,36 +218,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -224,10 +261,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -251,7 +309,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -275,7 +334,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -377,11 +437,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
}
}
},
@@ -690,7 +760,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-postgresql-persistent-s2i.json
index d11df06ee..436c541d8 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-postgresql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-postgresql-persistent-s2i.json
@@ -5,144 +5,169 @@
"annotations": {
"description": "Application template for EAP 7 PostgreSQL applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,postgresql,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + PostgreSQL (Persistent with https)"
},
"name": "eap70-postgresql-persistent-s2i"
},
"labels": {
"template": "eap70-postgresql-persistent-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 and PostgreSQL persistent based application with SSL support has been created in your project. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/TodoListDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap7-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap7-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "A-MQ cluster password",
"description": "A-MQ cluster admin password",
"name": "MQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -150,6 +175,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -157,6 +183,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -164,6 +191,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -171,6 +199,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -178,36 +207,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -215,10 +250,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -242,7 +298,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -266,7 +323,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -368,11 +426,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
}
}
},
@@ -681,7 +749,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-postgresql-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-postgresql-s2i.json
index 6b7f6d707..a2a37a886 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-postgresql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-postgresql-s2i.json
@@ -5,138 +5,162 @@
"annotations": {
"description": "Application template for EAP 7 PostgreSQL applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,postgresql,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + PostgreSQL (Ephemeral with https)"
},
"name": "eap70-postgresql-s2i"
},
"labels": {
"template": "eap70-postgresql-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 and PostgreSQL based application with SSL support has been created in your project. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/TodoListDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap7-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap7-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "A-MQ cluster password",
"description": "A-MQ cluster admin password",
"name": "MQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -144,6 +168,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -151,6 +176,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -158,6 +184,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -165,6 +192,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -172,36 +200,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -209,10 +243,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -236,7 +291,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -260,7 +316,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -362,11 +419,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
}
}
},
@@ -675,7 +742,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-sso-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-sso-s2i.json
index 811602220..08a844cd9 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-sso-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-sso-s2i.json
@@ -3,103 +3,120 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "iconClass" : "icon-jboss",
+ "iconClass": "icon-jboss",
"description": "Application template for EAP 6 applications built using S2I, enabled for SSO.",
- "tags": "eap,javaee,java,jboss,xpaas,sso,keycloak",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + Single Sign-On (with https)"
},
"name": "eap70-sso-s2i"
},
"labels": {
"template": "eap70-sso-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 based application with SSL and SSO support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Hostname for http service route (e.g. eap-app-myproject.example.com). Required for SSO-enabled applications. This is added to the white list of redirects in the SSO server.",
"name": "HOSTNAME_HTTP",
"value": "",
"required": true
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Hostname for https service route (e.g. secure-eap-app-myproject.example.com). Required for SSO-enabled applications. This is added to the white list of redirects in the SSO server.",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": true
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/redhat-developer/redhat-sso-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "7.0.x-ose",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap7-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap7-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate (e.g. jboss)",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate (e.g. mykeystorepass)",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -107,6 +124,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -114,6 +132,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -121,36 +140,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate (e.g. secret-key)",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate (e.g. password)",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -158,84 +183,98 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
},
{
+ "displayName": "URL for SSO",
"description": "The URL for the SSO server (e.g. https://secure-sso-myproject.example.com/auth). This is the URL through which the user will be redirected when a login or token is required by the application.",
"name": "SSO_URL",
"value": "",
"required": true
},
{
- "description": "The URL for the interal SSO service, where secure-sso (the default) is the kubernetes service exposed by the SSO server. This is used to create the application client(s) (see SSO_USERNAME). This can also be the same as SSO_URL.",
+ "displayName": "URL for SSO (internal service)",
+ "description": "The URL for the internal SSO service, where secure-sso (the default) is the kubernetes service exposed by the SSO server. This is used to create the application client(s) (see SSO_USERNAME). This can also be the same as SSO_URL.",
"name": "SSO_SERVICE_URL",
"value": "https://secure-sso:8443/auth",
"required": false
},
{
+ "displayName": "SSO Realm",
"description": "The SSO realm to which the application client(s) should be associated (e.g. demo).",
"name": "SSO_REALM",
"value": "",
"required": true
},
{
+ "displayName": "SSO Username",
"description": "The username used to access the SSO service. This is used to create the appliction client(s) within the specified SSO realm. This should match the SSO_SERVICE_USERNAME specified through one of the sso70-* templates.",
"name": "SSO_USERNAME",
"value": "",
"required": false
},
{
+ "displayName": "SSO Password",
"description": "The password for the SSO service user.",
"name": "SSO_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Public Key",
"description": "SSO Public Key. Public key is recommended to be passed into the template to avoid man-in-the-middle security vulnerability",
"name": "SSO_PUBLIC_KEY",
"value": "",
"required": false
},
{
+ "displayName": "SSO Bearer Only?",
"description": "SSO Client Access Type",
"name": "SSO_BEARER_ONLY",
"value": "",
"required": false
},
{
+ "displayName": "Artifact Directories",
"description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
"name": "ARTIFACT_DIR",
"value": "app-jee-jsp/target,service-jee-jaxrs/target,app-profile-jee-jsp/target,app-profile-saml-jee-jsp/target",
"required": false
},
{
+ "displayName": "SSO SAML Keystore Secret",
"description": "The name of the secret containing the keystore file",
"name": "SSO_SAML_KEYSTORE_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "SSO SAML Keystore",
"description": "The name of the keystore file within the secret",
"name": "SSO_SAML_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "SSO SAML Certificate Name",
"description": "The name associated with the server certificate",
"name": "SSO_SAML_CERTIFICATE_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "SSO SAML Keystore Password",
"description": "The password for the keystore and certificate",
"name": "SSO_SAML_KEYSTORE_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "SSO Client Secret",
"description": "The SSO Client Secret for Confidential Access",
"name": "SSO_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -243,42 +282,55 @@
"required": true
},
{
+ "displayName": "Enable CORS for SSO?",
"description": "Enable CORS for SSO applications",
"name": "SSO_ENABLE_CORS",
"value": "false",
"required": false
},
{
+ "displayName": "SSO SAML Logout Page",
"description": "SSO logout page for SAML applications",
"name": "SSO_SAML_LOGOUT_PAGE",
"value": "/",
"required": false
},
{
+ "displayName": "Disable SSL Validation in EAP->SSO communication",
"description": "If true SSL communication between EAP and the SSO Server will be insecure (i.e. certificate validation is disabled with curl)",
"name": "SSO_DISABLE_SSL_CERTIFICATE_VALIDATION",
"value": "true",
"required": false
},
{
+ "displayName": "SSO Trust Store",
"description": "The name of the truststore file within the secret (e.g. truststore.jks)",
"name": "SSO_TRUSTSTORE",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Password",
"description": "The password for the truststore and certificate (e.g. mykeystorepass)",
"name": "SSO_TRUSTSTORE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Secret",
"description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
"name": "SSO_TRUSTSTORE_SECRET",
"value": "eap7-app-secret",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
}
- ],
+ ],
"objects": [
{
"kind": "Service",
@@ -406,7 +458,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
},
"env": [
{
@@ -416,6 +468,10 @@
{
"name": "MAVEN_ARGS_APPEND",
"value": ""
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
}
]
}
@@ -593,7 +649,7 @@
{
"name": "HOSTNAME_HTTPS",
"value": "${HOSTNAME_HTTPS}"
- },
+ },
{
"name": "HTTPS_KEYSTORE_DIR",
"value": "/etc/eap-secret-volume"
@@ -626,7 +682,7 @@
"name": "HORNETQ_TOPICS",
"value": "${HORNETQ_TOPICS}"
},
- {
+ {
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "${JGROUPS_ENCRYPT_SECRET}"
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-third-party-db-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-third-party-db-s2i.json
new file mode 100644
index 000000000..9e854d7ab
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/eap70-third-party-db-s2i.json
@@ -0,0 +1,657 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-jboss",
+ "description": "Application template for EAP 7 DB applications built using S2I. Includes support for installing third-party DB drivers.",
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 (with https, supporting third-party DB drivers)"
+ },
+ "name": "eap70-third-party-db-s2i"
+ },
+ "labels": {
+ "template": "eap70-third-party-db-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new EAP 7 based application with SSL support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets:\"${CONFIGURATION_NAME}\" containing the datasource configuration details required by the deployed application(s); \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Configuration Secret Name",
+ "description": "The name of the secret containing configuration properties for the datasources.",
+ "name": "CONFIGURATION_NAME",
+ "value": "eap-app-config",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "master",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "datavirt/hibernate-webapp",
+ "required": false
+ },
+ {
+ "displayName": "Drivers ImageStreamTag",
+ "description": "ImageStreamTag definition for the image containing the drivers and configuration, e.g. jboss-datavirt63-openshift:1.0-driver",
+ "name": "EXTENSIONS_IMAGE",
+ "value": "jboss-datavirt63-driver-openshift:1.0",
+ "required": true
+ },
+ {
+ "displayName": "Drivers ImageStream Namespace",
+ "description": "Namespace within which the ImageStream definition for the image containing the drivers and configuration is located.",
+ "name": "EXTENSIONS_IMAGE_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Drivers Image Install Directory",
+ "description": "Full path to the directory within the extensions image where the extensions are located (e.g. install.sh, modules/, etc.)",
+ "name": "EXTENSIONS_INSTALL_DIR",
+ "value": "/extensions",
+ "required": true
+ },
+ {
+ "displayName": "Queue Names",
+ "description": "Queue names to preconfigure within Messaging subsystem.",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topic Names",
+ "description": "Topic names to preconfigure within Messaging subsystem.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "Messaging Cluster Admin Password",
+ "description": "Admin password for Messaging cluster.",
+ "name": "MQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "A secret string used to configure the GitHub webhook.",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "A secret string used to configure the Generic webhook.",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore to be used for securing JGroups communications.",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the JGroups secret.",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the JGroups server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "secret-key",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "password",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "Password used by JGroups to authenticate nodes in the cluster.",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}",
+ "images": [
+ {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${EXTENSIONS_IMAGE_NAMESPACE}",
+ "name": "${EXTENSIONS_IMAGE}"
+ },
+ "paths": [
+ {
+ "destinationDir": "./${CONTEXT_DIR}/extensions/extras",
+ "sourcePath": "${EXTENSIONS_INSTALL_DIR}/."
+ }
+ ]
+ }
+ ]
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "CUSTOM_INSTALL_DIRECTORIES",
+ "value": "extensions/*"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap70-openshift:1.5"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${EXTENSIONS_IMAGE_NAMESPACE}",
+ "name": "${EXTENSIONS_IMAGE}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "configuration",
+ "mountPath": "/etc/eap-environment",
+ "readOnly": true
+ },
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "lifecycle": {
+ "preStop": {
+ "exec": {
+ "command": [
+ "/opt/eap/bin/jboss-cli.sh",
+ "-c",
+ ":shutdown(timeout=60)"
+ ]
+ }
+ }
+ },
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "ENV_FILES",
+ "value": "/etc/eap-environment/*"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "MQ_CLUSTER_PASSWORD",
+ "value": "${MQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "configuration",
+ "secret": {
+ "secretName": "${CONFIGURATION_NAME}"
+ }
+ },
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-basic-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-basic-s2i.json
index 413a6de87..4e42e0eca 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-basic-s2i.json
@@ -6,46 +6,54 @@
"iconClass": "icon-tomcat",
"description": "Application template for JWS applications built using S2I.",
"tags": "tomcat,tomcat7,java,jboss,xpaas",
- "version": "1.2.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7 (no https)"
},
"name": "jws30-tomcat7-basic-s2i"
},
"labels": {
"template": "jws30-tomcat7-basic-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new JWS application for Tomcat 7 has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "tomcat-websocket-chat",
"required": false
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -53,6 +61,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -60,6 +69,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -67,6 +77,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -74,10 +85,24 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -156,11 +181,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat7-openshift:1.2"
+ "name": "jboss-webserver30-tomcat7-openshift:1.3"
}
}
},
@@ -248,7 +283,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-https-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-https-s2i.json
index 610ea9441..f5fc2e581 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-https-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-https-s2i.json
@@ -6,76 +6,89 @@
"iconClass": "icon-tomcat",
"description": "Application template for JWS applications built using S2I.",
"tags": "tomcat,tomcat7,java,jboss,xpaas",
- "version": "1.2.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7 (with https)"
},
"name": "jws30-tomcat7-https-s2i"
},
"labels": {
"template": "jws30-tomcat7-https-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new JWS application for Tomcat 7 has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "tomcat-websocket-chat",
"required": false
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -83,6 +96,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -90,6 +104,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -97,6 +112,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -104,10 +120,24 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -233,11 +263,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat7-openshift:1.2"
+ "name": "jboss-webserver30-tomcat7-openshift:1.3"
}
}
},
@@ -326,7 +366,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-mongodb-persistent-s2i.json
index 6ef9d6e4c..2a73a182c 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-mongodb-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-mongodb-persistent-s2i.json
@@ -5,125 +5,147 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS MongoDB applications with persistent storage built using S2I.",
- "tags": "tomcat,tomcat7,mongodb,java,database,jboss,xpaas",
- "version": "1.2.0"
+ "tags": "tomcat,tomcat7,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7 + MongoDB (Persistent with https)"
},
"name": "jws30-tomcat7-mongodb-persistent-s2i"
},
"labels": {
"template": "jws30-tomcat7-mongodb-persistent-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent JWS application for Tomcat 7 (using MongoDB) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MongoDB database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-mongodb",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
"name": "DB_JNDI",
"value": "",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MongoDB No Preallocation",
"description": "Disable data file preallocation.",
"name": "MONGODB_NOPREALLOC",
"required": false
},
{
+ "displayName": "MongoDB Small Files",
"description": "Set MongoDB to use a smaller default data file size.",
"name": "MONGODB_SMALLFILES",
"required": false
},
{
+ "displayName": "MongoDB Quiet",
"description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
"name": "MONGODB_QUIET",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -131,6 +153,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -138,6 +161,7 @@
"required": true
},
{
+ "displayName": "Database admin password",
"description": "Database admin password",
"name": "DB_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -145,6 +169,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -152,6 +177,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -159,6 +185,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -166,6 +193,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -173,10 +201,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
}
],
"objects": [
@@ -200,7 +249,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -224,7 +274,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -326,11 +377,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat7-openshift:1.2"
+ "name": "jboss-webserver30-tomcat7-openshift:1.3"
}
}
},
@@ -419,7 +480,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -547,7 +608,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mongodb:latest"
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-mongodb-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-mongodb-s2i.json
index 9b48f8ae7..a71dfa634 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-mongodb-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-mongodb-s2i.json
@@ -5,119 +5,140 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS MongoDB applications built using S2I.",
- "tags": "tomcat,tomcat7,mongodb,java,database,jboss,xpaas",
- "version": "1.2.0"
+ "tags": "tomcat,tomcat7,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7 + MongoDB (Ephemeral with https)"
},
"name": "jws30-tomcat7-mongodb-s2i"
},
"labels": {
"template": "jws30-tomcat7-mongodb-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new JWS application for Tomcat 7 (using MongoDB) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MongoDB database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-mongodb",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
"name": "DB_JNDI",
"value": "",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MongoDB No Preallocation",
"description": "Disable data file preallocation.",
"name": "MONGODB_NOPREALLOC",
"required": false
},
{
+ "displayName": "MongoDB Small Files",
"description": "Set MongoDB to use a smaller default data file size.",
"name": "MONGODB_SMALLFILES",
"required": false
},
{
+ "displayName": "MongoDB Quiet",
"description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
"name": "MONGODB_QUIET",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -125,6 +146,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -132,6 +154,7 @@
"required": true
},
{
+ "displayName": "Database admin password",
"description": "Database admin password",
"name": "DB_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -139,6 +162,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -146,6 +170,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -153,6 +178,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -160,6 +186,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -167,10 +194,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
}
],
"objects": [
@@ -194,7 +242,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -218,7 +267,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -320,11 +370,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat7-openshift:1.2"
+ "name": "jboss-webserver30-tomcat7-openshift:1.3"
}
}
},
@@ -413,7 +473,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -541,7 +601,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mongodb:latest"
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-mysql-persistent-s2i.json
index 30af703ce..9a05dcbd5 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-mysql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-mysql-persistent-s2i.json
@@ -5,135 +5,159 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS MySQL applications with persistent storage built using S2I.",
- "tags": "tomcat,tomcat7,mysql,java,database,jboss,xpaas",
- "version": "1.2.0"
+ "tags": "tomcat,tomcat7,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7 + MySQL (Persistent with https)"
},
"name": "jws30-tomcat7-mysql-persistent-s2i"
},
"labels": {
"template": "jws30-tomcat7-mysql-persistent-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent JWS application for Tomcat 7 (using MySQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/mysqlDS",
"name": "DB_JNDI",
"value": "jboss/datasources/defaultDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -141,6 +165,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -148,6 +173,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -155,6 +181,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -162,6 +189,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -169,6 +197,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -176,10 +205,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -203,7 +253,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -227,7 +278,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -329,11 +381,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat7-openshift:1.2"
+ "name": "jboss-webserver30-tomcat7-openshift:1.3"
}
}
},
@@ -422,7 +484,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -546,7 +608,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-mysql-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-mysql-s2i.json
index c2843af63..553a30a44 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-mysql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-mysql-s2i.json
@@ -5,129 +5,152 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS MySQL applications built using S2I.",
- "tags": "tomcat,tomcat7,mysql,java,database,jboss,xpaas",
- "version": "1.2.0"
+ "tags": "tomcat,tomcat7,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7 + MySQL (Ephemeral with https)"
},
"name": "jws30-tomcat7-mysql-s2i"
},
"labels": {
"template": "jws30-tomcat7-mysql-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new JWS application for Tomcat 7 (using MySQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/mysqlDS",
"name": "DB_JNDI",
"value": "jboss/datasources/defaultDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -135,6 +158,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -142,6 +166,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -149,6 +174,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -156,6 +182,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -163,6 +190,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -170,10 +198,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -197,7 +246,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -221,7 +271,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -323,11 +374,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat7-openshift:1.2"
+ "name": "jboss-webserver30-tomcat7-openshift:1.3"
}
}
},
@@ -416,7 +477,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -540,7 +601,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-postgresql-persistent-s2i.json
index b8372f374..a5c6c8a56 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-postgresql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-postgresql-persistent-s2i.json
@@ -5,120 +5,141 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS PostgreSQL applications with persistent storage built using S2I.",
- "tags": "tomcat,tomcat7,postgresql,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "tomcat,tomcat7,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7 + PostgreSQL (Persistent with https)"
},
"name": "jws30-tomcat7-postgresql-persistent-s2i"
},
"labels": {
"template": "jws30-tomcat7-postgresql-persistent-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent JWS application for Tomcat 7 (using PostgreSQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the PostgreSQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/postgresqlDS",
"name": "DB_JNDI",
"value": "jboss/datasources/defaultDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -126,6 +147,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -133,6 +155,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -140,6 +163,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -147,6 +171,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -154,6 +179,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -161,10 +187,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -188,7 +235,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -212,7 +260,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -314,11 +363,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat7-openshift:1.2"
+ "name": "jboss-webserver30-tomcat7-openshift:1.3"
}
}
},
@@ -407,7 +466,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -531,7 +590,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-postgresql-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-postgresql-s2i.json
index cd5bb9fa4..61a3208e4 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-postgresql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat7-postgresql-s2i.json
@@ -5,114 +5,134 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS PostgreSQL applications built using S2I.",
- "tags": "tomcat,tomcat7,postgresql,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "tomcat,tomcat7,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7 + PostgreSQL (Ephemeral with https)"
},
"name": "jws30-tomcat7-postgresql-s2i"
},
"labels": {
"template": "jws30-tomcat7-postgresql-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new JWS application for Tomcat 7 (using PostgreSQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the PostgreSQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/postgresqlDS",
"name": "DB_JNDI",
"value": "jboss/datasources/defaultDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -120,6 +140,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -127,6 +148,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -134,6 +156,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -141,6 +164,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -148,6 +172,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -155,10 +180,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -182,7 +228,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -206,7 +253,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -308,11 +356,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat7-openshift:1.2"
+ "name": "jboss-webserver30-tomcat7-openshift:1.3"
}
}
},
@@ -401,7 +459,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -525,7 +583,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-basic-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-basic-s2i.json
index cb1e49d29..75d08e99d 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-basic-s2i.json
@@ -6,46 +6,54 @@
"iconClass": "icon-tomcat",
"description": "Application template for JWS applications built using S2I.",
"tags": "tomcat,tomcat8,java,jboss,xpaas",
- "version": "1.2.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8 (no https)"
},
"name": "jws30-tomcat8-basic-s2i"
},
"labels": {
"template": "jws30-tomcat8-basic-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new JWS application for Tomcat 8 has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "tomcat-websocket-chat",
"required": false
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -53,6 +61,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -60,6 +69,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -67,6 +77,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -74,10 +85,24 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -156,11 +181,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat8-openshift:1.2"
+ "name": "jboss-webserver30-tomcat8-openshift:1.3"
}
}
},
@@ -248,7 +283,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-https-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-https-s2i.json
index 21d5662c7..71577bec4 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-https-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-https-s2i.json
@@ -6,76 +6,89 @@
"iconClass": "icon-tomcat",
"description": "Application template for JWS applications built using S2I.",
"tags": "tomcat,tomcat8,java,jboss,xpaas",
- "version": "1.2.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8 (with https)"
},
"name": "jws30-tomcat8-https-s2i"
},
"labels": {
"template": "jws30-tomcat8-https-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new JWS application for Tomcat 8 has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "tomcat-websocket-chat",
"required": false
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -83,6 +96,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -90,6 +104,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -97,6 +112,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -104,10 +120,24 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -233,11 +263,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat8-openshift:1.2"
+ "name": "jboss-webserver30-tomcat8-openshift:1.3"
}
}
},
@@ -326,7 +366,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-mongodb-persistent-s2i.json
index 34657d826..de86dd83e 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-mongodb-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-mongodb-persistent-s2i.json
@@ -5,125 +5,147 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS MongoDB applications with persistent storage built using S2I.",
- "tags": "tomcat,tomcat8,mongodb,java,database,jboss,xpaas",
- "version": "1.2.0"
+ "tags": "tomcat,tomcat8,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8 + MongoDB (Persistent with https)"
},
"name": "jws30-tomcat8-mongodb-persistent-s2i"
},
+ "message": "A new persistent JWS application for Tomcat 8 (using MongoDB) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MongoDB database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"labels": {
"template": "jws30-tomcat8-mongodb-persistent-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-mongodb",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
"name": "DB_JNDI",
"value": "",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MongoDB No Preallocation",
"description": "Disable data file preallocation.",
"name": "MONGODB_NOPREALLOC",
"required": false
},
{
+ "displayName": "MongoDB Small Files",
"description": "Set MongoDB to use a smaller default data file size.",
"name": "MONGODB_SMALLFILES",
"required": false
},
{
+ "displayName": "MongoDB Quiet",
"description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
"name": "MONGODB_QUIET",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -131,6 +153,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -138,6 +161,7 @@
"required": true
},
{
+ "displayName": "Database admin password",
"description": "Database admin password",
"name": "DB_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -145,6 +169,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -152,6 +177,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -159,6 +185,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -166,6 +193,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -173,10 +201,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
}
],
"objects": [
@@ -200,7 +249,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -224,7 +274,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -326,11 +377,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat8-openshift:1.2"
+ "name": "jboss-webserver30-tomcat8-openshift:1.3"
}
}
},
@@ -419,7 +480,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -547,7 +608,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mongodb:latest"
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-mongodb-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-mongodb-s2i.json
index 974cfaddb..6dc85e226 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-mongodb-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-mongodb-s2i.json
@@ -5,119 +5,140 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS MongoDB applications built using S2I.",
- "tags": "tomcat,tomcat8,mongodb,java,database,jboss,xpaas",
- "version": "1.2.0"
+ "tags": "tomcat,tomcat8,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8 + MongoDB (Ephemeral with https)"
},
"name": "jws30-tomcat8-mongodb-s2i"
},
"labels": {
"template": "jws30-tomcat8-mongodb-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new JWS application for Tomcat 8 (using MongoDB) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MongoDB database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-mongodb",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
"name": "DB_JNDI",
"value": "",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MongoDB No Preallocation",
"description": "Disable data file preallocation.",
"name": "MONGODB_NOPREALLOC",
"required": false
},
{
+ "displayName": "MongoDB Small Files",
"description": "Set MongoDB to use a smaller default data file size.",
"name": "MONGODB_SMALLFILES",
"required": false
},
{
+ "displayName": "MongoDB Quiet",
"description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
"name": "MONGODB_QUIET",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -125,6 +146,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -132,6 +154,7 @@
"required": true
},
{
+ "displayName": "Database admin password",
"description": "Database admin password",
"name": "DB_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -139,6 +162,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -146,6 +170,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -153,6 +178,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -160,6 +186,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -167,10 +194,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
}
],
"objects": [
@@ -194,7 +242,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -218,7 +267,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -320,11 +370,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat8-openshift:1.2"
+ "name": "jboss-webserver30-tomcat8-openshift:1.3"
}
}
},
@@ -413,7 +473,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -541,7 +601,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mongodb:latest"
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-mysql-persistent-s2i.json
index 7a8231cc5..0e96b58a9 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-mysql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-mysql-persistent-s2i.json
@@ -5,135 +5,159 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS MySQL applications with persistent storage built using S2I.",
- "tags": "tomcat,tomcat8,mysql,java,database,jboss,xpaas",
- "version": "1.2.0"
+ "tags": "tomcat,tomcat8,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8 + MySQL (Persistent with https)"
},
"name": "jws30-tomcat8-mysql-persistent-s2i"
},
"labels": {
"template": "jws30-tomcat8-mysql-persistent-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent JWS application for Tomcat 8 (using MySQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/mysqlDS",
"name": "DB_JNDI",
"value": "jboss/datasources/defaultDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -141,6 +165,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -148,6 +173,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -155,6 +181,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -162,6 +189,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -169,6 +197,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -176,10 +205,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -203,7 +253,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -227,7 +278,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -329,11 +381,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat8-openshift:1.2"
+ "name": "jboss-webserver30-tomcat8-openshift:1.3"
}
}
},
@@ -422,7 +484,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -546,7 +608,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-mysql-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-mysql-s2i.json
index cda21f237..08b040863 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-mysql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-mysql-s2i.json
@@ -5,129 +5,152 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS MySQL applications built using S2I.",
- "tags": "tomcat,tomcat8,mysql,java,database,jboss,xpaas",
- "version": "1.2.0"
+ "tags": "tomcat,tomcat8,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8 + MySQL (Ephemeral with https)"
},
"name": "jws30-tomcat8-mysql-s2i"
},
"labels": {
"template": "jws30-tomcat8-mysql-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new JWS application for Tomcat 8 (using MySQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/mysqlDS",
"name": "DB_JNDI",
"value": "jboss/datasources/defaultDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -135,6 +158,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -142,6 +166,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -149,6 +174,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -156,6 +182,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -163,6 +190,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -170,10 +198,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -197,7 +246,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -221,7 +271,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -323,11 +374,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat8-openshift:1.2"
+ "name": "jboss-webserver30-tomcat8-openshift:1.3"
}
}
},
@@ -416,7 +477,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -540,7 +601,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-postgresql-persistent-s2i.json
index 4dfc98015..f117e6624 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-postgresql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-postgresql-persistent-s2i.json
@@ -5,120 +5,141 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS PostgreSQL applications with persistent storage built using S2I.",
- "tags": "tomcat,tomcat8,postgresql,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "tomcat,tomcat8,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8 + PostgreSQL (Persistent with https)"
},
"name": "jws30-tomcat8-postgresql-persistent-s2i"
},
"labels": {
"template": "jws30-tomcat8-postgresql-persistent-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent JWS application for Tomcat 8 (using PostgreSQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the PostgreSQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/postgresqlDS",
"name": "DB_JNDI",
"value": "jboss/datasources/defaultDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -126,6 +147,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -133,6 +155,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -140,6 +163,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -147,6 +171,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -154,6 +179,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -161,10 +187,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -188,7 +235,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -212,7 +260,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -314,11 +363,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat8-openshift:1.2"
+ "name": "jboss-webserver30-tomcat8-openshift:1.3"
}
}
},
@@ -407,7 +466,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -531,7 +590,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-postgresql-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-postgresql-s2i.json
index f6c85668c..faece1269 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-postgresql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws30-tomcat8-postgresql-s2i.json
@@ -5,114 +5,134 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS PostgreSQL applications built using S2I.",
- "tags": "tomcat,tomcat8,postgresql,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "tomcat,tomcat8,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8 + (PostgreSQL with https)"
},
"name": "jws30-tomcat8-postgresql-s2i"
},
"labels": {
"template": "jws30-tomcat8-postgresql-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new JWS application for Tomcat 8 (using PostgreSQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the PostgreSQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/postgresqlDS",
"name": "DB_JNDI",
"value": "jboss/datasources/defaultDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -120,6 +140,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -127,6 +148,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -134,6 +156,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -141,6 +164,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -148,6 +172,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -155,10 +180,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -182,7 +228,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -206,7 +253,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -308,11 +356,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat8-openshift:1.2"
+ "name": "jboss-webserver30-tomcat8-openshift:1.3"
}
}
},
@@ -400,7 +458,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -524,7 +582,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat7-basic-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat7-basic-s2i.json
new file mode 100644
index 000000000..6db6e8cc6
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat7-basic-s2i.json
@@ -0,0 +1,319 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-tomcat",
+ "description": "Application template for JWS applications built using S2I.",
+ "tags": "tomcat,tomcat7,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 7 (no https)"
+ },
+ "name": "jws31-tomcat7-basic-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat7-basic-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new JWS application for Tomcat 7 has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "tomcat-websocket-chat",
+ "required": false
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat7-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat7-https-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat7-https-s2i.json
new file mode 100644
index 000000000..fd5fca316
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat7-https-s2i.json
@@ -0,0 +1,438 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-tomcat",
+ "description": "Application template for JWS applications built using S2I.",
+ "tags": "tomcat,tomcat7,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 7 (with https)"
+ },
+ "name": "jws31-tomcat7-https-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat7-https-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new JWS application for Tomcat 7 has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "tomcat-websocket-chat",
+ "required": false
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat7-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat7-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat7-mongodb-persistent-s2i.json
new file mode 100644
index 000000000..6bbea8ab8
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat7-mongodb-persistent-s2i.json
@@ -0,0 +1,715 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-tomcat",
+ "description": "Application template for JWS MongoDB applications with persistent storage built using S2I.",
+ "tags": "tomcat,tomcat7,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 7 + MongoDB (Persistent with https)"
+ },
+ "name": "jws31-tomcat7-mongodb-persistent-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat7-mongodb-persistent-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new persistent JWS application for Tomcat 7 (using MongoDB) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MongoDB database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-mongodb",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
+ "name": "DB_JNDI",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB No Preallocation",
+ "description": "Disable data file preallocation.",
+ "name": "MONGODB_NOPREALLOC",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Small Files",
+ "description": "Set MongoDB to use a smaller default data file size.",
+ "name": "MONGODB_SMALLFILES",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Quiet",
+ "description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
+ "name": "MONGODB_QUIET",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database admin password",
+ "description": "Database admin password",
+ "name": "DB_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 27017,
+ "targetPort": 27017
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat7-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mongodb=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mongodb"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "image": "mongodb",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 27017,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/mongodb/data",
+ "name": "${APPLICATION_NAME}-mongodb-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "MONGODB_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MONGODB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MONGODB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_NOPREALLOC",
+ "value": "${MONGODB_NOPREALLOC}"
+ },
+ {
+ "name": "MONGODB_SMALLFILES",
+ "value": "${MONGODB_SMALLFILES}"
+ },
+ {
+ "name": "MONGODB_QUIET",
+ "value": "${MONGODB_QUIET}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-mongodb-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-mongodb-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat7-mongodb-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat7-mongodb-s2i.json
new file mode 100644
index 000000000..a565ee4c0
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat7-mongodb-s2i.json
@@ -0,0 +1,674 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-tomcat",
+ "description": "Application template for JWS MongoDB applications built using S2I.",
+ "tags": "tomcat,tomcat7,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 7 + MongoDB (Ephemeral with https)"
+ },
+ "name": "jws31-tomcat7-mongodb-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat7-mongodb-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new JWS application for Tomcat 7 (using MongoDB) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MongoDB database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-mongodb",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
+ "name": "DB_JNDI",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB No Preallocation",
+ "description": "Disable data file preallocation.",
+ "name": "MONGODB_NOPREALLOC",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Small Files",
+ "description": "Set MongoDB to use a smaller default data file size.",
+ "name": "MONGODB_SMALLFILES",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Quiet",
+ "description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
+ "name": "MONGODB_QUIET",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database admin password",
+ "description": "Database admin password",
+ "name": "DB_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 27017,
+ "targetPort": 27017
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat7-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mongodb=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mongodb"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "image": "mongodb",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 27017,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MONGODB_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MONGODB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MONGODB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_NOPREALLOC",
+ "value": "${MONGODB_NOPREALLOC}"
+ },
+ {
+ "name": "MONGODB_SMALLFILES",
+ "value": "${MONGODB_SMALLFILES}"
+ },
+ {
+ "name": "MONGODB_QUIET",
+ "value": "${MONGODB_QUIET}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat7-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat7-mysql-persistent-s2i.json
new file mode 100644
index 000000000..be6899958
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat7-mysql-persistent-s2i.json
@@ -0,0 +1,718 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-tomcat",
+ "description": "Application template for JWS MySQL applications with persistent storage built using S2I.",
+ "tags": "tomcat,tomcat7,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 7 + MySQL (Persistent with https)"
+ },
+ "name": "jws31-tomcat7-mysql-persistent-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat7-mysql-persistent-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new persistent JWS application for Tomcat 7 (using MySQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/mysqlDS",
+ "name": "DB_JNDI",
+ "value": "jboss/datasources/defaultDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat7-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/mysql/data",
+ "name": "${APPLICATION_NAME}-mysql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-mysql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-mysql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat7-mysql-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat7-mysql-s2i.json
new file mode 100644
index 000000000..2983cc905
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat7-mysql-s2i.json
@@ -0,0 +1,677 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-tomcat",
+ "description": "Application template for JWS MySQL applications built using S2I.",
+ "tags": "tomcat,tomcat7,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 7 + MySQL (Ephemeral with https)"
+ },
+ "name": "jws31-tomcat7-mysql-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat7-mysql-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new JWS application for Tomcat 7 (using MySQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/mysqlDS",
+ "name": "DB_JNDI",
+ "value": "jboss/datasources/defaultDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat7-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat7-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat7-postgresql-persistent-s2i.json
new file mode 100644
index 000000000..cc5ea452c
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat7-postgresql-persistent-s2i.json
@@ -0,0 +1,692 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-tomcat",
+ "description": "Application template for JWS PostgreSQL applications with persistent storage built using S2I.",
+ "tags": "tomcat,tomcat7,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 7 + PostgreSQL (Persistent with https)"
+ },
+ "name": "jws31-tomcat7-postgresql-persistent-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat7-postgresql-persistent-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new persistent JWS application for Tomcat 7 (using PostgreSQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the PostgreSQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/postgresqlDS",
+ "name": "DB_JNDI",
+ "value": "jboss/datasources/defaultDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat7-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/pgsql/data",
+ "name": "${APPLICATION_NAME}-postgresql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-postgresql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat7-postgresql-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat7-postgresql-s2i.json
new file mode 100644
index 000000000..bd23e1558
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat7-postgresql-s2i.json
@@ -0,0 +1,651 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-tomcat",
+ "description": "Application template for JWS PostgreSQL applications built using S2I.",
+ "tags": "tomcat,tomcat7,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 7 + PostgreSQL (Ephemeral with https)"
+ },
+ "name": "jws31-tomcat7-postgresql-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat7-postgresql-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new JWS application for Tomcat 7 (using PostgreSQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the PostgreSQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/postgresqlDS",
+ "name": "DB_JNDI",
+ "value": "jboss/datasources/defaultDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat7-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat8-basic-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat8-basic-s2i.json
new file mode 100644
index 000000000..f3a5786f6
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat8-basic-s2i.json
@@ -0,0 +1,319 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-tomcat",
+ "description": "Application template for JWS applications built using S2I.",
+ "tags": "tomcat,tomcat8,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 8 (no https)"
+ },
+ "name": "jws31-tomcat8-basic-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat8-basic-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new JWS application for Tomcat 8 has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "tomcat-websocket-chat",
+ "required": false
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat8-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat8-https-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat8-https-s2i.json
new file mode 100644
index 000000000..634948a80
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat8-https-s2i.json
@@ -0,0 +1,438 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-tomcat",
+ "description": "Application template for JWS applications built using S2I.",
+ "tags": "tomcat,tomcat8,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 8 (with https)"
+ },
+ "name": "jws31-tomcat8-https-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat8-https-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new JWS application for Tomcat 8 has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "tomcat-websocket-chat",
+ "required": false
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat8-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat8-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat8-mongodb-persistent-s2i.json
new file mode 100644
index 000000000..1ad60d8cc
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat8-mongodb-persistent-s2i.json
@@ -0,0 +1,715 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-tomcat",
+ "description": "Application template for JWS MongoDB applications with persistent storage built using S2I.",
+ "tags": "tomcat,tomcat8,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 8 + MongoDB (Persistent with https)"
+ },
+ "name": "jws31-tomcat8-mongodb-persistent-s2i"
+ },
+ "message": "A new persistent JWS application for Tomcat 8 (using MongoDB) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MongoDB database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "labels": {
+ "template": "jws31-tomcat8-mongodb-persistent-s2i",
+ "xpaas": "1.4.0"
+ },
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-mongodb",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
+ "name": "DB_JNDI",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB No Preallocation",
+ "description": "Disable data file preallocation.",
+ "name": "MONGODB_NOPREALLOC",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Small Files",
+ "description": "Set MongoDB to use a smaller default data file size.",
+ "name": "MONGODB_SMALLFILES",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Quiet",
+ "description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
+ "name": "MONGODB_QUIET",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database admin password",
+ "description": "Database admin password",
+ "name": "DB_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 27017,
+ "targetPort": 27017
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat8-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mongodb=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mongodb"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "image": "mongodb",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 27017,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/mongodb/data",
+ "name": "${APPLICATION_NAME}-mongodb-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "MONGODB_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MONGODB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MONGODB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_NOPREALLOC",
+ "value": "${MONGODB_NOPREALLOC}"
+ },
+ {
+ "name": "MONGODB_SMALLFILES",
+ "value": "${MONGODB_SMALLFILES}"
+ },
+ {
+ "name": "MONGODB_QUIET",
+ "value": "${MONGODB_QUIET}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-mongodb-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-mongodb-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat8-mongodb-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat8-mongodb-s2i.json
new file mode 100644
index 000000000..f3e918afc
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat8-mongodb-s2i.json
@@ -0,0 +1,674 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-tomcat",
+ "description": "Application template for JWS MongoDB applications built using S2I.",
+ "tags": "tomcat,tomcat8,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 8 + MongoDB (Ephemeral with https)"
+ },
+ "name": "jws31-tomcat8-mongodb-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat8-mongodb-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new JWS application for Tomcat 8 (using MongoDB) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MongoDB database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-mongodb",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
+ "name": "DB_JNDI",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB No Preallocation",
+ "description": "Disable data file preallocation.",
+ "name": "MONGODB_NOPREALLOC",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Small Files",
+ "description": "Set MongoDB to use a smaller default data file size.",
+ "name": "MONGODB_SMALLFILES",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Quiet",
+ "description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
+ "name": "MONGODB_QUIET",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database admin password",
+ "description": "Database admin password",
+ "name": "DB_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 27017,
+ "targetPort": 27017
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat8-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mongodb=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mongodb"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "image": "mongodb",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 27017,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MONGODB_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MONGODB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MONGODB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_NOPREALLOC",
+ "value": "${MONGODB_NOPREALLOC}"
+ },
+ {
+ "name": "MONGODB_SMALLFILES",
+ "value": "${MONGODB_SMALLFILES}"
+ },
+ {
+ "name": "MONGODB_QUIET",
+ "value": "${MONGODB_QUIET}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat8-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat8-mysql-persistent-s2i.json
new file mode 100644
index 000000000..08b456440
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat8-mysql-persistent-s2i.json
@@ -0,0 +1,718 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-tomcat",
+ "description": "Application template for JWS MySQL applications with persistent storage built using S2I.",
+ "tags": "tomcat,tomcat8,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 8 + MySQL (Persistent with https)"
+ },
+ "name": "jws31-tomcat8-mysql-persistent-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat8-mysql-persistent-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new persistent JWS application for Tomcat 8 (using MySQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/mysqlDS",
+ "name": "DB_JNDI",
+ "value": "jboss/datasources/defaultDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat8-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/mysql/data",
+ "name": "${APPLICATION_NAME}-mysql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-mysql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-mysql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat8-mysql-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat8-mysql-s2i.json
new file mode 100644
index 000000000..260515b73
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat8-mysql-s2i.json
@@ -0,0 +1,677 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-tomcat",
+ "description": "Application template for JWS MySQL applications built using S2I.",
+ "tags": "tomcat,tomcat8,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 8 + MySQL (Ephemeral with https)"
+ },
+ "name": "jws31-tomcat8-mysql-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat8-mysql-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new JWS application for Tomcat 8 (using MySQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/mysqlDS",
+ "name": "DB_JNDI",
+ "value": "jboss/datasources/defaultDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat8-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat8-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat8-postgresql-persistent-s2i.json
new file mode 100644
index 000000000..eef5b6939
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat8-postgresql-persistent-s2i.json
@@ -0,0 +1,692 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-tomcat",
+ "description": "Application template for JWS PostgreSQL applications with persistent storage built using S2I.",
+ "tags": "tomcat,tomcat8,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 8 + PostgreSQL (Persistent with https)"
+ },
+ "name": "jws31-tomcat8-postgresql-persistent-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat8-postgresql-persistent-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new persistent JWS application for Tomcat 8 (using PostgreSQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the PostgreSQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/postgresqlDS",
+ "name": "DB_JNDI",
+ "value": "jboss/datasources/defaultDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat8-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/pgsql/data",
+ "name": "${APPLICATION_NAME}-postgresql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-postgresql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat8-postgresql-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat8-postgresql-s2i.json
new file mode 100644
index 000000000..07ef7218a
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/jws31-tomcat8-postgresql-s2i.json
@@ -0,0 +1,649 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-tomcat",
+ "description": "Application template for JWS PostgreSQL applications built using S2I.",
+ "tags": "tomcat,tomcat8,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 8 + (PostgreSQL with https)"
+ },
+ "name": "jws31-tomcat8-postgresql-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat8-postgresql-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new JWS application for Tomcat 8 (using PostgreSQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the PostgreSQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/postgresqlDS",
+ "name": "DB_JNDI",
+ "value": "jboss/datasources/defaultDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat8-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/openjdk18-web-basic-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/openjdk18-web-basic-s2i.json
index 143e16756..a48e204ae 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/openjdk18-web-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/openjdk18-web-basic-s2i.json
@@ -6,13 +6,14 @@
"iconClass": "icon-jboss",
"description": "Application template for Java applications built using S2I.",
"tags": "java,xpaas",
- "version": "1.0.0"
+ "version": "1.1.0",
+ "openshift.io/display-name": "Red Hat OpenJDK 8"
},
"name": "openjdk18-web-basic-s2i"
},
"labels": {
"template": "openjdk18-web-basic-s2i",
- "xpaas": "1.0.0"
+ "xpaas": "1.4.0"
},
"message": "A new java application has been created in your project.",
"parameters": [
@@ -155,7 +156,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "redhat-openjdk18-openshift:1.0"
+ "name": "redhat-openjdk18-openshift:1.1"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-amq-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-amq-mysql-persistent-s2i.json
index 1dea463ac..d1705c88c 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-amq-mysql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-amq-mysql-persistent-s2i.json
@@ -5,41 +5,48 @@
"annotations": {
"description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server AMQ and MySQL applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "processserver,amq,mysql,javaee,java,database,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server + A-MQ + MySQL (Persistent with https)"
},
"name": "processserver63-amq-mysql-persistent-s2i"
},
"labels": {
"template": "processserver63-amq-mysql-persistent-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent BPMS application (using MySQL and A-MQ) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. And for the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Protocol",
"description": "The protocol to access the KIE Server REST interface.",
"name": "KIE_SERVER_PROTOCOL",
"value": "https",
"required": false
},
{
+ "displayName": "KIE Server Port",
"description": "The port to access the KIE Server REST interface.",
"name": "KIE_SERVER_PORT",
"value": "8443",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -47,144 +54,168 @@
"required": false
},
{
+ "displayName": "KIE Server Domain",
"description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
"name": "KIE_SERVER_DOMAIN",
"value": "other",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Request",
"description": "JNDI name of request queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_REQUEST",
"value": "queue/KIE.SERVER.REQUEST",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Response",
"description": "JNDI name of response queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
"value": "queue/KIE.SERVER.RESPONSE",
"required": false
},
{
+ "displayName": "KIE Server Executor JMS Queue",
"description": "JNDI name of executor queue for JMS.",
"name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
"value": "queue/KIE.SERVER.EXECUTOR",
"required": false
},
{
+ "displayName": "KIE Server Persistence Dialect",
"description": "Hibernate persistence dialect.",
"name": "KIE_SERVER_PERSISTENCE_DIALECT",
"value": "org.hibernate.dialect.MySQL5Dialect",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "processserver/library",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
"name": "DB_JNDI",
"value": "java:jboss/datasources/ExampleDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "JMS Connection Factory JNDI Name",
"description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
"name": "MQ_JNDI",
"value": "java:/JmsXA",
"required": false
},
{
+ "displayName": "Split Data?",
"description": "Split the data directory for each node in a mesh.",
"name": "AMQ_SPLIT",
"value": "false",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_QUEUES",
"value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE,KIE.SERVER.EXECUTOR",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "processserver-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -192,6 +223,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -199,46 +231,55 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -246,6 +287,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -253,18 +295,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -272,6 +317,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -279,10 +325,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -306,7 +373,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -330,7 +398,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -460,13 +529,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.3"
+ "name": "jboss-processserver63-openshift:1.4"
}
}
},
@@ -788,7 +865,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
@@ -919,7 +996,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-amq-mysql-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-amq-mysql-s2i.json
index 42264585b..665cb76a3 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-amq-mysql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-amq-mysql-s2i.json
@@ -5,41 +5,48 @@
"annotations": {
"description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server AMQ and MySQL applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "processserver,amq,mysql,javaee,java,database,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server + A-MQ + MySQL (Ephemeral with https)"
},
"name": "processserver63-amq-mysql-s2i"
},
"labels": {
"template": "processserver63-amq-mysql-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new BPMS application (using MySQL and A-MQ) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. And for the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Protocol",
"description": "The protocol to access the KIE Server REST interface.",
"name": "KIE_SERVER_PROTOCOL",
"value": "https",
"required": false
},
{
+ "displayName": "KIE Server Port",
"description": "The port to access the KIE Server REST interface.",
"name": "KIE_SERVER_PORT",
"value": "8443",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -47,132 +54,154 @@
"required": false
},
{
+ "displayName": "KIE Server Domain",
"description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
"name": "KIE_SERVER_DOMAIN",
"value": "other",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Request",
"description": "JNDI name of request queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_REQUEST",
"value": "queue/KIE.SERVER.REQUEST",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Response",
"description": "JNDI name of response queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
"value": "queue/KIE.SERVER.RESPONSE",
"required": false
},
{
+ "displayName": "KIE Server Executor JMS Queue",
"description": "JNDI name of executor queue for JMS.",
"name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
"value": "queue/KIE.SERVER.EXECUTOR",
"required": false
},
{
+ "displayName": "KIE Server Persistence Dialect",
"description": "Hibernate persistence dialect.",
"name": "KIE_SERVER_PERSISTENCE_DIALECT",
"value": "org.hibernate.dialect.MySQL5Dialect",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "processserver/library",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
"name": "DB_JNDI",
"value": "java:jboss/datasources/ExampleDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "JMS Connection Factory JNDI Name",
"description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
"name": "MQ_JNDI",
"value": "java:/JmsXA",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_QUEUES",
"value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE,KIE.SERVER.EXECUTOR",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "processserver-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -180,6 +209,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -187,46 +217,55 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -234,6 +273,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -241,18 +281,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -260,6 +303,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -267,10 +311,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -294,7 +359,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -318,7 +384,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -448,13 +515,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.3"
+ "name": "jboss-processserver63-openshift:1.4"
}
}
},
@@ -740,7 +815,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
@@ -837,7 +912,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-amq-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-amq-postgresql-persistent-s2i.json
index f6d0c99ed..5a395a0f3 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-amq-postgresql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-amq-postgresql-persistent-s2i.json
@@ -5,41 +5,48 @@
"annotations": {
"description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server AMQ and PostgreSQL applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "processserver,amq,postgresql,javaee,java,database,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server + A-MQ + PostgreSQL (Persistent with https)"
},
"name": "processserver63-amq-postgresql-persistent-s2i"
},
"labels": {
"template": "processserver63-amq-postgresql-persistent-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent BPMS application (using PostgreSQL and A-MQ) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. And for the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Protocol",
"description": "The protocol to access the KIE Server REST interface.",
"name": "KIE_SERVER_PROTOCOL",
"value": "https",
"required": false
},
{
+ "displayName": "KIE Server Port",
"description": "The port to access the KIE Server REST interface.",
"name": "KIE_SERVER_PORT",
"value": "8443",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -47,144 +54,168 @@
"required": false
},
{
+ "displayName": "KIE Server Domain",
"description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
"name": "KIE_SERVER_DOMAIN",
"value": "other",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Request",
"description": "JNDI name of request queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_REQUEST",
"value": "queue/KIE.SERVER.REQUEST",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Response",
"description": "JNDI name of response queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
"value": "queue/KIE.SERVER.RESPONSE",
"required": false
},
{
+ "displayName": "KIE Server Executor JMS Queue",
"description": "JNDI name of executor queue for JMS.",
"name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
"value": "queue/KIE.SERVER.EXECUTOR",
"required": false
},
{
+ "displayName": "KIE Server Persistence Dialect",
"description": "Hibernate persistence dialect.",
"name": "KIE_SERVER_PERSISTENCE_DIALECT",
"value": "org.hibernate.dialect.PostgreSQL82Dialect",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "processserver/library",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
"name": "DB_JNDI",
"value": "java:jboss/datasources/ExampleDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "JMS Connection Factory JNDI Name",
"description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
"name": "MQ_JNDI",
"value": "java:/JmsXA",
"required": false
},
{
+ "displayName": "Split Data?",
"description": "Split the data directory for each node in a mesh.",
"name": "AMQ_SPLIT",
"value": "false",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_QUEUES",
"value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE,KIE.SERVER.EXECUTOR",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "processserver-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -192,6 +223,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -199,31 +231,37 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -231,6 +269,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -238,18 +277,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -257,6 +299,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -264,10 +307,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -291,7 +355,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -315,7 +380,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -445,13 +511,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.3"
+ "name": "jboss-processserver63-openshift:1.4"
}
}
},
@@ -773,7 +847,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
@@ -892,7 +966,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-amq-postgresql-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-amq-postgresql-s2i.json
index 41c726cf0..e7c5efdc9 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-amq-postgresql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-amq-postgresql-s2i.json
@@ -5,41 +5,48 @@
"annotations": {
"description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server AMQ and PostgreSQL applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "processserver,amq,postgresql,javaee,java,database,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server + A-MQ + PostgreSQL (Ephemeral with https)"
},
"name": "processserver63-amq-postgresql-s2i"
},
"labels": {
"template": "processserver63-amq-postgresql-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new BPMS application (using PostgreSQL and A-MQ) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. And for the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Protocol",
"description": "The protocol to access the KIE Server REST interface.",
"name": "KIE_SERVER_PROTOCOL",
"value": "https",
"required": false
},
{
+ "displayName": "KIE Server Port",
"description": "The port to access the KIE Server REST interface.",
"name": "KIE_SERVER_PORT",
"value": "8443",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -47,132 +54,154 @@
"required": false
},
{
+ "displayName": "KIE Server Domain",
"description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
"name": "KIE_SERVER_DOMAIN",
"value": "other",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Request",
"description": "JNDI name of request queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_REQUEST",
"value": "queue/KIE.SERVER.REQUEST",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Response",
"description": "JNDI name of response queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
"value": "queue/KIE.SERVER.RESPONSE",
"required": false
},
{
+ "displayName": "KIE Server Executor JMS Queue",
"description": "JNDI name of executor queue for JMS.",
"name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
"value": "queue/KIE.SERVER.EXECUTOR",
"required": false
},
{
+ "displayName": "KIE Server Persistence Dialect",
"description": "Hibernate persistence dialect.",
"name": "KIE_SERVER_PERSISTENCE_DIALECT",
"value": "org.hibernate.dialect.PostgreSQL82Dialect",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "processserver/library",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
"name": "DB_JNDI",
"value": "java:jboss/datasources/ExampleDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "JMS Connection Factory JNDI Name",
"description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
"name": "MQ_JNDI",
"value": "java:/JmsXA",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_QUEUES",
"value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE,KIE.SERVER.EXECUTOR",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "processserver-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -180,6 +209,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -187,31 +217,37 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -219,6 +255,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -226,18 +263,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -245,6 +285,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -252,10 +293,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -279,7 +341,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -303,7 +366,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -433,13 +497,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.3"
+ "name": "jboss-processserver63-openshift:1.4"
}
}
},
@@ -725,7 +797,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
@@ -810,7 +882,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-basic-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-basic-s2i.json
index 170c919cb..e70d20a6e 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-basic-s2i.json
@@ -5,29 +5,34 @@
"annotations": {
"description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "processserver,javaee,java,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server (no https)"
},
"name": "processserver63-basic-s2i"
},
"labels": {
"template": "processserver63-basic-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new BPMS application has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -35,54 +40,63 @@
"required": false
},
{
+ "displayName": "KIE Server Persistence Dialect",
"description": "Hibernate persistence dialect.",
"name": "KIE_SERVER_PERSISTENCE_DIALECT",
"value": "org.hibernate.dialect.H2Dialect",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "processserver/library",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -90,6 +104,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -97,6 +112,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -104,10 +120,24 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -190,13 +220,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.3"
+ "name": "jboss-processserver63-openshift:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-mysql-persistent-s2i.json
index 89d0db1a6..f76b07b0b 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-mysql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-mysql-persistent-s2i.json
@@ -5,41 +5,48 @@
"annotations": {
"description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server MySQL applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "processserver,mysql,javaee,java,database,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server + MySQL (Persistent with https)"
},
"name": "processserver63-mysql-persistent-s2i"
},
"labels": {
"template": "processserver63-mysql-persistent-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent BPMS application (using MySQL) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Protocol",
"description": "The protocol to access the KIE Server REST interface.",
"name": "KIE_SERVER_PROTOCOL",
"value": "https",
"required": false
},
{
+ "displayName": "KIE Server Port",
"description": "The port to access the KIE Server REST interface.",
"name": "KIE_SERVER_PORT",
"value": "8443",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -47,108 +54,126 @@
"required": false
},
{
+ "displayName": "KIE Server Domain",
"description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
"name": "KIE_SERVER_DOMAIN",
"value": "other",
"required": false
},
{
+ "displayName": "KIE Server Persistence Dialect",
"description": "Hibernate persistence dialect.",
"name": "KIE_SERVER_PERSISTENCE_DIALECT",
"value": "org.hibernate.dialect.MySQL5Dialect",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "processserver/library",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
"name": "DB_JNDI",
"value": "java:jboss/datasources/ExampleDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "processserver-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -156,6 +181,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -163,46 +189,55 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -210,6 +245,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -217,6 +253,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -224,10 +261,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -251,7 +309,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -275,7 +334,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -381,13 +441,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.3"
+ "name": "jboss-processserver63-openshift:1.4"
}
}
},
@@ -681,7 +749,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-mysql-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-mysql-s2i.json
index 26cab29f8..a3be02eab 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-mysql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-mysql-s2i.json
@@ -5,41 +5,48 @@
"annotations": {
"description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server MySQL applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "processserver,mysql,javaee,java,database,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server + MySQL (Ephemeral with https)"
},
"name": "processserver63-mysql-s2i"
},
"labels": {
"template": "processserver63-mysql-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new BPMS application (using MySQL) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Protocol",
"description": "The protocol to access the KIE Server REST interface.",
"name": "KIE_SERVER_PROTOCOL",
"value": "https",
"required": false
},
{
+ "displayName": "KIE Server Port",
"description": "The port to access the KIE Server REST interface.",
"name": "KIE_SERVER_PORT",
"value": "8443",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -47,102 +54,119 @@
"required": false
},
{
+ "displayName": "KIE Server Domain",
"description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
"name": "KIE_SERVER_DOMAIN",
"value": "other",
"required": false
},
{
+ "displayName": "KIE Server Persistence Dialect",
"description": "Hibernate persistence dialect.",
"name": "KIE_SERVER_PERSISTENCE_DIALECT",
"value": "org.hibernate.dialect.MySQL5Dialect",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "processserver/library",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
"name": "DB_JNDI",
"value": "java:jboss/datasources/ExampleDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "processserver-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -150,6 +174,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -157,46 +182,55 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -204,6 +238,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -211,6 +246,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -218,10 +254,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -245,7 +302,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -269,7 +327,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -375,13 +434,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.3"
+ "name": "jboss-processserver63-openshift:1.4"
}
}
},
@@ -639,7 +706,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-postgresql-persistent-s2i.json
index 32a512829..361b177f9 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-postgresql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-postgresql-persistent-s2i.json
@@ -5,41 +5,48 @@
"annotations": {
"description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server PostgreSQL applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "processserver,postgresql,javaee,java,database,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server + PostgreSQL (Persistent with https)"
},
"name": "processserver63-postgresql-persistent-s2i"
},
"labels": {
"template": "processserver63-postgresql-persistent-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent BPMS application (using PostgreSQL) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Protocol",
"description": "The protocol to access the KIE Server REST interface.",
"name": "KIE_SERVER_PROTOCOL",
"value": "https",
"required": false
},
{
+ "displayName": "KIE Server Port",
"description": "The port to access the KIE Server REST interface.",
"name": "KIE_SERVER_PORT",
"value": "8443",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -47,108 +54,126 @@
"required": false
},
{
+ "displayName": "KIE Server Domain",
"description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
"name": "KIE_SERVER_DOMAIN",
"value": "other",
"required": false
},
{
+ "displayName": "KIE Server Persistence Dialect",
"description": "Hibernate persistence dialect.",
"name": "KIE_SERVER_PERSISTENCE_DIALECT",
"value": "org.hibernate.dialect.PostgreSQL82Dialect",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "processserver/library",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
"name": "DB_JNDI",
"value": "java:jboss/datasources/ExampleDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "processserver-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -156,6 +181,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -163,31 +189,37 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -195,6 +227,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -202,6 +235,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -209,10 +243,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -236,7 +291,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -260,7 +316,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -366,13 +423,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.3"
+ "name": "jboss-processserver63-openshift:1.4"
}
}
},
@@ -666,7 +731,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-postgresql-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-postgresql-s2i.json
index 55e2199bb..451915a1d 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-postgresql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver63-postgresql-s2i.json
@@ -5,41 +5,48 @@
"annotations": {
"description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server PostgreSQL applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "processserver,postgresql,javaee,java,database,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server + PostgreSQL (Ephemeral with https)"
},
"name": "processserver63-postgresql-s2i"
},
"labels": {
"template": "processserver63-postgresql-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new BPMS application (using PostgreSQL) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Protocol",
"description": "The protocol to access the KIE Server REST interface.",
"name": "KIE_SERVER_PROTOCOL",
"value": "https",
"required": false
},
{
+ "displayName": "KIE Server Port",
"description": "The port to access the KIE Server REST interface.",
"name": "KIE_SERVER_PORT",
"value": "8443",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -47,102 +54,119 @@
"required": false
},
{
+ "displayName": "KIE Server Domain",
"description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
"name": "KIE_SERVER_DOMAIN",
"value": "other",
"required": false
},
{
+ "displayName": "KIE Server Persistence Dialect",
"description": "Hibernate persistence dialect.",
"name": "KIE_SERVER_PERSISTENCE_DIALECT",
"value": "org.hibernate.dialect.PostgreSQL82Dialect",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "processserver/library",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
"name": "DB_JNDI",
"value": "java:jboss/datasources/ExampleDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "processserver-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -150,6 +174,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -157,31 +182,37 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -189,6 +220,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -196,6 +228,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -203,10 +236,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -230,7 +284,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -254,7 +309,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -360,13 +416,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.3"
+ "name": "jboss-processserver63-openshift:1.4"
}
}
},
@@ -624,7 +688,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver64-amq-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver64-amq-mysql-persistent-s2i.json
new file mode 100644
index 000000000..293d04d63
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver64-amq-mysql-persistent-s2i.json
@@ -0,0 +1,1156 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for Red Hat JBoss BPM Suite 6.4 intelligent process server AMQ and MySQL applications with persistent storage built using S2I.",
+ "iconClass": "icon-jboss",
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.4 intelligent process server + A-MQ + MySQL (Persistent with https)"
+ },
+ "name": "processserver64-amq-mysql-persistent-s2i"
+ },
+ "labels": {
+ "template": "processserver64-amq-mysql-persistent-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new persistent BPMS application (using MySQL and A-MQ) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. And for the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "KIE Container Deployment",
+ "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Protocol",
+ "description": "The protocol to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "https",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Port",
+ "description": "The port to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PORT",
+ "value": "8443",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Username",
+ "description": "The user name to access the KIE Server REST or JMS interface.",
+ "name": "KIE_SERVER_USER",
+ "value": "kieserver",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Password",
+ "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
+ "name": "KIE_SERVER_PASSWORD",
+ "from": "[a-zA-Z]{6}[0-9]{1}!",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Domain",
+ "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "other",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server JMS Queues Request",
+ "description": "JNDI name of request queue for JMS.",
+ "name": "KIE_SERVER_JMS_QUEUES_REQUEST",
+ "value": "queue/KIE.SERVER.REQUEST",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server JMS Queues Response",
+ "description": "JNDI name of response queue for JMS.",
+ "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
+ "value": "queue/KIE.SERVER.RESPONSE",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Executor JMS Queue",
+ "description": "JNDI name of executor queue for JMS.",
+ "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
+ "value": "queue/KIE.SERVER.EXECUTOR",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Persistence Dialect",
+ "description": "Hibernate persistence dialect.",
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "org.hibernate.dialect.MySQL5Dialect",
+ "required": false
+ },
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "kie-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "processserver/library",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/ExampleDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "JMS Connection Factory JNDI Name",
+ "description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
+ "name": "MQ_JNDI",
+ "value": "java:/JmsXA",
+ "required": false
+ },
+ {
+ "displayName": "Split Data?",
+ "description": "Split the data directory for each node in a mesh.",
+ "name": "AMQ_SPLIT",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_QUEUES",
+ "value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE,KIE.SERVER.EXECUTOR",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "processserver-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-processserver64-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "processserver-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "processserver-keystore-volume",
+ "mountPath": "/etc/processserver-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "${KIE_SERVER_PROTOCOL}"
+ },
+ {
+ "name": "KIE_SERVER_PORT",
+ "value": "${KIE_SERVER_PORT}"
+ },
+ {
+ "name": "KIE_SERVER_USER",
+ "value": "${KIE_SERVER_USER}"
+ },
+ {
+ "name": "KIE_SERVER_PASSWORD",
+ "value": "${KIE_SERVER_PASSWORD}"
+ },
+ {
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "${KIE_SERVER_DOMAIN}"
+ },
+ {
+ "name": "KIE_SERVER_JMS_QUEUES_REQUEST",
+ "value": "${KIE_SERVER_JMS_QUEUES_REQUEST}"
+ },
+ {
+ "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
+ "value": "${KIE_SERVER_JMS_QUEUES_RESPONSE}"
+ },
+ {
+ "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
+ "value": "${KIE_SERVER_EXECUTOR_JMS_QUEUE}"
+ },
+ {
+ "name": "MQ_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-amq=MQ"
+ },
+ {
+ "name": "MQ_JNDI",
+ "value": "${MQ_JNDI}"
+ },
+ {
+ "name": "MQ_USERNAME",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "MQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "MQ_PROTOCOL",
+ "value": "tcp"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "${KIE_SERVER_PERSISTENCE_DIALECT}"
+ },
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB,${APPLICATION_NAME}-mysql=QUARTZ"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "QUARTZ_JNDI",
+ "value": "${DB_JNDI}NotManaged"
+ },
+ {
+ "name": "QUARTZ_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "QUARTZ_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "QUARTZ_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "QUARTZ_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "QUARTZ_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "QUARTZ_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "QUARTZ_JTA",
+ "value": "false"
+ },
+ {
+ "name": "QUARTZ_NONXA",
+ "value": "true"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/processserver-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "processserver-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/mysql/data",
+ "name": "${APPLICATION_NAME}-mysql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-mysql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-mysql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-63:1.0"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-63",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "mountPath": "/opt/amq/data",
+ "name": "${APPLICATION_NAME}-amq-pvol"
+ }
+ ],
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp-ssl",
+ "containerPort": 5671,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp-ssl",
+ "containerPort": 61612,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp-ssl",
+ "containerPort": 61617,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_SPLIT",
+ "value": "${AMQ_SPLIT}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-amq-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-amq-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteMany"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver64-amq-mysql-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver64-amq-mysql-s2i.json
new file mode 100644
index 000000000..760940b36
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver64-amq-mysql-s2i.json
@@ -0,0 +1,1034 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for Red Hat JBoss BPM Suite 6.4 intelligent process server AMQ and MySQL applications built using S2I.",
+ "iconClass": "icon-jboss",
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.4 intelligent process server + A-MQ + MySQL (Ephemeral with https)"
+ },
+ "name": "processserver64-amq-mysql-s2i"
+ },
+ "labels": {
+ "template": "processserver64-amq-mysql-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new BPMS application (using MySQL and A-MQ) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. And for the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "KIE Container Deployment",
+ "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Protocol",
+ "description": "The protocol to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "https",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Port",
+ "description": "The port to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PORT",
+ "value": "8443",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Username",
+ "description": "The user name to access the KIE Server REST or JMS interface.",
+ "name": "KIE_SERVER_USER",
+ "value": "kieserver",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Password",
+ "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
+ "name": "KIE_SERVER_PASSWORD",
+ "from": "[a-zA-Z]{6}[0-9]{1}!",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Domain",
+ "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "other",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server JMS Queues Request",
+ "description": "JNDI name of request queue for JMS.",
+ "name": "KIE_SERVER_JMS_QUEUES_REQUEST",
+ "value": "queue/KIE.SERVER.REQUEST",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server JMS Queues Response",
+ "description": "JNDI name of response queue for JMS.",
+ "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
+ "value": "queue/KIE.SERVER.RESPONSE",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Executor JMS Queue",
+ "description": "JNDI name of executor queue for JMS.",
+ "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
+ "value": "queue/KIE.SERVER.EXECUTOR",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Persistence Dialect",
+ "description": "Hibernate persistence dialect.",
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "org.hibernate.dialect.MySQL5Dialect",
+ "required": false
+ },
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "kie-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "processserver/library",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/ExampleDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "JMS Connection Factory JNDI Name",
+ "description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
+ "name": "MQ_JNDI",
+ "value": "java:/JmsXA",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_QUEUES",
+ "value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE,KIE.SERVER.EXECUTOR",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "processserver-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-processserver64-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "processserver-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "processserver-keystore-volume",
+ "mountPath": "/etc/processserver-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "${KIE_SERVER_PROTOCOL}"
+ },
+ {
+ "name": "KIE_SERVER_PORT",
+ "value": "${KIE_SERVER_PORT}"
+ },
+ {
+ "name": "KIE_SERVER_USER",
+ "value": "${KIE_SERVER_USER}"
+ },
+ {
+ "name": "KIE_SERVER_PASSWORD",
+ "value": "${KIE_SERVER_PASSWORD}"
+ },
+ {
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "${KIE_SERVER_DOMAIN}"
+ },
+ {
+ "name": "KIE_SERVER_JMS_QUEUES_REQUEST",
+ "value": "${KIE_SERVER_JMS_QUEUES_REQUEST}"
+ },
+ {
+ "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
+ "value": "${KIE_SERVER_JMS_QUEUES_RESPONSE}"
+ },
+ {
+ "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
+ "value": "${KIE_SERVER_EXECUTOR_JMS_QUEUE}"
+ },
+ {
+ "name": "MQ_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-amq=MQ"
+ },
+ {
+ "name": "MQ_JNDI",
+ "value": "${MQ_JNDI}"
+ },
+ {
+ "name": "MQ_USERNAME",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "MQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "MQ_PROTOCOL",
+ "value": "tcp"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "${KIE_SERVER_PERSISTENCE_DIALECT}"
+ },
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/processserver-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "processserver-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-63:1.0"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-63",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp-ssl",
+ "containerPort": 5671,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp-ssl",
+ "containerPort": 61612,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp-ssl",
+ "containerPort": 61617,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver64-amq-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver64-amq-postgresql-persistent-s2i.json
new file mode 100644
index 000000000..1603bccff
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver64-amq-postgresql-persistent-s2i.json
@@ -0,0 +1,1126 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for Red Hat JBoss BPM Suite 6.4 intelligent process server AMQ and PostgreSQL applications with persistent storage built using S2I.",
+ "iconClass": "icon-jboss",
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.4 intelligent process server + A-MQ + PostgreSQL (Persistent with https)"
+ },
+ "name": "processserver64-amq-postgresql-persistent-s2i"
+ },
+ "labels": {
+ "template": "processserver64-amq-postgresql-persistent-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new persistent BPMS application (using PostgreSQL and A-MQ) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. And for the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "KIE Container Deployment",
+ "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Protocol",
+ "description": "The protocol to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "https",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Port",
+ "description": "The port to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PORT",
+ "value": "8443",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Username",
+ "description": "The user name to access the KIE Server REST or JMS interface.",
+ "name": "KIE_SERVER_USER",
+ "value": "kieserver",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Password",
+ "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
+ "name": "KIE_SERVER_PASSWORD",
+ "from": "[a-zA-Z]{6}[0-9]{1}!",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Domain",
+ "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "other",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server JMS Queues Request",
+ "description": "JNDI name of request queue for JMS.",
+ "name": "KIE_SERVER_JMS_QUEUES_REQUEST",
+ "value": "queue/KIE.SERVER.REQUEST",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server JMS Queues Response",
+ "description": "JNDI name of response queue for JMS.",
+ "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
+ "value": "queue/KIE.SERVER.RESPONSE",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Executor JMS Queue",
+ "description": "JNDI name of executor queue for JMS.",
+ "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
+ "value": "queue/KIE.SERVER.EXECUTOR",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Persistence Dialect",
+ "description": "Hibernate persistence dialect.",
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "org.hibernate.dialect.PostgreSQL82Dialect",
+ "required": false
+ },
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "kie-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "processserver/library",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/ExampleDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "JMS Connection Factory JNDI Name",
+ "description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
+ "name": "MQ_JNDI",
+ "value": "java:/JmsXA",
+ "required": false
+ },
+ {
+ "displayName": "Split Data?",
+ "description": "Split the data directory for each node in a mesh.",
+ "name": "AMQ_SPLIT",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_QUEUES",
+ "value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE,KIE.SERVER.EXECUTOR",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "processserver-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-processserver64-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "processserver-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "processserver-keystore-volume",
+ "mountPath": "/etc/processserver-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "${KIE_SERVER_PROTOCOL}"
+ },
+ {
+ "name": "KIE_SERVER_PORT",
+ "value": "${KIE_SERVER_PORT}"
+ },
+ {
+ "name": "KIE_SERVER_USER",
+ "value": "${KIE_SERVER_USER}"
+ },
+ {
+ "name": "KIE_SERVER_PASSWORD",
+ "value": "${KIE_SERVER_PASSWORD}"
+ },
+ {
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "${KIE_SERVER_DOMAIN}"
+ },
+ {
+ "name": "KIE_SERVER_JMS_QUEUES_REQUEST",
+ "value": "${KIE_SERVER_JMS_QUEUES_REQUEST}"
+ },
+ {
+ "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
+ "value": "${KIE_SERVER_JMS_QUEUES_RESPONSE}"
+ },
+ {
+ "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
+ "value": "${KIE_SERVER_EXECUTOR_JMS_QUEUE}"
+ },
+ {
+ "name": "MQ_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-amq=MQ"
+ },
+ {
+ "name": "MQ_JNDI",
+ "value": "${MQ_JNDI}"
+ },
+ {
+ "name": "MQ_USERNAME",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "MQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "MQ_PROTOCOL",
+ "value": "tcp"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "${KIE_SERVER_PERSISTENCE_DIALECT}"
+ },
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB,${APPLICATION_NAME}-postgresql=QUARTZ"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "QUARTZ_JNDI",
+ "value": "${DB_JNDI}NotManaged"
+ },
+ {
+ "name": "QUARTZ_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "QUARTZ_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "QUARTZ_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "QUARTZ_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "QUARTZ_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "QUARTZ_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "QUARTZ_JTA",
+ "value": "false"
+ },
+ {
+ "name": "QUARTZ_NONXA",
+ "value": "true"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/processserver-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "processserver-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/pgsql/data",
+ "name": "${APPLICATION_NAME}-postgresql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-postgresql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-63:1.0"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-63",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "mountPath": "/opt/amq/data",
+ "name": "${APPLICATION_NAME}-amq-pvol"
+ }
+ ],
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp-ssl",
+ "containerPort": 5671,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp-ssl",
+ "containerPort": 61612,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp-ssl",
+ "containerPort": 61617,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_SPLIT",
+ "value": "${AMQ_SPLIT}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-amq-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-amq-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteMany"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver64-amq-postgresql-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver64-amq-postgresql-s2i.json
new file mode 100644
index 000000000..422f51c11
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver64-amq-postgresql-s2i.json
@@ -0,0 +1,1004 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for Red Hat JBoss BPM Suite 6.4 intelligent process server AMQ and PostgreSQL applications built using S2I.",
+ "iconClass": "icon-jboss",
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.4 intelligent process server + A-MQ + PostgreSQL (Ephemeral with https)"
+ },
+ "name": "processserver64-amq-postgresql-s2i"
+ },
+ "labels": {
+ "template": "processserver64-amq-postgresql-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new BPMS application (using PostgreSQL and A-MQ) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. And for the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "KIE Container Deployment",
+ "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Protocol",
+ "description": "The protocol to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "https",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Port",
+ "description": "The port to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PORT",
+ "value": "8443",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Username",
+ "description": "The user name to access the KIE Server REST or JMS interface.",
+ "name": "KIE_SERVER_USER",
+ "value": "kieserver",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Password",
+ "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
+ "name": "KIE_SERVER_PASSWORD",
+ "from": "[a-zA-Z]{6}[0-9]{1}!",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Domain",
+ "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "other",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server JMS Queues Request",
+ "description": "JNDI name of request queue for JMS.",
+ "name": "KIE_SERVER_JMS_QUEUES_REQUEST",
+ "value": "queue/KIE.SERVER.REQUEST",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server JMS Queues Response",
+ "description": "JNDI name of response queue for JMS.",
+ "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
+ "value": "queue/KIE.SERVER.RESPONSE",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Executor JMS Queue",
+ "description": "JNDI name of executor queue for JMS.",
+ "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
+ "value": "queue/KIE.SERVER.EXECUTOR",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Persistence Dialect",
+ "description": "Hibernate persistence dialect.",
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "org.hibernate.dialect.PostgreSQL82Dialect",
+ "required": false
+ },
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "kie-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "processserver/library",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/ExampleDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "JMS Connection Factory JNDI Name",
+ "description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
+ "name": "MQ_JNDI",
+ "value": "java:/JmsXA",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_QUEUES",
+ "value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE,KIE.SERVER.EXECUTOR",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "processserver-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-processserver64-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "processserver-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "processserver-keystore-volume",
+ "mountPath": "/etc/processserver-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "${KIE_SERVER_PROTOCOL}"
+ },
+ {
+ "name": "KIE_SERVER_PORT",
+ "value": "${KIE_SERVER_PORT}"
+ },
+ {
+ "name": "KIE_SERVER_USER",
+ "value": "${KIE_SERVER_USER}"
+ },
+ {
+ "name": "KIE_SERVER_PASSWORD",
+ "value": "${KIE_SERVER_PASSWORD}"
+ },
+ {
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "${KIE_SERVER_DOMAIN}"
+ },
+ {
+ "name": "KIE_SERVER_JMS_QUEUES_REQUEST",
+ "value": "${KIE_SERVER_JMS_QUEUES_REQUEST}"
+ },
+ {
+ "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
+ "value": "${KIE_SERVER_JMS_QUEUES_RESPONSE}"
+ },
+ {
+ "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
+ "value": "${KIE_SERVER_EXECUTOR_JMS_QUEUE}"
+ },
+ {
+ "name": "MQ_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-amq=MQ"
+ },
+ {
+ "name": "MQ_JNDI",
+ "value": "${MQ_JNDI}"
+ },
+ {
+ "name": "MQ_USERNAME",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "MQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "MQ_PROTOCOL",
+ "value": "tcp"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "${KIE_SERVER_PERSISTENCE_DIALECT}"
+ },
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/processserver-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "processserver-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-63:1.0"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-63",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp-ssl",
+ "containerPort": 5671,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp-ssl",
+ "containerPort": 61612,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp-ssl",
+ "containerPort": 61617,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver64-basic-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver64-basic-s2i.json
new file mode 100644
index 000000000..2bf15ff25
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver64-basic-s2i.json
@@ -0,0 +1,383 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for Red Hat JBoss BPM Suite 6.4 intelligent process server applications built using S2I.",
+ "iconClass": "icon-jboss",
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.4 intelligent process server (no https)"
+ },
+ "name": "processserver64-basic-s2i"
+ },
+ "labels": {
+ "template": "processserver64-basic-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new BPMS application has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}.",
+ "parameters": [
+ {
+ "displayName": "KIE Container Deployment",
+ "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Username",
+ "description": "The user name to access the KIE Server REST or JMS interface.",
+ "name": "KIE_SERVER_USER",
+ "value": "kieserver",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Password",
+ "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
+ "name": "KIE_SERVER_PASSWORD",
+ "from": "[a-zA-Z]{6}[0-9]{1}!",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Persistence Dialect",
+ "description": "Hibernate persistence dialect.",
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "org.hibernate.dialect.H2Dialect",
+ "required": false
+ },
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "kie-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "processserver/library",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Password",
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-processserver64-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "KIE_SERVER_USER",
+ "value": "${KIE_SERVER_USER}"
+ },
+ {
+ "name": "KIE_SERVER_PASSWORD",
+ "value": "${KIE_SERVER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver64-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver64-mysql-persistent-s2i.json
new file mode 100644
index 000000000..4673dfb0d
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver64-mysql-persistent-s2i.json
@@ -0,0 +1,860 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for Red Hat JBoss BPM Suite 6.4 intelligent process server MySQL applications with persistent storage built using S2I.",
+ "iconClass": "icon-jboss",
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.4 intelligent process server + MySQL (Persistent with https)"
+ },
+ "name": "processserver64-mysql-persistent-s2i"
+ },
+ "labels": {
+ "template": "processserver64-mysql-persistent-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new persistent BPMS application (using MySQL) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "KIE Container Deployment",
+ "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Protocol",
+ "description": "The protocol to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "https",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Port",
+ "description": "The port to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PORT",
+ "value": "8443",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Username",
+ "description": "The user name to access the KIE Server REST or JMS interface.",
+ "name": "KIE_SERVER_USER",
+ "value": "kieserver",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Password",
+ "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
+ "name": "KIE_SERVER_PASSWORD",
+ "from": "[a-zA-Z]{6}[0-9]{1}!",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Domain",
+ "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "other",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Persistence Dialect",
+ "description": "Hibernate persistence dialect.",
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "org.hibernate.dialect.MySQL5Dialect",
+ "required": false
+ },
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "kie-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "processserver/library",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/ExampleDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "processserver-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Password",
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-processserver64-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "processserver-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "processserver-keystore-volume",
+ "mountPath": "/etc/processserver-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "${KIE_SERVER_PROTOCOL}"
+ },
+ {
+ "name": "KIE_SERVER_PORT",
+ "value": "${KIE_SERVER_PORT}"
+ },
+ {
+ "name": "KIE_SERVER_USER",
+ "value": "${KIE_SERVER_USER}"
+ },
+ {
+ "name": "KIE_SERVER_PASSWORD",
+ "value": "${KIE_SERVER_PASSWORD}"
+ },
+ {
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "${KIE_SERVER_DOMAIN}"
+ },
+ {
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "${KIE_SERVER_PERSISTENCE_DIALECT}"
+ },
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB,${APPLICATION_NAME}-mysql=QUARTZ"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "QUARTZ_JNDI",
+ "value": "${DB_JNDI}NotManaged"
+ },
+ {
+ "name": "QUARTZ_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "QUARTZ_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "QUARTZ_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "QUARTZ_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "QUARTZ_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "QUARTZ_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "QUARTZ_JTA",
+ "value": "false"
+ },
+ {
+ "name": "QUARTZ_NONXA",
+ "value": "true"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/processserver-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "processserver-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/mysql/data",
+ "name": "${APPLICATION_NAME}-mysql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-mysql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-mysql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver64-mysql-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver64-mysql-s2i.json
new file mode 100644
index 000000000..9078f20b8
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver64-mysql-s2i.json
@@ -0,0 +1,783 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for Red Hat JBoss BPM Suite 6.4 intelligent process server MySQL applications built using S2I.",
+ "iconClass": "icon-jboss",
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.4 intelligent process server + MySQL (Ephemeral with https)"
+ },
+ "name": "processserver64-mysql-s2i"
+ },
+ "labels": {
+ "template": "processserver64-mysql-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new BPMS application (using MySQL) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "KIE Container Deployment",
+ "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Protocol",
+ "description": "The protocol to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "https",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Port",
+ "description": "The port to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PORT",
+ "value": "8443",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Username",
+ "description": "The user name to access the KIE Server REST or JMS interface.",
+ "name": "KIE_SERVER_USER",
+ "value": "kieserver",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Password",
+ "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
+ "name": "KIE_SERVER_PASSWORD",
+ "from": "[a-zA-Z]{6}[0-9]{1}!",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Domain",
+ "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "other",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Persistence Dialect",
+ "description": "Hibernate persistence dialect.",
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "org.hibernate.dialect.MySQL5Dialect",
+ "required": false
+ },
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "kie-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "processserver/library",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/ExampleDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "processserver-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Password",
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-processserver64-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "processserver-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "processserver-keystore-volume",
+ "mountPath": "/etc/processserver-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "${KIE_SERVER_PROTOCOL}"
+ },
+ {
+ "name": "KIE_SERVER_PORT",
+ "value": "${KIE_SERVER_PORT}"
+ },
+ {
+ "name": "KIE_SERVER_USER",
+ "value": "${KIE_SERVER_USER}"
+ },
+ {
+ "name": "KIE_SERVER_PASSWORD",
+ "value": "${KIE_SERVER_PASSWORD}"
+ },
+ {
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "${KIE_SERVER_DOMAIN}"
+ },
+ {
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "${KIE_SERVER_PERSISTENCE_DIALECT}"
+ },
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/processserver-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "processserver-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver64-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver64-postgresql-persistent-s2i.json
new file mode 100644
index 000000000..75b6d310e
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver64-postgresql-persistent-s2i.json
@@ -0,0 +1,830 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for Red Hat JBoss BPM Suite 6.4 intelligent process server PostgreSQL applications with persistent storage built using S2I.",
+ "iconClass": "icon-jboss",
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.4 intelligent process server + PostgreSQL (Persistent with https)"
+ },
+ "name": "processserver64-postgresql-persistent-s2i"
+ },
+ "labels": {
+ "template": "processserver64-postgresql-persistent-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new persistent BPMS application (using PostgreSQL) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "KIE Container Deployment",
+ "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Protocol",
+ "description": "The protocol to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "https",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Port",
+ "description": "The port to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PORT",
+ "value": "8443",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Username",
+ "description": "The user name to access the KIE Server REST or JMS interface.",
+ "name": "KIE_SERVER_USER",
+ "value": "kieserver",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Password",
+ "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
+ "name": "KIE_SERVER_PASSWORD",
+ "from": "[a-zA-Z]{6}[0-9]{1}!",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Domain",
+ "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "other",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Persistence Dialect",
+ "description": "Hibernate persistence dialect.",
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "org.hibernate.dialect.PostgreSQL82Dialect",
+ "required": false
+ },
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "kie-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "processserver/library",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/ExampleDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "processserver-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Password",
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-processserver64-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "processserver-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "processserver-keystore-volume",
+ "mountPath": "/etc/processserver-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "${KIE_SERVER_PROTOCOL}"
+ },
+ {
+ "name": "KIE_SERVER_PORT",
+ "value": "${KIE_SERVER_PORT}"
+ },
+ {
+ "name": "KIE_SERVER_USER",
+ "value": "${KIE_SERVER_USER}"
+ },
+ {
+ "name": "KIE_SERVER_PASSWORD",
+ "value": "${KIE_SERVER_PASSWORD}"
+ },
+ {
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "${KIE_SERVER_DOMAIN}"
+ },
+ {
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "${KIE_SERVER_PERSISTENCE_DIALECT}"
+ },
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB,${APPLICATION_NAME}-postgresql=QUARTZ"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "QUARTZ_JNDI",
+ "value": "${DB_JNDI}NotManaged"
+ },
+ {
+ "name": "QUARTZ_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "QUARTZ_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "QUARTZ_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "QUARTZ_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "QUARTZ_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "QUARTZ_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "QUARTZ_JTA",
+ "value": "false"
+ },
+ {
+ "name": "QUARTZ_NONXA",
+ "value": "true"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/processserver-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "processserver-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/pgsql/data",
+ "name": "${APPLICATION_NAME}-postgresql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-postgresql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver64-postgresql-s2i.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver64-postgresql-s2i.json
new file mode 100644
index 000000000..51923c0ad
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/processserver64-postgresql-s2i.json
@@ -0,0 +1,753 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for Red Hat JBoss BPM Suite 6.4 intelligent process server PostgreSQL applications built using S2I.",
+ "iconClass": "icon-jboss",
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.4 intelligent process server + PostgreSQL (Ephemeral with https)"
+ },
+ "name": "processserver64-postgresql-s2i"
+ },
+ "labels": {
+ "template": "processserver64-postgresql-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new BPMS application (using PostgreSQL) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "KIE Container Deployment",
+ "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Protocol",
+ "description": "The protocol to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "https",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Port",
+ "description": "The port to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PORT",
+ "value": "8443",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Username",
+ "description": "The user name to access the KIE Server REST or JMS interface.",
+ "name": "KIE_SERVER_USER",
+ "value": "kieserver",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Password",
+ "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
+ "name": "KIE_SERVER_PASSWORD",
+ "from": "[a-zA-Z]{6}[0-9]{1}!",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Domain",
+ "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "other",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Persistence Dialect",
+ "description": "Hibernate persistence dialect.",
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "org.hibernate.dialect.PostgreSQL82Dialect",
+ "required": false
+ },
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "kie-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "processserver/library",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/ExampleDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "processserver-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Password",
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-processserver64-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "processserver-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "processserver-keystore-volume",
+ "mountPath": "/etc/processserver-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "${KIE_SERVER_PROTOCOL}"
+ },
+ {
+ "name": "KIE_SERVER_PORT",
+ "value": "${KIE_SERVER_PORT}"
+ },
+ {
+ "name": "KIE_SERVER_USER",
+ "value": "${KIE_SERVER_USER}"
+ },
+ {
+ "name": "KIE_SERVER_PASSWORD",
+ "value": "${KIE_SERVER_PASSWORD}"
+ },
+ {
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "${KIE_SERVER_DOMAIN}"
+ },
+ {
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "${KIE_SERVER_PERSISTENCE_DIALECT}"
+ },
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/processserver-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "processserver-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso70-https.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso70-https.json
index fb0578a67..5e956f449 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso70-https.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso70-https.json
@@ -5,110 +5,129 @@
"annotations": {
"description": "Application template for SSO 7.0",
"iconClass" : "icon-jboss",
- "tags" : "sso,keycloak,java,jboss,xpaas",
- "version" : "1.3.2"
+ "tags" : "sso,keycloak,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.0"
},
"name": "sso70-https"
},
"labels": {
"template": "sso70-https",
- "xpaas" : "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new SSO service has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "sso",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "sso-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "sso-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate (e.g. jboss)",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate (e.g. mykeystorepass)",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
- "required": false
+ "required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "sso-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate (e.g. secret-key)",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate (e.g. password)",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -116,54 +135,65 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "SSO Admin Username",
"description": "SSO Server admin username",
"name": "SSO_ADMIN_USERNAME",
- "value": "admin",
- "required": false
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
},
{
+ "displayName": "SSO Admin Password",
"description": "SSO Server admin password",
"name": "SSO_ADMIN_PASSWORD",
- "value": "admin",
- "required": false
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
},
{
+ "displayName": "SSO Realm",
"description": "Realm to be created in the SSO server (e.g. demo).",
"name": "SSO_REALM",
"value": "",
"required": false
},
{
+ "displayName": "SSO Service Username",
"description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
"name": "SSO_SERVICE_USERNAME",
"value": "",
"required": false
},
{
+ "displayName": "SSO Service Password",
"description": "The password for the SSO service user.",
"name": "SSO_SERVICE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store",
"description": "The name of the truststore file within the secret (e.g. truststore.jks)",
"name": "SSO_TRUSTSTORE",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Password",
"description": "The password for the truststore and certificate (e.g. mykeystorepass)",
"name": "SSO_TRUSTSTORE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Secret",
"description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
"name": "SSO_TRUSTSTORE_SECRET",
"value": "sso-app-secret",
@@ -283,10 +313,10 @@
"containerNames": [
"${APPLICATION_NAME}"
],
- "from": {
+ "from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "redhat-sso70-openshift:1.3"
+ "name": "redhat-sso70-openshift:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso70-mysql-persistent.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso70-mysql-persistent.json
index dcbb24bf1..0fb2703c7 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso70-mysql-persistent.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso70-mysql-persistent.json
@@ -5,123 +5,145 @@
"annotations": {
"description": "Application template for SSO 7.0 MySQL applications with persistent storage",
"iconClass" : "icon-jboss",
- "tags" : "sso,keycloak,mysql,java,database,jboss,xpaas",
- "version" : "1.3.2"
+ "tags" : "sso,keycloak,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.0 + MySQL (Persistent)"
},
"name": "sso70-mysql-persistent"
},
"labels": {
"template": "sso70-mysql-persistent",
- "xpaas" : "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent SSO service (using MySQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "sso",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/KeycloakDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "sso-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "sso-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate (e.g. jboss)",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate (e.g. mykeystorepass)",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
- "required": false
+ "required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -129,6 +151,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -136,36 +159,42 @@
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "sso-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate (e.g. secret-key)",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate (e.g. password)",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -173,58 +202,76 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "SSO Admin Username",
"description": "SSO Server admin username",
"name": "SSO_ADMIN_USERNAME",
- "value": "admin",
- "required": false
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
},
{
+ "displayName": "SSO Admin Password",
"description": "SSO Server admin password",
"name": "SSO_ADMIN_PASSWORD",
- "value": "admin",
- "required": false
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
},
{
+ "displayName": "SSO Realm",
"description": "Realm to be created in the SSO server (e.g. demo).",
"name": "SSO_REALM",
"value": "",
"required": false
},
{
+ "displayName": "SSO Service Username",
"description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
"name": "SSO_SERVICE_USERNAME",
"value": "",
"required": false
},
{
+ "displayName": "SSO Service Password",
"description": "The password for the SSO service user.",
"name": "SSO_SERVICE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store",
"description": "The name of the truststore file within the secret (e.g. truststore.jks)",
"name": "SSO_TRUSTSTORE",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Password",
"description": "The password for the truststore and certificate (e.g. mykeystorepass)",
"name": "SSO_TRUSTSTORE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Secret",
"description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
"name": "SSO_TRUSTSTORE_SECRET",
"value": "sso-app-secret",
"required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -248,7 +295,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -272,7 +320,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -364,10 +413,10 @@
"containerNames": [
"${APPLICATION_NAME}"
],
- "from": {
+ "from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "redhat-sso70-openshift:1.3"
+ "name": "redhat-sso70-openshift:1.4"
}
}
},
@@ -639,7 +688,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso70-mysql.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso70-mysql.json
index 1768f7a1b..9beae806b 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso70-mysql.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso70-mysql.json
@@ -5,123 +5,145 @@
"annotations": {
"description": "Application template for SSO 7.0 MySQL applications",
"iconClass" : "icon-jboss",
- "tags" : "sso,keycloak,mysql,java,database,jboss,xpaas",
- "version" : "1.3.2"
+ "tags" : "sso,keycloak,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.0 + MySQL (Ephemeral)"
},
"name": "sso70-mysql"
},
"labels": {
"template": "sso70-mysql",
- "xpaas" : "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new SSO service (using MySQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "sso",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/KeycloakDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "sso-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "sso-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate (e.g. jboss)",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate (e.g. mykeystorepass)",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
- "required": false
+ "required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -129,6 +151,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -136,30 +159,35 @@
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "sso-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate (e.g. secret-key)",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate (e.g. password)",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -167,58 +195,76 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "SSO Admin Username",
"description": "SSO Server admin username",
"name": "SSO_ADMIN_USERNAME",
- "value": "admin",
- "required": false
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
},
{
+ "displayName": "SSO Admin Password",
"description": "SSO Server admin password",
"name": "SSO_ADMIN_PASSWORD",
- "value": "admin",
- "required": false
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
},
{
+ "displayName": "SSO Realm",
"description": "Realm to be created in the SSO server (e.g. demo).",
"name": "SSO_REALM",
"value": "",
"required": false
},
{
+ "displayName": "SSO Service Username",
"description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
"name": "SSO_SERVICE_USERNAME",
"value": "",
"required": false
},
{
+ "displayName": "SSO Service Password",
"description": "The password for the SSO service user.",
"name": "SSO_SERVICE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store",
"description": "The name of the truststore file within the secret (e.g. truststore.jks)",
"name": "SSO_TRUSTSTORE",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Password",
"description": "The password for the truststore and certificate (e.g. mykeystorepass)",
"name": "SSO_TRUSTSTORE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Secret",
"description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
"name": "SSO_TRUSTSTORE_SECRET",
"value": "sso-app-secret",
"required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -240,10 +286,11 @@
"name": "${APPLICATION_NAME}",
"labels": {
"application": "${APPLICATION_NAME}",
- "component": "server"
+ "component": "server"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -268,7 +315,8 @@
"component": "server"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -349,7 +397,7 @@
"name": "${APPLICATION_NAME}",
"labels": {
"application": "${APPLICATION_NAME}",
- "component": "server"
+ "component": "server"
}
},
"spec": {
@@ -364,10 +412,10 @@
"containerNames": [
"${APPLICATION_NAME}"
],
- "from": {
+ "from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "redhat-sso70-openshift:1.3"
+ "name": "redhat-sso70-openshift:1.4"
}
}
},
@@ -641,7 +689,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso70-postgresql-persistent.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso70-postgresql-persistent.json
index 4c2f81f2e..e22399351 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso70-postgresql-persistent.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso70-postgresql-persistent.json
@@ -5,108 +5,127 @@
"annotations": {
"description": "Application template for SSO 7.0 PostgreSQL applications with persistent storage",
"iconClass" : "icon-jboss",
- "tags" : "sso,keycloak,postrgresql,java,database,jboss,xpaas",
- "version" : "1.3.2"
+ "tags" : "sso,keycloak,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.0 + PostgreSQL (Persistent)"
},
"name": "sso70-postgresql-persistent"
},
"labels": {
"template": "sso70-postgresql-persistent",
- "xpaas" : "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent SSO service (using PostgreSQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "sso",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/KeycloakDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "sso-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "sso-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate (e.g. jboss)",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate (e.g. mykeystorepass)",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
- "required": false
+ "required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -114,6 +133,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -121,36 +141,42 @@
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "sso-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate (e.g. secret-key)",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate (e.g. password)",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -158,58 +184,76 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "SSO Admin Username",
"description": "SSO Server admin username",
"name": "SSO_ADMIN_USERNAME",
- "value": "admin",
- "required": false
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
},
{
+ "displayName": "SSO Admin Password",
"description": "SSO Server admin password",
"name": "SSO_ADMIN_PASSWORD",
- "value": "admin",
- "required": false
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
},
{
+ "displayName": "SSO Realm",
"description": "Realm to be created in the SSO server (e.g. demo).",
"name": "SSO_REALM",
"value": "",
"required": false
},
{
+ "displayName": "SSO Service Username",
"description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
"name": "SSO_SERVICE_USERNAME",
"value": "",
"required": false
},
{
+ "displayName": "SSO Service Password",
"description": "The password for the SSO service user.",
"name": "SSO_SERVICE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store",
"description": "The name of the truststore file within the secret (e.g. truststore.jks)",
"name": "SSO_TRUSTSTORE",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Password",
"description": "The password for the truststore and certificate (e.g. mykeystorepass)",
"name": "SSO_TRUSTSTORE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Secret",
"description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
"name": "SSO_TRUSTSTORE_SECRET",
"value": "sso-app-secret",
"required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -233,7 +277,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -257,7 +302,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -349,10 +395,10 @@
"containerNames": [
"${APPLICATION_NAME}"
],
- "from": {
+ "from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "redhat-sso70-openshift:1.3"
+ "name": "redhat-sso70-openshift:1.4"
}
}
},
@@ -624,7 +670,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso70-postgresql.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso70-postgresql.json
index d8402ef72..aa8ebaa8e 100644
--- a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso70-postgresql.json
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso70-postgresql.json
@@ -5,108 +5,127 @@
"annotations": {
"description": "Application template for SSO 7.0 PostgreSQL applications",
"iconClass" : "icon-jboss",
- "tags" : "sso,keycloak,postrgresql,java,database,jboss,xpaas",
- "version" : "1.3.2"
+ "tags" : "sso,keycloak,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.0 + PostgreSQL (Ephemeral)"
},
"name": "sso70-postgresql"
},
"labels": {
"template": "sso70-postgresql",
- "xpaas" : "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new SSO service (using PostgreSQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "sso",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/KeycloakDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "sso-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "sso-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate (e.g. jboss)",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate (e.g. mykeystorepass)",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
- "required": false
+ "required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -114,6 +133,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -121,30 +141,35 @@
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "sso-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate (e.g. secret-key)",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate (e.g. password)",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -152,58 +177,76 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "SSO Admin Username",
"description": "SSO Server admin username",
"name": "SSO_ADMIN_USERNAME",
- "value": "admin",
- "required": false
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
},
{
+ "displayName": "SSO Admin Password",
"description": "SSO Server admin password",
"name": "SSO_ADMIN_PASSWORD",
- "value": "admin",
- "required": false
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
},
{
+ "displayName": "SSO Realm",
"description": "Realm to be created in the SSO server (e.g. demo).",
"name": "SSO_REALM",
"value": "",
"required": false
},
{
+ "displayName": "SSO Service Username",
"description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
"name": "SSO_SERVICE_USERNAME",
"value": "",
"required": false
},
{
+ "displayName": "SSO Service Password",
"description": "The password for the SSO service user.",
"name": "SSO_SERVICE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store",
"description": "The name of the truststore file within the secret (e.g. truststore.jks)",
"name": "SSO_TRUSTSTORE",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Password",
"description": "The password for the truststore and certificate (e.g. mykeystorepass)",
"name": "SSO_TRUSTSTORE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Secret",
"description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
"name": "SSO_TRUSTSTORE_SECRET",
"value": "sso-app-secret",
"required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -228,7 +271,8 @@
"component": "server"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -253,7 +297,8 @@
"component": "server"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -349,10 +394,10 @@
"containerNames": [
"${APPLICATION_NAME}"
],
- "from": {
+ "from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "redhat-sso70-openshift:1.3"
+ "name": "redhat-sso70-openshift:1.4"
}
}
},
@@ -626,7 +671,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso71-https.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso71-https.json
new file mode 100644
index 000000000..bee86d7c4
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso71-https.json
@@ -0,0 +1,544 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for SSO 7.1",
+ "iconClass" : "icon-jboss",
+ "tags" : "sso,keycloak,jboss,xpaas",
+ "version": "1.0.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.1"
+ },
+ "name": "sso71-https"
+ },
+ "labels": {
+ "template": "sso71-https",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new SSO service has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "sso",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "sso-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate (e.g. jboss)",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. mykeystorepass)",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate (e.g. secret-key)",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. password)",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Username",
+ "description": "SSO Server admin username",
+ "name": "SSO_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Password",
+ "description": "SSO Server admin password",
+ "name": "SSO_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Realm",
+ "description": "Realm to be created in the SSO server (e.g. demo).",
+ "name": "SSO_REALM",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Username",
+ "description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Password",
+ "description": "The password for the SSO service user.",
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store",
+ "description": "The name of the truststore file within the secret (e.g. truststore.jks)",
+ "name": "SSO_TRUSTSTORE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Password",
+ "description": "The password for the truststore and certificate (e.g. mykeystorepass)",
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Secret",
+ "description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
+ "name": "SSO_TRUSTSTORE_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "redhat-sso71-openshift:1.1"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "sso-truststore-volume",
+ "mountPath": "/etc/sso-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "lifecycle": {
+ "preStop": {
+ "exec": {
+ "command": [
+ "/opt/eap/bin/jboss-cli.sh",
+ "-c",
+ ":shutdown(timeout=60)"
+ ]
+ }
+ }
+ },
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "SSO_ADMIN_USERNAME",
+ "value": "${SSO_ADMIN_USERNAME}"
+ },
+ {
+ "name": "SSO_ADMIN_PASSWORD",
+ "value": "${SSO_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "SSO_REALM",
+ "value": "${SSO_REALM}"
+ },
+ {
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "${SSO_SERVICE_USERNAME}"
+ },
+ {
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "${SSO_SERVICE_PASSWORD}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE",
+ "value": "${SSO_TRUSTSTORE}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_DIR",
+ "value": "/etc/sso-secret-volume"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "${SSO_TRUSTSTORE_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ },
+ {
+ "name": "sso-truststore-volume",
+ "secret": {
+ "secretName": "${SSO_TRUSTSTORE_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso71-mysql-persistent.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso71-mysql-persistent.json
new file mode 100644
index 000000000..49b37f348
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso71-mysql-persistent.json
@@ -0,0 +1,799 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for SSO 7.1 MySQL applications with persistent storage",
+ "iconClass" : "icon-jboss",
+ "tags" : "sso,keycloak,jboss,xpaas",
+ "version": "1.0.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.1 + MySQL (Persistent)"
+ },
+ "name": "sso71-mysql-persistent"
+ },
+ "labels": {
+ "template": "sso71-mysql-persistent",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new persistent SSO service (using MySQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "sso",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/KeycloakDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "sso-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate (e.g. jboss)",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. mykeystorepass)",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate (e.g. secret-key)",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. password)",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Username",
+ "description": "SSO Server admin username",
+ "name": "SSO_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Password",
+ "description": "SSO Server admin password",
+ "name": "SSO_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Realm",
+ "description": "Realm to be created in the SSO server (e.g. demo).",
+ "name": "SSO_REALM",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Username",
+ "description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Password",
+ "description": "The password for the SSO service user.",
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store",
+ "description": "The name of the truststore file within the secret (e.g. truststore.jks)",
+ "name": "SSO_TRUSTSTORE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Password",
+ "description": "The password for the truststore and certificate (e.g. mykeystorepass)",
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Secret",
+ "description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
+ "name": "SSO_TRUSTSTORE_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "redhat-sso71-openshift:1.1"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "sso-truststore-volume",
+ "mountPath": "/etc/sso-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "lifecycle": {
+ "preStop": {
+ "exec": {
+ "command": [
+ "/opt/eap/bin/jboss-cli.sh",
+ "-c",
+ ":shutdown(timeout=60)"
+ ]
+ }
+ }
+ },
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "SSO_ADMIN_USERNAME",
+ "value": "${SSO_ADMIN_USERNAME}"
+ },
+ {
+ "name": "SSO_ADMIN_PASSWORD",
+ "value": "${SSO_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "SSO_REALM",
+ "value": "${SSO_REALM}"
+ },
+ {
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "${SSO_SERVICE_USERNAME}"
+ },
+ {
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "${SSO_SERVICE_PASSWORD}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE",
+ "value": "${SSO_TRUSTSTORE}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_DIR",
+ "value": "/etc/sso-secret-volume"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "${SSO_TRUSTSTORE_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ },
+ {
+ "name": "sso-truststore-volume",
+ "secret": {
+ "secretName": "${SSO_TRUSTSTORE_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/mysql/data",
+ "name": "${APPLICATION_NAME}-mysql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-mysql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-mysql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso71-mysql.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso71-mysql.json
new file mode 100644
index 000000000..634a75bab
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso71-mysql.json
@@ -0,0 +1,767 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for SSO 7.1 MySQL applications",
+ "iconClass" : "icon-jboss",
+ "tags" : "sso,keycloak,jboss,xpaas",
+ "version": "1.0.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.1 + MySQL (Ephemeral)"
+ },
+ "name": "sso71-mysql"
+ },
+ "labels": {
+ "template": "sso71-mysql",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new SSO service (using MySQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "sso",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/KeycloakDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "sso-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate (e.g. jboss)",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. mykeystorepass)",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate (e.g. secret-key)",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. password)",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Username",
+ "description": "SSO Server admin username",
+ "name": "SSO_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Password",
+ "description": "SSO Server admin password",
+ "name": "SSO_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Realm",
+ "description": "Realm to be created in the SSO server (e.g. demo).",
+ "name": "SSO_REALM",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Username",
+ "description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Password",
+ "description": "The password for the SSO service user.",
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store",
+ "description": "The name of the truststore file within the secret (e.g. truststore.jks)",
+ "name": "SSO_TRUSTSTORE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Password",
+ "description": "The password for the truststore and certificate (e.g. mykeystorepass)",
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Secret",
+ "description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
+ "name": "SSO_TRUSTSTORE_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "database"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "redhat-sso71-openshift:1.1"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "sso-truststore-volume",
+ "mountPath": "/etc/sso-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "lifecycle": {
+ "preStop": {
+ "exec": {
+ "command": [
+ "/opt/eap/bin/jboss-cli.sh",
+ "-c",
+ ":shutdown(timeout=60)"
+ ]
+ }
+ }
+ },
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "SSO_ADMIN_USERNAME",
+ "value": "${SSO_ADMIN_USERNAME}"
+ },
+ {
+ "name": "SSO_ADMIN_PASSWORD",
+ "value": "${SSO_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "SSO_REALM",
+ "value": "${SSO_REALM}"
+ },
+ {
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "${SSO_SERVICE_USERNAME}"
+ },
+ {
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "${SSO_SERVICE_PASSWORD}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE",
+ "value": "${SSO_TRUSTSTORE}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_DIR",
+ "value": "/etc/sso-secret-volume"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "${SSO_TRUSTSTORE_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ },
+ {
+ "name": "sso-truststore-volume",
+ "secret": {
+ "secretName": "${SSO_TRUSTSTORE_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "database"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}",
+ "component": "database"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso71-postgresql-persistent.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso71-postgresql-persistent.json
new file mode 100644
index 000000000..c53bb9d5b
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso71-postgresql-persistent.json
@@ -0,0 +1,773 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for SSO 7.1 PostgreSQL applications with persistent storage",
+ "iconClass" : "icon-jboss",
+ "tags" : "sso,keycloak,jboss,xpaas",
+ "version": "1.0.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.1 + PostgreSQL (Persistent)"
+ },
+ "name": "sso71-postgresql-persistent"
+ },
+ "labels": {
+ "template": "sso71-postgresql-persistent",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new persistent SSO service (using PostgreSQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "sso",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/KeycloakDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "sso-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate (e.g. jboss)",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. mykeystorepass)",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate (e.g. secret-key)",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. password)",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Username",
+ "description": "SSO Server admin username",
+ "name": "SSO_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Password",
+ "description": "SSO Server admin password",
+ "name": "SSO_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Realm",
+ "description": "Realm to be created in the SSO server (e.g. demo).",
+ "name": "SSO_REALM",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Username",
+ "description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Password",
+ "description": "The password for the SSO service user.",
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store",
+ "description": "The name of the truststore file within the secret (e.g. truststore.jks)",
+ "name": "SSO_TRUSTSTORE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Password",
+ "description": "The password for the truststore and certificate (e.g. mykeystorepass)",
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Secret",
+ "description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
+ "name": "SSO_TRUSTSTORE_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "redhat-sso71-openshift:1.1"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "sso-truststore-volume",
+ "mountPath": "/etc/sso-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "lifecycle": {
+ "preStop": {
+ "exec": {
+ "command": [
+ "/opt/eap/bin/jboss-cli.sh",
+ "-c",
+ ":shutdown(timeout=60)"
+ ]
+ }
+ }
+ },
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "SSO_ADMIN_USERNAME",
+ "value": "${SSO_ADMIN_USERNAME}"
+ },
+ {
+ "name": "SSO_ADMIN_PASSWORD",
+ "value": "${SSO_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "SSO_REALM",
+ "value": "${SSO_REALM}"
+ },
+ {
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "${SSO_SERVICE_USERNAME}"
+ },
+ {
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "${SSO_SERVICE_PASSWORD}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE",
+ "value": "${SSO_TRUSTSTORE}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_DIR",
+ "value": "/etc/sso-secret-volume"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "${SSO_TRUSTSTORE_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ },
+ {
+ "name": "sso-truststore-volume",
+ "secret": {
+ "secretName": "${SSO_TRUSTSTORE_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/pgsql/data",
+ "name": "${APPLICATION_NAME}-postgresql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-postgresql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso71-postgresql.json b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso71-postgresql.json
new file mode 100644
index 000000000..c1fc41eda
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.4/xpaas-templates/sso71-postgresql.json
@@ -0,0 +1,741 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for SSO 7.1 PostgreSQL applications",
+ "iconClass" : "icon-jboss",
+ "tags" : "sso,keycloak,jboss,xpaas",
+ "version": "1.0.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.1 + PostgreSQL (Ephemeral)"
+ },
+ "name": "sso71-postgresql"
+ },
+ "labels": {
+ "template": "sso71-postgresql",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new SSO service (using PostgreSQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "sso",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/KeycloakDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "sso-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate (e.g. jboss)",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. mykeystorepass)",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate (e.g. secret-key)",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. password)",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Username",
+ "description": "SSO Server admin username",
+ "name": "SSO_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Password",
+ "description": "SSO Server admin password",
+ "name": "SSO_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Realm",
+ "description": "Realm to be created in the SSO server (e.g. demo).",
+ "name": "SSO_REALM",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Username",
+ "description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Password",
+ "description": "The password for the SSO service user.",
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store",
+ "description": "The name of the truststore file within the secret (e.g. truststore.jks)",
+ "name": "SSO_TRUSTSTORE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Password",
+ "description": "The password for the truststore and certificate (e.g. mykeystorepass)",
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Secret",
+ "description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
+ "name": "SSO_TRUSTSTORE_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "database"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "redhat-sso71-openshift:1.1"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "sso-truststore-volume",
+ "mountPath": "/etc/sso-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "lifecycle": {
+ "preStop": {
+ "exec": {
+ "command": [
+ "/opt/eap/bin/jboss-cli.sh",
+ "-c",
+ ":shutdown(timeout=60)"
+ ]
+ }
+ }
+ },
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "SSO_ADMIN_USERNAME",
+ "value": "${SSO_ADMIN_USERNAME}"
+ },
+ {
+ "name": "SSO_ADMIN_PASSWORD",
+ "value": "${SSO_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "SSO_REALM",
+ "value": "${SSO_REALM}"
+ },
+ {
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "${SSO_SERVICE_USERNAME}"
+ },
+ {
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "${SSO_SERVICE_PASSWORD}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE",
+ "value": "${SSO_TRUSTSTORE}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_DIR",
+ "value": "/etc/sso-secret-volume"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "${SSO_TRUSTSTORE_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ },
+ {
+ "name": "sso-truststore-volume",
+ "secret": {
+ "secretName": "${SSO_TRUSTSTORE_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "database"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}",
+ "component": "database"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.5/cfme-templates/cfme-pv-app-example.yaml b/roles/openshift_examples/files/examples/v1.5/cfme-templates/cfme-pv-app-example.yaml
deleted file mode 100644
index 14bdd1dca..000000000
--- a/roles/openshift_examples/files/examples/v1.5/cfme-templates/cfme-pv-app-example.yaml
+++ /dev/null
@@ -1,13 +0,0 @@
-apiVersion: v1
-kind: PersistentVolume
-metadata:
- name: cloudforms
-spec:
- capacity:
- storage: 2Gi
- accessModes:
- - ReadWriteOnce
- nfs:
- path: /opt/nfs/volumes-app
- server: 10.19.0.216
- persistentVolumeReclaimPolicy: Recycle
diff --git a/roles/openshift_examples/files/examples/v1.5/cfme-templates/cfme-pv-db-example.yaml b/roles/openshift_examples/files/examples/v1.5/cfme-templates/cfme-pv-db-example.yaml
new file mode 100644
index 000000000..250a99b8d
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.5/cfme-templates/cfme-pv-db-example.yaml
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+ name: cfme-pv01
+spec:
+ capacity:
+ storage: 15Gi
+ accessModes:
+ - ReadWriteOnce
+ nfs:
+ path: /exports/cfme-pv01
+ server: <your-nfs-host-here>
+ persistentVolumeReclaimPolicy: Retain
diff --git a/roles/openshift_examples/files/examples/v1.5/cfme-templates/cfme-pv-example.yaml b/roles/openshift_examples/files/examples/v1.5/cfme-templates/cfme-pv-example.yaml
deleted file mode 100644
index 709d8d976..000000000
--- a/roles/openshift_examples/files/examples/v1.5/cfme-templates/cfme-pv-example.yaml
+++ /dev/null
@@ -1,13 +0,0 @@
-apiVersion: v1
-kind: PersistentVolume
-metadata:
- name: nfs-pv01
-spec:
- capacity:
- storage: 2Gi
- accessModes:
- - ReadWriteOnce
- nfs:
- path: /opt/nfs/volumes
- server: 10.19.0.216
- persistentVolumeReclaimPolicy: Recycle
diff --git a/roles/openshift_examples/files/examples/v1.5/cfme-templates/cfme-pv-region-example.yaml b/roles/openshift_examples/files/examples/v1.5/cfme-templates/cfme-pv-region-example.yaml
new file mode 100644
index 000000000..cba9bbe35
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.5/cfme-templates/cfme-pv-region-example.yaml
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+ name: cfme-pv02
+spec:
+ capacity:
+ storage: 5Gi
+ accessModes:
+ - ReadWriteOnce
+ nfs:
+ path: /exports/cfme-pv02
+ server: <your-nfs-host-here>
+ persistentVolumeReclaimPolicy: Retain
diff --git a/roles/openshift_examples/files/examples/v1.5/cfme-templates/cfme-pv-server-example.yaml b/roles/openshift_examples/files/examples/v1.5/cfme-templates/cfme-pv-server-example.yaml
new file mode 100644
index 000000000..c08c21265
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.5/cfme-templates/cfme-pv-server-example.yaml
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+ name: cfme-pv03
+spec:
+ capacity:
+ storage: 5Gi
+ accessModes:
+ - ReadWriteOnce
+ nfs:
+ path: /exports/cfme-pv03
+ server: <your-nfs-host-here>
+ persistentVolumeReclaimPolicy: Retain
diff --git a/roles/openshift_examples/files/examples/v1.5/cfme-templates/cfme-template.yaml b/roles/openshift_examples/files/examples/v1.5/cfme-templates/cfme-template.yaml
index 4f25a9c8f..3bc6c5813 100644
--- a/roles/openshift_examples/files/examples/v1.5/cfme-templates/cfme-template.yaml
+++ b/roles/openshift_examples/files/examples/v1.5/cfme-templates/cfme-template.yaml
@@ -17,6 +17,7 @@ objects:
service.alpha.openshift.io/dependencies: '[{"name":"${DATABASE_SERVICE_NAME}","namespace":"","kind":"Service"},{"name":"${MEMCACHED_SERVICE_NAME}","namespace":"","kind":"Service"}]'
name: ${NAME}
spec:
+ clusterIP: None
ports:
- name: http
port: 80
@@ -48,11 +49,27 @@ objects:
annotations:
description: "Keeps track of changes in the CloudForms app image"
spec:
- dockerImageRepository: registry.access.redhat.com/cloudforms/cfme-openshift-app
+ dockerImageRepository: "${APPLICATION_IMG_NAME}"
+- apiVersion: v1
+ kind: ImageStream
+ metadata:
+ name: cfme-openshift-postgresql
+ annotations:
+ description: "Keeps track of changes in the CloudForms postgresql image"
+ spec:
+ dockerImageRepository: "${POSTGRESQL_IMG_NAME}"
+- apiVersion: v1
+ kind: ImageStream
+ metadata:
+ name: cfme-openshift-memcached
+ annotations:
+ description: "Keeps track of changes in the CloudForms memcached image"
+ spec:
+ dockerImageRepository: "${MEMCACHED_IMG_NAME}"
- apiVersion: v1
kind: PersistentVolumeClaim
metadata:
- name: ${DATABASE_SERVICE_NAME}
+ name: "${NAME}-${DATABASE_SERVICE_NAME}"
spec:
accessModes:
- ReadWriteOnce
@@ -62,45 +79,41 @@ objects:
- apiVersion: v1
kind: PersistentVolumeClaim
metadata:
- name: ${NAME}
+ name: "${NAME}-region"
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
- storage: ${APPLICATION_VOLUME_CAPACITY}
-- apiVersion: v1
- kind: "DeploymentConfig"
+ storage: ${APPLICATION_REGION_VOLUME_CAPACITY}
+- apiVersion: apps/v1beta1
+ kind: "StatefulSet"
metadata:
name: ${NAME}
annotations:
description: "Defines how to deploy the CloudForms appliance"
spec:
+ serviceName: "${NAME}"
+ replicas: 1
template:
metadata:
labels:
name: ${NAME}
name: ${NAME}
spec:
- volumes:
- -
- name: "cfme-app-volume"
- persistentVolumeClaim:
- claimName: ${NAME}
containers:
- - image: cloudforms/cfme-openshift-app:${APPLICATION_IMG_TAG}
- imagePullPolicy: IfNotPresent
- name: cloudforms
+ - name: cloudforms
+ image: "${APPLICATION_IMG_NAME}:${APPLICATION_IMG_TAG}"
livenessProbe:
- httpGet:
- path: /
- port: 80
+ tcpSocket:
+ port: 443
initialDelaySeconds: 480
timeoutSeconds: 3
readinessProbe:
httpGet:
path: /
- port: 80
+ port: 443
+ scheme: HTTPS
initialDelaySeconds: 200
timeoutSeconds: 3
ports:
@@ -112,8 +125,11 @@ objects:
privileged: true
volumeMounts:
-
- name: "cfme-app-volume"
+ name: "${NAME}-server"
mountPath: "/persistent"
+ -
+ name: "${NAME}-region"
+ mountPath: "/persistent-region"
env:
-
name: "APPLICATION_INIT_DELAY"
@@ -144,29 +160,32 @@ objects:
value: "${POSTGRESQL_SHARED_BUFFERS}"
resources:
requests:
- memory: "${MEMORY_APPLICATION_MIN}"
+ memory: "${APPLICATION_MEM_REQ}"
+ cpu: "${APPLICATION_CPU_REQ}"
+ limits:
+ memory: "${APPLICATION_MEM_LIMIT}"
lifecycle:
preStop:
exec:
command:
- /opt/rh/cfme-container-scripts/sync-pv-data
- replicas: 1
- selector:
- name: ${NAME}
- triggers:
- - type: "ConfigChange"
- - type: "ImageChange"
- imageChangeParams:
- automatic: true
- containerNames:
- - "cloudforms"
- from:
- kind: "ImageStreamTag"
- name: "cfme-openshift-app:${APPLICATION_IMG_TAG}"
- strategy:
- type: "Recreate"
- recreateParams:
- timeoutSeconds: 1200
+ volumes:
+ -
+ name: "${NAME}-region"
+ persistentVolumeClaim:
+ claimName: ${NAME}-region
+ volumeClaimTemplates:
+ - metadata:
+ name: "${NAME}-server"
+ annotations:
+ # Uncomment this if using dynamic volume provisioning.
+ # https://docs.openshift.org/latest/install_config/persistent_storage/dynamically_provisioning_pvs.html
+ # volume.alpha.kubernetes.io/storage-class: anything
+ spec:
+ accessModes: [ ReadWriteOnce ]
+ resources:
+ requests:
+ storage: "${APPLICATION_VOLUME_CAPACITY}"
- apiVersion: v1
kind: "Service"
metadata:
@@ -182,14 +201,6 @@ objects:
selector:
name: "${MEMCACHED_SERVICE_NAME}"
- apiVersion: v1
- kind: ImageStream
- metadata:
- name: cfme-openshift-memcached
- annotations:
- description: "Keeps track of changes in the CloudForms memcached image"
- spec:
- dockerImageRepository: registry.access.redhat.com/cloudforms/cfme-openshift-memcached
-- apiVersion: v1
kind: "DeploymentConfig"
metadata:
name: "${MEMCACHED_SERVICE_NAME}"
@@ -223,7 +234,7 @@ objects:
containers:
-
name: "memcached"
- image: "cloudforms/cfme-openshift-memcached:${MEMCACHED_IMG_TAG}"
+ image: "${MEMCACHED_IMG_NAME}:${MEMCACHED_IMG_TAG}"
ports:
-
containerPort: 11211
@@ -249,8 +260,11 @@ objects:
name: "MEMCACHED_SLAB_PAGE_SIZE"
value: "${MEMCACHED_SLAB_PAGE_SIZE}"
resources:
+ requests:
+ memory: "${MEMCACHED_MEM_REQ}"
+ cpu: "${MEMCACHED_CPU_REQ}"
limits:
- memory: "${MEMORY_MEMCACHED_LIMIT}"
+ memory: "${MEMCACHED_MEM_LIMIT}"
- apiVersion: v1
kind: "Service"
metadata:
@@ -266,14 +280,6 @@ objects:
selector:
name: "${DATABASE_SERVICE_NAME}"
- apiVersion: v1
- kind: ImageStream
- metadata:
- name: cfme-openshift-postgresql
- annotations:
- description: "Keeps track of changes in the CloudForms postgresql image"
- spec:
- dockerImageRepository: registry.access.redhat.com/cloudforms/cfme-openshift-postgresql
-- apiVersion: v1
kind: "DeploymentConfig"
metadata:
name: "${DATABASE_SERVICE_NAME}"
@@ -307,11 +313,11 @@ objects:
-
name: "cfme-pgdb-volume"
persistentVolumeClaim:
- claimName: ${DATABASE_SERVICE_NAME}
+ claimName: "${NAME}-${DATABASE_SERVICE_NAME}"
containers:
-
name: "postgresql"
- image: "cloudforms/cfme-openshift-postgresql:${POSTGRESQL_IMG_TAG}"
+ image: "${POSTGRESQL_IMG_NAME}:${POSTGRESQL_IMG_TAG}"
ports:
-
containerPort: 5432
@@ -350,8 +356,11 @@ objects:
name: "POSTGRESQL_SHARED_BUFFERS"
value: "${POSTGRESQL_SHARED_BUFFERS}"
resources:
+ requests:
+ memory: "${POSTGRESQL_MEM_REQ}"
+ cpu: "${POSTGRESQL_CPU_REQ}"
limits:
- memory: "${MEMORY_POSTGRESQL_LIMIT}"
+ memory: "${POSTGRESQL_MEM_LIMIT}"
parameters:
-
@@ -420,36 +429,87 @@ parameters:
name: "POSTGRESQL_SHARED_BUFFERS"
displayName: "PostgreSQL Shared Buffer Amount"
description: "Amount of memory dedicated for PostgreSQL shared memory buffers."
- value: "64MB"
+ value: "256MB"
-
- name: "MEMORY_APPLICATION_MIN"
- displayName: "Application Memory Minimum"
+ name: "APPLICATION_CPU_REQ"
+ displayName: "Application Min CPU Requested"
+ required: true
+ description: "Minimum amount of CPU time the Application container will need (expressed in millicores)."
+ value: "1000m"
+ -
+ name: "POSTGRESQL_CPU_REQ"
+ displayName: "PostgreSQL Min CPU Requested"
+ required: true
+ description: "Minimum amount of CPU time the PostgreSQL container will need (expressed in millicores)."
+ value: "500m"
+ -
+ name: "MEMCACHED_CPU_REQ"
+ displayName: "Memcached Min CPU Requested"
+ required: true
+ description: "Minimum amount of CPU time the Memcached container will need (expressed in millicores)."
+ value: "200m"
+ -
+ name: "APPLICATION_MEM_REQ"
+ displayName: "Application Min RAM Requested"
required: true
description: "Minimum amount of memory the Application container will need."
- value: "4096Mi"
+ value: "6144Mi"
+ -
+ name: "POSTGRESQL_MEM_REQ"
+ displayName: "PostgreSQL Min RAM Requested"
+ required: true
+ description: "Minimum amount of memory the PostgreSQL container will need."
+ value: "1024Mi"
-
- name: "MEMORY_POSTGRESQL_LIMIT"
- displayName: "PostgreSQL Memory Limit"
+ name: "MEMCACHED_MEM_REQ"
+ displayName: "Memcached Min RAM Requested"
required: true
- description: "Maximum amount of memory the PostgreSQL container can use."
- value: "2048Mi"
+ description: "Minimum amount of memory the Memcached container will need."
+ value: "64Mi"
-
- name: "MEMORY_MEMCACHED_LIMIT"
- displayName: "Memcached Memory Limit"
+ name: "APPLICATION_MEM_LIMIT"
+ displayName: "Application Max RAM Limit"
required: true
- description: "Maximum amount of memory the Memcached container can use."
+ description: "Maximum amount of memory the Application container can consume."
+ value: "16384Mi"
+ -
+ name: "POSTGRESQL_MEM_LIMIT"
+ displayName: "PostgreSQL Max RAM Limit"
+ required: true
+ description: "Maximum amount of memory the PostgreSQL container can consume."
+ value: "8192Mi"
+ -
+ name: "MEMCACHED_MEM_LIMIT"
+ displayName: "Memcached Max RAM Limit"
+ required: true
+ description: "Maximum amount of memory the Memcached container can consume."
value: "256Mi"
-
+ name: "POSTGRESQL_IMG_NAME"
+ displayName: "PostgreSQL Image Name"
+ description: "This is the PostgreSQL image name requested to deploy."
+ value: "registry.access.redhat.com/cloudforms45/cfme-openshift-postgresql"
+ -
name: "POSTGRESQL_IMG_TAG"
displayName: "PostgreSQL Image Tag"
description: "This is the PostgreSQL image tag/version requested to deploy."
value: "latest"
-
+ name: "MEMCACHED_IMG_NAME"
+ displayName: "Memcached Image Name"
+ description: "This is the Memcached image name requested to deploy."
+ value: "registry.access.redhat.com/cloudforms45/cfme-openshift-memcached"
+ -
name: "MEMCACHED_IMG_TAG"
displayName: "Memcached Image Tag"
description: "This is the Memcached image tag/version requested to deploy."
value: "latest"
-
+ name: "APPLICATION_IMG_NAME"
+ displayName: "Application Image Name"
+ description: "This is the Application image name requested to deploy."
+ value: "registry.access.redhat.com/cloudforms45/cfme-openshift-app"
+ -
name: "APPLICATION_IMG_TAG"
displayName: "Application Image Tag"
description: "This is the Application image tag/version requested to deploy."
@@ -464,16 +524,22 @@ parameters:
displayName: "Application Init Delay"
required: true
description: "Delay in seconds before we attempt to initialize the application."
- value: "30"
+ value: "15"
-
name: "APPLICATION_VOLUME_CAPACITY"
displayName: "Application Volume Capacity"
required: true
description: "Volume space available for application data."
- value: "1Gi"
+ value: "5Gi"
+ -
+ name: "APPLICATION_REGION_VOLUME_CAPACITY"
+ displayName: "Application Region Volume Capacity"
+ required: true
+ description: "Volume space available for region application data."
+ value: "5Gi"
-
name: "DATABASE_VOLUME_CAPACITY"
displayName: "Database Volume Capacity"
required: true
description: "Volume space available for database."
- value: "1Gi"
+ value: "15Gi"
diff --git a/roles/openshift_examples/files/examples/v1.5/db-templates/mariadb-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.5/db-templates/mariadb-ephemeral-template.json
index f347f1f9f..536f7275e 100644
--- a/roles/openshift_examples/files/examples/v1.5/db-templates/mariadb-ephemeral-template.json
+++ b/roles/openshift_examples/files/examples/v1.5/db-templates/mariadb-ephemeral-template.json
@@ -23,7 +23,12 @@
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
- "name": "${DATABASE_SERVICE_NAME}"
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['database-user']}",
+ "template.openshift.io/expose-password": "{.data['database-password']}",
+ "template.openshift.io/expose-root_password": "{.data['database-root-password']}"
+ }
},
"stringData" : {
"database-user" : "${MYSQL_USER}",
@@ -35,7 +40,10 @@
"kind": "Service",
"apiVersion": "v1",
"metadata": {
- "name": "${DATABASE_SERVICE_NAME}"
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "mysql://{.spec.clusterIP}:{.spec.ports[?(.name==\"mariadb\")].port}"
+ }
},
"spec": {
"ports": [
diff --git a/roles/openshift_examples/files/examples/v1.5/db-templates/mariadb-persistent-template.json b/roles/openshift_examples/files/examples/v1.5/db-templates/mariadb-persistent-template.json
index 6ed744777..3b7fdccce 100644
--- a/roles/openshift_examples/files/examples/v1.5/db-templates/mariadb-persistent-template.json
+++ b/roles/openshift_examples/files/examples/v1.5/db-templates/mariadb-persistent-template.json
@@ -23,7 +23,12 @@
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
- "name": "${DATABASE_SERVICE_NAME}"
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['database-user']}",
+ "template.openshift.io/expose-password": "{.data['database-password']}",
+ "template.openshift.io/expose-root_password": "{.data['database-root-password']}"
+ }
},
"stringData" : {
"database-user" : "${MYSQL_USER}",
@@ -35,7 +40,10 @@
"kind": "Service",
"apiVersion": "v1",
"metadata": {
- "name": "${DATABASE_SERVICE_NAME}"
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "mysql://{.spec.clusterIP}:{.spec.ports[?(.name==\"mariadb\")].port}"
+ }
},
"spec": {
"ports": [
diff --git a/roles/openshift_examples/files/examples/v1.5/db-templates/mongodb-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.5/db-templates/mongodb-ephemeral-template.json
index 97a8abf6d..ee274194f 100644
--- a/roles/openshift_examples/files/examples/v1.5/db-templates/mongodb-ephemeral-template.json
+++ b/roles/openshift_examples/files/examples/v1.5/db-templates/mongodb-ephemeral-template.json
@@ -24,7 +24,12 @@
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
- "name": "${DATABASE_SERVICE_NAME}"
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['database-user']}",
+ "template.openshift.io/expose-password": "{.data['database-password']}",
+ "template.openshift.io/expose-admin_password": "{.data['database-admin-password']}"
+ }
},
"stringData" : {
"database-user" : "${MONGODB_USER}",
@@ -37,7 +42,10 @@
"apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
- "creationTimestamp": null
+ "creationTimestamp": null,
+ "annotations": {
+ "template.openshift.io/expose-uri": "mongodb://{.spec.clusterIP}:{.spec.ports[?(.name==\"mongo\")].port}"
+ }
},
"spec": {
"ports": [
diff --git a/roles/openshift_examples/files/examples/v1.5/db-templates/mongodb-persistent-template.json b/roles/openshift_examples/files/examples/v1.5/db-templates/mongodb-persistent-template.json
index 0656219fb..e5ba43669 100644
--- a/roles/openshift_examples/files/examples/v1.5/db-templates/mongodb-persistent-template.json
+++ b/roles/openshift_examples/files/examples/v1.5/db-templates/mongodb-persistent-template.json
@@ -24,7 +24,12 @@
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
- "name": "${DATABASE_SERVICE_NAME}"
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['database-user']}",
+ "template.openshift.io/expose-password": "{.data['database-password']}",
+ "template.openshift.io/expose-admin_password": "{.data['database-admin-password']}"
+ }
},
"stringData" : {
"database-user" : "${MONGODB_USER}",
@@ -37,7 +42,10 @@
"apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
- "creationTimestamp": null
+ "creationTimestamp": null,
+ "annotations": {
+ "template.openshift.io/expose-uri": "mongodb://{.spec.clusterIP}:{.spec.ports[?(.name==\"mongo\")].port}"
+ }
},
"spec": {
"ports": [
diff --git a/roles/openshift_examples/files/examples/v1.5/db-templates/mysql-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.5/db-templates/mysql-ephemeral-template.json
index d60b4647d..969e62ac5 100644
--- a/roles/openshift_examples/files/examples/v1.5/db-templates/mysql-ephemeral-template.json
+++ b/roles/openshift_examples/files/examples/v1.5/db-templates/mysql-ephemeral-template.json
@@ -23,7 +23,12 @@
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
- "name": "${DATABASE_SERVICE_NAME}"
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['database-user']}",
+ "template.openshift.io/expose-password": "{.data['database-password']}",
+ "template.openshift.io/expose-root_password": "{.data['database-root-password']}"
+ }
},
"stringData" : {
"database-user" : "${MYSQL_USER}",
@@ -36,7 +41,10 @@
"apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
- "creationTimestamp": null
+ "creationTimestamp": null,
+ "annotations": {
+ "template.openshift.io/expose-uri": "mysql://{.spec.clusterIP}:{.spec.ports[?(.name==\"mysql\")].port}"
+ }
},
"spec": {
"ports": [
diff --git a/roles/openshift_examples/files/examples/v1.5/db-templates/mysql-persistent-template.json b/roles/openshift_examples/files/examples/v1.5/db-templates/mysql-persistent-template.json
index c2bfa40fd..4f39d41a5 100644
--- a/roles/openshift_examples/files/examples/v1.5/db-templates/mysql-persistent-template.json
+++ b/roles/openshift_examples/files/examples/v1.5/db-templates/mysql-persistent-template.json
@@ -23,7 +23,12 @@
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
- "name": "${DATABASE_SERVICE_NAME}"
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['database-user']}",
+ "template.openshift.io/expose-password": "{.data['database-password']}",
+ "template.openshift.io/expose-root_password": "{.data['database-root-password']}"
+ }
},
"stringData" : {
"database-user" : "${MYSQL_USER}",
@@ -35,7 +40,10 @@
"kind": "Service",
"apiVersion": "v1",
"metadata": {
- "name": "${DATABASE_SERVICE_NAME}"
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "mysql://{.spec.clusterIP}:{.spec.ports[?(.name==\"mysql\")].port}"
+ }
},
"spec": {
"ports": [
diff --git a/roles/openshift_examples/files/examples/v1.5/db-templates/postgresql-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.5/db-templates/postgresql-ephemeral-template.json
index 7a16e742a..c37102cb0 100644
--- a/roles/openshift_examples/files/examples/v1.5/db-templates/postgresql-ephemeral-template.json
+++ b/roles/openshift_examples/files/examples/v1.5/db-templates/postgresql-ephemeral-template.json
@@ -24,7 +24,11 @@
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
- "name": "${DATABASE_SERVICE_NAME}"
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['database-user']}",
+ "template.openshift.io/expose-password": "{.data['database-password']}"
+ }
},
"stringData" : {
"database-user" : "${POSTGRESQL_USER}",
@@ -36,7 +40,10 @@
"apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
- "creationTimestamp": null
+ "creationTimestamp": null,
+ "annotations": {
+ "template.openshift.io/expose-uri": "postgres://{.spec.clusterIP}:{.spec.ports[?(.name==\"postgresql\")].port}"
+ }
},
"spec": {
"ports": [
diff --git a/roles/openshift_examples/files/examples/v1.5/db-templates/postgresql-persistent-template.json b/roles/openshift_examples/files/examples/v1.5/db-templates/postgresql-persistent-template.json
index 242212d6f..32dc93a95 100644
--- a/roles/openshift_examples/files/examples/v1.5/db-templates/postgresql-persistent-template.json
+++ b/roles/openshift_examples/files/examples/v1.5/db-templates/postgresql-persistent-template.json
@@ -24,7 +24,11 @@
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
- "name": "${DATABASE_SERVICE_NAME}"
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['database-user']}",
+ "template.openshift.io/expose-password": "{.data['database-password']}"
+ }
},
"stringData" : {
"database-user" : "${POSTGRESQL_USER}",
@@ -36,7 +40,10 @@
"apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
- "creationTimestamp": null
+ "creationTimestamp": null,
+ "annotations": {
+ "template.openshift.io/expose-uri": "postgres://{.spec.clusterIP}:{.spec.ports[?(.name==\"postgresql\")].port}"
+ }
},
"spec": {
"ports": [
diff --git a/roles/openshift_examples/files/examples/v1.5/db-templates/redis-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.5/db-templates/redis-ephemeral-template.json
index e9af50937..6bb683e52 100644
--- a/roles/openshift_examples/files/examples/v1.5/db-templates/redis-ephemeral-template.json
+++ b/roles/openshift_examples/files/examples/v1.5/db-templates/redis-ephemeral-template.json
@@ -24,7 +24,10 @@
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
- "name": "${DATABASE_SERVICE_NAME}"
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-password": "{.data['database-password']}"
+ }
},
"stringData" : {
"database-password" : "${REDIS_PASSWORD}"
@@ -35,7 +38,10 @@
"apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
- "creationTimestamp": null
+ "creationTimestamp": null,
+ "annotations": {
+ "template.openshift.io/expose-uri": "redis://{.spec.clusterIP}:{.spec.ports[?(.name==\"redis\")].port}"
+ }
},
"spec": {
"ports": [
diff --git a/roles/openshift_examples/files/examples/v1.5/db-templates/redis-persistent-template.json b/roles/openshift_examples/files/examples/v1.5/db-templates/redis-persistent-template.json
index aa27578a9..9e8be2309 100644
--- a/roles/openshift_examples/files/examples/v1.5/db-templates/redis-persistent-template.json
+++ b/roles/openshift_examples/files/examples/v1.5/db-templates/redis-persistent-template.json
@@ -24,7 +24,10 @@
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
- "name": "${DATABASE_SERVICE_NAME}"
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-password": "{.data['database-password']}"
+ }
},
"stringData" : {
"database-password" : "${REDIS_PASSWORD}"
@@ -35,7 +38,10 @@
"apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
- "creationTimestamp": null
+ "creationTimestamp": null,
+ "annotations": {
+ "template.openshift.io/expose-uri": "redis://{.spec.clusterIP}:{.spec.ports[?(.name==\"redis\")].port}"
+ }
},
"spec": {
"ports": [
diff --git a/roles/openshift_examples/files/examples/v1.5/image-streams/image-streams-centos7.json b/roles/openshift_examples/files/examples/v1.5/image-streams/image-streams-centos7.json
index a81dbb654..6cef21945 100644
--- a/roles/openshift_examples/files/examples/v1.5/image-streams/image-streams-centos7.json
+++ b/roles/openshift_examples/files/examples/v1.5/image-streams/image-streams-centos7.json
@@ -7,6 +7,51 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
+ "name": "httpd",
+ "annotations": {
+ "openshift.io/display-name": "Httpd"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": "Httpd (Latest)",
+ "description": "Build and serve static content via Httpd on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/httpd-container/blob/master/2.4/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of Httpd available on OpenShift, including major versions updates.",
+ "iconClass": "icon-apache",
+ "tags": "builder,httpd",
+ "supports":"httpd",
+ "sampleRepo": "https://github.com/openshift/httpd-ex.git"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "2.4"
+ }
+ },
+ {
+ "name": "2.4",
+ "annotations": {
+ "openshift.io/display-name": "Httpd 2.4",
+ "description": "Build and serve static content via Httpd on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/httpd-container/blob/master/2.4/README.md.",
+ "iconClass": "icon-apache",
+ "tags": "builder,httpd",
+ "supports":"httpd",
+ "version": "2.4",
+ "sampleRepo": "https://github.com/openshift/httpd-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "centos/httpd-24-centos7:latest"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
"name": "ruby",
"annotations": {
"openshift.io/display-name": "Ruby"
@@ -103,7 +148,7 @@
},
"from": {
"kind": "ImageStreamTag",
- "name": "4"
+ "name": "6"
}
},
{
@@ -137,6 +182,22 @@
"kind": "DockerImage",
"name": "centos/nodejs-4-centos7:latest"
}
+ },
+ {
+ "name": "6",
+ "annotations": {
+ "openshift.io/display-name": "Node.js 6",
+ "description": "Build and run Node.js 6 applications on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-nodejs-container/blob/master/6/README.md.",
+ "iconClass": "icon-nodejs",
+ "tags": "builder,nodejs",
+ "supports":"nodejs:6,nodejs",
+ "version": "6",
+ "sampleRepo": "https://github.com/openshift/nodejs-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "centos/nodejs-6-centos7:latest"
+ }
}
]
}
@@ -407,7 +468,7 @@
"iconClass": "icon-wildfly",
"tags": "builder,wildfly,java",
"supports":"jee,java",
- "sampleRepo": "https://github.com/bparees/openshift-jee-sample.git"
+ "sampleRepo": "https://github.com/openshift/openshift-jee-sample.git"
},
"from": {
"kind": "ImageStreamTag",
@@ -423,7 +484,7 @@
"tags": "builder,wildfly,java",
"supports":"wildfly:8.1,jee,java",
"version": "8.1",
- "sampleRepo": "https://github.com/bparees/openshift-jee-sample.git"
+ "sampleRepo": "https://github.com/openshift/openshift-jee-sample.git"
},
"from": {
"kind": "DockerImage",
@@ -439,7 +500,7 @@
"tags": "builder,wildfly,java",
"supports":"wildfly:9.0,jee,java",
"version": "9.0",
- "sampleRepo": "https://github.com/bparees/openshift-jee-sample.git"
+ "sampleRepo": "https://github.com/openshift/openshift-jee-sample.git"
},
"from": {
"kind": "DockerImage",
@@ -455,7 +516,7 @@
"tags": "builder,wildfly,java",
"supports":"wildfly:10.0,jee,java",
"version": "10.0",
- "sampleRepo": "https://github.com/bparees/openshift-jee-sample.git"
+ "sampleRepo": "https://github.com/openshift/openshift-jee-sample.git"
},
"from": {
"kind": "DockerImage",
@@ -471,7 +532,7 @@
"tags": "builder,wildfly,java",
"supports":"wildfly:10.1,jee,java",
"version": "10.1",
- "sampleRepo": "https://github.com/bparees/openshift-jee-sample.git"
+ "sampleRepo": "https://github.com/openshift/openshift-jee-sample.git"
},
"from": {
"kind": "DockerImage",
diff --git a/roles/openshift_examples/files/examples/v1.5/image-streams/image-streams-rhel7.json b/roles/openshift_examples/files/examples/v1.5/image-streams/image-streams-rhel7.json
index 2ed0efe1e..abdae01e3 100644
--- a/roles/openshift_examples/files/examples/v1.5/image-streams/image-streams-rhel7.json
+++ b/roles/openshift_examples/files/examples/v1.5/image-streams/image-streams-rhel7.json
@@ -7,6 +7,51 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
+ "name": "httpd",
+ "annotations": {
+ "openshift.io/display-name": "Httpd"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": "Httpd (Latest)",
+ "description": "Build and serve static content via Httpd on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/httpd-container/blob/master/2.4/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of Httpd available on OpenShift, including major versions updates.",
+ "iconClass": "icon-apache",
+ "tags": "builder,httpd",
+ "supports":"httpd",
+ "sampleRepo": "https://github.com/openshift/httpd-ex.git"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "2.4"
+ }
+ },
+ {
+ "name": "2.4",
+ "annotations": {
+ "openshift.io/display-name": "Httpd 2.4",
+ "description": "Build and serve static content via Httpd on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/httpd-container/blob/master/2.4/README.md.",
+ "iconClass": "icon-apache",
+ "tags": "builder,httpd",
+ "supports":"httpd",
+ "version": "2.4",
+ "sampleRepo": "https://github.com/openshift/httpd-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/rhscl/httpd-24-rhel7"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
"name": "ruby",
"annotations": {
"openshift.io/display-name": "Ruby"
@@ -103,7 +148,7 @@
},
"from": {
"kind": "ImageStreamTag",
- "name": "4"
+ "name": "6"
}
},
{
@@ -137,6 +182,22 @@
"kind": "DockerImage",
"name": "registry.access.redhat.com/rhscl/nodejs-4-rhel7:latest"
}
+ },
+ {
+ "name": "6",
+ "annotations": {
+ "openshift.io/display-name": "Node.js 6",
+ "description": "Build and run Node.js 6 applications on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/s2i-nodejs-container.",
+ "iconClass": "icon-nodejs",
+ "tags": "builder,nodejs",
+ "supports":"nodejs:6,nodejs",
+ "version": "6",
+ "sampleRepo": "https://github.com/openshift/nodejs-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/rhscl/nodejs-6-rhel7:latest"
+ }
}
]
}
@@ -253,7 +314,7 @@
"tags": "hidden,builder,php",
"supports":"php:5.5,php",
"version": "5.5",
- "sampleRepo": "https://github.com/openshift/cakephp-ex.git"
+ "sampleRepo": "https://github.com/openshift/cakephp-ex.git"
},
"from": {
"kind": "DockerImage",
diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/README.md b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/README.md
index f48d8d4a8..6d2ccbf7f 100644
--- a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/README.md
+++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/README.md
@@ -17,6 +17,7 @@ instantiating them.
* [Dancer persistent](https://raw.githubusercontent.com/openshift/dancer-ex/master/openshift/templates/dancer-mysql-persistent.json) - Provides a basic Dancer (Perl) application with a persistent MySQL database. Note: requires available persistent volumes. For more information see the [source repository](https://github.com/openshift/dancer-ex).
* [Django](https://raw.githubusercontent.com/openshift/django-ex/master/openshift/templates/django-postgresql.json) - Provides a basic Django (Python) application with a PostgreSQL database. For more information see the [source repository](https://github.com/openshift/django-ex).
* [Django persistent](https://raw.githubusercontent.com/openshift/django-ex/master/openshift/templates/django-postgresql-persistent.json) - Provides a basic Django (Python) application with a persistent PostgreSQL database. Note: requires available persistent volumes. For more information see the [source repository](https://github.com/openshift/django-ex).
+* [Httpd](https://raw.githubusercontent.com/openshift/httpd-ex/master/openshift/templates/httpd.json) - Provides a basic Httpd static content application. For more information see the [source repository](https://github.com/openshift/httpd-ex).
* [NodeJS](https://raw.githubusercontent.com/openshift/nodejs-ex/master/openshift/templates/nodejs-mongodb.json) - Provides a basic NodeJS application with a MongoDB database. For more information see the [source repository](https://github.com/openshift/nodejs-ex).
* [NodeJS persistent](https://raw.githubusercontent.com/openshift/nodejs-ex/master/openshift/templates/nodejs-mongodb-persistent.json) - Provides a basic NodeJS application with a persistent MongoDB database. Note: requires available persistent volumes. For more information see the [source repository](https://github.com/openshift/nodejs-ex).
* [Rails](https://raw.githubusercontent.com/openshift/rails-ex/master/openshift/templates/rails-postgresql.json) - Provides a basic Rails (Ruby) application with a PostgreSQL database. For more information see the [source repository](https://github.com/openshift/rails-ex).
diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/amp.yml b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/amp.yml
new file mode 100644
index 000000000..4e469f6e8
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/amp.yml
@@ -0,0 +1,1261 @@
+base_env: &base_env
+- name: RAILS_ENV
+ value: "production"
+- name: DATABASE_URL
+ value: "mysql2://root:${MYSQL_ROOT_PASSWORD}@system-mysql/${MYSQL_DATABASE}"
+- name: FORCE_SSL
+ value: "true"
+- name: THREESCALE_SUPERDOMAIN
+ value: "${WILDCARD_DOMAIN}"
+- name: TENANT_NAME
+ value: "${TENANT_NAME}"
+- name: APICAST_ACCESS_TOKEN
+ value: "${APICAST_ACCESS_TOKEN}"
+- name: ADMIN_ACCESS_TOKEN
+ value: "${ADMIN_ACCESS_TOKEN}"
+- name: PROVIDER_PLAN
+ value: 'enterprise'
+- name: USER_LOGIN
+ value: "${ADMIN_USERNAME}"
+- name: USER_PASSWORD
+ value: "${ADMIN_PASSWORD}"
+- name: RAILS_LOG_TO_STDOUT
+ value: "true"
+- name: RAILS_LOG_LEVEL
+ value: "info"
+- name: THINKING_SPHINX_ADDRESS
+ value: "system-sphinx"
+- name: THINKING_SPHINX_PORT
+ value: "9306"
+- name: THINKING_SPHINX_CONFIGURATION_FILE
+ value: "/tmp/sphinx.conf"
+- name: EVENTS_SHARED_SECRET
+ value: "${SYSTEM_BACKEND_SHARED_SECRET}"
+- name: THREESCALE_SANDBOX_PROXY_OPENSSL_VERIFY_MODE
+ value: "VERIFY_NONE"
+- name: APICAST_BACKEND_ROOT_ENDPOINT
+ value: "https://backend-${TENANT_NAME}.${WILDCARD_DOMAIN}"
+- name: CONFIG_INTERNAL_API_USER
+ value: "${SYSTEM_BACKEND_USERNAME}"
+- name: CONFIG_INTERNAL_API_PASSWORD
+ value: "${SYSTEM_BACKEND_PASSWORD}"
+- name: SECRET_KEY_BASE
+ value: "${SYSTEM_APP_SECRET_KEY_BASE}"
+- name: AMP_RELEASE
+ value: "${AMP_RELEASE}"
+- name: SMTP_ADDRESS
+ valueFrom:
+ configMapKeyRef:
+ name: smtp
+ key: address
+- name: SMTP_USER_NAME
+ valueFrom:
+ configMapKeyRef:
+ name: smtp
+ key: username
+- name: SMTP_PASSWORD
+ valueFrom:
+ configMapKeyRef:
+ name: smtp
+ key: password
+- name: SMTP_DOMAIN
+ valueFrom:
+ configMapKeyRef:
+ name: smtp
+ key: domain
+- name: SMTP_PORT
+ valueFrom:
+ configMapKeyRef:
+ name: smtp
+ key: port
+- name: SMTP_AUTHENTICATION
+ valueFrom:
+ configMapKeyRef:
+ name: smtp
+ key: authentication
+- name: SMTP_OPENSSL_VERIFY_MODE
+ valueFrom:
+ configMapKeyRef:
+ name: smtp
+ key: openssl.verify.mode
+- name: BACKEND_ROUTE
+ value: "https://backend-${TENANT_NAME}.${WILDCARD_DOMAIN}"
+
+apiVersion: v1
+kind: Template
+metadata:
+ name: "system"
+message: "Login on https://${TENANT_NAME}-admin.${WILDCARD_DOMAIN} as ${ADMIN_USERNAME}/${ADMIN_PASSWORD}"
+objects:
+
+- apiVersion: "v1"
+ kind: "PersistentVolumeClaim"
+ metadata:
+ name: "system-storage"
+ spec:
+ accessModes:
+ - "ReadWriteMany"
+ resources:
+ requests:
+ storage: "100Mi"
+
+- apiVersion: "v1"
+ kind: "PersistentVolumeClaim"
+ metadata:
+ name: "mysql-storage"
+ spec:
+ accessModes:
+ - "ReadWriteOnce"
+ resources:
+ requests:
+ storage: "1Gi"
+
+- apiVersion: "v1"
+ kind: "PersistentVolumeClaim"
+ metadata:
+ name: "system-redis-storage"
+ spec:
+ accessModes:
+ - "ReadWriteOnce"
+ resources:
+ requests:
+ storage: "1Gi"
+
+- apiVersion: "v1"
+ kind: "PersistentVolumeClaim"
+ metadata:
+ name: "backend-redis-storage"
+ spec:
+ accessModes:
+ - "ReadWriteOnce"
+ resources:
+ requests:
+ storage: "1Gi"
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: backend-cron
+ spec:
+ replicas: 1
+ selector:
+ name: backend-cron
+ strategy:
+ rollingParams:
+ intervalSeconds: 1
+ maxSurge: 25%
+ maxUnavailable: 25%
+ timeoutSeconds: 600
+ updatePeriodSeconds: 1
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ name: backend-cron
+ spec:
+ containers:
+ - args:
+ - backend-cron
+ env:
+ - name: CONFIG_REDIS_PROXY
+ value: "backend-redis:6379"
+ - name: CONFIG_QUEUES_MASTER_NAME
+ value: "backend-redis:6379/1"
+ - name: RACK_ENV
+ value: "production"
+ image: 3scale-amp20/backend:1.0-2
+ imagePullPolicy: IfNotPresent
+ name: backend-cron
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: backend-redis
+ spec:
+ replicas: 1
+ selector:
+ name: backend-redis
+ strategy:
+ type: Recreate
+ template:
+ metadata:
+ labels:
+ name: backend-redis
+ spec:
+ containers:
+ - image: ${REDIS_IMAGE}
+ imagePullPolicy: IfNotPresent
+ name: backend-redis
+ readinessProbe:
+ exec:
+ command:
+ - "container-entrypoint"
+ - "bash"
+ - "-c"
+ - "redis-cli set liveness-probe \"`date`\" | grep OK"
+ initialDelaySeconds: 10
+ periodSeconds: 30
+ timeoutSeconds: 1
+ livenessProbe:
+ tcpSocket:
+ port: 6379
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ volumeMounts:
+ - name: backend-redis-storage
+ mountPath: "/var/lib/redis/data"
+ - name: redis-config
+ mountPath: /etc/redis.conf
+ subPath: redis.conf
+ volumes:
+ - name: backend-redis-storage
+ persistentVolumeClaim:
+ claimName: backend-redis-storage
+ - name: redis-config
+ configMap:
+ name: redis-config
+ items:
+ - key: redis.conf
+ path: redis.conf
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: backend-listener
+ spec:
+ replicas: 1
+ selector:
+ name: backend-listener
+ strategy:
+ rollingParams:
+ intervalSeconds: 1
+ maxSurge: 25%
+ maxUnavailable: 25%
+ timeoutSeconds: 600
+ updatePeriodSeconds: 1
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ name: backend-listener
+ spec:
+ containers:
+ - args:
+ - 3scale_backend
+ - start
+ - "-e"
+ - production
+ - "-p"
+ - '3000'
+ - "-x"
+ - "/dev/stdout"
+ env:
+ - name: CONFIG_REDIS_PROXY
+ value: "backend-redis:6379"
+ - name: CONFIG_QUEUES_MASTER_NAME
+ value: "backend-redis:6379/1"
+ - name: RACK_ENV
+ value: "production"
+ - name: CONFIG_INTERNAL_API_USER
+ value: "${SYSTEM_BACKEND_USERNAME}"
+ - name: CONFIG_INTERNAL_API_PASSWORD
+ value: "${SYSTEM_BACKEND_PASSWORD}"
+ image: 3scale-amp20/backend:1.0-2
+ imagePullPolicy: IfNotPresent
+ name: backend-listener
+ livenessProbe:
+ initialDelaySeconds: 30
+ periodSeconds: 10
+ tcpSocket:
+ port: 3000
+ readinessProbe:
+ httpGet:
+ path: "/status"
+ port: 3000
+ initialDelaySeconds: 30
+ timeoutSeconds: 5
+ ports:
+ - containerPort: 3000
+ protocol: TCP
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: backend-redis
+ spec:
+ ports:
+ - port: 6379
+ protocol: TCP
+ targetPort: 6379
+ selector:
+ name: backend-redis
+
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: backend-listener
+ spec:
+ ports:
+ - port: 3000
+ protocol: TCP
+ targetPort: 3000
+ name: http
+ selector:
+ name: backend-listener
+
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: system-provider
+ spec:
+ ports:
+ - port: 3000
+ protocol: TCP
+ targetPort: provider
+ name: http
+ selector:
+ name: system-app
+
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: system-developer
+ spec:
+ ports:
+ - port: 3000
+ protocol: TCP
+ targetPort: developer
+ name: http
+ selector:
+ name: system-app
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: backend-worker
+ spec:
+ replicas: 1
+ selector:
+ name: backend-worker
+ strategy:
+ rollingParams:
+ intervalSeconds: 1
+ maxSurge: 25%
+ maxUnavailable: 25%
+ timeoutSeconds: 600
+ updatePeriodSeconds: 1
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ name: backend-worker
+ spec:
+ containers:
+ - args:
+ - 3scale_backend_worker
+ - run
+ env:
+ - name: CONFIG_REDIS_PROXY
+ value: "backend-redis:6379"
+ - name: CONFIG_QUEUES_MASTER_NAME
+ value: "backend-redis:6379/1"
+ - name: RACK_ENV
+ value: "production"
+ - name: CONFIG_EVENTS_HOOK
+ value: http://system-provider:3000/master/events/import
+ - name: CONFIG_EVENTS_HOOK_SHARED_SECRET
+ value: ${SYSTEM_BACKEND_SHARED_SECRET}
+ image: 3scale-amp20/backend:1.0-2
+ imagePullPolicy: IfNotPresent
+ name: backend-worker
+ triggers:
+ - type: ConfigChange
+
+- kind: Service
+ apiVersion: v1
+ metadata:
+ name: 'system-mysql'
+ spec:
+ ports:
+ - name: system-mysql
+ protocol: TCP
+ port: 3306
+ targetPort: 3306
+ nodePort: 0
+ selector:
+ name: 'system-mysql'
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: system-redis
+ spec:
+ ports:
+ - port: 6379
+ protocol: TCP
+ targetPort: 6379
+ name: redis
+ selector:
+ name: system-redis
+
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: system-redis
+ spec:
+ replicas: 1
+ selector:
+ name: system-redis
+ strategy:
+ type: Recreate
+ template:
+ metadata:
+ labels:
+ name: system-redis
+ spec:
+ containers:
+ - args:
+ image: ${REDIS_IMAGE}
+ imagePullPolicy: IfNotPresent
+ name: system-redis
+ terminationMessagePath: /dev/termination-log
+ volumeMounts:
+ - name: system-redis-storage
+ mountPath: "/var/lib/redis/data"
+ - name: redis-config
+ mountPath: /etc/redis.conf
+ subPath: redis.conf
+ readinessProbe:
+ exec:
+ command:
+ - "container-entrypoint"
+ - "bash"
+ - "-c"
+ - "redis-cli set liveness-probe \"`date`\" | grep OK"
+ initialDelaySeconds: 30
+ periodSeconds: 10
+ timeoutSeconds: 5
+ livenessProbe:
+ tcpSocket:
+ port: 6379
+ initialDelaySeconds: 10
+ periodSeconds: 5
+ volumes:
+ - name: system-redis-storage
+ persistentVolumeClaim:
+ claimName: system-redis-storage
+ - name: redis-config
+ configMap:
+ name: redis-config
+ items:
+ - key: redis.conf
+ path: redis.conf
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: system-sphinx
+ spec:
+ ports:
+ - port: 9306
+ protocol: TCP
+ targetPort: 9306
+ name: sphinx
+ selector:
+ name: system-sphinx
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: system-sphinx
+ spec:
+ replicas: 1
+ selector:
+ name: system-sphinx
+ strategy:
+ rollingParams:
+ intervalSeconds: 1
+ maxSurge: 25%
+ maxUnavailable: 25%
+ timeoutSeconds: 600
+ updatePeriodSeconds: 1
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ name: system-sphinx
+ spec:
+ volumes:
+ - name: system-sphinx-database
+ emptyDir: {}
+ containers:
+ - args:
+ - rake
+ - 'openshift:thinking_sphinx:start'
+ volumeMounts:
+ - name: system-sphinx-database
+ mountPath: "/opt/system/db/sphinx"
+ env:
+ - name: RAILS_ENV
+ value: production
+ - name: DATABASE_URL
+ value: "mysql2://root:${MYSQL_ROOT_PASSWORD}@system-mysql/${MYSQL_DATABASE}"
+ - name: THINKING_SPHINX_ADDRESS
+ value: 0.0.0.0
+ - name: THINKING_SPHINX_CONFIGURATION_FILE
+ value: "db/sphinx/production.conf"
+ - name: THINKING_SPHINX_PID_FILE
+ value: db/sphinx/searchd.pid
+ - name: DELTA_INDEX_INTERVAL
+ value: '5'
+ - name: FULL_REINDEX_INTERVAL
+ value: '60'
+ image: 3scale-amp20/system:1.0-2
+ imagePullPolicy: IfNotPresent
+ name: system-sphinx
+ livenessProbe:
+ tcpSocket:
+ port: 9306
+ initialDelaySeconds: 60
+ periodSeconds: 10
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: system-memcache
+ spec:
+ ports:
+ - port: 11211
+ protocol: TCP
+ targetPort: 11211
+ name: memcache
+ selector:
+ name: system-memcache
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: system-memcache
+ spec:
+ replicas: 1
+ selector:
+ name: system-memcache
+ strategy:
+ rollingParams:
+ intervalSeconds: 1
+ maxSurge: 25%
+ maxUnavailable: 25%
+ timeoutSeconds: 600
+ updatePeriodSeconds: 1
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ name: system-memcache
+ spec:
+ containers:
+ - args:
+ env:
+ image: 3scale-amp20/memcached:1.4.15-7
+ imagePullPolicy: IfNotPresent
+ name: memcache
+ readinessProbe:
+ exec:
+ command:
+ - "sh"
+ - "-c"
+ - "echo version | nc $HOSTNAME 11211 | grep VERSION"
+ initialDelaySeconds: 10
+ periodSeconds: 30
+ timeoutSeconds: 5
+ livenessProbe:
+ tcpSocket:
+ port: 11211
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ command:
+ - "memcached"
+ - "-m"
+ - "64"
+ ports:
+ - containerPort: 6379
+ protocol: TCP
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: Route
+ metadata:
+ name: system-provider-admin-route
+ labels:
+ app: system-route
+ spec:
+ host: ${TENANT_NAME}-admin.${WILDCARD_DOMAIN}
+ to:
+ kind: Service
+ name: system-provider
+ port:
+ targetPort: http
+ tls:
+ termination: edge
+ insecureEdgeTerminationPolicy: Allow
+
+- apiVersion: v1
+ kind: Route
+ metadata:
+ name: backend-route
+ labels:
+ app: system-route
+ spec:
+ host: backend-${TENANT_NAME}.${WILDCARD_DOMAIN}
+ to:
+ kind: Service
+ name: backend-listener
+ port:
+ targetPort: http
+ tls:
+ termination: edge
+ insecureEdgeTerminationPolicy: Allow
+
+- apiVersion: v1
+ kind: Route
+ metadata:
+ name: system-developer-route
+ labels:
+ app: system-route
+ spec:
+ host: ${TENANT_NAME}.${WILDCARD_DOMAIN}
+ to:
+ kind: Service
+ name: system-developer
+ port:
+ targetPort: http
+ tls:
+ termination: edge
+ insecureEdgeTerminationPolicy: Allow
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: apicast-staging
+ spec:
+ replicas: 1
+ selector:
+ deploymentconfig: apicast-staging
+ strategy:
+ rollingParams:
+ intervalSeconds: 1
+ maxSurge: 25%
+ maxUnavailable: 25%
+ timeoutSeconds: 1800
+ updatePeriodSeconds: 1
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ deploymentconfig: apicast-staging
+ spec:
+ containers:
+ - env:
+ - name: THREESCALE_PORTAL_ENDPOINT
+ value: http://${APICAST_ACCESS_TOKEN}@system-provider:3000
+ - name: APICAST_CONFIGURATION_LOADER
+ value: "lazy"
+ - name: APICAST_CONFIGURATION_CACHE
+ value: "0"
+ - name: THREESCALE_DEPLOYMENT_ENV
+ value: "sandbox"
+ - name: APICAST_MANAGEMENT_API
+ value: "${APICAST_MANAGEMENT_API}"
+ - name: BACKEND_ENDPOINT_OVERRIDE
+ value: http://backend-listener:3000
+ - name: OPENSSL_VERIFY
+ value: '${APICAST_OPENSSL_VERIFY}'
+ - name: APICAST_RESPONSE_CODES
+ value: '${APICAST_RESPONSE_CODES}'
+ - name: REDIS_URL
+ value: "redis://system-redis:6379/2"
+ image: 3scale-amp20/apicast-gateway:1.0-3
+ imagePullPolicy: IfNotPresent
+ name: apicast-staging
+ livenessProbe:
+ httpGet:
+ path: /status/live
+ port: 8090
+ initialDelaySeconds: 10
+ timeoutSeconds: 5
+ periodSeconds: 10
+ readinessProbe:
+ httpGet:
+ path: /status/ready
+ port: 8090
+ initialDelaySeconds: 15
+ timeoutSeconds: 5
+ periodSeconds: 30
+ ports:
+ - containerPort: 8080
+ protocol: TCP
+ - containerPort: 8090
+ protocol: TCP
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: apicast-staging
+ spec:
+ ports:
+ - name: gateway
+ port: 8080
+ protocol: TCP
+ targetPort: 8080
+ - name: management
+ port: 8090
+ protocol: TCP
+ targetPort: 8090
+ selector:
+ deploymentconfig: apicast-staging
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: apicast-production
+ spec:
+ replicas: 1
+ selector:
+ deploymentconfig: apicast-production
+ strategy:
+ rollingParams:
+ intervalSeconds: 1
+ maxSurge: 25%
+ maxUnavailable: 25%
+ timeoutSeconds: 1800
+ updatePeriodSeconds: 1
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ deploymentconfig: apicast-production
+ spec:
+ containers:
+ - env:
+ - name: THREESCALE_PORTAL_ENDPOINT
+ value: "http://${APICAST_ACCESS_TOKEN}@system-provider:3000"
+ - name: APICAST_CONFIGURATION_LOADER
+ value: "boot"
+ - name: APICAST_CONFIGURATION_CACHE
+ value: "300"
+ - name: THREESCALE_DEPLOYMENT_ENV
+ value: "production"
+ - name: APICAST_MANAGEMENT_API
+ value: "${APICAST_MANAGEMENT_API}"
+ - name: BACKEND_ENDPOINT_OVERRIDE
+ value: http://backend-listener:3000
+ - name: OPENSSL_VERIFY
+ value: '${APICAST_OPENSSL_VERIFY}'
+ - name: APICAST_RESPONSE_CODES
+ value: '${APICAST_RESPONSE_CODES}'
+ - name: REDIS_URL
+ value: "redis://system-redis:6379/1"
+ image: 3scale-amp20/apicast-gateway:1.0-3
+ imagePullPolicy: IfNotPresent
+ name: apicast-production
+ livenessProbe:
+ httpGet:
+ path: /status/live
+ port: 8090
+ initialDelaySeconds: 10
+ timeoutSeconds: 5
+ periodSeconds: 10
+ readinessProbe:
+ httpGet:
+ path: /status/ready
+ port: 8090
+ initialDelaySeconds: 15
+ timeoutSeconds: 5
+ periodSeconds: 30
+ ports:
+ - containerPort: 8080
+ protocol: TCP
+ - containerPort: 8090
+ protocol: TCP
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: apicast-production
+ spec:
+ ports:
+ - name: gateway
+ port: 8080
+ protocol: TCP
+ targetPort: 8080
+ - name: management
+ port: 8090
+ protocol: TCP
+ targetPort: 8090
+ selector:
+ deploymentconfig: apicast-production
+
+- apiVersion: v1
+ kind: Route
+ metadata:
+ name: api-apicast-staging-route
+ labels:
+ app: apicast-staging
+ spec:
+ host: api-${TENANT_NAME}-apicast-staging.${WILDCARD_DOMAIN}
+ to:
+ kind: Service
+ name: apicast-staging
+ port:
+ targetPort: gateway
+ tls:
+ termination: edge
+ insecureEdgeTerminationPolicy: Allow
+
+- apiVersion: v1
+ kind: Route
+ metadata:
+ name: api-apicast-production-route
+ labels:
+ app: apicast-production
+ spec:
+ host: api-${TENANT_NAME}-apicast-production.${WILDCARD_DOMAIN}
+ to:
+ kind: Service
+ name: apicast-production
+ port:
+ targetPort: gateway
+ tls:
+ termination: edge
+ insecureEdgeTerminationPolicy: Allow
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: system-app
+ spec:
+ replicas: 1
+ selector:
+ name: system-app
+ strategy:
+ rollingParams:
+ intervalSeconds: 1
+ maxSurge: 25%
+ maxUnavailable: 25%
+ timeoutSeconds: 600
+ updatePeriodSeconds: 1
+ pre:
+ failurePolicy: Retry
+ execNewPod:
+ containerName: system-provider
+ command:
+ - bash
+ - -c
+ - bundle exec rake boot openshift:deploy
+ env: *base_env
+ volumes:
+ - system-storage
+ post:
+ failurePolicy: Abort
+ execNewPod:
+ containerName: system-provider
+ command:
+ - bash
+ - -c
+ - bundle exec rake boot openshift:post_deploy
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ name: system-app
+ spec:
+ containers:
+ - args:
+ env: *base_env
+ image: 3scale-amp20/system:1.0-2
+ imagePullPolicy: IfNotPresent
+ command: ['env', 'TENANT_MODE=provider', 'PORT=3000', 'container-entrypoint', 'bundle', 'exec', 'unicorn', '-c', 'config/unicorn.rb']
+ name: system-provider
+ livenessProbe:
+ timeoutSeconds: 10
+ initialDelaySeconds: 20
+ tcpSocket:
+ port: provider
+ periodSeconds: 10
+ readinessProbe:
+ httpGet:
+ path: /check.txt
+ port: provider
+ scheme: HTTP
+ httpHeaders:
+ - name: X-Forwarded-Proto
+ value: https
+ initialDelaySeconds: 30
+ timeoutSeconds: 10
+ periodSeconds: 30
+ ports:
+ - containerPort: 3000
+ protocol: TCP
+ name: provider
+ volumeMounts:
+ - name: system-storage
+ mountPath: /opt/system/public/system
+ - args:
+ env: *base_env
+ image: 3scale-amp20/system:1.0-2
+ command: ['env', 'TENANT_MODE=developer', 'PORT=3001', 'container-entrypoint', 'bundle', 'exec', 'unicorn', '-c', 'config/unicorn.rb']
+ imagePullPolicy: IfNotPresent
+ name: system-developer
+ livenessProbe:
+ timeoutSeconds: 10
+ initialDelaySeconds: 20
+ tcpSocket:
+ port: developer
+ periodSeconds: 10
+ readinessProbe:
+ httpGet:
+ path: /check.txt
+ port: developer
+ scheme: HTTP
+ httpHeaders:
+ - name: X-Forwarded-Proto
+ value: https
+ initialDelaySeconds: 30
+ timeoutSeconds: 10
+ periodSeconds: 30
+ ports:
+ - containerPort: 3001
+ protocol: TCP
+ name: developer
+ volumeMounts:
+ - name: system-storage
+ mountPath: /opt/system/public/system
+ readOnly: true
+ volumes:
+ - name: system-storage
+ persistentVolumeClaim:
+ claimName: system-storage
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: system-resque
+ spec:
+ replicas: 1
+ selector:
+ name: system-resque
+ strategy:
+ rollingParams:
+ intervalSeconds: 1
+ maxSurge: 25%
+ maxUnavailable: 25%
+ timeoutSeconds: 600
+ updatePeriodSeconds: 1
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ name: system-resque
+ spec:
+ containers:
+ - args:
+ - 'rake'
+ - 'resque:work'
+ - 'QUEUE=*'
+ env: *base_env
+ image: 3scale-amp20/system:1.0-2
+ imagePullPolicy: IfNotPresent
+ name: system-resque
+ volumeMounts:
+ - name: system-storage
+ mountPath: /opt/system/public/system
+ - args:
+ - 'rake'
+ - 'resque:scheduler'
+ - 'QUEUE=*'
+ env: *base_env
+ image: 3scale-amp20/system:1.0-2
+ imagePullPolicy: IfNotPresent
+ name: system-scheduler
+ volumes:
+ - name: system-storage
+ persistentVolumeClaim:
+ claimName: system-storage
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: system-sidekiq
+ spec:
+ replicas: 1
+ selector:
+ name: system-sidekiq
+ strategy:
+ rollingParams:
+ intervalSeconds: 1
+ maxSurge: 25%
+ maxUnavailable: 25%
+ timeoutSeconds: 600
+ updatePeriodSeconds: 1
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ name: system-sidekiq
+ spec:
+ containers:
+ - args:
+ - rake
+ - sidekiq:worker
+ env: *base_env
+ image: 3scale-amp20/system:1.0-2
+ imagePullPolicy: IfNotPresent
+ name: system-sidekiq
+ volumeMounts:
+ - name: system-storage
+ mountPath: /opt/system/public/system
+ volumes:
+ - name: system-storage
+ persistentVolumeClaim:
+ claimName: system-storage
+ triggers:
+ - type: ConfigChange
+
+
+- kind: DeploymentConfig
+ apiVersion: v1
+ metadata:
+ name: 'system-mysql'
+ spec:
+ strategy:
+ type: Recreate
+ triggers:
+ - type: ConfigChange
+ replicas: 1
+ selector:
+ name: 'system-mysql'
+ template:
+ metadata:
+ labels:
+ name: 'system-mysql'
+ spec:
+ containers:
+ - name: system-mysql
+ image: ${MYSQL_IMAGE}
+ ports:
+ - containerPort: 3306
+ protocol: TCP
+ resources:
+ limits:
+ memory: 2Gi
+ requests:
+ cpu: '1'
+ memory: 1Gi
+ readinessProbe:
+ timeoutSeconds: 5
+ initialDelaySeconds: 10
+ periodSeconds: 30
+ exec:
+ command:
+ - /bin/sh
+ - '-i'
+ - '-c'
+ - MYSQL_PWD="$MYSQL_PASSWORD" mysql -h 127.0.0.1 -u $MYSQL_USER -D $MYSQL_DATABASE -e 'SELECT 1'
+ livenessProbe:
+ initialDelaySeconds: 30
+ periodSeconds: 10
+ tcpSocket:
+ port: 3306
+ env:
+ - name: MYSQL_USER
+ value: ${MYSQL_USER}
+ - name: MYSQL_PASSWORD
+ value: ${MYSQL_PASSWORD}
+ - name: MYSQL_DATABASE
+ value: ${MYSQL_DATABASE}
+ - name: MYSQL_ROOT_PASSWORD
+ value: ${MYSQL_ROOT_PASSWORD}
+ - name: MYSQL_LOWER_CASE_TABLE_NAMES
+ value: "1"
+ volumeMounts:
+ - name: 'mysql-storage'
+ mountPath: /var/lib/mysql/data
+ imagePullPolicy: IfNotPresent
+ volumes:
+ - name: 'mysql-storage'
+ persistentVolumeClaim:
+ claimName: 'mysql-storage'
+- kind: ConfigMap
+ apiVersion: v1
+ metadata:
+ name: redis-config
+ data:
+ redis.conf: |
+ protected-mode no
+
+ port 6379
+
+ timeout 0
+ tcp-keepalive 300
+
+ daemonize no
+ supervised no
+
+ loglevel notice
+
+ databases 16
+
+ save 900 1
+ save 300 10
+ save 60 10000
+
+ stop-writes-on-bgsave-error yes
+
+ rdbcompression yes
+ rdbchecksum yes
+
+ dbfilename dump.rdb
+
+ slave-serve-stale-data yes
+ slave-read-only yes
+
+ repl-diskless-sync no
+ repl-disable-tcp-nodelay no
+
+ appendonly yes
+ appendfilename "appendonly.aof"
+ appendfsync everysec
+ no-appendfsync-on-rewrite no
+ auto-aof-rewrite-percentage 100
+ auto-aof-rewrite-min-size 64mb
+ aof-load-truncated yes
+
+ lua-time-limit 5000
+
+ activerehashing no
+
+ aof-rewrite-incremental-fsync yes
+ dir /var/lib/redis/data
+
+- kind: ConfigMap
+
+ apiVersion: v1
+ metadata:
+ name: smtp
+ data:
+ address: ""
+ username: ""
+ password: ""
+ domain: ""
+ port: ""
+ authentication: ""
+ openssl.verify.mode: ""
+
+parameters:
+- name: AMP_RELEASE
+ description: "AMP release tag."
+ value: 2.0.0-CR2-redhat-1
+ required: true
+- name: ADMIN_PASSWORD
+ required: true
+ generate: expression
+ from: "[a-z0-9]{8}"
+- name: ADMIN_USERNAME
+ value: admin
+ required: true
+- name: APICAST_ACCESS_TOKEN
+ required: true
+ generate: expression
+ from: "[a-z0-9]{8}"
+ description: "Read Only Access Token that is APIcast going to use to download its configuration."
+- name: ADMIN_ACCESS_TOKEN
+ required: false
+ generate: expression
+ from: "[a-z0-9]{16}"
+ description: "Admin Access Token with all scopes and write permissions for API access."
+- name: WILDCARD_DOMAIN
+ description: Root domain for the wildcard routes. Eg. example.com will generate 3scale-admin.example.com.
+ required: true
+- name: TENANT_NAME
+ description: "Tenant name under the root that Admin UI will be available with -admin suffix."
+ required: true
+ value: "3scale"
+- name: MYSQL_USER
+ displayName: MySQL User
+ description: Username for MySQL user that will be used for accessing the database.
+ value: "mysql"
+ required: true
+- name: MYSQL_PASSWORD
+ displayName: MySQL Password
+ description: Password for the MySQL user.
+ generate: expression
+ from: "[a-z0-9]{8}"
+ required: true
+- name: MYSQL_DATABASE
+ displayName: MySQL Database Name
+ description: Name of the MySQL database accessed.
+ value: "system"
+ required: true
+- name: MYSQL_ROOT_PASSWORD
+ displayName: MySQL Root password.
+ description: Password for Root user.
+ generate: expression
+ from: "[a-z0-9]{8}"
+ required: true
+- name: SYSTEM_BACKEND_USERNAME
+ description: Internal 3scale API username for internal 3scale api auth.
+ value: "3scale_api_user"
+ required: true
+- name: SYSTEM_BACKEND_PASSWORD
+ description: Internal 3scale API password for internal 3scale api auth.
+ generate: expression
+ from: "[a-z0-9]{8}"
+ required: true
+- name: REDIS_IMAGE
+ description: Redis image to use
+ required: true
+ value: rhscl/redis-32-rhel7:3.2-5.7
+- name: MYSQL_IMAGE
+ description: Mysql image to use
+ required: true
+ value: rhscl/mysql-56-rhel7:5.6-13.14
+- name: SYSTEM_BACKEND_SHARED_SECRET
+ description: Shared secret to import events from backend to system.
+ generate: expression
+ from: "[a-z0-9]{8}"
+ required: true
+- name: SYSTEM_APP_SECRET_KEY_BASE
+ description: System application secret key base
+ generate: expression
+ from: "[a-f0-9]{128}"
+ required: true
+- name: APICAST_MANAGEMENT_API
+ description: "Scope of the APIcast Management API. Can be disabled, status or debug. At least status required for health checks."
+ required: false
+ value: "status"
+- name: APICAST_OPENSSL_VERIFY
+ description: "Turn on/off the OpenSSL peer verification when downloading the configuration. Can be set to true/false."
+ required: false
+ value: "false"
+- name: APICAST_RESPONSE_CODES
+ description: "Enable logging response codes in APIcast."
+ value: "true"
+ required: false
diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/apicast-gateway-template.yml b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/apicast-gateway-template.yml
deleted file mode 100644
index 34f5fcbcc..000000000
--- a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/apicast-gateway-template.yml
+++ /dev/null
@@ -1,149 +0,0 @@
-apiVersion: v1
-kind: Template
-metadata:
- creationTimestamp: null
- name: 3scale-gateway
- annotations:
- description: "3scale API Gateway"
- iconClass: "icon-load-balancer"
- tags: "api,gateway,3scale"
-objects:
-- apiVersion: v1
- kind: DeploymentConfig
- metadata:
- name: ${THREESCALE_GATEWAY_NAME}
- spec:
- replicas: 2
- selector:
- deploymentconfig: ${THREESCALE_GATEWAY_NAME}
- strategy:
- resources: {}
- rollingParams:
- intervalSeconds: 1
- maxSurge: 25%
- maxUnavailable: 25%
- timeoutSeconds: 600
- updatePeriodSeconds: 1
- type: Rolling
- template:
- metadata:
- labels:
- deploymentconfig: ${THREESCALE_GATEWAY_NAME}
- spec:
- containers:
- - env:
- - name: THREESCALE_PORTAL_ENDPOINT
- valueFrom:
- secretKeyRef:
- name: ${THREESCALE_PORTAL_ENDPOINT_SECRET}
- key: password
- - name: THREESCALE_CONFIG_FILE
- value: ${THREESCALE_CONFIG_FILE}
- - name: RESOLVER
- value: ${RESOLVER}
- - name: APICAST_SERVICES
- value: ${APICAST_SERVICES}
- - name: APICAST_MISSING_CONFIGURATION
- value: ${MISSING_CONFIGURATION}
- - name: APICAST_LOG_LEVEL
- value: ${APICAST_LOG_LEVEL}
- - name: APICAST_PATH_ROUTING_ENABLED
- value: ${PATH_ROUTING}
- - name: APICAST_RESPONSE_CODES
- value: ${RESPONSE_CODES}
- - name: APICAST_REQUEST_LOGS
- value: ${REQUEST_LOGS}
- - name: APICAST_RELOAD_CONFIG
- value: ${APICAST_RELOAD_CONFIG}
- image: ${THREESCALE_GATEWAY_IMAGE}
- imagePullPolicy: Always
- name: ${THREESCALE_GATEWAY_NAME}
- livenessProbe:
- httpGet:
- path: /status/live
- port: 8090
- initialDelaySeconds: 10
- timeoutSeconds: 1
- readinessProbe:
- httpGet:
- path: /status/ready
- port: 8090
- initialDelaySeconds: 15
- timeoutSeconds: 1
- ports:
- - containerPort: 8080
- protocol: TCP
- resources: {}
- terminationMessagePath: /dev/termination-log
- dnsPolicy: ClusterFirst
- restartPolicy: Always
- securityContext: {}
- terminationGracePeriodSeconds: 30
- triggers:
- - type: ConfigChange
- status: {}
-- apiVersion: v1
- kind: Service
- metadata:
- creationTimestamp: null
- name: ${THREESCALE_GATEWAY_NAME}
- spec:
- ports:
- - name: 8080-tcp
- port: 8080
- protocol: TCP
- targetPort: 8080
- selector:
- deploymentconfig: ${THREESCALE_GATEWAY_NAME}
- sessionAffinity: None
- type: ClusterIP
- status:
- loadBalancer: {}
-parameters:
-- description: "Name of the secret containing the THREESCALE_PORTAL_ENDPOINT with the access-token or provider key"
- value: threescale-portal-endpoint-secret
- name: THREESCALE_PORTAL_ENDPOINT_SECRET
- required: true
-- description: "Path to saved JSON file with configuration for the gateway. Has to be injected to the docker image as read only volume."
- value:
- name: THREESCALE_CONFIG_FILE
- required: false
-- description: "Name for the 3scale API Gateway"
- value: threescalegw
- name: THREESCALE_GATEWAY_NAME
- required: true
-- description: "Docker image to use."
- value: 'rhamp10/apicast-gateway:1.0.0-4'
- name: THREESCALE_GATEWAY_IMAGE
- required: true
-- description: "DNS Resolver for openresty, if empty it will be autodiscovered"
- value:
- name: RESOLVER
- required: false
-- description: "Subset of services to run. Use comma separated list of service ids (eg. 42,1337)"
- value:
- name: APICAST_SERVICES
- required: false
-- description: "What to do on missing or invalid configuration. Allowed values are: log, exit."
- value: exit
- required: false
- name: MISSING_CONFIGURATION
-- description: "Log level. One of the following: debug, info, notice, warn, error, crit, alert, or emerg."
- name: APICAST_LOG_LEVEL
- required: false
-- description: "Enable path routing. Experimental feature."
- name: PATH_ROUTING
- required: false
- value: "false"
-- description: "Enable traffic logging to 3scale. Includes whole request and response."
- value: "false"
- name: REQUEST_LOGS
- required: false
-- description: "Enable logging response codes to 3scale."
- value: "false"
- name: RESPONSE_CODES
- required: false
-- description: "Reload config on every request"
- value: "false"
- name: APICAST_RELOAD_CONFIG
- required: false
diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/apicast.yml b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/apicast.yml
new file mode 100644
index 000000000..8e8051c0b
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/apicast.yml
@@ -0,0 +1,157 @@
+apiVersion: v1
+kind: Template
+metadata:
+ name: 3scale-gateway
+ annotations:
+ description: "3scale API Gateway"
+ iconClass: "icon-load-balancer"
+ tags: "api,gateway,3scale"
+objects:
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: "${APICAST_NAME}"
+ spec:
+ replicas: 2
+ selector:
+ deploymentconfig: "${APICAST_NAME}"
+ strategy:
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ deploymentconfig: "${APICAST_NAME}"
+ spec:
+ containers:
+ - env:
+ - name: THREESCALE_PORTAL_ENDPOINT
+ valueFrom:
+ secretKeyRef:
+ name: "${CONFIGURATION_URL_SECRET}"
+ key: password
+ - name: THREESCALE_CONFIG_FILE
+ value: "${CONFIGURATION_FILE_PATH}"
+ - name: THREESCALE_DEPLOYMENT_ENV
+ value: "${DEPLOYMENT_ENVIRONMENT}"
+ - name: RESOLVER
+ value: "${RESOLVER}"
+ - name: APICAST_SERVICES
+ value: "${SERVICES_LIST}"
+ - name: APICAST_CONFIGURATION_LOADER
+ value: "${CONFIGURATION_LOADER}"
+ - name: APICAST_LOG_LEVEL
+ value: "${LOG_LEVEL}"
+ - name: APICAST_PATH_ROUTING_ENABLED
+ value: "${PATH_ROUTING}"
+ - name: APICAST_RESPONSE_CODES
+ value: "${RESPONSE_CODES}"
+ - name: APICAST_CONFIGURATION_CACHE
+ value: "${CONFIGURATION_CACHE}"
+ - name: REDIS_URL
+ value: "${REDIS_URL}"
+ - name: APICAST_MANAGEMENT_API
+ value: "${MANAGEMENT_API}"
+ - name: OPENSSL_VERIFY
+ value: "${OPENSSL_VERIFY}"
+ image: 3scale-amp20/apicast-gateway:1.0-3
+ imagePullPolicy: IfNotPresent
+ name: "${APICAST_NAME}"
+ livenessProbe:
+ httpGet:
+ path: /status/live
+ port: management
+ initialDelaySeconds: 10
+ timeoutSeconds: 1
+ readinessProbe:
+ httpGet:
+ path: /status/ready
+ port: management
+ initialDelaySeconds: 15
+ timeoutSeconds: 1
+ ports:
+ - name: proxy
+ containerPort: 8080
+ protocol: TCP
+ - name: management
+ containerPort: 8090
+ protocol: TCP
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: "${APICAST_NAME}"
+ spec:
+ ports:
+ - name: proxy
+ port: 8080
+ protocol: TCP
+ targetPort: 8080
+ - name: management
+ port: 8090
+ protocol: TCP
+ targetPort: 8090
+ selector:
+ deploymentconfig: "${APICAST_NAME}"
+
+parameters:
+- name: AMP_RELEASE
+ description: "AMP release tag."
+ value: 2.0.0-CR2-redhat-1
+ required: true
+- description: "Name of the secret containing the THREESCALE_PORTAL_ENDPOINT with the access-token or provider key"
+ value: apicast-configuration-url-secret
+ name: CONFIGURATION_URL_SECRET
+ required: true
+- description: "Path to saved JSON file with configuration for the gateway. Has to be injected to the docker image as read only volume."
+ value:
+ name: CONFIGURATION_FILE_PATH
+ required: false
+- description: "Deployment environment. Can be sandbox or production."
+ value: production
+ name: DEPLOYMENT_ENVIRONMENT
+ required: true
+- description: "Name for the 3scale API Gateway"
+ value: apicast
+ name: APICAST_NAME
+ required: true
+- description: "DNS Resolver for openresty, if empty it will be autodiscovered"
+ value:
+ name: RESOLVER
+ required: false
+- description: "Subset of services to run. Use comma separated list of service ids (eg. 42,1337)"
+ value:
+ name: SERVICES_LIST
+ required: false
+- name: CONFIGURATION_LOADER
+ description: "When to load configuration. If on gateway start or incoming request. Allowed values are: lazy, boot."
+ value: boot
+ required: false
+- description: "Log level. One of the following: debug, info, notice, warn, error, crit, alert, or emerg."
+ name: LOG_LEVEL
+ required: false
+- description: "Enable path routing. Experimental feature."
+ name: PATH_ROUTING
+ required: false
+ value: "false"
+- description: "Enable logging response codes to 3scale."
+ value: "false"
+ name: RESPONSE_CODES
+ required: false
+- name: CONFIGURATION_CACHE
+ description: "For how long to cache the downloaded configuration in seconds. Can be left empty, 0 or greater than 60."
+ value: ""
+ required: false
+- description: "Redis URL. Required for OAuth2 integration. ex: redis://PASSWORD@127.0.0.1:6379/0"
+ name: REDIS_URL
+ required: false
+- name: MANAGEMENT_API
+ description: "Scope of the Management API. Can be disabled, status or debug. At least status required for health checks."
+ required: false
+ value: "status"
+- name: OPENSSL_VERIFY
+ description: "Turn on/off the OpenSSL peer verification. Can be set to true/false."
+ required: true
+ value: "false"
diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/cakephp-mysql-persistent.json b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/cakephp-mysql-persistent.json
index eb3d296be..6d987ee33 100644
--- a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/cakephp-mysql-persistent.json
+++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/cakephp-mysql-persistent.json
@@ -60,7 +60,10 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}"
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
@@ -510,7 +513,7 @@
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
- "description": "A secret string used to configure the GitHub webhook.",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/cakephp-mysql.json b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/cakephp-mysql.json
index da2454d2e..fb2ef206e 100644
--- a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/cakephp-mysql.json
+++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/cakephp-mysql.json
@@ -60,7 +60,10 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}"
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
@@ -484,7 +487,7 @@
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
- "description": "A secret string used to configure the GitHub webhook.",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/dancer-mysql-persistent.json b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/dancer-mysql-persistent.json
index 81ae63416..7ffb25e14 100644
--- a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/dancer-mysql-persistent.json
+++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/dancer-mysql-persistent.json
@@ -58,7 +58,10 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}"
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
@@ -147,6 +150,9 @@
}
},
"spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
"triggers": [
{
"type": "ImageChange",
@@ -472,7 +478,7 @@
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
- "description": "A secret string used to configure the GitHub webhook.",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/dancer-mysql.json b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/dancer-mysql.json
index 7a285dba8..d787e376b 100644
--- a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/dancer-mysql.json
+++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/dancer-mysql.json
@@ -58,7 +58,10 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}"
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
@@ -147,6 +150,9 @@
}
},
"spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
"triggers": [
{
"type": "ImageChange",
@@ -446,7 +452,7 @@
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
- "description": "A secret string used to configure the GitHub webhook.",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/django-postgresql-persistent.json b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/django-postgresql-persistent.json
index 9f982c286..a2070207b 100644
--- a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/django-postgresql-persistent.json
+++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/django-postgresql-persistent.json
@@ -58,7 +58,10 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}"
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
@@ -148,7 +151,7 @@
},
"spec": {
"strategy": {
- "type": "Rolling"
+ "type": "Recreate"
},
"triggers": [
{
@@ -479,7 +482,7 @@
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
- "description": "A secret string used to configure the GitHub webhook.",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/django-postgresql.json b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/django-postgresql.json
index 7bee85ddd..0d33c6e0e 100644
--- a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/django-postgresql.json
+++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/django-postgresql.json
@@ -58,7 +58,10 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}"
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
@@ -148,7 +151,7 @@
},
"spec": {
"strategy": {
- "type": "Rolling"
+ "type": "Recreate"
},
"triggers": [
{
@@ -453,7 +456,7 @@
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
- "description": "A secret string used to configure the GitHub webhook.",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/dotnet-example.json b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/dotnet-example.json
index a09d71a00..af46579c8 100644
--- a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/dotnet-example.json
+++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/dotnet-example.json
@@ -4,7 +4,7 @@
"metadata": {
"name": "dotnet-example",
"annotations": {
- "openshift.io/display-name": ".NET Core",
+ "openshift.io/display-name": ".NET Core Example",
"description": "An example .NET Core application.",
"tags": "quickstart,dotnet,.net",
"iconClass": "icon-dotnet",
diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/httpd.json b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/httpd.json
new file mode 100644
index 000000000..ac671cc06
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/httpd.json
@@ -0,0 +1,274 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "httpd-example",
+ "annotations": {
+ "openshift.io/display-name": "Httpd",
+ "description": "An example Httpd application that serves static content. For more information about using this template, including OpenShift considerations, see https://github.com/openshift/httpd-ex/blob/master/README.md.",
+ "tags": "quickstart,httpd",
+ "iconClass": "icon-apache",
+ "template.openshift.io/long-description": "This template defines resources needed to develop a static application served by httpd, including a build configuration and application deployment configuration.",
+ "template.openshift.io/provider-display-name": "Red Hat, Inc.",
+ "template.openshift.io/documentation-url": "https://github.com/openshift/httpd-ex",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ }
+ },
+ "message": "The following service(s) have been created in your project: ${NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/httpd-ex/blob/master/README.md.",
+ "labels": {
+ "template": "httpd-example"
+ },
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Exposes and load balances the application pods"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "web",
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
+ },
+ "spec": {
+ "host": "${APPLICATION_DOMAIN}",
+ "to": {
+ "kind": "Service",
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Keeps track of changes in the application image"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to build the application"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${NAMESPACE}",
+ "name": "httpd:2.4"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange"
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to deploy the application server"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Rolling"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "httpd-example"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${NAME}",
+ "labels": {
+ "name": "${NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "httpd-example",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 8080
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 3,
+ "httpGet": {
+ "path": "/",
+ "port": 8080
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 30,
+ "httpGet": {
+ "path": "/",
+ "port": 8080
+ }
+ },
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ },
+ "env": [
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ],
+ "parameters": [
+ {
+ "name": "NAME",
+ "displayName": "Name",
+ "description": "The name assigned to all of the frontend objects defined in this template.",
+ "required": true,
+ "value": "httpd-example"
+ },
+ {
+ "name": "NAMESPACE",
+ "displayName": "Namespace",
+ "description": "The OpenShift Namespace where the ImageStream resides.",
+ "required": true,
+ "value": "openshift"
+ },
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory Limit",
+ "description": "Maximum amount of memory the container can use.",
+ "required": true,
+ "value": "512Mi"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_URL",
+ "displayName": "Git Repository URL",
+ "description": "The URL of the repository with your application source code.",
+ "required": true,
+ "value": "https://github.com/openshift/httpd-ex.git"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_REF",
+ "displayName": "Git Reference",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch."
+ },
+ {
+ "name": "CONTEXT_DIR",
+ "displayName": "Context Directory",
+ "description": "Set this to the relative path to your project if it is not in the root of your repository."
+ },
+ {
+ "name": "APPLICATION_DOMAIN",
+ "displayName": "Application Hostname",
+ "description": "The exposed hostname that will route to the httpd service, if left blank a value will be defaulted.",
+ "value": ""
+ },
+ {
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "displayName": "GitHub Webhook Secret",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "displayName": "Generic Webhook Secret",
+ "description": "A secret string used to configure the Generic webhook.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{40}"
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/jenkins-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/jenkins-ephemeral-template.json
index 264e4b2de..ce96684a9 100644
--- a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/jenkins-ephemeral-template.json
+++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/jenkins-ephemeral-template.json
@@ -22,7 +22,10 @@
"apiVersion": "v1",
"metadata": {
"name": "${JENKINS_SERVICE_NAME}",
- "creationTimestamp": null
+ "creationTimestamp": null,
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
},
"spec": {
"to": {
diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/jenkins-persistent-template.json b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/jenkins-persistent-template.json
index b47bdf353..34b2b920b 100644
--- a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/jenkins-persistent-template.json
+++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/jenkins-persistent-template.json
@@ -22,7 +22,10 @@
"apiVersion": "v1",
"metadata": {
"name": "${JENKINS_SERVICE_NAME}",
- "creationTimestamp": null
+ "creationTimestamp": null,
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
},
"spec": {
"to": {
diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/nodejs-mongodb-persistent.json b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/nodejs-mongodb-persistent.json
index 6ee999cb1..a9c365361 100644
--- a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/nodejs-mongodb-persistent.json
+++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/nodejs-mongodb-persistent.json
@@ -58,7 +58,10 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}"
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
@@ -102,7 +105,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${NAMESPACE}",
- "name": "nodejs:4"
+ "name": "nodejs:6"
},
"env": [
{
@@ -154,7 +157,7 @@
},
"spec": {
"strategy": {
- "type": "Rolling"
+ "type": "Recreate"
},
"triggers": [
{
@@ -491,7 +494,7 @@
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
- "description": "A secret string used to configure the GitHub webhook.",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/nodejs-mongodb.json b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/nodejs-mongodb.json
index 5c177a7e0..53a6147d5 100644
--- a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/nodejs-mongodb.json
+++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/nodejs-mongodb.json
@@ -58,7 +58,10 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}"
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
@@ -102,7 +105,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${NAMESPACE}",
- "name": "nodejs:4"
+ "name": "nodejs:6"
},
"env": [
{
@@ -154,7 +157,7 @@
},
"spec": {
"strategy": {
- "type": "Rolling"
+ "type": "Recreate"
},
"triggers": [
{
@@ -467,7 +470,7 @@
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
- "description": "A secret string used to configure the GitHub webhook.",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/pvc.yml b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/pvc.yml
new file mode 100644
index 000000000..0bbb8e625
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/pvc.yml
@@ -0,0 +1,49 @@
+apiVersion: v1
+kind: Template
+metadata:
+ name: "amp-pvc"
+objects:
+
+- apiVersion: "v1"
+ kind: "PersistentVolumeClaim"
+ metadata:
+ name: "system-storage"
+ spec:
+ accessModes:
+ - "ReadWriteMany"
+ resources:
+ requests:
+ storage: "100Mi"
+
+- apiVersion: "v1"
+ kind: "PersistentVolumeClaim"
+ metadata:
+ name: "mysql-storage"
+ spec:
+ accessModes:
+ - "ReadWriteOnce"
+ resources:
+ requests:
+ storage: "1Gi"
+
+- apiVersion: "v1"
+ kind: "PersistentVolumeClaim"
+ metadata:
+ name: "system-redis-storage"
+ spec:
+ accessModes:
+ - "ReadWriteOnce"
+ resources:
+ requests:
+ storage: "1Gi"
+
+- apiVersion: "v1"
+ kind: "PersistentVolumeClaim"
+ metadata:
+ name: "backend-redis-storage"
+ spec:
+ accessModes:
+ - "ReadWriteOnce"
+ resources:
+ requests:
+ storage: "1Gi"
diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/rails-postgresql-persistent.json b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/rails-postgresql-persistent.json
index b400cfdb3..f07a43071 100644
--- a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/rails-postgresql-persistent.json
+++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/rails-postgresql-persistent.json
@@ -23,7 +23,11 @@
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}"
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['application-user']}",
+ "template.openshift.io/expose-password": "{.data['application-password']}"
+ }
},
"stringData" : {
"database-user" : "${DATABASE_USER}",
@@ -60,7 +64,10 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}"
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
@@ -526,7 +533,7 @@
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
- "description": "A secret string used to configure the GitHub webhook.",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/rails-postgresql.json b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/rails-postgresql.json
index fa67412ff..a7992c988 100644
--- a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/rails-postgresql.json
+++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/rails-postgresql.json
@@ -23,7 +23,11 @@
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}"
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['application-user']}",
+ "template.openshift.io/expose-password": "{.data['application-password']}"
+ }
},
"stringData" : {
"database-user" : "${DATABASE_USER}",
@@ -60,7 +64,10 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}"
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
@@ -500,7 +507,7 @@
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
- "description": "A secret string used to configure the GitHub webhook.",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
diff --git a/roles/openshift_examples/files/examples/v1.5/quickstart-templates/wildcard.yml b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/wildcard.yml
new file mode 100644
index 000000000..00dedecd5
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.5/quickstart-templates/wildcard.yml
@@ -0,0 +1,158 @@
+apiVersion: v1
+kind: Template
+metadata:
+ name: "amp-apicast-wildcard-router"
+objects:
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: apicast-router
+ spec:
+ replicas: 1
+ selector:
+ deploymentconfig: apicast-router
+ strategy:
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ deploymentconfig: apicast-router
+ spec:
+ volumes:
+ - name: apicast-router-config
+ configMap:
+ name: apicast-router-config
+ items:
+ - key: router.conf
+ path: router.conf
+ containers:
+ - env:
+ - name: APICAST_CONFIGURATION_LOADER
+ value: "lazy"
+ - name: APICAST_CONFIGURATION_CACHE
+ value: "0"
+ image: 3scale-amp20/apicast-gateway:1.0-3
+ imagePullPolicy: IfNotPresent
+ name: apicast-router
+ command: ['bin/apicast']
+ livenessProbe:
+ tcpSocket:
+ port: router
+ initialDelaySeconds: 5
+ timeoutSeconds: 5
+ periodSeconds: 10
+ readinessProbe:
+ httpGet:
+ path: /status/ready
+ port: management
+ initialDelaySeconds: 5
+ timeoutSeconds: 5
+ periodSeconds: 30
+ volumeMounts:
+ - name: apicast-router-config
+ mountPath: /opt/app-root/src/sites.d/
+ readOnly: true
+ ports:
+ - containerPort: 8082
+ name: router
+ protocol: TCP
+ - containerPort: 8090
+ name: management
+ protocol: TCP
+ triggers:
+ - type: ConfigChange
+
+- apiVersion: v1
+ kind: Service
+ metadata:
+ name: apicast-router
+ spec:
+ ports:
+ - name: router
+ port: 80
+ protocol: TCP
+ targetPort: router
+ selector:
+ deploymentconfig: apicast-router
+
+- apiVersion: v1
+ kind: ConfigMap
+ metadata:
+ name: apicast-router-config
+ data:
+ router.conf: |-
+ upstream wildcard {
+ server 0.0.0.1:1;
+
+ balancer_by_lua_block {
+ local round_robin = require 'resty.balancer.round_robin'
+ local balancer = round_robin.new()
+ local peers = balancer:peers(ngx.ctx.apicast)
+
+ local peer, err = balancer:set_peer(peers)
+
+ if not peer then
+ ngx.status = ngx.HTTP_SERVICE_UNAVAILABLE
+ ngx.log(ngx.ERR, "failed to set current backend peer: ", err)
+ ngx.exit(ngx.status)
+ end
+ }
+
+ keepalive 1024;
+ }
+
+ server {
+ listen 8082;
+ server_name ~-(?<apicast>apicast-(staging|production))\.;
+ access_log /dev/stdout combined;
+
+ location / {
+ access_by_lua_block {
+ local resolver = require('resty.resolver'):instance()
+ local servers = resolver:get_servers(ngx.var.apicast, { port = 8080 })
+
+ if #servers == 0 then
+ ngx.status = ngx.HTTP_BAD_GATEWAY
+ ngx.exit(ngx.HTTP_OK)
+ end
+
+ ngx.ctx.apicast = servers
+ }
+ proxy_http_version 1.1;
+ proxy_pass $scheme://wildcard;
+ proxy_set_header Host $host;
+ proxy_set_header Connection "";
+ }
+ }
+
+- apiVersion: v1
+ kind: Route
+ metadata:
+ name: apicast-wildcard-router
+ labels:
+ app: apicast-wildcard-router
+ spec:
+ host: apicast-${TENANT_NAME}.${WILDCARD_DOMAIN}
+ to:
+ kind: Service
+ name: apicast-router
+ port:
+ targetPort: router
+ wildcardPolicy: Subdomain
+ tls:
+ termination: edge
+ insecureEdgeTerminationPolicy: Allow
+
+parameters:
+- name: AMP_RELEASE
+ description: "AMP release tag."
+ value: 2.0.0-CR2-redhat-1
+ required: true
+- name: WILDCARD_DOMAIN
+ description: Root domain for the wildcard routes. Eg. example.com will generate 3scale-admin.example.com.
+ required: true
+- name: TENANT_NAME
+ description: "Domain name under the root that Admin UI will be available with -admin suffix."
+ required: true
+ value: "3scale"
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-streams/jboss-image-streams.json b/roles/openshift_examples/files/examples/v1.5/xpaas-streams/jboss-image-streams.json
index 049f3f884..0bb56452b 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-streams/jboss-image-streams.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-streams/jboss-image-streams.json
@@ -12,7 +12,10 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-webserver30-tomcat7-openshift"
+ "name": "jboss-webserver30-tomcat7-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/jboss-webserver-3/webserver30-tomcat7-openshift",
@@ -23,10 +26,11 @@
"description": "JBoss Web Server 3.0 Tomcat 7 S2I images.",
"iconClass": "icon-jboss",
"tags": "builder,tomcat,tomcat7,java,jboss,xpaas",
- "supports":"tomcat7:3.0,tomcat:7,java:8,xpaas:1.1",
+ "supports": "tomcat7:3.0,tomcat:7,java:8,xpaas:1.1",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "tomcat-websocket-chat",
- "version": "1.1"
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7"
}
},
{
@@ -35,10 +39,23 @@
"description": "JBoss Web Server 3.0 Tomcat 7 S2I images.",
"iconClass": "icon-jboss",
"tags": "builder,tomcat,tomcat7,java,jboss,xpaas",
- "supports":"tomcat7:3.0,tomcat:7,java:8,xpaas:1.2",
+ "supports": "tomcat7:3.0,tomcat:7,java:8,xpaas:1.2",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "tomcat-websocket-chat",
- "version": "1.2"
+ "version": "1.2",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7"
+ }
+ },
+ {
+ "name": "1.3",
+ "annotations": {
+ "description": "JBoss Web Server 3.0 Tomcat 7 S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "builder,tomcat,tomcat7,java,jboss,xpaas",
+ "supports":"tomcat7:3.0,tomcat:7,java:8,xpaas:1.3",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "tomcat-websocket-chat",
+ "version": "1.3"
}
}
]
@@ -48,7 +65,10 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-webserver30-tomcat8-openshift"
+ "name": "jboss-webserver30-tomcat8-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/jboss-webserver-3/webserver30-tomcat8-openshift",
@@ -59,10 +79,11 @@
"description": "JBoss Web Server 3.0 Tomcat 8 S2I images.",
"iconClass": "icon-jboss",
"tags": "builder,tomcat,tomcat8,java,jboss,xpaas",
- "supports":"tomcat8:3.0,tomcat:8,java:8,xpaas:1.1",
+ "supports": "tomcat8:3.0,tomcat:8,java:8,xpaas:1.1",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "tomcat-websocket-chat",
- "version": "1.1"
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8"
}
},
{
@@ -71,10 +92,23 @@
"description": "JBoss Web Server 3.0 Tomcat 8 S2I images.",
"iconClass": "icon-jboss",
"tags": "builder,tomcat,tomcat8,java,jboss,xpaas",
- "supports":"tomcat8:3.0,tomcat:8,java:8,xpaas:1.2",
+ "supports": "tomcat8:3.0,tomcat:8,java:8,xpaas:1.2",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "tomcat-websocket-chat",
- "version": "1.2"
+ "version": "1.2",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8"
+ }
+ },
+ {
+ "name": "1.3",
+ "annotations": {
+ "description": "JBoss Web Server 3.0 Tomcat 8 S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "builder,tomcat,tomcat8,java,jboss,xpaas",
+ "supports":"tomcat8:3.0,tomcat:8,java:8,xpaas:1.3",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "tomcat-websocket-chat",
+ "version": "1.3"
}
}
]
@@ -84,7 +118,66 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-eap64-openshift"
+ "name": "jboss-webserver31-tomcat7-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 7"
+ }
+ },
+ "spec": {
+ "dockerImageRepository": "registry.access.redhat.com/jboss-webserver-3/webserver31-tomcat7-openshift",
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "description": "JBoss Web Server 3.1 Tomcat 7 S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "builder,tomcat,tomcat7,java,jboss,xpaas",
+ "supports": "tomcat7:3.1,tomcat:7,java:8,xpaas:1.4",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "tomcat-websocket-chat",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 7"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-webserver31-tomcat8-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 8"
+ }
+ },
+ "spec": {
+ "dockerImageRepository": "registry.access.redhat.com/jboss-webserver-3/webserver31-tomcat8-openshift",
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "description": "JBoss Web Server 3.1 Tomcat 8 S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "builder,tomcat,tomcat8,java,jboss,xpaas",
+ "supports": "tomcat8:3.1,tomcat:8,java:8,xpaas:1.4",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "tomcat-websocket-chat",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 8"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-eap64-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/jboss-eap-6/eap64-openshift",
@@ -95,11 +188,12 @@
"description": "JBoss EAP 6.4 S2I images.",
"iconClass": "icon-jboss",
"tags": "builder,eap,javaee,java,jboss,xpaas",
- "supports":"eap:6.4,javaee:6,java:8,xpaas:1.1",
+ "supports": "eap:6.4,javaee:6,java:8,xpaas:1.1",
"sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
"sampleContextDir": "kitchensink",
"sampleRef": "6.4.x",
- "version": "1.1"
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4"
}
},
{
@@ -108,11 +202,12 @@
"description": "JBoss EAP 6.4 S2I images.",
"iconClass": "icon-jboss",
"tags": "builder,eap,javaee,java,jboss,xpaas",
- "supports":"eap:6.4,javaee:6,java:8,xpaas:1.2",
+ "supports": "eap:6.4,javaee:6,java:8,xpaas:1.2",
"sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
"sampleContextDir": "kitchensink",
"sampleRef": "6.4.x",
- "version": "1.2"
+ "version": "1.2",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4"
}
},
{
@@ -121,11 +216,12 @@
"description": "JBoss EAP 6.4 S2I images.",
"iconClass": "icon-jboss",
"tags": "builder,eap,javaee,java,jboss,xpaas",
- "supports":"eap:6.4,javaee:6,java:8,xpaas:1.3",
+ "supports": "eap:6.4,javaee:6,java:8,xpaas:1.3",
"sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
"sampleContextDir": "kitchensink",
"sampleRef": "6.4.x",
- "version": "1.3"
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4"
}
},
{
@@ -134,11 +230,25 @@
"description": "JBoss EAP 6.4 S2I images.",
"iconClass": "icon-jboss",
"tags": "builder,eap,javaee,java,jboss,xpaas",
- "supports":"eap:6.4,javaee:6,java:8,xpaas:1.4",
+ "supports": "eap:6.4,javaee:6,java:8,xpaas:1.4",
"sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
"sampleContextDir": "kitchensink",
"sampleRef": "6.4.x",
- "version": "1.4"
+ "version": "1.4",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4"
+ }
+ },
+ {
+ "name": "1.5",
+ "annotations": {
+ "description": "JBoss EAP 6.4 S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "builder,eap,javaee,java,jboss,xpaas",
+ "supports":"eap:6.4,javaee:6,java:8,xpaas:1.5",
+ "sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
+ "sampleContextDir": "kitchensink",
+ "sampleRef": "6.4.x",
+ "version": "1.5"
}
}
]
@@ -148,7 +258,10 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-eap70-openshift"
+ "name": "jboss-eap70-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/jboss-eap-7/eap70-openshift",
@@ -159,11 +272,12 @@
"description": "JBoss EAP 7.0 S2I images.",
"iconClass": "icon-jboss",
"tags": "builder,eap,javaee,java,jboss,xpaas",
- "supports":"eap:7.0,javaee:7,java:8,xpaas:1.3",
+ "supports": "eap:7.0,javaee:7,java:8,xpaas:1.3",
"sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
"sampleContextDir": "kitchensink",
"sampleRef": "7.0.0.GA",
- "version": "1.3"
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0"
}
},
{
@@ -172,11 +286,25 @@
"description": "JBoss EAP 7.0 S2I images.",
"iconClass": "icon-jboss",
"tags": "builder,eap,javaee,java,jboss,xpaas",
- "supports":"eap:7.0,javaee:7,java:8,xpaas:1.4",
+ "supports": "eap:7.0,javaee:7,java:8,xpaas:1.4",
"sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
"sampleContextDir": "kitchensink",
"sampleRef": "7.0.0.GA",
- "version": "1.4"
+ "version": "1.4",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0"
+ }
+ },
+ {
+ "name": "1.5",
+ "annotations": {
+ "description": "JBoss EAP 7.0 S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "builder,eap,javaee,java,jboss,xpaas",
+ "supports":"eap:7.0,javaee:7,java:8,xpaas:1.5",
+ "sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
+ "sampleContextDir": "kitchensink",
+ "sampleRef": "7.0.0.GA",
+ "version": "1.5"
}
}
]
@@ -186,7 +314,10 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-decisionserver62-openshift"
+ "name": "jboss-decisionserver62-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.2 decision server"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/jboss-decisionserver-6/decisionserver62-openshift",
@@ -196,12 +327,13 @@
"annotations": {
"description": "Red Hat JBoss BRMS 6.2 decision server S2I images.",
"iconClass": "icon-jboss",
- "tags": "builder,decisionserver,java,xpaas",
- "supports":"decisionserver:6.2,java:8,xpaas:1.2",
+ "tags": "builder,decisionserver,xpaas",
+ "supports": "decisionserver:6.2,xpaas:1.2",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "decisionserver/hellorules",
"sampleRef": "1.2",
- "version": "1.2"
+ "version": "1.2",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.2 decision server"
}
}
]
@@ -211,7 +343,10 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-decisionserver63-openshift"
+ "name": "jboss-decisionserver63-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.3 decision server"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/jboss-decisionserver-6/decisionserver63-openshift",
@@ -221,12 +356,51 @@
"annotations": {
"description": "Red Hat JBoss BRMS 6.3 decision server S2I images.",
"iconClass": "icon-jboss",
+ "tags": "builder,decisionserver,xpaas",
+ "supports": "decisionserver:6.3,xpaas:1.3",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "decisionserver/hellorules",
+ "sampleRef": "1.3",
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.3 decision server"
+ }
+ },
+ {
+ "name": "1.4",
+ "annotations": {
+ "description": "Red Hat JBoss BRMS 6.3 decision server S2I images.",
+ "iconClass": "icon-jboss",
"tags": "builder,decisionserver,java,xpaas",
- "supports":"decisionserver:6.3,java:8,xpaas:1.3",
+ "supports":"decisionserver:6.3,java:8,xpaas:1.4",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "decisionserver/hellorules",
"sampleRef": "1.3",
- "version": "1.3"
+ "version": "1.4"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-decisionserver64-openshift"
+ },
+ "spec": {
+ "dockerImageRepository": "registry.access.redhat.com/jboss-decisionserver-6/decisionserver64-openshift",
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "description": "Red Hat JBoss BRMS 6.4 decision server S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "builder,decisionserver,java,xpaas",
+ "supports":"decisionserver:6.4,java:8,xpaas:1.4",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "decisionserver/hellorules",
+ "sampleRef": "1.3",
+ "version": "1.0"
}
}
]
@@ -236,7 +410,10 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-processserver63-openshift"
+ "name": "jboss-processserver63-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/jboss-processserver-6/processserver63-openshift",
@@ -246,12 +423,26 @@
"annotations": {
"description": "Red Hat JBoss BPM Suite 6.3 intelligent process server S2I images.",
"iconClass": "icon-jboss",
+ "tags": "builder,processserver,xpaas",
+ "supports": "processserver:6.3,xpaas:1.3",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "processserver/library",
+ "sampleRef": "1.3",
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server"
+ }
+ },
+ {
+ "name": "1.4",
+ "annotations": {
+ "description": "Red Hat JBoss BPM Suite 6.3 intelligent process server S2I images.",
+ "iconClass": "icon-jboss",
"tags": "builder,processserver,java,xpaas",
- "supports":"processserver:6.3,java:8,xpaas:1.3",
+ "supports":"processserver:6.3,java:8,xpaas:1.4",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "processserver/library",
"sampleRef": "1.3",
- "version": "1.3"
+ "version": "1.4"
}
}
]
@@ -261,7 +452,35 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-datagrid65-openshift"
+ "name": "jboss-processserver64-openshift"
+ },
+ "spec": {
+ "dockerImageRepository": "registry.access.redhat.com/jboss-processserver-6/processserver64-openshift",
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "description": "Red Hat JBoss BPM Suite 6.4 intelligent process server S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "builder,processserver,java,xpaas",
+ "supports":"processserver:6.4,java:8,xpaas:1.4",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "processserver/library",
+ "sampleRef": "1.3",
+ "version": "1.0"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-datagrid65-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/jboss-datagrid-6/datagrid65-openshift",
@@ -271,9 +490,56 @@
"annotations": {
"description": "JBoss Data Grid 6.5 S2I images.",
"iconClass": "icon-jboss",
- "tags": "datagrid,java,jboss,xpaas",
- "supports":"datagrid:6.5,java:8,xpaas:1.2",
- "version": "1.2"
+ "tags": "datagrid,jboss,xpaas",
+ "supports": "datagrid:6.5,xpaas:1.2",
+ "version": "1.2",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5"
+ }
+ },
+ {
+ "name": "1.3",
+ "annotations": {
+ "description": "JBoss Data Grid 6.5 S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "datagrid,jboss,xpaas",
+ "supports": "datagrid:6.5,xpaas:1.4",
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5"
+ }
+ },
+ {
+ "name": "1.4",
+ "annotations": {
+ "description": "JBoss Data Grid 6.5 S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "datagrid,jboss,xpaas",
+ "supports":"datagrid:6.5,xpaas:1.4",
+ "version": "1.4"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-datagrid65-client-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 Client Modules for EAP"
+ }
+ },
+ "spec": {
+ "dockerImageRepository": "registry.access.redhat.com/jboss-datagrid-6/datagrid65-client-openshift",
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "description": "JBoss Data Grid 6.5 Client Modules for EAP.",
+ "iconClass": "icon-jboss",
+ "tags": "client,jboss,xpaas",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 Client Modules for EAP"
}
}
]
@@ -283,7 +549,10 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-datavirt63-openshift"
+ "name": "jboss-datavirt63-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.3"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/jboss-datavirt-6/datavirt63-openshift",
@@ -293,9 +562,56 @@
"annotations": {
"description": "Red Hat JBoss Data Virtualization 6.3 S2I images.",
"iconClass": "icon-jboss",
- "tags": "datavirt,java,jboss,xpaas",
- "supports":"datavirt:6.3,java:8,xpaas:1.4",
- "version": "1.0"
+ "tags": "datavirt,jboss,xpaas",
+ "supports": "datavirt:6.3,xpaas:1.4",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.3"
+ }
+ },
+ {
+ "name": "1.1",
+ "annotations": {
+ "description": "Red Hat JBoss Data Virtualization 6.3 S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "datavirt,jboss,xpaas",
+ "supports": "datavirt:6.3,xpaas:1.4",
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.3"
+ }
+ },
+ {
+ "name": "1.2",
+ "annotations": {
+ "description": "Red Hat JBoss Data Virtualization 6.3 S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "datavirt,jboss,xpaas",
+ "supports":"datavirt:6.3,xpaas:1.4",
+ "version": "1.2"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-datavirt63-driver-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.5 JDBC Driver Modules for EAP"
+ }
+ },
+ "spec": {
+ "dockerImageRepository": "registry.access.redhat.com/jboss-datavirt-6/datavirt63-driver-openshift",
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "description": "JBoss Data Virtualization 6.5 JDBC Driver Modules for EAP.",
+ "iconClass": "icon-jboss",
+ "tags": "client,jboss,xpaas",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.5 JDBC Driver Modules for EAP"
}
}
]
@@ -305,7 +621,10 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-amq-62"
+ "name": "jboss-amq-62",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/jboss-amq-6/amq62-openshift",
@@ -316,8 +635,9 @@
"description": "JBoss A-MQ 6.2 broker image.",
"iconClass": "icon-jboss",
"tags": "messaging,amq,jboss,xpaas",
- "supports":"amq:6.2,messaging,xpaas:1.1",
- "version": "1.1"
+ "supports": "amq:6.2,messaging,xpaas:1.1",
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2"
}
},
{
@@ -326,8 +646,9 @@
"description": "JBoss A-MQ 6.2 broker image.",
"iconClass": "icon-jboss",
"tags": "messaging,amq,jboss,xpaas",
- "supports":"amq:6.2,messaging,xpaas:1.2",
- "version": "1.2"
+ "supports": "amq:6.2,messaging,xpaas:1.2",
+ "version": "1.2",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2"
}
},
{
@@ -336,8 +657,45 @@
"description": "JBoss A-MQ 6.2 broker image.",
"iconClass": "icon-jboss",
"tags": "messaging,amq,jboss,xpaas",
- "supports":"amq:6.2,messaging,xpaas:1.3",
- "version": "1.3"
+ "supports": "amq:6.2,messaging,xpaas:1.3",
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2"
+ }
+ },
+ {
+ "name": "1.4",
+ "annotations": {
+ "description": "JBoss A-MQ 6.2 broker image.",
+ "iconClass": "icon-jboss",
+ "tags": "messaging,amq,jboss,xpaas",
+ "supports":"amq:6.2,messaging,xpaas:1.4",
+ "version": "1.4"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-amq-63",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.3"
+ }
+ },
+ "spec": {
+ "dockerImageRepository": "registry.access.redhat.com/jboss-amq-6/amq63-openshift",
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "description": "JBoss A-MQ 6.3 broker image.",
+ "iconClass": "icon-jboss",
+ "tags": "messaging,amq,jboss,xpaas",
+ "supports": "amq:6.3,messaging,xpaas:1.0",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.3"
}
}
]
@@ -348,8 +706,9 @@
"apiVersion": "v1",
"metadata": {
"name": "redhat-sso70-openshift",
- "annotations": {
- "description": "Red Hat SSO 7.0"
+ "annotations": {
+ "description": "Red Hat SSO 7.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.0"
}
},
"spec": {
@@ -361,8 +720,20 @@
"description": "Red Hat SSO 7.0",
"iconClass": "icon-jboss",
"tags": "sso,keycloak,redhat",
- "supports":"sso:7.0,xpaas:1.3",
- "version": "1.3"
+ "supports": "sso:7.0,xpaas:1.3",
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.0"
+ }
+ },
+ {
+ "name": "1.4",
+ "annotations": {
+ "description": "Red Hat SSO 7.0",
+ "iconClass": "icon-jboss",
+ "tags": "sso,keycloak,redhat",
+ "supports": "sso:7.0,xpaas:1.4",
+ "version": "1.4",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.0"
}
}
]
@@ -372,7 +743,48 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "redhat-openjdk18-openshift"
+ "name": "redhat-sso71-openshift",
+ "annotations": {
+ "description": "Red Hat SSO 7.1",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.1"
+ }
+ },
+ "spec": {
+ "dockerImageRepository": "registry.access.redhat.com/redhat-sso-7/sso71-openshift",
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "description": "Red Hat SSO 7.1",
+ "iconClass": "icon-jboss",
+ "tags": "sso,keycloak,redhat",
+ "supports": "sso:7.1,xpaas:1.4",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.1"
+ }
+ },
+ {
+ "name": "1.1",
+ "annotations": {
+ "description": "Red Hat SSO 7.1",
+ "iconClass": "icon-jboss",
+ "tags": "sso,keycloak,redhat",
+ "supports": "sso:7.1,xpaas:1.4",
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.1"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "redhat-openjdk18-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat OpenJDK 8"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/redhat-openjdk-18/openjdk18-openshift",
@@ -384,11 +796,24 @@
"description": "Build and run Java applications using Maven and OpenJDK 8.",
"iconClass": "icon-jboss",
"tags": "builder,java,xpaas,openjdk",
- "supports":"java:8,xpaas:1.0",
+ "supports": "java:8,xpaas:1.0",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts",
"sampleContextDir": "undertow-servlet",
"version": "1.0"
}
+ },
+ {
+ "name": "1.1",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat OpenJDK 8",
+ "description": "Build and run Java applications using Maven and OpenJDK 8.",
+ "iconClass": "icon-jboss",
+ "tags": "builder,java,xpaas,openjdk",
+ "supports": "java:8,xpaas:1.4",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "sampleContextDir": "undertow-servlet",
+ "version": "1.1"
+ }
}
]
}
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/amq62-basic.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/amq62-basic.json
index ab35afead..af20b373a 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/amq62-basic.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/amq62-basic.json
@@ -6,46 +6,54 @@
"description": "Application template for JBoss A-MQ brokers. These can be deployed as standalone or in a mesh. This template doesn't feature SSL support.",
"iconClass": "icon-jboss",
"tags": "messaging,amq,jboss,xpaas",
- "version": "1.3.1"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2 (Ephemeral, no SSL)"
},
"name": "amq62-basic"
},
"labels": {
"template": "amq62-basic",
- "xpaas": "1.3.1"
+ "xpaas": "1.4.0"
},
+ "message": "A new messaging service has been created in your project. It will handle the protocol(s) \"${MQ_PROTOCOL}\". The username/password for accessing the service is ${MQ_USERNAME}/${MQ_PASSWORD}.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "broker",
"required": true
},
{
+ "displayName": "A-MQ Protocols",
"description": "Protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. If left empty, queues will be still created dynamically.",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. If left empty, topics will be still created dynamically.",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ Serializable Packages",
"description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
"name": "MQ_SERIALIZABLE_PACKAGES",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -53,6 +61,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -60,18 +69,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
@@ -171,7 +183,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The broker's OpenWire port."
+ "description": "The broker's OpenWire port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-amqp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp\", \"kind\": \"Service\"}]"
}
}
},
@@ -202,7 +215,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/amq62-persistent-ssl.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/amq62-persistent-ssl.json
index c12f06dec..5acdbfabf 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/amq62-persistent-ssl.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/amq62-persistent-ssl.json
@@ -6,58 +6,68 @@
"description": "Application template for JBoss A-MQ brokers. These are deployed as standalone and use persistent storage for saving messages. This template supports SSL and requires usage of OpenShift secrets.",
"iconClass": "icon-jboss",
"tags": "messaging,amq,jboss,xpaas",
- "version": "1.3.1"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2 (Persistent with SSL)"
},
"name": "amq62-persistent-ssl"
},
"labels": {
"template": "amq62-persistent-ssl",
- "xpaas": "1.3.1"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent messaging service with SSL support has been created in your project. It will handle the protocol(s) \"${MQ_PROTOCOL}\". The username/password for accessing the service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"amq-service-account\" service account and a secret named \"${AMQ_SECRET}\" containing the trust store and key store files (\"${AMQ_TRUSTSTORE}\" and \"${AMQ_KEYSTORE}\") used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "broker",
"required": true
},
{
+ "displayName": "Split Data?",
"description": "Split the data directory for each node in a mesh.",
"name": "AMQ_SPLIT",
"value": "false",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. If left empty, queues will be still created dynamically.",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. If left empty, topics will be still created dynamically.",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ Serializable Packages",
"description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
"name": "MQ_SERIALIZABLE_PACKAGES",
"value": "",
"required": false
},
{
- "description": "Size of persistent storage for database volume.",
+ "displayName": "A-MQ Volume Size",
+ "description": "Size of the volume used by A-MQ for persisting messages.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -65,6 +75,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -72,48 +83,56 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "Secret Name",
"description": "Name of a secret containing SSL related files",
"name": "AMQ_SECRET",
"value": "amq-app-secret",
"required": true
},
{
+ "displayName": "Trust Store Filename",
"description": "SSL trust store filename",
"name": "AMQ_TRUSTSTORE",
"value": "broker.ts",
"required": true
},
{
+ "displayName": "Trust Store Password",
"description": "SSL trust store password",
"name": "AMQ_TRUSTSTORE_PASSWORD",
"value": "",
"required": true
},
{
+ "displayName": "A-MQ Keystore Filename",
"description": "SSL key store filename",
"name": "AMQ_KEYSTORE",
"value": "broker.ks",
"required": true
},
{
+ "displayName": "A-MQ Keystore Password",
"description": "Password for accessing SSL keystore",
"name": "AMQ_KEYSTORE_PASSWORD",
"value": "",
"required": true
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
@@ -309,7 +328,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The broker's OpenWire (SSL) port."
+ "description": "The broker's OpenWire (SSL) port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-amqp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-amqp-ssl\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt-ssl\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp-ssl\", \"kind\": \"Service\"}]"
}
}
},
@@ -340,7 +360,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/amq62-persistent.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/amq62-persistent.json
index 897ce0395..b8089cd6d 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/amq62-persistent.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/amq62-persistent.json
@@ -6,58 +6,68 @@
"description": "Application template for JBoss A-MQ brokers. These can be deployed as standalone and use persistent storage for saving messages. This template doesn't feature SSL support.",
"iconClass": "icon-jboss",
"tags": "messaging,amq,jboss,xpaas",
- "version": "1.3.1"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2 (Persistent, no SSL)"
},
"name": "amq62-persistent"
},
"labels": {
"template": "amq62-persistent",
- "xpaas": "1.3.1"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent messaging service has been created in your project. It will handle the protocol(s) \"${MQ_PROTOCOL}\". The username/password for accessing the service is ${MQ_USERNAME}/${MQ_PASSWORD}.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "broker",
"required": true
},
{
+ "displayName": "Split Data?",
"description": "Split the data directory for each node in a mesh.",
"name": "AMQ_SPLIT",
"value": "false",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. If left empty, queues will be still created dynamically.",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. If left empty, topics will be still created dynamically.",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ Serializable Packages",
"description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
"name": "MQ_SERIALIZABLE_PACKAGES",
"value": "",
"required": false
},
{
- "description": "Size of persistent storage for database volume.",
+ "displayName": "A-MQ Volume Size",
+ "description": "Size of the volume used by A-MQ for persisting messages.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -65,6 +75,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -72,18 +83,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
@@ -183,7 +197,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The broker's OpenWire port."
+ "description": "The broker's OpenWire port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-amqp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp\", \"kind\": \"Service\"}]"
}
}
},
@@ -214,7 +229,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/amq62-ssl.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/amq62-ssl.json
index 97d110286..b52fdbfb0 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/amq62-ssl.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/amq62-ssl.json
@@ -6,46 +6,54 @@
"description": "Application template for JBoss A-MQ brokers. These can be deployed as standalone or in a mesh. This template supports SSL and requires usage of OpenShift secrets.",
"iconClass": "icon-jboss",
"tags": "messaging,amq,jboss,xpaas",
- "version": "1.3.1"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2 (Ephemeral with SSL)"
},
"name": "amq62-ssl"
},
"labels": {
"template": "amq62-ssl",
- "xpaas": "1.3.1"
+ "xpaas": "1.4.0"
},
+ "message": "A new messaging service with SSL support has been created in your project. It will handle the protocol(s) \"${MQ_PROTOCOL}\". The username/password for accessing the service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"amq-service-account\" service account and a secret named \"${AMQ_SECRET}\" containing the trust store and key store files (\"${AMQ_TRUSTSTORE}\" and \"${AMQ_KEYSTORE}\") used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "broker",
"required": true
},
{
+ "displayName": "A-MQ Protocols",
"description": "Protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. SSL variants of these protocols will be configured automaticaly.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. If left empty, queues will be still created dynamically.",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. If left empty, topics will be still created dynamically.",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ Serializable Packages",
"description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
"name": "MQ_SERIALIZABLE_PACKAGES",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -53,6 +61,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -60,48 +69,56 @@
"required": false
},
{
+ "displayName": "Secret Name",
"description": "Name of a secret containing SSL related files",
"name": "AMQ_SECRET",
"value": "amq-app-secret",
"required": true
},
{
+ "displayName": "Trust Store Filename",
"description": "SSL trust store filename",
"name": "AMQ_TRUSTSTORE",
"value": "broker.ts",
"required": true
},
{
+ "displayName": "Trust Store Password",
"description": "SSL trust store password",
"name": "AMQ_TRUSTSTORE_PASSWORD",
"value": "",
"required": true
},
{
+ "displayName": "A-MQ Keystore Filename",
"description": "SSL key store filename",
"name": "AMQ_KEYSTORE",
"value": "broker.ks",
"required": true
},
{
+ "displayName": "A-MQ Keystore Password",
"description": "Password for accessing SSL keystore",
"name": "AMQ_KEYSTORE_PASSWORD",
"value": "",
"required": true
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
@@ -297,7 +314,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The broker's OpenWire (SSL) port."
+ "description": "The broker's OpenWire (SSL) port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-amqp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-amqp-ssl\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt-ssl\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp-ssl\", \"kind\": \"Service\"}]"
}
}
},
@@ -328,7 +346,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/amq63-basic.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/amq63-basic.json
new file mode 100644
index 000000000..d29f6a300
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/amq63-basic.json
@@ -0,0 +1,334 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for JBoss A-MQ brokers. These can be deployed as standalone or in a mesh. This template doesn't feature SSL support.",
+ "iconClass": "icon-jboss",
+ "tags": "messaging,amq,jboss,xpaas",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.3 (Ephemeral, no SSL)"
+ },
+ "name": "amq63-basic"
+ },
+ "labels": {
+ "template": "amq63-basic",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new messaging service has been created in your project. It will handle the protocol(s) \"${MQ_PROTOCOL}\". The username/password for accessing the service is ${MQ_USERNAME}/${MQ_PASSWORD}.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "broker",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. If left empty, queues will be still created dynamically.",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. If left empty, topics will be still created dynamically.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Serializable Packages",
+ "description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5672,
+ "targetPort": 5672
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-amqp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's AMQP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 1883,
+ "targetPort": 1883
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-mqtt",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's MQTT port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61613,
+ "targetPort": 61613
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-stomp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's STOMP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-amqp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Rolling",
+ "rollingParams": {
+ "maxSurge": 0
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-63:1.0"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-63",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "AMQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "${MQ_SERIALIZABLE_PACKAGES}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/amq63-persistent-ssl.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/amq63-persistent-ssl.json
new file mode 100644
index 000000000..47f6396dd
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/amq63-persistent-ssl.json
@@ -0,0 +1,569 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for JBoss A-MQ brokers. These are deployed as standalone and use persistent storage for saving messages. This template supports SSL and requires usage of OpenShift secrets.",
+ "iconClass": "icon-jboss",
+ "tags": "messaging,amq,jboss,xpaas",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.3 (Persistent with SSL)"
+ },
+ "name": "amq63-persistent-ssl"
+ },
+ "labels": {
+ "template": "amq63-persistent-ssl",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new persistent messaging service with SSL support has been created in your project. It will handle the protocol(s) \"${MQ_PROTOCOL}\". The username/password for accessing the service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"amq-service-account\" service account and a secret named \"${AMQ_SECRET}\" containing the trust store and key store files (\"${AMQ_TRUSTSTORE}\" and \"${AMQ_KEYSTORE}\") used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "broker",
+ "required": true
+ },
+ {
+ "displayName": "Split Data?",
+ "description": "Split the data directory for each node in a mesh.",
+ "name": "AMQ_SPLIT",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. If left empty, queues will be still created dynamically.",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. If left empty, topics will be still created dynamically.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Serializable Packages",
+ "description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Volume Size",
+ "description": "Size of the volume used by A-MQ for persisting messages.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "Name of a secret containing SSL related files",
+ "name": "AMQ_SECRET",
+ "value": "amq-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Trust Store Filename",
+ "description": "SSL trust store filename",
+ "name": "AMQ_TRUSTSTORE",
+ "value": "broker.ts",
+ "required": true
+ },
+ {
+ "displayName": "Trust Store Password",
+ "description": "SSL trust store password",
+ "name": "AMQ_TRUSTSTORE_PASSWORD",
+ "value": "",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Keystore Filename",
+ "description": "SSL key store filename",
+ "name": "AMQ_KEYSTORE",
+ "value": "broker.ks",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Keystore Password",
+ "description": "Password for accessing SSL keystore",
+ "name": "AMQ_KEYSTORE_PASSWORD",
+ "value": "",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5672,
+ "targetPort": 5672
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-amqp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's AMQP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5671,
+ "targetPort": 5671
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-amqp-ssl",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's AMQP SSL port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 1883,
+ "targetPort": 1883
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-mqtt",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's MQTT port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8883,
+ "targetPort": 8883
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-mqtt-ssl",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's MQTT SSL port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61613,
+ "targetPort": 61613
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-stomp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's STOMP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61612,
+ "targetPort": 61612
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-stomp-ssl",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's STOMP SSL port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61617,
+ "targetPort": 61617
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp-ssl",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire (SSL) port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-amqp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-amqp-ssl\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt-ssl\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp-ssl\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Rolling",
+ "rollingParams": {
+ "maxSurge": 0
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-63:1.0"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "amq-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-63",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "broker-secret-volume",
+ "mountPath": "/etc/amq-secret-volume",
+ "readOnly": true
+ },
+ {
+ "mountPath": "/opt/amq/data",
+ "name": "${APPLICATION_NAME}-amq-pvol"
+ }
+ ],
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp-ssl",
+ "containerPort": 5671,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt-ssl",
+ "containerPort": 8883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp-ssl",
+ "containerPort": 61612,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp-ssl",
+ "containerPort": 61617,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "AMQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "${MQ_SERIALIZABLE_PACKAGES}"
+ },
+ {
+ "name": "AMQ_SPLIT",
+ "value": "${AMQ_SPLIT}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_KEYSTORE_TRUSTSTORE_DIR",
+ "value": "/etc/amq-secret-volume"
+ },
+ {
+ "name": "AMQ_TRUSTSTORE",
+ "value": "${AMQ_TRUSTSTORE}"
+ },
+ {
+ "name": "AMQ_TRUSTSTORE_PASSWORD",
+ "value": "${AMQ_TRUSTSTORE_PASSWORD}"
+ },
+ {
+ "name": "AMQ_KEYSTORE",
+ "value": "${AMQ_KEYSTORE}"
+ },
+ {
+ "name": "AMQ_KEYSTORE_PASSWORD",
+ "value": "${AMQ_KEYSTORE_PASSWORD}"
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "broker-secret-volume",
+ "secret": {
+ "secretName": "${AMQ_SECRET}"
+ }
+ },
+ {
+ "name": "${APPLICATION_NAME}-amq-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-amq-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteMany"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/amq63-persistent.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/amq63-persistent.json
new file mode 100644
index 000000000..4b64203c4
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/amq63-persistent.json
@@ -0,0 +1,386 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for JBoss A-MQ brokers. These can be deployed as standalone and use persistent storage for saving messages. This template doesn't feature SSL support.",
+ "iconClass": "icon-jboss",
+ "tags": "messaging,amq,jboss,xpaas",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.3 (Persistent, no SSL)"
+ },
+ "name": "amq63-persistent"
+ },
+ "labels": {
+ "template": "amq63-persistent",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new persistent messaging service has been created in your project. It will handle the protocol(s) \"${MQ_PROTOCOL}\". The username/password for accessing the service is ${MQ_USERNAME}/${MQ_PASSWORD}.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "broker",
+ "required": true
+ },
+ {
+ "displayName": "Split Data?",
+ "description": "Split the data directory for each node in a mesh.",
+ "name": "AMQ_SPLIT",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. If left empty, queues will be still created dynamically.",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. If left empty, topics will be still created dynamically.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Serializable Packages",
+ "description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Volume Size",
+ "description": "Size of the volume used by A-MQ for persisting messages.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5672,
+ "targetPort": 5672
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-amqp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's AMQP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 1883,
+ "targetPort": 1883
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-mqtt",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's MQTT port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61613,
+ "targetPort": 61613
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-stomp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's STOMP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-amqp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Rolling",
+ "rollingParams": {
+ "maxSurge": 0
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-63:1.0"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-63",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "mountPath": "/opt/amq/data",
+ "name": "${APPLICATION_NAME}-amq-pvol"
+ }
+ ],
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "AMQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "${MQ_SERIALIZABLE_PACKAGES}"
+ },
+ {
+ "name": "AMQ_SPLIT",
+ "value": "${AMQ_SPLIT}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-amq-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-amq-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteMany"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/amq63-ssl.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/amq63-ssl.json
new file mode 100644
index 000000000..20ad50016
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/amq63-ssl.json
@@ -0,0 +1,521 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for JBoss A-MQ brokers. These can be deployed as standalone or in a mesh. This template supports SSL and requires usage of OpenShift secrets.",
+ "iconClass": "icon-jboss",
+ "tags": "messaging,amq,jboss,xpaas",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.3 (Ephemeral with SSL)"
+ },
+ "name": "amq63-ssl"
+ },
+ "labels": {
+ "template": "amq63-ssl",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new messaging service with SSL support has been created in your project. It will handle the protocol(s) \"${MQ_PROTOCOL}\". The username/password for accessing the service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"amq-service-account\" service account and a secret named \"${AMQ_SECRET}\" containing the trust store and key store files (\"${AMQ_TRUSTSTORE}\" and \"${AMQ_KEYSTORE}\") used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "broker",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. SSL variants of these protocols will be configured automaticaly.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. If left empty, queues will be still created dynamically.",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. If left empty, topics will be still created dynamically.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Serializable Packages",
+ "description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "Name of a secret containing SSL related files",
+ "name": "AMQ_SECRET",
+ "value": "amq-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Trust Store Filename",
+ "description": "SSL trust store filename",
+ "name": "AMQ_TRUSTSTORE",
+ "value": "broker.ts",
+ "required": true
+ },
+ {
+ "displayName": "Trust Store Password",
+ "description": "SSL trust store password",
+ "name": "AMQ_TRUSTSTORE_PASSWORD",
+ "value": "",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Keystore Filename",
+ "description": "SSL key store filename",
+ "name": "AMQ_KEYSTORE",
+ "value": "broker.ks",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Keystore Password",
+ "description": "Password for accessing SSL keystore",
+ "name": "AMQ_KEYSTORE_PASSWORD",
+ "value": "",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5672,
+ "targetPort": 5672
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-amqp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's AMQP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5671,
+ "targetPort": 5671
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-amqp-ssl",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's AMQP SSL port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 1883,
+ "targetPort": 1883
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-mqtt",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's MQTT port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8883,
+ "targetPort": 8883
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-mqtt-ssl",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's MQTT SSL port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61613,
+ "targetPort": 61613
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-stomp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's STOMP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61612,
+ "targetPort": 61612
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-stomp-ssl",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's STOMP SSL port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61617,
+ "targetPort": 61617
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp-ssl",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire (SSL) port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-amqp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-amqp-ssl\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt-ssl\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp-ssl\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Rolling",
+ "rollingParams": {
+ "maxSurge": 0
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-63:1.0"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "amq-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-63",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "broker-secret-volume",
+ "mountPath": "/etc/amq-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp-ssl",
+ "containerPort": 5671,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt-ssl",
+ "containerPort": 8883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp-ssl",
+ "containerPort": 61612,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp-ssl",
+ "containerPort": 61617,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "AMQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "${MQ_SERIALIZABLE_PACKAGES}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_KEYSTORE_TRUSTSTORE_DIR",
+ "value": "/etc/amq-secret-volume"
+ },
+ {
+ "name": "AMQ_TRUSTSTORE",
+ "value": "${AMQ_TRUSTSTORE}"
+ },
+ {
+ "name": "AMQ_TRUSTSTORE_PASSWORD",
+ "value": "${AMQ_TRUSTSTORE_PASSWORD}"
+ },
+ {
+ "name": "AMQ_KEYSTORE",
+ "value": "${AMQ_KEYSTORE}"
+ },
+ {
+ "name": "AMQ_KEYSTORE_PASSWORD",
+ "value": "${AMQ_KEYSTORE_PASSWORD}"
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "broker-secret-volume",
+ "secret": {
+ "secretName": "${AMQ_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datagrid65-basic.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datagrid65-basic.json
index 56e76016f..32433bef0 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datagrid65-basic.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datagrid65-basic.json
@@ -6,76 +6,103 @@
"iconClass": "icon-jboss",
"description": "Application template for JDG 6.5 applications.",
"tags": "datagrid,jboss,xpaas",
- "version": "1.2.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 (Ephemeral, no https)"
},
"name": "datagrid65-basic"
},
"labels": {
"template": "datagrid65-basic",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new data grid service has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\".",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "datagrid-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Username",
"description": "User name for JDG user.",
"name": "USERNAME",
"value": "",
"required": false
},
{
- "description": "Password for JDG user.",
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
"name": "PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "Infinispan Connectors",
"description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
"name": "INFINISPAN_CONNECTORS",
"value": "hotrod,memcached,rest",
"required": false
},
{
+ "displayName": "Cache Names",
"description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.",
"name": "CACHE_NAMES",
"value": "",
"required": false
},
{
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
"description": "",
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "",
"required": false
},
{
+ "displayName": "Memcached Cache Name",
"description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
"name": "MEMCACHED_CACHE",
"value": "default",
"required": false
},
{
+ "displayName": "REST Security Domain",
"description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
"name": "REST_SECURITY_DOMAIN",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -200,7 +227,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datagrid65-openshift:1.2"
+ "name": "jboss-datagrid65-openshift:1.4"
}
}
},
@@ -267,9 +294,14 @@
"protocol": "TCP"
},
{
- "name": "hotrod",
+ "name": "hotrod-internal",
"containerPort": 11222,
"protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
}
],
"env": [
@@ -302,6 +334,14 @@
"value": "${CACHE_NAMES}"
},
{
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datagrid65-https.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datagrid65-https.json
index 639ac2e11..e6f020400 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datagrid65-https.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datagrid65-https.json
@@ -6,130 +6,166 @@
"iconClass": "icon-jboss",
"description": "Application template for JDG 6.5 applications.",
"tags": "datagrid,jboss,xpaas",
- "version": "1.2.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 (Ephemeral with https)"
},
"name": "datagrid65-https"
},
"labels": {
"template": "datagrid65-https",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new data grid service has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". Please be sure to create the \"datagrid-service-account\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "datagrid-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Username",
"description": "User name for JDG user.",
"name": "USERNAME",
"value": "",
"required": false
},
{
- "description": "Password for JDG user.",
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
"name": "PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "datagrid-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "Infinispan Connectors",
"description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
"name": "INFINISPAN_CONNECTORS",
"value": "hotrod,memcached,rest",
"required": false
},
{
+ "displayName": "Cache Names",
"description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.",
"name": "CACHE_NAMES",
"value": "",
"required": false
},
{
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
"description": "",
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "",
"required": false
},
{
+ "displayName": "Memcached Cache Name",
"description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
"name": "MEMCACHED_CACHE",
"value": "default",
"required": false
},
{
+ "displayName": "REST Security Domain",
"description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
"name": "REST_SECURITY_DOMAIN",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "datagrid-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -301,7 +337,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datagrid65-openshift:1.2"
+ "name": "jboss-datagrid65-openshift:1.4"
}
}
},
@@ -386,9 +422,14 @@
"protocol": "TCP"
},
{
- "name": "hotrod",
+ "name": "hotrod-internal",
"containerPort": 11222,
"protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
}
],
"env": [
@@ -437,6 +478,14 @@
"value": "${CACHE_NAMES}"
},
{
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datagrid65-mysql-persistent.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datagrid65-mysql-persistent.json
index 22ca3f0a0..ff57a7936 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datagrid65-mysql-persistent.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datagrid65-mysql-persistent.json
@@ -6,82 +6,96 @@
"iconClass": "icon-jboss",
"description": "Application template for JDG 6.5 and MySQL applications with persistent storage.",
"tags": "datagrid,jboss,xpaas",
- "version": "1.2.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 + MySQL (Persistent with https)"
},
"name": "datagrid65-mysql-persistent"
},
"labels": {
"template": "datagrid65-mysql-persistent",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new data grid service (using MySQL with persistent storage) has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"datagrid-service-account\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "datagrid-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Username",
"description": "User name for JDG user.",
"name": "USERNAME",
"value": "",
"required": false
},
{
- "description": "Password for JDG user.",
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
"name": "PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "datagrid-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
"name": "DB_JNDI",
"value": "java:/jboss/datasources/mysql",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -89,6 +103,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -96,117 +111,158 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "Infinispan Connectors",
"description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
"name": "INFINISPAN_CONNECTORS",
"value": "hotrod,memcached,rest",
"required": false
},
{
+ "displayName": "Cache Names",
"description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.",
"name": "CACHE_NAMES",
"value": "",
"required": false
},
{
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
"description": "",
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "",
"required": false
},
{
+ "displayName": "Memcached Cache Name",
"description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
"name": "MEMCACHED_CACHE",
"value": "default",
"required": false
},
{
+ "displayName": "REST Security Domain",
"description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
"name": "REST_SECURITY_DOMAIN",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "datagrid-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
"generate": "expression",
"required": true
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -230,7 +286,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTP port."
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -254,7 +311,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTPS port."
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -278,7 +336,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "Memcached service for clustered applications."
+ "description": "Memcached service for clustered applications.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -302,7 +361,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "Hot Rod service for clustered applications."
+ "description": "Hot Rod service for clustered applications.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -397,7 +457,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datagrid65-openshift:1.2"
+ "name": "jboss-datagrid65-openshift:1.4"
}
}
},
@@ -482,9 +542,14 @@
"protocol": "TCP"
},
{
- "name": "hotrod",
+ "name": "hotrod-internal",
"containerPort": 11222,
"protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
}
],
"env": [
@@ -585,6 +650,14 @@
"value": "${CACHE_NAMES}"
},
{
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
},
@@ -669,7 +742,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datagrid65-mysql.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datagrid65-mysql.json
index e1a585d24..44902de25 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datagrid65-mysql.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datagrid65-mysql.json
@@ -6,82 +6,96 @@
"iconClass": "icon-jboss",
"description": "Application template for JDG 6.5 and MySQL applications.",
"tags": "datagrid,jboss,xpaas",
- "version": "1.2.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 + MySQL (Ephemeral with https)"
},
"name": "datagrid65-mysql"
},
"labels": {
"template": "datagrid65-mysql",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new data grid service (using MySQL) has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"datagrid-service-account\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "datagrid-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Username",
"description": "User name for JDG user.",
"name": "USERNAME",
"value": "",
"required": false
},
{
- "description": "Password for JDG user.",
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
"name": "PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "datagrid-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
"name": "DB_JNDI",
"value": "java:/jboss/datasources/mysql",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -89,6 +103,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -96,111 +111,151 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "Infinispan Connectors",
"description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
"name": "INFINISPAN_CONNECTORS",
"value": "hotrod,memcached,rest",
"required": false
},
{
+ "displayName": "Cache Names",
"description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.",
"name": "CACHE_NAMES",
"value": "",
"required": false
},
{
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
"description": "",
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "",
"required": false
},
{
+ "displayName": "Memcached Cache Name",
"description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
"name": "MEMCACHED_CACHE",
"value": "default",
"required": false
},
{
+ "displayName": "REST Security Domain",
"description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
"name": "REST_SECURITY_DOMAIN",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "datagrid-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
"generate": "expression",
"required": true
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -224,7 +279,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTP port."
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -248,7 +304,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTPS port."
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -272,7 +329,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "Memcached service for clustered applications."
+ "description": "Memcached service for clustered applications.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -296,7 +354,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "Hot Rod service for clustered applications."
+ "description": "Hot Rod service for clustered applications.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -391,7 +450,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datagrid65-openshift:1.2"
+ "name": "jboss-datagrid65-openshift:1.4"
}
}
},
@@ -476,9 +535,14 @@
"protocol": "TCP"
},
{
- "name": "hotrod",
+ "name": "hotrod-internal",
"containerPort": 11222,
"protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
}
],
"env": [
@@ -579,6 +643,14 @@
"value": "${CACHE_NAMES}"
},
{
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
},
@@ -663,7 +735,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datagrid65-postgresql-persistent.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datagrid65-postgresql-persistent.json
index 12720eb19..6b90e1370 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datagrid65-postgresql-persistent.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datagrid65-postgresql-persistent.json
@@ -6,82 +6,96 @@
"iconClass": "icon-jboss",
"description": "Application template for JDG 6.5 and PostgreSQL applications with persistent storage.",
"tags": "datagrid,jboss,xpaas",
- "version": "1.3.2"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 + PostgreSQL (Persistent with https)"
},
"name": "datagrid65-postgresql-persistent"
},
"labels": {
"template": "datagrid65-postgresql-persistent",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new data grid service (using PostgreSQL with persistent storage) has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"datagrid-service-account\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "datagrid-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Username",
"description": "User name for JDG user.",
"name": "USERNAME",
"value": "",
"required": false
},
{
- "description": "Password for JDG user.",
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
"name": "PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "datagrid-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/postgresql",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -89,6 +103,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -96,102 +111,140 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "Infinispan Connectors",
"description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
"name": "INFINISPAN_CONNECTORS",
"value": "hotrod,memcached,rest",
"required": false
},
{
+ "displayName": "Cache Names",
"description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.",
"name": "CACHE_NAMES",
"value": "",
"required": false
},
{
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
"description": "",
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "",
"required": false
},
{
+ "displayName": "Memcached Cache Name",
"description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
"name": "MEMCACHED_CACHE",
"value": "default",
"required": false
},
{
+ "displayName": "REST Security Domain",
"description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
"name": "REST_SECURITY_DOMAIN",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "datagrid-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
"generate": "expression",
"required": true
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -215,7 +268,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTP port."
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -239,7 +293,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTPS port."
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -382,7 +437,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datagrid65-openshift:1.2"
+ "name": "jboss-datagrid65-openshift:1.4"
}
}
},
@@ -467,9 +522,14 @@
"protocol": "TCP"
},
{
- "name": "hotrod",
+ "name": "hotrod-internal",
"containerPort": 11222,
"protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
}
],
"env": [
@@ -570,6 +630,14 @@
"value": "${CACHE_NAMES}"
},
{
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
},
@@ -654,7 +722,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datagrid65-postgresql.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datagrid65-postgresql.json
index da8015fb0..ae36376db 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datagrid65-postgresql.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datagrid65-postgresql.json
@@ -6,82 +6,96 @@
"iconClass": "icon-jboss",
"description": "Application template for JDG 6.5 and PostgreSQL applications built using.",
"tags": "datagrid,jboss,xpaas",
- "version": "1.3.2"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 + PostgreSQL (Ephemeral with https)"
},
"name": "datagrid65-postgresql"
},
"labels": {
"template": "datagrid65-postgresql",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new data grid service (using PostgreSQL) has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"datagrid-service-account\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "datagrid-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Username",
"description": "User name for JDG user.",
"name": "USERNAME",
"value": "",
"required": false
},
{
- "description": "Password for JDG user.",
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
"name": "PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "datagrid-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/postgresql",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -89,6 +103,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -96,96 +111,133 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "Infinispan Connectors",
"description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
"name": "INFINISPAN_CONNECTORS",
"value": "hotrod,memcached,rest",
"required": false
},
{
+ "displayName": "Cache Names",
"description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configurd for each entry.",
"name": "CACHE_NAMES",
"value": "",
"required": false
},
{
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
"description": "",
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "",
"required": false
},
{
+ "displayName": "Memcached Cache Name",
"description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
"name": "MEMCACHED_CACHE",
"value": "default",
"required": false
},
{
+ "displayName": "REST Security Domain",
"description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
"name": "REST_SECURITY_DOMAIN",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "datagrid-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
"generate": "expression",
"required": true
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -209,7 +261,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTP port."
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -233,7 +286,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTPS port."
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -376,7 +430,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datagrid65-openshift:1.2"
+ "name": "jboss-datagrid65-openshift:1.4"
}
}
},
@@ -461,9 +515,14 @@
"protocol": "TCP"
},
{
- "name": "hotrod",
+ "name": "hotrod-internal",
"containerPort": 11222,
"protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
}
],
"env": [
@@ -564,6 +623,14 @@
"value": "${CACHE_NAMES}"
},
{
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
},
@@ -648,7 +715,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datavirt63-basic-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datavirt63-basic-s2i.json
index 7d64dac98..ea2f13742 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datavirt63-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datavirt63-basic-s2i.json
@@ -6,7 +6,8 @@
"iconClass": "icon-jboss",
"description": "Application template for JBoss Data Virtualization 6.3 services built using S2I.",
"tags": "jdv,datavirt,jboss,xpaas",
- "version": "1.4.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.3 (no SSL)"
},
"name": "datavirt63-basic-s2i"
},
@@ -60,6 +61,7 @@
},
{
"description": "The name of the service account to use for the deployment. The service account should be configured to allow usage of the secret specified by CONFIGURATION_NAME.",
+ "displayName": "Service Account Name",
"name": "SERVICE_ACCOUNT_NAME",
"value": "datavirt-service-account",
"required": true
@@ -133,6 +135,27 @@
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "description": "Comma delimited list of source directories containing VDBs for deployment",
+ "displayName": "VDB Deployment Directories",
+ "name": "VDB_DIRS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Artifact Directories",
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -215,7 +238,22 @@
"uri": "${SOURCE_REPOSITORY_URL}",
"ref": "${SOURCE_REPOSITORY_REF}"
},
- "contextDir": "${CONTEXT_DIR}"
+ "contextDir": "${CONTEXT_DIR}",
+ "images": [
+ {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-datagrid65-client-openshift:1.0"
+ },
+ "paths": [
+ {
+ "destinationDir": "./${CONTEXT_DIR}/extensions/datagrid65",
+ "sourcePath": "/extensions/."
+ }
+ ]
+ }
+ ]
},
"strategy": {
"type": "Source",
@@ -224,8 +262,26 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datavirt63-openshift:1.0"
- }
+ "name": "jboss-datavirt63-openshift:1.2"
+ },
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "CUSTOM_INSTALL_DIRECTORIES",
+ "value": "extensions/*"
+ },
+ {
+ "name": "VDB_DIRS",
+ "value": "${VDB_DIRS}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ]
}
},
"output": {
@@ -252,6 +308,15 @@
"imageChange": {}
},
{
+ "type": "ImageChange",
+ "imageChange": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "jboss-datagrid65-client-openshift:1.0"
+ }
+ }
+ },
+ {
"type": "ConfigChange"
}
]
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datavirt63-extensions-support-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datavirt63-extensions-support-s2i.json
index 1e7c03b99..22b579ecc 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datavirt63-extensions-support-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datavirt63-extensions-support-s2i.json
@@ -6,7 +6,8 @@
"iconClass": "icon-jboss",
"description": "Application template for JBoss Data Virtualization 6.3 services built using S2I. Includes support for installing extensions (e.g. third-party DB drivers) and the ability to configure certificates for serving secure content.",
"tags": "jdv,datavirt,jboss,xpaas",
- "version": "1.4.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.3 (with SSL and Extensions)"
},
"name": "datavirt63-extensions-support-s2i"
},
@@ -102,6 +103,7 @@
},
{
"description": "The name of the service account to use for the deployment. The service account should be configured to allow usage of the secret(s) specified by CONFIGURATION_NAME, HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "displayName": "Service Account Name",
"name": "SERVICE_ACCOUNT_NAME",
"value": "datavirt-service-account",
"required": true
@@ -238,6 +240,27 @@
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "description": "Comma delimited list of source directories containing VDBs for deployment",
+ "displayName": "VDB Deployment Directories",
+ "name": "VDB_DIRS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Artifact Directories",
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -446,6 +469,19 @@
{
"from": {
"kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-datagrid65-client-openshift:1.0"
+ },
+ "paths": [
+ {
+ "destinationDir": "./${CONTEXT_DIR}/extensions/datagrid65",
+ "sourcePath": "/extensions/."
+ }
+ ]
+ },
+ {
+ "from": {
+ "kind": "ImageStreamTag",
"name": "${APPLICATION_NAME}-ext:latest"
},
"paths": [
@@ -464,12 +500,24 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datavirt63-openshift:1.0"
+ "name": "jboss-datavirt63-openshift:1.2"
},
"env": [
{
"name": "CUSTOM_INSTALL_DIRECTORIES",
"value": "extensions/*"
+ },
+ {
+ "name": "VDB_DIRS",
+ "value": "${VDB_DIRS}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
]
}
@@ -507,6 +555,15 @@
}
},
{
+ "type": "ImageChange",
+ "imageChange": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "jboss-datagrid65-client-openshift:1.0"
+ }
+ }
+ },
+ {
"type": "ConfigChange"
}
]
@@ -713,7 +770,7 @@
},
{
"name": "DATAVIRT_TRANSPORT_KEYSTORE",
- "value": "/etc/datavirt-secret-volume/${HTTPS_KEYSTORE}"
+ "value": "${HTTPS_KEYSTORE}"
},
{
"name": "DATAVIRT_TRANSPORT_KEYSTORE_TYPE",
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datavirt63-secure-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datavirt63-secure-s2i.json
index 07f926ff3..9392c20a6 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datavirt63-secure-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/datavirt63-secure-s2i.json
@@ -6,7 +6,8 @@
"iconClass": "icon-jboss",
"description": "Application template for JBoss Data Virtualization 6.3 services built using S2I. Includes ability to configure certificates for serving secure content.",
"tags": "jdv,datavirt,jboss,xpaas",
- "version": "1.4.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.3 (with SSL)"
},
"name": "datavirt63-secure-s2i"
},
@@ -74,6 +75,7 @@
},
{
"description": "The name of the service account to use for the deployment. The service account should be configured to allow usage of the secret(s) specified by CONFIGURATION_NAME, HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "displayName": "Service Account Name",
"name": "SERVICE_ACCOUNT_NAME",
"value": "datavirt-service-account",
"required": true
@@ -210,6 +212,168 @@
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "description": "Comma delimited list of source directories containing VDBs for deployment",
+ "displayName": "VDB Deployment Directories",
+ "name": "VDB_DIRS",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The URL for the SSO server (e.g. https://secure-sso-myproject.example.com/auth). This is the URL through which the user will be redirected when a login or token is required by the application.",
+ "displayName": "SSO Server URL",
+ "name": "SSO_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The URL for the interal SSO service, where secure-sso is the kubernetes service exposed by the SSO server. This is used to create the application client(s) (see SSO_USERNAME). This can also be the same as SSO_URL.",
+ "displayName": "SSO Server Service URL",
+ "name": "SSO_SERVICE_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The SSO realm to which the application client(s) should be associated (e.g. demo).",
+ "displayName": "SSO Realm",
+ "name": "SSO_REALM",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The username used to access the SSO service. This is used to create the appliction client(s) within the specified SSO realm. This should match the SSO_SERVICE_USERNAME specified through one of the sso70-* templates.",
+ "displayName": "SSO Username",
+ "name": "SSO_USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The password for the SSO service user.",
+ "displayName": "SSO User's Password",
+ "name": "SSO_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "SSO Realm Public Key. Public key is recommended to be passed into the template to avoid man-in-the-middle security vulnerability. This can be retrieved from the SSO server, for the specified realm.",
+ "displayName": "SSO Realm Public Key",
+ "name": "SSO_PUBLIC_KEY",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "SSO Client Access Type. true or false",
+ "displayName": "SSO Bearer Only",
+ "name": "SSO_BEARER_ONLY",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The name of the secret containing the keystore file",
+ "displayName": "SSO SAML Keystore Secret",
+ "name": "SSO_SAML_KEYSTORE_SECRET",
+ "value": "datavirt-app-secret",
+ "required": false
+ },
+ {
+ "description": "The name of the keystore file within the secret",
+ "displayName": "SSO SAML Keystore File",
+ "name": "SSO_SAML_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "description": "The name associated with the server certificate",
+ "displayName": "SSO SAML Certificate Alias",
+ "name": "SSO_SAML_CERTIFICATE_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The password for the keystore and certificate",
+ "name": "SSO_SAML_KEYSTORE_PASSWORD",
+ "displayName": "SSO SAML Keystore Password",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The SSO Client Secret for Confidential Access",
+ "name": "SSO_SECRET",
+ "displayName": "SSO Client Secret",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "description": "Enable CORS for SSO applications. true or false",
+ "name": "SSO_ENABLE_CORS",
+ "displayName": "SSO Enable CORS",
+ "value": "false",
+ "required": false
+ },
+ {
+ "description": "SSO logout page for SAML applications",
+ "name": "SSO_SAML_LOGOUT_PAGE",
+ "displayName": "SSO SAML Logout Page",
+ "value": "/",
+ "required": false
+ },
+ {
+ "description": "If true SSL communication between EAP and the SSO Server will be insecure (i.e. certificate validation is disabled with curl)",
+ "name": "SSO_DISABLE_SSL_CERTIFICATE_VALIDATION",
+ "displayName": "SSO Disable SSL Certificate Validation",
+ "value": "true",
+ "required": false
+ },
+ {
+ "description": "The name of the truststore file within the secret (e.g. truststore.jks)",
+ "name": "SSO_TRUSTSTORE",
+ "displayName": "SSO Truststore File",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The password for the truststore and certificate (e.g. mykeystorepass)",
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "displayName": "SSO Truststore Password",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
+ "name": "SSO_TRUSTSTORE_SECRET",
+ "displayName": "SSO Truststore Secret",
+ "value": "datavirt-app-secret",
+ "required": false
+ },
+ {
+ "description": "Comma delimited list of deployments that shoulds be exploded and enabled for SSO OpenIDConnect via auth-method",
+ "name": "SSO_OPENIDCONNECT_DEPLOYMENTS",
+ "displayName": "SSO OpenIDConnect Deployments",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Comma delimited list of deployments that shoulds be exploded and enabled for SSO SAML via auth-method",
+ "name": "SSO_SAML_DEPLOYMENTS",
+ "displayName": "SSO SAML Deployments",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Artifact Directories",
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -354,7 +518,22 @@
"uri": "${SOURCE_REPOSITORY_URL}",
"ref": "${SOURCE_REPOSITORY_REF}"
},
- "contextDir": "${CONTEXT_DIR}"
+ "contextDir": "${CONTEXT_DIR}",
+ "images": [
+ {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-datagrid65-client-openshift:1.0"
+ },
+ "paths": [
+ {
+ "destinationDir": "./${CONTEXT_DIR}/extensions/datagrid65",
+ "sourcePath": "/extensions/."
+ }
+ ]
+ }
+ ]
},
"strategy": {
"type": "Source",
@@ -363,8 +542,26 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datavirt63-openshift:1.0"
- }
+ "name": "jboss-datavirt63-openshift:1.2"
+ },
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "CUSTOM_INSTALL_DIRECTORIES",
+ "value": "extensions/*"
+ },
+ {
+ "name": "VDB_DIRS",
+ "value": "${VDB_DIRS}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ]
}
},
"output": {
@@ -391,6 +588,15 @@
"imageChange": {}
},
{
+ "type": "ImageChange",
+ "imageChange": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "jboss-datagrid65-client-openshift:1.0"
+ }
+ }
+ },
+ {
"type": "ConfigChange"
}
]
@@ -597,7 +803,7 @@
},
{
"name": "DATAVIRT_TRANSPORT_KEYSTORE",
- "value": "/etc/datavirt-secret-volume/${HTTPS_KEYSTORE}"
+ "value": "${HTTPS_KEYSTORE}"
},
{
"name": "DATAVIRT_TRANSPORT_KEYSTORE_TYPE",
@@ -610,6 +816,98 @@
{
"name": "DATAVIRT_TRANSPORT_KEYSTORE_PASSWORD",
"value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "SSO_URL",
+ "value": "${SSO_URL}"
+ },
+ {
+ "name": "SSO_SERVICE_URL",
+ "value": "${SSO_SERVICE_URL}"
+ },
+ {
+ "name": "SSO_REALM",
+ "value": "${SSO_REALM}"
+ },
+ {
+ "name": "SSO_USERNAME",
+ "value": "${SSO_USERNAME}"
+ },
+ {
+ "name": "SSO_PASSWORD",
+ "value": "${SSO_PASSWORD}"
+ },
+ {
+ "name": "SSO_PUBLIC_KEY",
+ "value": "${SSO_PUBLIC_KEY}"
+ },
+ {
+ "name": "SSO_BEARER_ONLY",
+ "value": "${SSO_BEARER_ONLY}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE_SECRET",
+ "value": "${SSO_SAML_KEYSTORE_SECRET}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE",
+ "value": "${SSO_SAML_KEYSTORE}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE_DIR",
+ "value": "/etc/sso-saml-secret-volume"
+ },
+ {
+ "name": "SSO_SAML_CERTIFICATE_NAME",
+ "value": "${SSO_SAML_CERTIFICATE_NAME}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE_PASSWORD",
+ "value": "${SSO_SAML_KEYSTORE_PASSWORD}"
+ },
+ {
+ "name": "SSO_SECRET",
+ "value": "${SSO_SECRET}"
+ },
+ {
+ "name": "SSO_ENABLE_CORS",
+ "value": "${SSO_ENABLE_CORS}"
+ },
+ {
+ "name": "SSO_SAML_LOGOUT_PAGE",
+ "value": "${SSO_SAML_LOGOUT_PAGE}"
+ },
+ {
+ "name": "SSO_DISABLE_SSL_CERTIFICATE_VALIDATION",
+ "value": "${SSO_DISABLE_SSL_CERTIFICATE_VALIDATION}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE",
+ "value": "${SSO_TRUSTSTORE}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_DIR",
+ "value": "/etc/sso-secret-volume"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "${SSO_TRUSTSTORE_PASSWORD}"
+ },
+ {
+ "name": "SSO_OPENIDCONNECT_DEPLOYMENTS",
+ "value": "${SSO_OPENIDCONNECT_DEPLOYMENTS}"
+ },
+ {
+ "name": "SSO_SAML_DEPLOYMENTS",
+ "value": "${SSO_SAML_DEPLOYMENTS}"
+ },
+ {
+ "name": "HOSTNAME_HTTP",
+ "value": "${HOSTNAME_HTTP}"
+ },
+ {
+ "name": "HOSTNAME_HTTPS",
+ "value": "${HOSTNAME_HTTPS}"
}
]
}
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver62-amq-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver62-amq-s2i.json
index 754a3b4c0..1989036fa 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver62-amq-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver62-amq-s2i.json
@@ -5,8 +5,9 @@
"annotations": {
"description": "Application template for Red Hat JBoss BRMS 6.2 decision server A-MQ applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "decisionserver,amq,java,messaging,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "decisionserver,jboss,xpaas",
+ "version": "1.3.3",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.2 decision server + A-MQ (with https)"
},
"name": "decisionserver62-amq-s2i"
},
@@ -14,20 +15,24 @@
"template": "decisionserver62-amq-s2i",
"xpaas": "1.3.3"
},
+ "message": "A new BRMS/A-MQ application with SSL support has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"decisionserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "HelloRulesContainer=org.openshift.quickstarts:decisionserver-hellorules:1.2.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -35,102 +40,119 @@
"required": false
},
{
+ "displayName": "KIE Server Domain",
"description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
"name": "KIE_SERVER_DOMAIN",
"value": "other",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Response",
"description": "JNDI name of response queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
"value": "queue/KIE.SERVER.RESPONSE",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "decisionserver/hellorules",
"required": false
},
{
+ "displayName": "JMS Connection Factory JNDI Name",
"description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
"name": "MQ_JNDI",
"value": "java:/JmsXA",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_QUEUES",
"value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "decisionserver-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -138,6 +160,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -145,18 +168,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -164,6 +190,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -171,6 +198,7 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
@@ -198,7 +226,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTP port."
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -222,7 +251,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTPS port."
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -564,7 +594,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver62-basic-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver62-basic-s2i.json
index 8be4ac90b..25b2c162c 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver62-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver62-basic-s2i.json
@@ -5,8 +5,9 @@
"annotations": {
"description": "Application template for Red Hat JBoss BRMS 6.2 decision server applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "decisionserver,java,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "decisionserver,jboss,xpaas",
+ "version": "1.3.3",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.2 decision server (no https)"
},
"name": "decisionserver62-basic-s2i"
},
@@ -14,20 +15,24 @@
"template": "decisionserver62-basic-s2i",
"xpaas": "1.3.3"
},
+ "message": "A new BRMS application has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "HelloRulesContainer=org.openshift.quickstarts:decisionserver-hellorules:1.2.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -35,48 +40,56 @@
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "decisionserver/hellorules",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -84,6 +97,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -91,6 +105,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -98,6 +113,7 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver62-https-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver62-https-s2i.json
index bf9047599..85605d642 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver62-https-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver62-https-s2i.json
@@ -5,8 +5,9 @@
"annotations": {
"description": "Application template for Red Hat JBoss BRMS 6.2 decision server HTTPS applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "decisionserver,java,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "decisionserver,jboss,xpaas",
+ "version": "1.3.3",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.2 decision server (with https)"
},
"name": "decisionserver62-https-s2i"
},
@@ -14,32 +15,38 @@
"template": "decisionserver62-https-s2i",
"xpaas": "1.3.3"
},
+ "message": "A new BRMS application with SSL support has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. Please be sure to create the \"decisionserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "HelloRulesContainer=org.openshift.quickstarts:decisionserver-hellorules:1.2.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Protocol",
"description": "The protocol to access the KIE Server REST interface.",
"name": "KIE_SERVER_PROTOCOL",
"value": "https",
"required": false
},
{
+ "displayName": "KIE Server Port",
"description": "The port to access the KIE Server REST interface.",
"name": "KIE_SERVER_PORT",
"value": "8443",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -47,78 +54,91 @@
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "decisionserver/hellorules",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "decisionserver-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -126,6 +146,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -133,6 +154,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -140,6 +162,7 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver63-amq-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver63-amq-s2i.json
index 51e667e02..ecea54d94 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver63-amq-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver63-amq-s2i.json
@@ -5,29 +5,34 @@
"annotations": {
"description": "Application template for Red Hat JBoss BRMS 6.3 decision server A-MQ applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "decisionserver,amq,java,messaging,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "decisionserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.3 decision server + A-MQ (with https)"
},
"name": "decisionserver63-amq-s2i"
},
"labels": {
"template": "decisionserver63-amq-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new BRMS/A-MQ application with SSL support has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"decisionserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "decisionserver-hellorules=org.openshift.quickstarts:decisionserver-hellorules:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -35,108 +40,126 @@
"required": false
},
{
+ "displayName": "KIE Server Domain",
"description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
"name": "KIE_SERVER_DOMAIN",
"value": "other",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Request",
"description": "JNDI name of request queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_REQUEST",
"value": "queue/KIE.SERVER.REQUEST",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Response",
"description": "JNDI name of response queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
"value": "queue/KIE.SERVER.RESPONSE",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "decisionserver/hellorules",
"required": false
},
{
+ "displayName": "JMS Connection Factory JNDI Name",
"description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
"name": "MQ_JNDI",
"value": "java:/JmsXA",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_QUEUES",
"value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "decisionserver-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -144,6 +167,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -151,18 +175,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -170,6 +197,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -177,10 +205,24 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -204,7 +246,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTP port."
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -228,7 +271,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTPS port."
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -334,13 +378,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-decisionserver63-openshift:1.3"
+ "name": "jboss-decisionserver63-openshift:1.4"
}
}
},
@@ -574,7 +626,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver63-basic-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver63-basic-s2i.json
index c5f0d006a..d655dbe94 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver63-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver63-basic-s2i.json
@@ -5,29 +5,34 @@
"annotations": {
"description": "Application template for Red Hat JBoss BRMS 6.3 decision server applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "decisionserver,java,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "decisionserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.3 decision server (no https)"
},
"name": "decisionserver63-basic-s2i"
},
"labels": {
"template": "decisionserver63-basic-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new BRMS application has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "decisionserver-hellorules=org.openshift.quickstarts:decisionserver-hellorules:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -35,48 +40,56 @@
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "decisionserver/hellorules",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -84,6 +97,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -91,6 +105,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -98,10 +113,24 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -184,13 +213,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-decisionserver63-openshift:1.3"
+ "name": "jboss-decisionserver63-openshift:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver63-https-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver63-https-s2i.json
index 3db0e4c84..78e79c0cf 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver63-https-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver63-https-s2i.json
@@ -5,41 +5,48 @@
"annotations": {
"description": "Application template for Red Hat JBoss BRMS 6.3 decision server HTTPS applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "decisionserver,java,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "decisionserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.3 decision server (with https)"
},
"name": "decisionserver63-https-s2i"
},
"labels": {
"template": "decisionserver63-https-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new BRMS application with SSL support has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. Please be sure to create the \"decisionserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "decisionserver-hellorules=org.openshift.quickstarts:decisionserver-hellorules:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Protocol",
"description": "The protocol to access the KIE Server REST interface.",
"name": "KIE_SERVER_PROTOCOL",
"value": "https",
"required": false
},
{
+ "displayName": "KIE Server Port",
"description": "The port to access the KIE Server REST interface.",
"name": "KIE_SERVER_PORT",
"value": "8443",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -47,78 +54,91 @@
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "decisionserver/hellorules",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "decisionserver-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -126,6 +146,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -133,6 +154,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -140,10 +162,24 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -273,13 +309,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-decisionserver63-openshift:1.3"
+ "name": "jboss-decisionserver63-openshift:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver64-amq-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver64-amq-s2i.json
new file mode 100644
index 000000000..c688a2a67
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver64-amq-s2i.json
@@ -0,0 +1,748 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for Red Hat JBoss BRMS 6.4 decision server A-MQ applications built using S2I.",
+ "iconClass": "icon-jboss",
+ "tags": "decisionserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.4 decision server + A-MQ (with https)"
+ },
+ "name": "decisionserver64-amq-s2i"
+ },
+ "labels": {
+ "template": "decisionserver64-amq-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new BRMS/A-MQ application with SSL support has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"decisionserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "KIE Container Deployment",
+ "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "decisionserver-hellorules=org.openshift.quickstarts:decisionserver-hellorules:1.3.0.Final",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Username",
+ "description": "The user name to access the KIE Server REST or JMS interface.",
+ "name": "KIE_SERVER_USER",
+ "value": "kieserver",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Password",
+ "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
+ "name": "KIE_SERVER_PASSWORD",
+ "from": "[a-zA-Z]{6}[0-9]{1}!",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Domain",
+ "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "other",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server JMS Queues Request",
+ "description": "JNDI name of request queue for JMS.",
+ "name": "KIE_SERVER_JMS_QUEUES_REQUEST",
+ "value": "queue/KIE.SERVER.REQUEST",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server JMS Queues Response",
+ "description": "JNDI name of response queue for JMS.",
+ "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
+ "value": "queue/KIE.SERVER.RESPONSE",
+ "required": false
+ },
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "kie-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "decisionserver/hellorules",
+ "required": false
+ },
+ {
+ "displayName": "JMS Connection Factory JNDI Name",
+ "description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
+ "name": "MQ_JNDI",
+ "value": "java:/JmsXA",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_QUEUES",
+ "value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "decisionserver-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTP service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTPS service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-decisionserver64-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "decisionserver-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "decisionserver-keystore-volume",
+ "mountPath": "/etc/decisionserver-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "KIE_SERVER_USER",
+ "value": "${KIE_SERVER_USER}"
+ },
+ {
+ "name": "KIE_SERVER_PASSWORD",
+ "value": "${KIE_SERVER_PASSWORD}"
+ },
+ {
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "${KIE_SERVER_DOMAIN}"
+ },
+ {
+ "name": "KIE_SERVER_JMS_QUEUES_REQUEST",
+ "value": "${KIE_SERVER_JMS_QUEUES_REQUEST}"
+ },
+ {
+ "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
+ "value": "${KIE_SERVER_JMS_QUEUES_RESPONSE}"
+ },
+ {
+ "name": "MQ_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-amq=MQ"
+ },
+ {
+ "name": "MQ_JNDI",
+ "value": "${MQ_JNDI}"
+ },
+ {
+ "name": "MQ_USERNAME",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "MQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "MQ_PROTOCOL",
+ "value": "tcp"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/decisionserver-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "decisionserver-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-63:1.0"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-63",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp-ssl",
+ "containerPort": 5671,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp-ssl",
+ "containerPort": 61612,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp-ssl",
+ "containerPort": 61617,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver64-basic-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver64-basic-s2i.json
new file mode 100644
index 000000000..778c51844
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver64-basic-s2i.json
@@ -0,0 +1,376 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for Red Hat JBoss BRMS 6.4 decision server applications built using S2I.",
+ "iconClass": "icon-jboss",
+ "tags": "decisionserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.4 decision server (no https)"
+ },
+ "name": "decisionserver64-basic-s2i"
+ },
+ "labels": {
+ "template": "decisionserver64-basic-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new BRMS application has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}.",
+ "parameters": [
+ {
+ "displayName": "KIE Container Deployment",
+ "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "decisionserver-hellorules=org.openshift.quickstarts:decisionserver-hellorules:1.3.0.Final",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Username",
+ "description": "The user name to access the KIE Server REST or JMS interface.",
+ "name": "KIE_SERVER_USER",
+ "value": "kieserver",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Password",
+ "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
+ "name": "KIE_SERVER_PASSWORD",
+ "from": "[a-zA-Z]{6}[0-9]{1}!",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "kie-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "decisionserver/hellorules",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Password",
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-decisionserver64-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "KIE_SERVER_USER",
+ "value": "${KIE_SERVER_USER}"
+ },
+ {
+ "name": "KIE_SERVER_PASSWORD",
+ "value": "${KIE_SERVER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver64-https-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver64-https-s2i.json
new file mode 100644
index 000000000..e6c6961c1
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/decisionserver64-https-s2i.json
@@ -0,0 +1,517 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for Red Hat JBoss BRMS 6.4 decision server HTTPS applications built using S2I.",
+ "iconClass": "icon-jboss",
+ "tags": "decisionserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.4 decision server (with https)"
+ },
+ "name": "decisionserver64-https-s2i"
+ },
+ "labels": {
+ "template": "decisionserver64-https-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new BRMS application with SSL support has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. Please be sure to create the \"decisionserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "KIE Container Deployment",
+ "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "decisionserver-hellorules=org.openshift.quickstarts:decisionserver-hellorules:1.3.0.Final",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Protocol",
+ "description": "The protocol to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "https",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Port",
+ "description": "The port to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PORT",
+ "value": "8443",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Username",
+ "description": "The user name to access the KIE Server REST or JMS interface.",
+ "name": "KIE_SERVER_USER",
+ "value": "kieserver",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Password",
+ "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
+ "name": "KIE_SERVER_PASSWORD",
+ "from": "[a-zA-Z]{6}[0-9]{1}!",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "kie-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "decisionserver/hellorules",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "decisionserver-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Password",
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-decisionserver64-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "decisionserver-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "decisionserver-keystore-volume",
+ "mountPath": "/etc/decisionserver-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "${KIE_SERVER_PROTOCOL}"
+ },
+ {
+ "name": "KIE_SERVER_PORT",
+ "value": "${KIE_SERVER_PORT}"
+ },
+ {
+ "name": "KIE_SERVER_USER",
+ "value": "${KIE_SERVER_USER}"
+ },
+ {
+ "name": "KIE_SERVER_PASSWORD",
+ "value": "${KIE_SERVER_PASSWORD}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/decisionserver-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "decisionserver-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-amq-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-amq-persistent-s2i.json
index 72dbb4302..912838175 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-amq-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-amq-persistent-s2i.json
@@ -5,131 +5,153 @@
"annotations": {
"description": "Application template for EAP 6 A-MQ applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,amq,javaee,java,messaging,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + A-MQ (Persistent with https)"
},
"name": "eap64-amq-persistent-s2i"
},
"labels": {
"template": "eap64-amq-persistent-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 and A-MQ persistent based application with SSL support has been created in your project. The username/password for accessing the A-MQ service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "6.4.x",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "helloworld-mdb",
"required": false
},
{
- "description": "Size of persistent storage for database volume.",
+ "displayName": "A-MQ Volume Size",
+ "description": "Size of the volume used by A-MQ for persisting messages.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "JMS Connection Factory JNDI Name",
"description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/ConnectionFactory",
"name": "MQ_JNDI",
"value": "java:/ConnectionFactory",
"required": false
},
{
+ "displayName": "Split Data?",
"description": "Split the data directory for each node in a mesh.",
"name": "AMQ_SPLIT",
"value": "false",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_QUEUES",
"value": "HELLOWORLDMDBQueue",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_TOPICS",
"value": "HELLOWORLDMDBTopic",
"required": false
},
{
+ "displayName": "A-MQ Serializable Packages",
"description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
"name": "MQ_SERIALIZABLE_PACKAGES",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -137,6 +159,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -144,18 +167,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -163,6 +189,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -170,36 +197,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -207,10 +240,24 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -234,7 +281,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTP port."
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -258,7 +306,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTPS port."
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -360,11 +409,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
}
}
},
@@ -641,7 +700,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-amq-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-amq-s2i.json
index 9dd847451..dd4c7a27b 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-amq-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-amq-s2i.json
@@ -5,119 +5,139 @@
"annotations": {
"description": "Application template for EAP 6 A-MQ applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,amq,javaee,java,messaging,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + A-MQ (Ephemeral with https)"
},
"name": "eap64-amq-s2i"
},
"labels": {
"template": "eap64-amq-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 and A-MQ based application with SSL support has been created in your project. The username/password for accessing the A-MQ service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "6.4.x",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "helloworld-mdb",
"required": false
},
{
+ "displayName": "JMS Connection Factory JNDI Name",
"description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/ConnectionFactory",
"name": "MQ_JNDI",
"value": "java:/ConnectionFactory",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_QUEUES",
"value": "HELLOWORLDMDBQueue",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_TOPICS",
"value": "HELLOWORLDMDBTopic",
"required": false
},
{
+ "displayName": "A-MQ Serializable Packages",
"description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
"name": "MQ_SERIALIZABLE_PACKAGES",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -125,6 +145,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -132,18 +153,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -151,6 +175,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -158,36 +183,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -195,10 +226,24 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -222,7 +267,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTP port."
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -246,7 +292,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTPS port."
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -348,11 +395,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
}
}
},
@@ -626,7 +683,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-basic-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-basic-s2i.json
index 7b1800b7b..e13b3851b 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-basic-s2i.json
@@ -6,58 +6,68 @@
"iconClass": "icon-jboss",
"description": "Application template for EAP 6 applications built using S2I.",
"tags": "eap,javaee,java,jboss,xpaas",
- "version": "1.3.2"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 (no https)"
},
"name": "eap64-basic-s2i"
},
"labels": {
"template": "eap64-basic-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 based application has been created in your project.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-developer/jboss-eap-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "6.4.x",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "kitchensink",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -65,6 +75,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -72,6 +83,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -79,12 +91,14 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -92,10 +106,24 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -174,11 +202,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-https-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-https-s2i.json
index 31716d84c..0da32eb40 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-https-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-https-s2i.json
@@ -6,100 +6,117 @@
"iconClass": "icon-jboss",
"description": "Application template for EAP 6 applications built using S2I.",
"tags": "eap,javaee,java,jboss,xpaas",
- "version": "1.3.2"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 (with https)"
},
"name": "eap64-https-s2i"
},
"labels": {
"template": "eap64-https-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 based application with SSL support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-developer/jboss-eap-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "6.4.x",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "kitchensink",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -107,6 +124,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -114,6 +132,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -121,36 +140,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -158,10 +183,24 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -287,11 +326,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-mongodb-persistent-s2i.json
index 212431056..77b75466d 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-mongodb-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-mongodb-persistent-s2i.json
@@ -5,149 +5,175 @@
"annotations": {
"description": "Application template for EAP 6 MongoDB applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,mongodb,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + MongoDB (Persistent with https)"
},
"name": "eap64-mongodb-persistent-s2i"
},
"labels": {
"template": "eap64-mongodb-persistent-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 and MongoDB persistent based application with SSL support has been created in your project. The username/password for accessing the MongoDB database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-mongodb",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
"name": "DB_JNDI",
"value": "",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MongoDB No Preallocation",
"description": "Disable data file preallocation.",
"name": "MONGODB_NOPREALLOC",
"required": false
},
{
+ "displayName": "MongoDB Small Files",
"description": "Set MongoDB to use a smaller default data file size.",
"name": "MONGODB_SMALLFILES",
"required": false
},
{
+ "displayName": "MongoDB Quiet",
"description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
"name": "MONGODB_QUIET",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -155,6 +181,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -162,6 +189,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -169,6 +197,7 @@
"required": true
},
{
+ "displayName": "Database admin password",
"description": "Database admin password",
"name": "DB_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -176,6 +205,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -183,6 +213,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -190,36 +221,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -227,10 +264,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
}
],
"objects": [
@@ -254,7 +312,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -278,7 +337,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -380,11 +440,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
}
}
},
@@ -674,7 +744,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mongodb:latest"
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-mongodb-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-mongodb-s2i.json
index 13fbbdd93..2785782d4 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-mongodb-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-mongodb-s2i.json
@@ -5,143 +5,168 @@
"annotations": {
"description": "Application template for EAP 6 MongoDB applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,mongodb,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + MongoDB (Ephemeral with https)"
},
"name": "eap64-mongodb-s2i"
},
"labels": {
"template": "eap64-mongodb-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 and MongoDB based application with SSL support has been created in your project. The username/password for accessing the MongoDB database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-mongodb",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
"name": "DB_JNDI",
"value": "",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MongoDB No Preallocation",
"description": "Disable data file preallocation.",
"name": "MONGODB_NOPREALLOC",
"required": false
},
{
+ "displayName": "MongoDB Small Files",
"description": "Set MongoDB to use a smaller default data file size.",
"name": "MONGODB_SMALLFILES",
"required": false
},
{
+ "displayName": "MongoDB Quiet",
"description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
"name": "MONGODB_QUIET",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -149,6 +174,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -156,6 +182,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -163,6 +190,7 @@
"required": true
},
{
+ "displayName": "Database admin password",
"description": "Database admin password",
"name": "DB_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -170,6 +198,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -177,6 +206,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -184,36 +214,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -221,10 +257,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
}
],
"objects": [
@@ -248,7 +305,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -272,7 +330,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -374,11 +433,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
}
}
},
@@ -668,7 +737,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mongodb:latest"
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-mysql-persistent-s2i.json
index 69fdec206..cca0f9c2b 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-mysql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-mysql-persistent-s2i.json
@@ -5,159 +5,187 @@
"annotations": {
"description": "Application template for EAP 6 MySQL applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,mysql,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + MySQL (Persistent with https)"
},
"name": "eap64-mysql-persistent-s2i"
},
"labels": {
"template": "eap64-mysql-persistent-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 and MySQL persistent based application with SSL support has been created in your project. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/TodoListDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -165,6 +193,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -172,6 +201,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -179,6 +209,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -186,6 +217,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -193,36 +225,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -230,10 +268,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -257,7 +316,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -281,7 +341,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -383,11 +444,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
}
}
},
@@ -681,7 +752,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-mysql-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-mysql-s2i.json
index 2bd3c249f..5766506fd 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-mysql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-mysql-s2i.json
@@ -5,153 +5,180 @@
"annotations": {
"description": "Application template for EAP 6 MySQL applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,mysql,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + MySQL (Ephemeral with https)"
},
"name": "eap64-mysql-s2i"
},
"labels": {
"template": "eap64-mysql-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 and MySQL based application with SSL support has been created in your project. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/TodoListDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -159,6 +186,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -166,6 +194,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -173,6 +202,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -180,6 +210,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -187,36 +218,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -224,10 +261,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -251,7 +309,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -275,7 +334,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -377,11 +437,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
}
}
},
@@ -675,7 +745,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-postgresql-persistent-s2i.json
index 31f245950..01891774d 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-postgresql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-postgresql-persistent-s2i.json
@@ -5,144 +5,169 @@
"annotations": {
"description": "Application template for EAP 6 PostgreSQL applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,postgresql,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + PostgreSQL (Persistent with https)"
},
"name": "eap64-postgresql-persistent-s2i"
},
"labels": {
"template": "eap64-postgresql-persistent-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 and PostgreSQL persistent based application with SSL support has been created in your project. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/TodoListDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -150,6 +175,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -157,6 +183,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -164,6 +191,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -171,6 +199,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -178,36 +207,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -215,10 +250,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -242,7 +298,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -266,7 +323,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -368,11 +426,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
}
}
},
@@ -666,7 +734,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-postgresql-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-postgresql-s2i.json
index eac964697..e00f2b0e3 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-postgresql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-postgresql-s2i.json
@@ -5,138 +5,162 @@
"annotations": {
"description": "Application template for EAP 6 PostgreSQL applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,postgresql,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + PostgreSQL (Ephemeral with https)"
},
"name": "eap64-postgresql-s2i"
},
"labels": {
"template": "eap64-postgresql-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 and PostgreSQL based application with SSL support has been created in your project. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/TodoListDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -144,6 +168,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -151,6 +176,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -158,6 +184,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -165,6 +192,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -172,36 +200,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -209,10 +243,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -236,7 +291,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -260,7 +316,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -362,11 +419,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
}
}
},
@@ -660,7 +727,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-sso-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-sso-s2i.json
index 09023be71..ec0739d04 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-sso-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-sso-s2i.json
@@ -3,103 +3,120 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "iconClass" : "icon-jboss",
+ "iconClass": "icon-jboss",
"description": "Application template for EAP 6 applications built using S2I, enabled for SSO.",
- "tags": "eap,javaee,java,jboss,xpaas,sso,keycloak",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + Single Sign-On (with https)"
},
"name": "eap64-sso-s2i"
},
"labels": {
"template": "eap64-sso-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 based application with SSL and SSO support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Hostname for http service route (e.g. eap-app-myproject.example.com). Required for SSO-enabled applications. This is added to the white list of redirects in the SSO server.",
"name": "HOSTNAME_HTTP",
"value": "",
"required": true
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Hostname for https service route (e.g. secure-eap-app-myproject.example.com). Required for SSO-enabled applications. This is added to the white list of redirects in the SSO server.",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": true
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/redhat-developer/redhat-sso-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "7.0.x-ose",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate (e.g. jboss)",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate (e.g. mykeystorepass)",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -107,6 +124,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -114,6 +132,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -121,36 +140,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate (e.g. secret-key)",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate (e.g. password)",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -158,84 +183,98 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
},
{
+ "displayName": "URL for SSO",
"description": "The URL for the SSO server (e.g. https://secure-sso-myproject.example.com/auth). This is the URL through which the user will be redirected when a login or token is required by the application.",
"name": "SSO_URL",
"value": "",
"required": true
},
{
- "description": "The URL for the interal SSO service, where secure-sso is the kubernetes service exposed by the SSO server. This is used to create the application client(s) (see SSO_USERNAME). This can also be the same as SSO_URL.",
+ "displayName": "URL for SSO (internal service)",
+ "description": "The URL for the internal SSO service, where secure-sso is the kubernetes service exposed by the SSO server. This is used to create the application client(s) (see SSO_USERNAME). This can also be the same as SSO_URL.",
"name": "SSO_SERVICE_URL",
"value": "https://secure-sso:8443/auth",
"required": false
},
{
+ "displayName": "SSO Realm",
"description": "The SSO realm to which the application client(s) should be associated (e.g. demo).",
"name": "SSO_REALM",
"value": "",
"required": true
},
{
+ "displayName": "SSO Username",
"description": "The username used to access the SSO service. This is used to create the appliction client(s) within the specified SSO realm. This should match the SSO_SERVICE_USERNAME specified through one of the sso70-* templates.",
"name": "SSO_USERNAME",
"value": "",
"required": false
},
{
+ "displayName": "SSO Password",
"description": "The password for the SSO service user.",
"name": "SSO_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Public Key",
"description": "SSO Public Key. Public key is recommended to be passed into the template to avoid man-in-the-middle security vulnerability. This can be retrieved from the SSO server, for the specified realm.",
"name": "SSO_PUBLIC_KEY",
"value": "",
"required": false
},
{
+ "displayName": "SSO Bearer Only?",
"description": "SSO Client Access Type",
"name": "SSO_BEARER_ONLY",
"value": "",
"required": false
},
{
+ "displayName": "Artifact Directories",
"description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
"name": "ARTIFACT_DIR",
"value": "app-jee-jsp/target,service-jee-jaxrs/target,app-profile-jee-jsp/target,app-profile-saml-jee-jsp/target",
"required": false
},
{
+ "displayName": "SSO SAML Keystore Secret",
"description": "The name of the secret containing the keystore file",
"name": "SSO_SAML_KEYSTORE_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "SSO SAML Keystore",
"description": "The name of the keystore file within the secret",
"name": "SSO_SAML_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "SSO SAML Certificate Name",
"description": "The name associated with the server certificate",
"name": "SSO_SAML_CERTIFICATE_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "SSO SAML Keystore Password",
"description": "The password for the keystore and certificate",
"name": "SSO_SAML_KEYSTORE_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "SSO Client Secret",
"description": "The SSO Client Secret for Confidential Access",
"name": "SSO_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -243,42 +282,55 @@
"required": true
},
{
+ "displayName": "Enable CORS for SSO?",
"description": "Enable CORS for SSO applications",
"name": "SSO_ENABLE_CORS",
"value": "false",
"required": false
},
{
+ "displayName": "SSO SAML Logout Page",
"description": "SSO logout page for SAML applications",
"name": "SSO_SAML_LOGOUT_PAGE",
"value": "/",
"required": false
},
{
+ "displayName": "Disable SSL Validation in EAP->SSO communication",
"description": "If true SSL communication between EAP and the SSO Server will be insecure (i.e. certificate validation is disabled with curl)",
"name": "SSO_DISABLE_SSL_CERTIFICATE_VALIDATION",
"value": "true",
"required": false
},
{
+ "displayName": "SSO Trust Store",
"description": "The name of the truststore file within the secret (e.g. truststore.jks)",
"name": "SSO_TRUSTSTORE",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Password",
"description": "The password for the truststore and certificate (e.g. mykeystorepass)",
"name": "SSO_TRUSTSTORE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Secret",
"description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
"name": "SSO_TRUSTSTORE_SECRET",
"value": "eap-app-secret",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
}
- ],
+ ],
"objects": [
{
"kind": "Service",
@@ -406,7 +458,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
},
"env": [
{
@@ -416,6 +468,10 @@
{
"name": "MAVEN_ARGS_APPEND",
"value": ""
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
}
]
}
@@ -615,7 +671,7 @@
"name": "HORNETQ_TOPICS",
"value": "${HORNETQ_TOPICS}"
},
- {
+ {
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "${JGROUPS_ENCRYPT_SECRET}"
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-third-party-db-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-third-party-db-s2i.json
new file mode 100644
index 000000000..e8f6d6585
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap64-third-party-db-s2i.json
@@ -0,0 +1,646 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-jboss",
+ "description": "Application template for EAP 6 DB applications built using S2I. Includes support for installing third-party DB drivers.",
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 (with https, supporting third-party DB drivers)"
+ },
+ "name": "eap64-third-party-db-s2i"
+ },
+ "labels": {
+ "template": "eap64-third-party-db-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new EAP 6 based application with SSL support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets:\"${CONFIGURATION_NAME}\" containing the datasource configuration details required by the deployed application(s); \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Configuration Secret Name",
+ "description": "The name of the secret containing configuration properties for the datasources.",
+ "name": "CONFIGURATION_NAME",
+ "value": "eap-app-config",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "master",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "datavirt/hibernate-webapp",
+ "required": false
+ },
+ {
+ "displayName": "Drivers ImageStreamTag",
+ "description": "ImageStreamTag definition for the image containing the drivers and configuration, e.g. jboss-datavirt63-openshift:1.0-driver",
+ "name": "EXTENSIONS_IMAGE",
+ "value": "jboss-datavirt63-driver-openshift:1.0",
+ "required": true
+ },
+ {
+ "displayName": "Drivers ImageStream Namespace",
+ "description": "Namespace within which the ImageStream definition for the image containing the drivers and configuration is located.",
+ "name": "EXTENSIONS_IMAGE_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Drivers Image Install Directory",
+ "description": "Full path to the directory within the extensions image where the extensions are located (e.g. install.sh, modules/, etc.)",
+ "name": "EXTENSIONS_INSTALL_DIR",
+ "value": "/extensions",
+ "required": true
+ },
+ {
+ "displayName": "Queue Names",
+ "description": "Queue names to preconfigure within HornetQ subsystem.",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topic Names",
+ "description": "Topic names to preconfigure within HornetQ subsystem.",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Cluster Admin Password",
+ "description": "Admin password for HornetQ cluster.",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "A secret string used to configure the GitHub webhook.",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "A secret string used to configure the Generic webhook.",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore to be used for securing JGroups communications.",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the JGroups secret.",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the JGroups server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "secret-key",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "password",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "Password used by JGroups to authenticate nodes in the cluster.",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}",
+ "images": [
+ {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${EXTENSIONS_IMAGE_NAMESPACE}",
+ "name": "${EXTENSIONS_IMAGE}"
+ },
+ "paths": [
+ {
+ "destinationDir": "./${CONTEXT_DIR}/extensions/extras",
+ "sourcePath": "${EXTENSIONS_INSTALL_DIR}/."
+ }
+ ]
+ }
+ ]
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "CUSTOM_INSTALL_DIRECTORIES",
+ "value": "extensions/*"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap64-openshift:1.5"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${EXTENSIONS_IMAGE_NAMESPACE}",
+ "name": "${EXTENSIONS_IMAGE}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "configuration",
+ "mountPath": "/etc/eap-environment",
+ "readOnly": true
+ },
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "ENV_FILES",
+ "value": "/etc/eap-environment/*"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "configuration",
+ "secret": {
+ "secretName": "${CONFIGURATION_NAME}"
+ }
+ },
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-amq-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-amq-persistent-s2i.json
index f08cdf2f9..3f0eba6e3 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-amq-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-amq-persistent-s2i.json
@@ -5,131 +5,153 @@
"annotations": {
"description": "Application template for EAP 7 A-MQ applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,amq,javaee,java,messaging,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + A-MQ (Persistent with https)"
},
"name": "eap70-amq-persistent-s2i"
},
"labels": {
"template": "eap70-amq-persistent-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 and A-MQ persistent based application with SSL support has been created in your project. The username/password for accessing the A-MQ service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "helloworld-mdb",
"required": false
},
{
- "description": "Size of persistent storage for database volume.",
+ "displayName": "A-MQ Volume Size",
+ "description": "Size of the volume used by A-MQ for persisting messages.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "JMS Connection Factory JNDI Name",
"description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/ConnectionFactory",
"name": "MQ_JNDI",
"value": "java:/ConnectionFactory",
"required": false
},
{
+ "displayName": "Split Data?",
"description": "Split the data directory for each node in a mesh.",
"name": "AMQ_SPLIT",
"value": "false",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_QUEUES",
"value": "HELLOWORLDMDBQueue",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_TOPICS",
"value": "HELLOWORLDMDBTopic",
"required": false
},
{
+ "displayName": "A-MQ Serializable Packages",
"description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
"name": "MQ_SERIALIZABLE_PACKAGES",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap7-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -137,6 +159,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -144,18 +167,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -163,6 +189,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -170,36 +197,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -207,10 +240,24 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -234,7 +281,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTP port."
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -258,7 +306,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTPS port."
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -360,11 +409,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
}
}
},
@@ -641,7 +700,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-amq-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-amq-s2i.json
index 3ca9e9fab..f2d65f353 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-amq-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-amq-s2i.json
@@ -5,119 +5,139 @@
"annotations": {
"description": "Application template for EAP 7 A-MQ applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,amq,javaee,java,messaging,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + A-MQ (with https)"
},
"name": "eap70-amq-s2i"
},
"labels": {
"template": "eap70-amq-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 and A-MQ based application with SSL support has been created in your project. The username/password for accessing the A-MQ service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "helloworld-mdb",
"required": false
},
{
+ "displayName": "JMS Connection Factory JNDI Name",
"description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/ConnectionFactory",
"name": "MQ_JNDI",
"value": "java:/ConnectionFactory",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_QUEUES",
"value": "HELLOWORLDMDBQueue",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_TOPICS",
"value": "HELLOWORLDMDBTopic",
"required": false
},
{
+ "displayName": "A-MQ Serializable Packages",
"description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
"name": "MQ_SERIALIZABLE_PACKAGES",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap7-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap7-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -125,6 +145,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -132,18 +153,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -151,6 +175,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -158,36 +183,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -195,10 +226,24 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -222,7 +267,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTP port."
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -246,7 +292,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTPS port."
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -348,11 +395,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
}
}
},
@@ -626,7 +683,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-basic-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-basic-s2i.json
index 83b4d5b24..c33e3f7cb 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-basic-s2i.json
@@ -6,58 +6,68 @@
"iconClass": "icon-jboss",
"description": "Application template for EAP 7 applications built using S2I.",
"tags": "eap,javaee,java,jboss,xpaas",
- "version": "1.3.2"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 (no https)"
},
"name": "eap70-basic-s2i"
},
"labels": {
"template": "eap70-basic-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 based application has been created in your project.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-developer/jboss-eap-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "7.0.0.GA",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "kitchensink",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ cluster password",
"description": "A-MQ cluster admin password",
"name": "MQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -65,6 +75,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -72,6 +83,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -79,12 +91,14 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -92,10 +106,24 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -174,11 +202,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-https-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-https-s2i.json
index 1292442a4..7542d31c8 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-https-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-https-s2i.json
@@ -6,100 +6,117 @@
"iconClass": "icon-jboss",
"description": "Application template for EAP 7 applications built using S2I.",
"tags": "eap,javaee,java,jboss,xpaas",
- "version": "1.3.2"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 (with https)"
},
"name": "eap70-https-s2i"
},
"labels": {
"template": "eap70-https-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 based application with SSL support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-developer/jboss-eap-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "7.0.0.GA",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "kitchensink",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap7-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap7-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ cluster password",
"description": "A-MQ cluster admin password",
"name": "MQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -107,6 +124,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -114,6 +132,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -121,36 +140,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -158,10 +183,24 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -287,11 +326,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-mongodb-persistent-s2i.json
index 99db77d58..8a7da66c1 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-mongodb-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-mongodb-persistent-s2i.json
@@ -5,149 +5,175 @@
"annotations": {
"description": "Application template for EAP 7 MongoDB applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,mongodb,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + MongoDB (Persistent with https)"
},
"name": "eap70-mongodb-persistent-s2i"
},
"labels": {
"template": "eap70-mongodb-persistent-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 and MongoDB persistent based application with SSL support has been created in your project. The username/password for accessing the MongoDB database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-mongodb",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
"name": "DB_JNDI",
"value": "",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap7-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap7-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MongoDB No Preallocation",
"description": "Disable data file preallocation.",
"name": "MONGODB_NOPREALLOC",
"required": false
},
{
+ "displayName": "MongoDB Small Files",
"description": "Set MongoDB to use a smaller default data file size.",
"name": "MONGODB_SMALLFILES",
"required": false
},
{
+ "displayName": "MongoDB Quiet",
"description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
"name": "MONGODB_QUIET",
"required": false
},
{
+ "displayName": "A-MQ cluster password",
"description": "A-MQ cluster admin password",
"name": "MQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -155,6 +181,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -162,6 +189,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -169,6 +197,7 @@
"required": true
},
{
+ "displayName": "Database admin password",
"description": "Database admin password",
"name": "DB_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -176,6 +205,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -183,6 +213,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -190,36 +221,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -227,10 +264,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
}
],
"objects": [
@@ -254,7 +312,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -278,7 +337,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -380,11 +440,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
}
}
},
@@ -685,7 +755,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mongodb:latest"
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-mongodb-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-mongodb-s2i.json
index c8150c231..ae52a3deb 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-mongodb-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-mongodb-s2i.json
@@ -5,143 +5,168 @@
"annotations": {
"description": "Application template for EAP 7 MongoDB applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,mongodb,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + MongoDB (Ephemeral with https)"
},
"name": "eap70-mongodb-s2i"
},
"labels": {
"template": "eap70-mongodb-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 and MongoDB based application with SSL support has been created in your project. The username/password for accessing the MongoDB database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-mongodb",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
"name": "DB_JNDI",
"value": "",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap7-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap7-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MongoDB No Preallocation",
"description": "Disable data file preallocation.",
"name": "MONGODB_NOPREALLOC",
"required": false
},
{
+ "displayName": "MongoDB Small Files",
"description": "Set MongoDB to use a smaller default data file size.",
"name": "MONGODB_SMALLFILES",
"required": false
},
{
+ "displayName": "MongoDB Quiet",
"description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
"name": "MONGODB_QUIET",
"required": false
},
{
+ "displayName": "A-MQ cluster password",
"description": "A-MQ cluster admin password",
"name": "MQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -149,6 +174,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -156,6 +182,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -163,6 +190,7 @@
"required": true
},
{
+ "displayName": "Database admin password",
"description": "Database admin password",
"name": "DB_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -170,6 +198,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -177,6 +206,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -184,36 +214,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -221,10 +257,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
}
],
"objects": [
@@ -248,7 +305,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -272,7 +330,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -374,11 +433,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
}
}
},
@@ -679,7 +748,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mongodb:latest"
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-mysql-persistent-s2i.json
index f8e5c2b04..a0a3d7717 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-mysql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-mysql-persistent-s2i.json
@@ -5,159 +5,187 @@
"annotations": {
"description": "Application template for EAP 7 MySQL applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,mysql,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + MySQL (Persistent with https)"
},
"name": "eap70-mysql-persistent-s2i"
},
"labels": {
"template": "eap70-mysql-persistent-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 and MySQL persistent based application with SSL support has been created in your project. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/TodoListDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap7-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap7-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "A-MQ cluster password",
"description": "A-MQ cluster admin password",
"name": "MQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -165,6 +193,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -172,6 +201,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -179,6 +209,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -186,6 +217,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -193,36 +225,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -230,10 +268,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -257,7 +316,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -281,7 +341,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -383,11 +444,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
}
}
},
@@ -696,7 +767,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-mysql-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-mysql-s2i.json
index 1edeb62e7..8255ade5d 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-mysql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-mysql-s2i.json
@@ -5,153 +5,180 @@
"annotations": {
"description": "Application template for EAP 7 MySQL applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,mysql,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + MySQL (Ephemeral with https)"
},
"name": "eap70-mysql-s2i"
},
"labels": {
"template": "eap70-mysql-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 and MySQL based application with SSL support has been created in your project. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/TodoListDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap7-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap7-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "A-MQ cluster password",
"description": "A-MQ cluster admin password",
"name": "MQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -159,6 +186,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -166,6 +194,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -173,6 +202,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -180,6 +210,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -187,36 +218,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -224,10 +261,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -251,7 +309,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -275,7 +334,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -377,11 +437,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
}
}
},
@@ -690,7 +760,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-postgresql-persistent-s2i.json
index d11df06ee..436c541d8 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-postgresql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-postgresql-persistent-s2i.json
@@ -5,144 +5,169 @@
"annotations": {
"description": "Application template for EAP 7 PostgreSQL applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,postgresql,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + PostgreSQL (Persistent with https)"
},
"name": "eap70-postgresql-persistent-s2i"
},
"labels": {
"template": "eap70-postgresql-persistent-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 and PostgreSQL persistent based application with SSL support has been created in your project. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/TodoListDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap7-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap7-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "A-MQ cluster password",
"description": "A-MQ cluster admin password",
"name": "MQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -150,6 +175,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -157,6 +183,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -164,6 +191,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -171,6 +199,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -178,36 +207,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -215,10 +250,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -242,7 +298,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -266,7 +323,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -368,11 +426,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
}
}
},
@@ -681,7 +749,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-postgresql-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-postgresql-s2i.json
index 6b7f6d707..a2a37a886 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-postgresql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-postgresql-s2i.json
@@ -5,138 +5,162 @@
"annotations": {
"description": "Application template for EAP 7 PostgreSQL applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,postgresql,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + PostgreSQL (Ephemeral with https)"
},
"name": "eap70-postgresql-s2i"
},
"labels": {
"template": "eap70-postgresql-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 and PostgreSQL based application with SSL support has been created in your project. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/TodoListDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap7-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap7-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "A-MQ cluster password",
"description": "A-MQ cluster admin password",
"name": "MQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -144,6 +168,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -151,6 +176,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -158,6 +184,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -165,6 +192,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -172,36 +200,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -209,10 +243,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -236,7 +291,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -260,7 +316,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -362,11 +419,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
}
}
},
@@ -675,7 +742,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-sso-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-sso-s2i.json
index 811602220..08a844cd9 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-sso-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-sso-s2i.json
@@ -3,103 +3,120 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "iconClass" : "icon-jboss",
+ "iconClass": "icon-jboss",
"description": "Application template for EAP 6 applications built using S2I, enabled for SSO.",
- "tags": "eap,javaee,java,jboss,xpaas,sso,keycloak",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + Single Sign-On (with https)"
},
"name": "eap70-sso-s2i"
},
"labels": {
"template": "eap70-sso-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 based application with SSL and SSO support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Hostname for http service route (e.g. eap-app-myproject.example.com). Required for SSO-enabled applications. This is added to the white list of redirects in the SSO server.",
"name": "HOSTNAME_HTTP",
"value": "",
"required": true
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Hostname for https service route (e.g. secure-eap-app-myproject.example.com). Required for SSO-enabled applications. This is added to the white list of redirects in the SSO server.",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": true
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/redhat-developer/redhat-sso-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "7.0.x-ose",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap7-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap7-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate (e.g. jboss)",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate (e.g. mykeystorepass)",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -107,6 +124,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -114,6 +132,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -121,36 +140,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate (e.g. secret-key)",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate (e.g. password)",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -158,84 +183,98 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
},
{
+ "displayName": "URL for SSO",
"description": "The URL for the SSO server (e.g. https://secure-sso-myproject.example.com/auth). This is the URL through which the user will be redirected when a login or token is required by the application.",
"name": "SSO_URL",
"value": "",
"required": true
},
{
- "description": "The URL for the interal SSO service, where secure-sso (the default) is the kubernetes service exposed by the SSO server. This is used to create the application client(s) (see SSO_USERNAME). This can also be the same as SSO_URL.",
+ "displayName": "URL for SSO (internal service)",
+ "description": "The URL for the internal SSO service, where secure-sso (the default) is the kubernetes service exposed by the SSO server. This is used to create the application client(s) (see SSO_USERNAME). This can also be the same as SSO_URL.",
"name": "SSO_SERVICE_URL",
"value": "https://secure-sso:8443/auth",
"required": false
},
{
+ "displayName": "SSO Realm",
"description": "The SSO realm to which the application client(s) should be associated (e.g. demo).",
"name": "SSO_REALM",
"value": "",
"required": true
},
{
+ "displayName": "SSO Username",
"description": "The username used to access the SSO service. This is used to create the appliction client(s) within the specified SSO realm. This should match the SSO_SERVICE_USERNAME specified through one of the sso70-* templates.",
"name": "SSO_USERNAME",
"value": "",
"required": false
},
{
+ "displayName": "SSO Password",
"description": "The password for the SSO service user.",
"name": "SSO_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Public Key",
"description": "SSO Public Key. Public key is recommended to be passed into the template to avoid man-in-the-middle security vulnerability",
"name": "SSO_PUBLIC_KEY",
"value": "",
"required": false
},
{
+ "displayName": "SSO Bearer Only?",
"description": "SSO Client Access Type",
"name": "SSO_BEARER_ONLY",
"value": "",
"required": false
},
{
+ "displayName": "Artifact Directories",
"description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
"name": "ARTIFACT_DIR",
"value": "app-jee-jsp/target,service-jee-jaxrs/target,app-profile-jee-jsp/target,app-profile-saml-jee-jsp/target",
"required": false
},
{
+ "displayName": "SSO SAML Keystore Secret",
"description": "The name of the secret containing the keystore file",
"name": "SSO_SAML_KEYSTORE_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "SSO SAML Keystore",
"description": "The name of the keystore file within the secret",
"name": "SSO_SAML_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "SSO SAML Certificate Name",
"description": "The name associated with the server certificate",
"name": "SSO_SAML_CERTIFICATE_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "SSO SAML Keystore Password",
"description": "The password for the keystore and certificate",
"name": "SSO_SAML_KEYSTORE_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "SSO Client Secret",
"description": "The SSO Client Secret for Confidential Access",
"name": "SSO_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -243,42 +282,55 @@
"required": true
},
{
+ "displayName": "Enable CORS for SSO?",
"description": "Enable CORS for SSO applications",
"name": "SSO_ENABLE_CORS",
"value": "false",
"required": false
},
{
+ "displayName": "SSO SAML Logout Page",
"description": "SSO logout page for SAML applications",
"name": "SSO_SAML_LOGOUT_PAGE",
"value": "/",
"required": false
},
{
+ "displayName": "Disable SSL Validation in EAP->SSO communication",
"description": "If true SSL communication between EAP and the SSO Server will be insecure (i.e. certificate validation is disabled with curl)",
"name": "SSO_DISABLE_SSL_CERTIFICATE_VALIDATION",
"value": "true",
"required": false
},
{
+ "displayName": "SSO Trust Store",
"description": "The name of the truststore file within the secret (e.g. truststore.jks)",
"name": "SSO_TRUSTSTORE",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Password",
"description": "The password for the truststore and certificate (e.g. mykeystorepass)",
"name": "SSO_TRUSTSTORE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Secret",
"description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
"name": "SSO_TRUSTSTORE_SECRET",
"value": "eap7-app-secret",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
}
- ],
+ ],
"objects": [
{
"kind": "Service",
@@ -406,7 +458,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
},
"env": [
{
@@ -416,6 +468,10 @@
{
"name": "MAVEN_ARGS_APPEND",
"value": ""
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
}
]
}
@@ -593,7 +649,7 @@
{
"name": "HOSTNAME_HTTPS",
"value": "${HOSTNAME_HTTPS}"
- },
+ },
{
"name": "HTTPS_KEYSTORE_DIR",
"value": "/etc/eap-secret-volume"
@@ -626,7 +682,7 @@
"name": "HORNETQ_TOPICS",
"value": "${HORNETQ_TOPICS}"
},
- {
+ {
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "${JGROUPS_ENCRYPT_SECRET}"
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-third-party-db-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-third-party-db-s2i.json
new file mode 100644
index 000000000..9e854d7ab
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/eap70-third-party-db-s2i.json
@@ -0,0 +1,657 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-jboss",
+ "description": "Application template for EAP 7 DB applications built using S2I. Includes support for installing third-party DB drivers.",
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 (with https, supporting third-party DB drivers)"
+ },
+ "name": "eap70-third-party-db-s2i"
+ },
+ "labels": {
+ "template": "eap70-third-party-db-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new EAP 7 based application with SSL support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets:\"${CONFIGURATION_NAME}\" containing the datasource configuration details required by the deployed application(s); \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Configuration Secret Name",
+ "description": "The name of the secret containing configuration properties for the datasources.",
+ "name": "CONFIGURATION_NAME",
+ "value": "eap-app-config",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "master",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "datavirt/hibernate-webapp",
+ "required": false
+ },
+ {
+ "displayName": "Drivers ImageStreamTag",
+ "description": "ImageStreamTag definition for the image containing the drivers and configuration, e.g. jboss-datavirt63-openshift:1.0-driver",
+ "name": "EXTENSIONS_IMAGE",
+ "value": "jboss-datavirt63-driver-openshift:1.0",
+ "required": true
+ },
+ {
+ "displayName": "Drivers ImageStream Namespace",
+ "description": "Namespace within which the ImageStream definition for the image containing the drivers and configuration is located.",
+ "name": "EXTENSIONS_IMAGE_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Drivers Image Install Directory",
+ "description": "Full path to the directory within the extensions image where the extensions are located (e.g. install.sh, modules/, etc.)",
+ "name": "EXTENSIONS_INSTALL_DIR",
+ "value": "/extensions",
+ "required": true
+ },
+ {
+ "displayName": "Queue Names",
+ "description": "Queue names to preconfigure within Messaging subsystem.",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topic Names",
+ "description": "Topic names to preconfigure within Messaging subsystem.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "Messaging Cluster Admin Password",
+ "description": "Admin password for Messaging cluster.",
+ "name": "MQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "A secret string used to configure the GitHub webhook.",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "A secret string used to configure the Generic webhook.",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore to be used for securing JGroups communications.",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the JGroups secret.",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the JGroups server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "secret-key",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "password",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "Password used by JGroups to authenticate nodes in the cluster.",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}",
+ "images": [
+ {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${EXTENSIONS_IMAGE_NAMESPACE}",
+ "name": "${EXTENSIONS_IMAGE}"
+ },
+ "paths": [
+ {
+ "destinationDir": "./${CONTEXT_DIR}/extensions/extras",
+ "sourcePath": "${EXTENSIONS_INSTALL_DIR}/."
+ }
+ ]
+ }
+ ]
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "CUSTOM_INSTALL_DIRECTORIES",
+ "value": "extensions/*"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap70-openshift:1.5"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${EXTENSIONS_IMAGE_NAMESPACE}",
+ "name": "${EXTENSIONS_IMAGE}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "configuration",
+ "mountPath": "/etc/eap-environment",
+ "readOnly": true
+ },
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "lifecycle": {
+ "preStop": {
+ "exec": {
+ "command": [
+ "/opt/eap/bin/jboss-cli.sh",
+ "-c",
+ ":shutdown(timeout=60)"
+ ]
+ }
+ }
+ },
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "ENV_FILES",
+ "value": "/etc/eap-environment/*"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "MQ_CLUSTER_PASSWORD",
+ "value": "${MQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "configuration",
+ "secret": {
+ "secretName": "${CONFIGURATION_NAME}"
+ }
+ },
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-basic-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-basic-s2i.json
index 413a6de87..4e42e0eca 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-basic-s2i.json
@@ -6,46 +6,54 @@
"iconClass": "icon-tomcat",
"description": "Application template for JWS applications built using S2I.",
"tags": "tomcat,tomcat7,java,jboss,xpaas",
- "version": "1.2.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7 (no https)"
},
"name": "jws30-tomcat7-basic-s2i"
},
"labels": {
"template": "jws30-tomcat7-basic-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new JWS application for Tomcat 7 has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "tomcat-websocket-chat",
"required": false
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -53,6 +61,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -60,6 +69,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -67,6 +77,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -74,10 +85,24 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -156,11 +181,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat7-openshift:1.2"
+ "name": "jboss-webserver30-tomcat7-openshift:1.3"
}
}
},
@@ -248,7 +283,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-https-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-https-s2i.json
index 610ea9441..f5fc2e581 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-https-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-https-s2i.json
@@ -6,76 +6,89 @@
"iconClass": "icon-tomcat",
"description": "Application template for JWS applications built using S2I.",
"tags": "tomcat,tomcat7,java,jboss,xpaas",
- "version": "1.2.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7 (with https)"
},
"name": "jws30-tomcat7-https-s2i"
},
"labels": {
"template": "jws30-tomcat7-https-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new JWS application for Tomcat 7 has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "tomcat-websocket-chat",
"required": false
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -83,6 +96,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -90,6 +104,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -97,6 +112,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -104,10 +120,24 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -233,11 +263,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat7-openshift:1.2"
+ "name": "jboss-webserver30-tomcat7-openshift:1.3"
}
}
},
@@ -326,7 +366,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-mongodb-persistent-s2i.json
index 6ef9d6e4c..2a73a182c 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-mongodb-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-mongodb-persistent-s2i.json
@@ -5,125 +5,147 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS MongoDB applications with persistent storage built using S2I.",
- "tags": "tomcat,tomcat7,mongodb,java,database,jboss,xpaas",
- "version": "1.2.0"
+ "tags": "tomcat,tomcat7,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7 + MongoDB (Persistent with https)"
},
"name": "jws30-tomcat7-mongodb-persistent-s2i"
},
"labels": {
"template": "jws30-tomcat7-mongodb-persistent-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent JWS application for Tomcat 7 (using MongoDB) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MongoDB database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-mongodb",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
"name": "DB_JNDI",
"value": "",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MongoDB No Preallocation",
"description": "Disable data file preallocation.",
"name": "MONGODB_NOPREALLOC",
"required": false
},
{
+ "displayName": "MongoDB Small Files",
"description": "Set MongoDB to use a smaller default data file size.",
"name": "MONGODB_SMALLFILES",
"required": false
},
{
+ "displayName": "MongoDB Quiet",
"description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
"name": "MONGODB_QUIET",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -131,6 +153,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -138,6 +161,7 @@
"required": true
},
{
+ "displayName": "Database admin password",
"description": "Database admin password",
"name": "DB_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -145,6 +169,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -152,6 +177,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -159,6 +185,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -166,6 +193,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -173,10 +201,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
}
],
"objects": [
@@ -200,7 +249,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -224,7 +274,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -326,11 +377,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat7-openshift:1.2"
+ "name": "jboss-webserver30-tomcat7-openshift:1.3"
}
}
},
@@ -419,7 +480,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -547,7 +608,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mongodb:latest"
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-mongodb-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-mongodb-s2i.json
index 9b48f8ae7..a71dfa634 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-mongodb-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-mongodb-s2i.json
@@ -5,119 +5,140 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS MongoDB applications built using S2I.",
- "tags": "tomcat,tomcat7,mongodb,java,database,jboss,xpaas",
- "version": "1.2.0"
+ "tags": "tomcat,tomcat7,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7 + MongoDB (Ephemeral with https)"
},
"name": "jws30-tomcat7-mongodb-s2i"
},
"labels": {
"template": "jws30-tomcat7-mongodb-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new JWS application for Tomcat 7 (using MongoDB) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MongoDB database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-mongodb",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
"name": "DB_JNDI",
"value": "",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MongoDB No Preallocation",
"description": "Disable data file preallocation.",
"name": "MONGODB_NOPREALLOC",
"required": false
},
{
+ "displayName": "MongoDB Small Files",
"description": "Set MongoDB to use a smaller default data file size.",
"name": "MONGODB_SMALLFILES",
"required": false
},
{
+ "displayName": "MongoDB Quiet",
"description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
"name": "MONGODB_QUIET",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -125,6 +146,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -132,6 +154,7 @@
"required": true
},
{
+ "displayName": "Database admin password",
"description": "Database admin password",
"name": "DB_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -139,6 +162,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -146,6 +170,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -153,6 +178,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -160,6 +186,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -167,10 +194,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
}
],
"objects": [
@@ -194,7 +242,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -218,7 +267,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -320,11 +370,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat7-openshift:1.2"
+ "name": "jboss-webserver30-tomcat7-openshift:1.3"
}
}
},
@@ -413,7 +473,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -541,7 +601,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mongodb:latest"
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-mysql-persistent-s2i.json
index 30af703ce..9a05dcbd5 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-mysql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-mysql-persistent-s2i.json
@@ -5,135 +5,159 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS MySQL applications with persistent storage built using S2I.",
- "tags": "tomcat,tomcat7,mysql,java,database,jboss,xpaas",
- "version": "1.2.0"
+ "tags": "tomcat,tomcat7,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7 + MySQL (Persistent with https)"
},
"name": "jws30-tomcat7-mysql-persistent-s2i"
},
"labels": {
"template": "jws30-tomcat7-mysql-persistent-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent JWS application for Tomcat 7 (using MySQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/mysqlDS",
"name": "DB_JNDI",
"value": "jboss/datasources/defaultDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -141,6 +165,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -148,6 +173,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -155,6 +181,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -162,6 +189,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -169,6 +197,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -176,10 +205,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -203,7 +253,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -227,7 +278,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -329,11 +381,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat7-openshift:1.2"
+ "name": "jboss-webserver30-tomcat7-openshift:1.3"
}
}
},
@@ -422,7 +484,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -546,7 +608,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-mysql-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-mysql-s2i.json
index c2843af63..553a30a44 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-mysql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-mysql-s2i.json
@@ -5,129 +5,152 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS MySQL applications built using S2I.",
- "tags": "tomcat,tomcat7,mysql,java,database,jboss,xpaas",
- "version": "1.2.0"
+ "tags": "tomcat,tomcat7,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7 + MySQL (Ephemeral with https)"
},
"name": "jws30-tomcat7-mysql-s2i"
},
"labels": {
"template": "jws30-tomcat7-mysql-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new JWS application for Tomcat 7 (using MySQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/mysqlDS",
"name": "DB_JNDI",
"value": "jboss/datasources/defaultDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -135,6 +158,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -142,6 +166,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -149,6 +174,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -156,6 +182,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -163,6 +190,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -170,10 +198,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -197,7 +246,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -221,7 +271,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -323,11 +374,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat7-openshift:1.2"
+ "name": "jboss-webserver30-tomcat7-openshift:1.3"
}
}
},
@@ -416,7 +477,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -540,7 +601,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-postgresql-persistent-s2i.json
index b8372f374..a5c6c8a56 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-postgresql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-postgresql-persistent-s2i.json
@@ -5,120 +5,141 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS PostgreSQL applications with persistent storage built using S2I.",
- "tags": "tomcat,tomcat7,postgresql,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "tomcat,tomcat7,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7 + PostgreSQL (Persistent with https)"
},
"name": "jws30-tomcat7-postgresql-persistent-s2i"
},
"labels": {
"template": "jws30-tomcat7-postgresql-persistent-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent JWS application for Tomcat 7 (using PostgreSQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the PostgreSQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/postgresqlDS",
"name": "DB_JNDI",
"value": "jboss/datasources/defaultDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -126,6 +147,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -133,6 +155,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -140,6 +163,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -147,6 +171,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -154,6 +179,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -161,10 +187,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -188,7 +235,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -212,7 +260,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -314,11 +363,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat7-openshift:1.2"
+ "name": "jboss-webserver30-tomcat7-openshift:1.3"
}
}
},
@@ -407,7 +466,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -531,7 +590,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-postgresql-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-postgresql-s2i.json
index cd5bb9fa4..61a3208e4 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-postgresql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat7-postgresql-s2i.json
@@ -5,114 +5,134 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS PostgreSQL applications built using S2I.",
- "tags": "tomcat,tomcat7,postgresql,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "tomcat,tomcat7,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7 + PostgreSQL (Ephemeral with https)"
},
"name": "jws30-tomcat7-postgresql-s2i"
},
"labels": {
"template": "jws30-tomcat7-postgresql-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new JWS application for Tomcat 7 (using PostgreSQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the PostgreSQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/postgresqlDS",
"name": "DB_JNDI",
"value": "jboss/datasources/defaultDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -120,6 +140,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -127,6 +148,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -134,6 +156,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -141,6 +164,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -148,6 +172,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -155,10 +180,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -182,7 +228,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -206,7 +253,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -308,11 +356,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat7-openshift:1.2"
+ "name": "jboss-webserver30-tomcat7-openshift:1.3"
}
}
},
@@ -401,7 +459,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -525,7 +583,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-basic-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-basic-s2i.json
index cb1e49d29..75d08e99d 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-basic-s2i.json
@@ -6,46 +6,54 @@
"iconClass": "icon-tomcat",
"description": "Application template for JWS applications built using S2I.",
"tags": "tomcat,tomcat8,java,jboss,xpaas",
- "version": "1.2.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8 (no https)"
},
"name": "jws30-tomcat8-basic-s2i"
},
"labels": {
"template": "jws30-tomcat8-basic-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new JWS application for Tomcat 8 has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "tomcat-websocket-chat",
"required": false
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -53,6 +61,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -60,6 +69,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -67,6 +77,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -74,10 +85,24 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -156,11 +181,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat8-openshift:1.2"
+ "name": "jboss-webserver30-tomcat8-openshift:1.3"
}
}
},
@@ -248,7 +283,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-https-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-https-s2i.json
index 21d5662c7..71577bec4 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-https-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-https-s2i.json
@@ -6,76 +6,89 @@
"iconClass": "icon-tomcat",
"description": "Application template for JWS applications built using S2I.",
"tags": "tomcat,tomcat8,java,jboss,xpaas",
- "version": "1.2.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8 (with https)"
},
"name": "jws30-tomcat8-https-s2i"
},
"labels": {
"template": "jws30-tomcat8-https-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new JWS application for Tomcat 8 has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "tomcat-websocket-chat",
"required": false
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -83,6 +96,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -90,6 +104,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -97,6 +112,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -104,10 +120,24 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -233,11 +263,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat8-openshift:1.2"
+ "name": "jboss-webserver30-tomcat8-openshift:1.3"
}
}
},
@@ -326,7 +366,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-mongodb-persistent-s2i.json
index 34657d826..de86dd83e 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-mongodb-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-mongodb-persistent-s2i.json
@@ -5,125 +5,147 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS MongoDB applications with persistent storage built using S2I.",
- "tags": "tomcat,tomcat8,mongodb,java,database,jboss,xpaas",
- "version": "1.2.0"
+ "tags": "tomcat,tomcat8,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8 + MongoDB (Persistent with https)"
},
"name": "jws30-tomcat8-mongodb-persistent-s2i"
},
+ "message": "A new persistent JWS application for Tomcat 8 (using MongoDB) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MongoDB database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"labels": {
"template": "jws30-tomcat8-mongodb-persistent-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-mongodb",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
"name": "DB_JNDI",
"value": "",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MongoDB No Preallocation",
"description": "Disable data file preallocation.",
"name": "MONGODB_NOPREALLOC",
"required": false
},
{
+ "displayName": "MongoDB Small Files",
"description": "Set MongoDB to use a smaller default data file size.",
"name": "MONGODB_SMALLFILES",
"required": false
},
{
+ "displayName": "MongoDB Quiet",
"description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
"name": "MONGODB_QUIET",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -131,6 +153,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -138,6 +161,7 @@
"required": true
},
{
+ "displayName": "Database admin password",
"description": "Database admin password",
"name": "DB_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -145,6 +169,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -152,6 +177,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -159,6 +185,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -166,6 +193,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -173,10 +201,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
}
],
"objects": [
@@ -200,7 +249,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -224,7 +274,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -326,11 +377,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat8-openshift:1.2"
+ "name": "jboss-webserver30-tomcat8-openshift:1.3"
}
}
},
@@ -419,7 +480,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -547,7 +608,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mongodb:latest"
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-mongodb-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-mongodb-s2i.json
index 974cfaddb..6dc85e226 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-mongodb-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-mongodb-s2i.json
@@ -5,119 +5,140 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS MongoDB applications built using S2I.",
- "tags": "tomcat,tomcat8,mongodb,java,database,jboss,xpaas",
- "version": "1.2.0"
+ "tags": "tomcat,tomcat8,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8 + MongoDB (Ephemeral with https)"
},
"name": "jws30-tomcat8-mongodb-s2i"
},
"labels": {
"template": "jws30-tomcat8-mongodb-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new JWS application for Tomcat 8 (using MongoDB) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MongoDB database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-mongodb",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
"name": "DB_JNDI",
"value": "",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MongoDB No Preallocation",
"description": "Disable data file preallocation.",
"name": "MONGODB_NOPREALLOC",
"required": false
},
{
+ "displayName": "MongoDB Small Files",
"description": "Set MongoDB to use a smaller default data file size.",
"name": "MONGODB_SMALLFILES",
"required": false
},
{
+ "displayName": "MongoDB Quiet",
"description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
"name": "MONGODB_QUIET",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -125,6 +146,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -132,6 +154,7 @@
"required": true
},
{
+ "displayName": "Database admin password",
"description": "Database admin password",
"name": "DB_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -139,6 +162,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -146,6 +170,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -153,6 +178,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -160,6 +186,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -167,10 +194,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
}
],
"objects": [
@@ -194,7 +242,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -218,7 +267,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -320,11 +370,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat8-openshift:1.2"
+ "name": "jboss-webserver30-tomcat8-openshift:1.3"
}
}
},
@@ -413,7 +473,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -541,7 +601,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mongodb:latest"
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-mysql-persistent-s2i.json
index 7a8231cc5..0e96b58a9 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-mysql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-mysql-persistent-s2i.json
@@ -5,135 +5,159 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS MySQL applications with persistent storage built using S2I.",
- "tags": "tomcat,tomcat8,mysql,java,database,jboss,xpaas",
- "version": "1.2.0"
+ "tags": "tomcat,tomcat8,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8 + MySQL (Persistent with https)"
},
"name": "jws30-tomcat8-mysql-persistent-s2i"
},
"labels": {
"template": "jws30-tomcat8-mysql-persistent-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent JWS application for Tomcat 8 (using MySQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/mysqlDS",
"name": "DB_JNDI",
"value": "jboss/datasources/defaultDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -141,6 +165,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -148,6 +173,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -155,6 +181,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -162,6 +189,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -169,6 +197,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -176,10 +205,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -203,7 +253,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -227,7 +278,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -329,11 +381,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat8-openshift:1.2"
+ "name": "jboss-webserver30-tomcat8-openshift:1.3"
}
}
},
@@ -422,7 +484,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -546,7 +608,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-mysql-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-mysql-s2i.json
index cda21f237..08b040863 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-mysql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-mysql-s2i.json
@@ -5,129 +5,152 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS MySQL applications built using S2I.",
- "tags": "tomcat,tomcat8,mysql,java,database,jboss,xpaas",
- "version": "1.2.0"
+ "tags": "tomcat,tomcat8,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8 + MySQL (Ephemeral with https)"
},
"name": "jws30-tomcat8-mysql-s2i"
},
"labels": {
"template": "jws30-tomcat8-mysql-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new JWS application for Tomcat 8 (using MySQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/mysqlDS",
"name": "DB_JNDI",
"value": "jboss/datasources/defaultDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -135,6 +158,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -142,6 +166,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -149,6 +174,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -156,6 +182,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -163,6 +190,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -170,10 +198,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -197,7 +246,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -221,7 +271,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -323,11 +374,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat8-openshift:1.2"
+ "name": "jboss-webserver30-tomcat8-openshift:1.3"
}
}
},
@@ -416,7 +477,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -540,7 +601,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-postgresql-persistent-s2i.json
index 4dfc98015..f117e6624 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-postgresql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-postgresql-persistent-s2i.json
@@ -5,120 +5,141 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS PostgreSQL applications with persistent storage built using S2I.",
- "tags": "tomcat,tomcat8,postgresql,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "tomcat,tomcat8,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8 + PostgreSQL (Persistent with https)"
},
"name": "jws30-tomcat8-postgresql-persistent-s2i"
},
"labels": {
"template": "jws30-tomcat8-postgresql-persistent-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent JWS application for Tomcat 8 (using PostgreSQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the PostgreSQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/postgresqlDS",
"name": "DB_JNDI",
"value": "jboss/datasources/defaultDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -126,6 +147,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -133,6 +155,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -140,6 +163,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -147,6 +171,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -154,6 +179,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -161,10 +187,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -188,7 +235,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -212,7 +260,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -314,11 +363,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat8-openshift:1.2"
+ "name": "jboss-webserver30-tomcat8-openshift:1.3"
}
}
},
@@ -407,7 +466,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -531,7 +590,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-postgresql-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-postgresql-s2i.json
index f6c85668c..faece1269 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-postgresql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws30-tomcat8-postgresql-s2i.json
@@ -5,114 +5,134 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS PostgreSQL applications built using S2I.",
- "tags": "tomcat,tomcat8,postgresql,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "tomcat,tomcat8,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8 + (PostgreSQL with https)"
},
"name": "jws30-tomcat8-postgresql-s2i"
},
"labels": {
"template": "jws30-tomcat8-postgresql-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new JWS application for Tomcat 8 (using PostgreSQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the PostgreSQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/postgresqlDS",
"name": "DB_JNDI",
"value": "jboss/datasources/defaultDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -120,6 +140,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -127,6 +148,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -134,6 +156,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -141,6 +164,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -148,6 +172,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -155,10 +180,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -182,7 +228,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -206,7 +253,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -308,11 +356,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat8-openshift:1.2"
+ "name": "jboss-webserver30-tomcat8-openshift:1.3"
}
}
},
@@ -400,7 +458,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -524,7 +582,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat7-basic-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat7-basic-s2i.json
new file mode 100644
index 000000000..6db6e8cc6
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat7-basic-s2i.json
@@ -0,0 +1,319 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-tomcat",
+ "description": "Application template for JWS applications built using S2I.",
+ "tags": "tomcat,tomcat7,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 7 (no https)"
+ },
+ "name": "jws31-tomcat7-basic-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat7-basic-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new JWS application for Tomcat 7 has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "tomcat-websocket-chat",
+ "required": false
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat7-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat7-https-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat7-https-s2i.json
new file mode 100644
index 000000000..fd5fca316
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat7-https-s2i.json
@@ -0,0 +1,438 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-tomcat",
+ "description": "Application template for JWS applications built using S2I.",
+ "tags": "tomcat,tomcat7,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 7 (with https)"
+ },
+ "name": "jws31-tomcat7-https-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat7-https-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new JWS application for Tomcat 7 has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "tomcat-websocket-chat",
+ "required": false
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat7-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat7-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat7-mongodb-persistent-s2i.json
new file mode 100644
index 000000000..6bbea8ab8
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat7-mongodb-persistent-s2i.json
@@ -0,0 +1,715 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-tomcat",
+ "description": "Application template for JWS MongoDB applications with persistent storage built using S2I.",
+ "tags": "tomcat,tomcat7,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 7 + MongoDB (Persistent with https)"
+ },
+ "name": "jws31-tomcat7-mongodb-persistent-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat7-mongodb-persistent-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new persistent JWS application for Tomcat 7 (using MongoDB) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MongoDB database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-mongodb",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
+ "name": "DB_JNDI",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB No Preallocation",
+ "description": "Disable data file preallocation.",
+ "name": "MONGODB_NOPREALLOC",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Small Files",
+ "description": "Set MongoDB to use a smaller default data file size.",
+ "name": "MONGODB_SMALLFILES",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Quiet",
+ "description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
+ "name": "MONGODB_QUIET",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database admin password",
+ "description": "Database admin password",
+ "name": "DB_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 27017,
+ "targetPort": 27017
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat7-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mongodb=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mongodb"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "image": "mongodb",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 27017,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/mongodb/data",
+ "name": "${APPLICATION_NAME}-mongodb-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "MONGODB_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MONGODB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MONGODB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_NOPREALLOC",
+ "value": "${MONGODB_NOPREALLOC}"
+ },
+ {
+ "name": "MONGODB_SMALLFILES",
+ "value": "${MONGODB_SMALLFILES}"
+ },
+ {
+ "name": "MONGODB_QUIET",
+ "value": "${MONGODB_QUIET}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-mongodb-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-mongodb-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat7-mongodb-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat7-mongodb-s2i.json
new file mode 100644
index 000000000..a565ee4c0
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat7-mongodb-s2i.json
@@ -0,0 +1,674 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-tomcat",
+ "description": "Application template for JWS MongoDB applications built using S2I.",
+ "tags": "tomcat,tomcat7,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 7 + MongoDB (Ephemeral with https)"
+ },
+ "name": "jws31-tomcat7-mongodb-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat7-mongodb-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new JWS application for Tomcat 7 (using MongoDB) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MongoDB database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-mongodb",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
+ "name": "DB_JNDI",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB No Preallocation",
+ "description": "Disable data file preallocation.",
+ "name": "MONGODB_NOPREALLOC",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Small Files",
+ "description": "Set MongoDB to use a smaller default data file size.",
+ "name": "MONGODB_SMALLFILES",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Quiet",
+ "description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
+ "name": "MONGODB_QUIET",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database admin password",
+ "description": "Database admin password",
+ "name": "DB_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 27017,
+ "targetPort": 27017
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat7-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mongodb=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mongodb"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "image": "mongodb",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 27017,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MONGODB_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MONGODB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MONGODB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_NOPREALLOC",
+ "value": "${MONGODB_NOPREALLOC}"
+ },
+ {
+ "name": "MONGODB_SMALLFILES",
+ "value": "${MONGODB_SMALLFILES}"
+ },
+ {
+ "name": "MONGODB_QUIET",
+ "value": "${MONGODB_QUIET}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat7-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat7-mysql-persistent-s2i.json
new file mode 100644
index 000000000..be6899958
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat7-mysql-persistent-s2i.json
@@ -0,0 +1,718 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-tomcat",
+ "description": "Application template for JWS MySQL applications with persistent storage built using S2I.",
+ "tags": "tomcat,tomcat7,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 7 + MySQL (Persistent with https)"
+ },
+ "name": "jws31-tomcat7-mysql-persistent-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat7-mysql-persistent-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new persistent JWS application for Tomcat 7 (using MySQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/mysqlDS",
+ "name": "DB_JNDI",
+ "value": "jboss/datasources/defaultDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat7-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/mysql/data",
+ "name": "${APPLICATION_NAME}-mysql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-mysql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-mysql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat7-mysql-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat7-mysql-s2i.json
new file mode 100644
index 000000000..2983cc905
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat7-mysql-s2i.json
@@ -0,0 +1,677 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-tomcat",
+ "description": "Application template for JWS MySQL applications built using S2I.",
+ "tags": "tomcat,tomcat7,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 7 + MySQL (Ephemeral with https)"
+ },
+ "name": "jws31-tomcat7-mysql-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat7-mysql-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new JWS application for Tomcat 7 (using MySQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/mysqlDS",
+ "name": "DB_JNDI",
+ "value": "jboss/datasources/defaultDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat7-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat7-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat7-postgresql-persistent-s2i.json
new file mode 100644
index 000000000..cc5ea452c
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat7-postgresql-persistent-s2i.json
@@ -0,0 +1,692 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-tomcat",
+ "description": "Application template for JWS PostgreSQL applications with persistent storage built using S2I.",
+ "tags": "tomcat,tomcat7,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 7 + PostgreSQL (Persistent with https)"
+ },
+ "name": "jws31-tomcat7-postgresql-persistent-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat7-postgresql-persistent-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new persistent JWS application for Tomcat 7 (using PostgreSQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the PostgreSQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/postgresqlDS",
+ "name": "DB_JNDI",
+ "value": "jboss/datasources/defaultDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat7-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/pgsql/data",
+ "name": "${APPLICATION_NAME}-postgresql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-postgresql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat7-postgresql-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat7-postgresql-s2i.json
new file mode 100644
index 000000000..bd23e1558
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat7-postgresql-s2i.json
@@ -0,0 +1,651 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-tomcat",
+ "description": "Application template for JWS PostgreSQL applications built using S2I.",
+ "tags": "tomcat,tomcat7,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 7 + PostgreSQL (Ephemeral with https)"
+ },
+ "name": "jws31-tomcat7-postgresql-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat7-postgresql-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new JWS application for Tomcat 7 (using PostgreSQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the PostgreSQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/postgresqlDS",
+ "name": "DB_JNDI",
+ "value": "jboss/datasources/defaultDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat7-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat8-basic-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat8-basic-s2i.json
new file mode 100644
index 000000000..f3a5786f6
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat8-basic-s2i.json
@@ -0,0 +1,319 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-tomcat",
+ "description": "Application template for JWS applications built using S2I.",
+ "tags": "tomcat,tomcat8,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 8 (no https)"
+ },
+ "name": "jws31-tomcat8-basic-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat8-basic-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new JWS application for Tomcat 8 has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "tomcat-websocket-chat",
+ "required": false
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat8-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat8-https-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat8-https-s2i.json
new file mode 100644
index 000000000..634948a80
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat8-https-s2i.json
@@ -0,0 +1,438 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-tomcat",
+ "description": "Application template for JWS applications built using S2I.",
+ "tags": "tomcat,tomcat8,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 8 (with https)"
+ },
+ "name": "jws31-tomcat8-https-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat8-https-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new JWS application for Tomcat 8 has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "tomcat-websocket-chat",
+ "required": false
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat8-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat8-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat8-mongodb-persistent-s2i.json
new file mode 100644
index 000000000..1ad60d8cc
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat8-mongodb-persistent-s2i.json
@@ -0,0 +1,715 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-tomcat",
+ "description": "Application template for JWS MongoDB applications with persistent storage built using S2I.",
+ "tags": "tomcat,tomcat8,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 8 + MongoDB (Persistent with https)"
+ },
+ "name": "jws31-tomcat8-mongodb-persistent-s2i"
+ },
+ "message": "A new persistent JWS application for Tomcat 8 (using MongoDB) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MongoDB database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "labels": {
+ "template": "jws31-tomcat8-mongodb-persistent-s2i",
+ "xpaas": "1.4.0"
+ },
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-mongodb",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
+ "name": "DB_JNDI",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB No Preallocation",
+ "description": "Disable data file preallocation.",
+ "name": "MONGODB_NOPREALLOC",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Small Files",
+ "description": "Set MongoDB to use a smaller default data file size.",
+ "name": "MONGODB_SMALLFILES",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Quiet",
+ "description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
+ "name": "MONGODB_QUIET",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database admin password",
+ "description": "Database admin password",
+ "name": "DB_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 27017,
+ "targetPort": 27017
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat8-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mongodb=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mongodb"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "image": "mongodb",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 27017,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/mongodb/data",
+ "name": "${APPLICATION_NAME}-mongodb-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "MONGODB_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MONGODB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MONGODB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_NOPREALLOC",
+ "value": "${MONGODB_NOPREALLOC}"
+ },
+ {
+ "name": "MONGODB_SMALLFILES",
+ "value": "${MONGODB_SMALLFILES}"
+ },
+ {
+ "name": "MONGODB_QUIET",
+ "value": "${MONGODB_QUIET}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-mongodb-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-mongodb-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat8-mongodb-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat8-mongodb-s2i.json
new file mode 100644
index 000000000..f3e918afc
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat8-mongodb-s2i.json
@@ -0,0 +1,674 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-tomcat",
+ "description": "Application template for JWS MongoDB applications built using S2I.",
+ "tags": "tomcat,tomcat8,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 8 + MongoDB (Ephemeral with https)"
+ },
+ "name": "jws31-tomcat8-mongodb-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat8-mongodb-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new JWS application for Tomcat 8 (using MongoDB) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MongoDB database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-mongodb",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
+ "name": "DB_JNDI",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB No Preallocation",
+ "description": "Disable data file preallocation.",
+ "name": "MONGODB_NOPREALLOC",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Small Files",
+ "description": "Set MongoDB to use a smaller default data file size.",
+ "name": "MONGODB_SMALLFILES",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Quiet",
+ "description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
+ "name": "MONGODB_QUIET",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database admin password",
+ "description": "Database admin password",
+ "name": "DB_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 27017,
+ "targetPort": 27017
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat8-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mongodb=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mongodb"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "image": "mongodb",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 27017,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MONGODB_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MONGODB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MONGODB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_NOPREALLOC",
+ "value": "${MONGODB_NOPREALLOC}"
+ },
+ {
+ "name": "MONGODB_SMALLFILES",
+ "value": "${MONGODB_SMALLFILES}"
+ },
+ {
+ "name": "MONGODB_QUIET",
+ "value": "${MONGODB_QUIET}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat8-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat8-mysql-persistent-s2i.json
new file mode 100644
index 000000000..08b456440
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat8-mysql-persistent-s2i.json
@@ -0,0 +1,718 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-tomcat",
+ "description": "Application template for JWS MySQL applications with persistent storage built using S2I.",
+ "tags": "tomcat,tomcat8,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 8 + MySQL (Persistent with https)"
+ },
+ "name": "jws31-tomcat8-mysql-persistent-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat8-mysql-persistent-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new persistent JWS application for Tomcat 8 (using MySQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/mysqlDS",
+ "name": "DB_JNDI",
+ "value": "jboss/datasources/defaultDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat8-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/mysql/data",
+ "name": "${APPLICATION_NAME}-mysql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-mysql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-mysql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat8-mysql-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat8-mysql-s2i.json
new file mode 100644
index 000000000..260515b73
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat8-mysql-s2i.json
@@ -0,0 +1,677 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-tomcat",
+ "description": "Application template for JWS MySQL applications built using S2I.",
+ "tags": "tomcat,tomcat8,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 8 + MySQL (Ephemeral with https)"
+ },
+ "name": "jws31-tomcat8-mysql-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat8-mysql-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new JWS application for Tomcat 8 (using MySQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/mysqlDS",
+ "name": "DB_JNDI",
+ "value": "jboss/datasources/defaultDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat8-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat8-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat8-postgresql-persistent-s2i.json
new file mode 100644
index 000000000..eef5b6939
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat8-postgresql-persistent-s2i.json
@@ -0,0 +1,692 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-tomcat",
+ "description": "Application template for JWS PostgreSQL applications with persistent storage built using S2I.",
+ "tags": "tomcat,tomcat8,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 8 + PostgreSQL (Persistent with https)"
+ },
+ "name": "jws31-tomcat8-postgresql-persistent-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat8-postgresql-persistent-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new persistent JWS application for Tomcat 8 (using PostgreSQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the PostgreSQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/postgresqlDS",
+ "name": "DB_JNDI",
+ "value": "jboss/datasources/defaultDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat8-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/pgsql/data",
+ "name": "${APPLICATION_NAME}-postgresql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-postgresql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat8-postgresql-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat8-postgresql-s2i.json
new file mode 100644
index 000000000..07ef7218a
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/jws31-tomcat8-postgresql-s2i.json
@@ -0,0 +1,649 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-tomcat",
+ "description": "Application template for JWS PostgreSQL applications built using S2I.",
+ "tags": "tomcat,tomcat8,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 8 + (PostgreSQL with https)"
+ },
+ "name": "jws31-tomcat8-postgresql-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat8-postgresql-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new JWS application for Tomcat 8 (using PostgreSQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the PostgreSQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/postgresqlDS",
+ "name": "DB_JNDI",
+ "value": "jboss/datasources/defaultDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat8-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/openjdk18-web-basic-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/openjdk18-web-basic-s2i.json
index 143e16756..a48e204ae 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/openjdk18-web-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/openjdk18-web-basic-s2i.json
@@ -6,13 +6,14 @@
"iconClass": "icon-jboss",
"description": "Application template for Java applications built using S2I.",
"tags": "java,xpaas",
- "version": "1.0.0"
+ "version": "1.1.0",
+ "openshift.io/display-name": "Red Hat OpenJDK 8"
},
"name": "openjdk18-web-basic-s2i"
},
"labels": {
"template": "openjdk18-web-basic-s2i",
- "xpaas": "1.0.0"
+ "xpaas": "1.4.0"
},
"message": "A new java application has been created in your project.",
"parameters": [
@@ -155,7 +156,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "redhat-openjdk18-openshift:1.0"
+ "name": "redhat-openjdk18-openshift:1.1"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-amq-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-amq-mysql-persistent-s2i.json
index 1dea463ac..d1705c88c 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-amq-mysql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-amq-mysql-persistent-s2i.json
@@ -5,41 +5,48 @@
"annotations": {
"description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server AMQ and MySQL applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "processserver,amq,mysql,javaee,java,database,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server + A-MQ + MySQL (Persistent with https)"
},
"name": "processserver63-amq-mysql-persistent-s2i"
},
"labels": {
"template": "processserver63-amq-mysql-persistent-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent BPMS application (using MySQL and A-MQ) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. And for the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Protocol",
"description": "The protocol to access the KIE Server REST interface.",
"name": "KIE_SERVER_PROTOCOL",
"value": "https",
"required": false
},
{
+ "displayName": "KIE Server Port",
"description": "The port to access the KIE Server REST interface.",
"name": "KIE_SERVER_PORT",
"value": "8443",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -47,144 +54,168 @@
"required": false
},
{
+ "displayName": "KIE Server Domain",
"description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
"name": "KIE_SERVER_DOMAIN",
"value": "other",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Request",
"description": "JNDI name of request queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_REQUEST",
"value": "queue/KIE.SERVER.REQUEST",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Response",
"description": "JNDI name of response queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
"value": "queue/KIE.SERVER.RESPONSE",
"required": false
},
{
+ "displayName": "KIE Server Executor JMS Queue",
"description": "JNDI name of executor queue for JMS.",
"name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
"value": "queue/KIE.SERVER.EXECUTOR",
"required": false
},
{
+ "displayName": "KIE Server Persistence Dialect",
"description": "Hibernate persistence dialect.",
"name": "KIE_SERVER_PERSISTENCE_DIALECT",
"value": "org.hibernate.dialect.MySQL5Dialect",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "processserver/library",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
"name": "DB_JNDI",
"value": "java:jboss/datasources/ExampleDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "JMS Connection Factory JNDI Name",
"description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
"name": "MQ_JNDI",
"value": "java:/JmsXA",
"required": false
},
{
+ "displayName": "Split Data?",
"description": "Split the data directory for each node in a mesh.",
"name": "AMQ_SPLIT",
"value": "false",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_QUEUES",
"value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE,KIE.SERVER.EXECUTOR",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "processserver-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -192,6 +223,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -199,46 +231,55 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -246,6 +287,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -253,18 +295,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -272,6 +317,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -279,10 +325,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -306,7 +373,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -330,7 +398,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -460,13 +529,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.3"
+ "name": "jboss-processserver63-openshift:1.4"
}
}
},
@@ -788,7 +865,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
@@ -919,7 +996,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-amq-mysql-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-amq-mysql-s2i.json
index 42264585b..665cb76a3 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-amq-mysql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-amq-mysql-s2i.json
@@ -5,41 +5,48 @@
"annotations": {
"description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server AMQ and MySQL applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "processserver,amq,mysql,javaee,java,database,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server + A-MQ + MySQL (Ephemeral with https)"
},
"name": "processserver63-amq-mysql-s2i"
},
"labels": {
"template": "processserver63-amq-mysql-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new BPMS application (using MySQL and A-MQ) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. And for the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Protocol",
"description": "The protocol to access the KIE Server REST interface.",
"name": "KIE_SERVER_PROTOCOL",
"value": "https",
"required": false
},
{
+ "displayName": "KIE Server Port",
"description": "The port to access the KIE Server REST interface.",
"name": "KIE_SERVER_PORT",
"value": "8443",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -47,132 +54,154 @@
"required": false
},
{
+ "displayName": "KIE Server Domain",
"description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
"name": "KIE_SERVER_DOMAIN",
"value": "other",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Request",
"description": "JNDI name of request queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_REQUEST",
"value": "queue/KIE.SERVER.REQUEST",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Response",
"description": "JNDI name of response queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
"value": "queue/KIE.SERVER.RESPONSE",
"required": false
},
{
+ "displayName": "KIE Server Executor JMS Queue",
"description": "JNDI name of executor queue for JMS.",
"name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
"value": "queue/KIE.SERVER.EXECUTOR",
"required": false
},
{
+ "displayName": "KIE Server Persistence Dialect",
"description": "Hibernate persistence dialect.",
"name": "KIE_SERVER_PERSISTENCE_DIALECT",
"value": "org.hibernate.dialect.MySQL5Dialect",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "processserver/library",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
"name": "DB_JNDI",
"value": "java:jboss/datasources/ExampleDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "JMS Connection Factory JNDI Name",
"description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
"name": "MQ_JNDI",
"value": "java:/JmsXA",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_QUEUES",
"value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE,KIE.SERVER.EXECUTOR",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "processserver-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -180,6 +209,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -187,46 +217,55 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -234,6 +273,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -241,18 +281,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -260,6 +303,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -267,10 +311,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -294,7 +359,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -318,7 +384,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -448,13 +515,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.3"
+ "name": "jboss-processserver63-openshift:1.4"
}
}
},
@@ -740,7 +815,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
@@ -837,7 +912,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-amq-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-amq-postgresql-persistent-s2i.json
index f6d0c99ed..5a395a0f3 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-amq-postgresql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-amq-postgresql-persistent-s2i.json
@@ -5,41 +5,48 @@
"annotations": {
"description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server AMQ and PostgreSQL applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "processserver,amq,postgresql,javaee,java,database,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server + A-MQ + PostgreSQL (Persistent with https)"
},
"name": "processserver63-amq-postgresql-persistent-s2i"
},
"labels": {
"template": "processserver63-amq-postgresql-persistent-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent BPMS application (using PostgreSQL and A-MQ) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. And for the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Protocol",
"description": "The protocol to access the KIE Server REST interface.",
"name": "KIE_SERVER_PROTOCOL",
"value": "https",
"required": false
},
{
+ "displayName": "KIE Server Port",
"description": "The port to access the KIE Server REST interface.",
"name": "KIE_SERVER_PORT",
"value": "8443",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -47,144 +54,168 @@
"required": false
},
{
+ "displayName": "KIE Server Domain",
"description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
"name": "KIE_SERVER_DOMAIN",
"value": "other",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Request",
"description": "JNDI name of request queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_REQUEST",
"value": "queue/KIE.SERVER.REQUEST",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Response",
"description": "JNDI name of response queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
"value": "queue/KIE.SERVER.RESPONSE",
"required": false
},
{
+ "displayName": "KIE Server Executor JMS Queue",
"description": "JNDI name of executor queue for JMS.",
"name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
"value": "queue/KIE.SERVER.EXECUTOR",
"required": false
},
{
+ "displayName": "KIE Server Persistence Dialect",
"description": "Hibernate persistence dialect.",
"name": "KIE_SERVER_PERSISTENCE_DIALECT",
"value": "org.hibernate.dialect.PostgreSQL82Dialect",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "processserver/library",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
"name": "DB_JNDI",
"value": "java:jboss/datasources/ExampleDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "JMS Connection Factory JNDI Name",
"description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
"name": "MQ_JNDI",
"value": "java:/JmsXA",
"required": false
},
{
+ "displayName": "Split Data?",
"description": "Split the data directory for each node in a mesh.",
"name": "AMQ_SPLIT",
"value": "false",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_QUEUES",
"value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE,KIE.SERVER.EXECUTOR",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "processserver-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -192,6 +223,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -199,31 +231,37 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -231,6 +269,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -238,18 +277,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -257,6 +299,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -264,10 +307,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -291,7 +355,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -315,7 +380,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -445,13 +511,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.3"
+ "name": "jboss-processserver63-openshift:1.4"
}
}
},
@@ -773,7 +847,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
@@ -892,7 +966,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-amq-postgresql-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-amq-postgresql-s2i.json
index 41c726cf0..e7c5efdc9 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-amq-postgresql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-amq-postgresql-s2i.json
@@ -5,41 +5,48 @@
"annotations": {
"description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server AMQ and PostgreSQL applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "processserver,amq,postgresql,javaee,java,database,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server + A-MQ + PostgreSQL (Ephemeral with https)"
},
"name": "processserver63-amq-postgresql-s2i"
},
"labels": {
"template": "processserver63-amq-postgresql-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new BPMS application (using PostgreSQL and A-MQ) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. And for the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Protocol",
"description": "The protocol to access the KIE Server REST interface.",
"name": "KIE_SERVER_PROTOCOL",
"value": "https",
"required": false
},
{
+ "displayName": "KIE Server Port",
"description": "The port to access the KIE Server REST interface.",
"name": "KIE_SERVER_PORT",
"value": "8443",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -47,132 +54,154 @@
"required": false
},
{
+ "displayName": "KIE Server Domain",
"description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
"name": "KIE_SERVER_DOMAIN",
"value": "other",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Request",
"description": "JNDI name of request queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_REQUEST",
"value": "queue/KIE.SERVER.REQUEST",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Response",
"description": "JNDI name of response queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
"value": "queue/KIE.SERVER.RESPONSE",
"required": false
},
{
+ "displayName": "KIE Server Executor JMS Queue",
"description": "JNDI name of executor queue for JMS.",
"name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
"value": "queue/KIE.SERVER.EXECUTOR",
"required": false
},
{
+ "displayName": "KIE Server Persistence Dialect",
"description": "Hibernate persistence dialect.",
"name": "KIE_SERVER_PERSISTENCE_DIALECT",
"value": "org.hibernate.dialect.PostgreSQL82Dialect",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "processserver/library",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
"name": "DB_JNDI",
"value": "java:jboss/datasources/ExampleDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "JMS Connection Factory JNDI Name",
"description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
"name": "MQ_JNDI",
"value": "java:/JmsXA",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_QUEUES",
"value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE,KIE.SERVER.EXECUTOR",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "processserver-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -180,6 +209,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -187,31 +217,37 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -219,6 +255,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -226,18 +263,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -245,6 +285,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -252,10 +293,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -279,7 +341,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -303,7 +366,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -433,13 +497,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.3"
+ "name": "jboss-processserver63-openshift:1.4"
}
}
},
@@ -725,7 +797,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
@@ -810,7 +882,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-basic-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-basic-s2i.json
index 170c919cb..e70d20a6e 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-basic-s2i.json
@@ -5,29 +5,34 @@
"annotations": {
"description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "processserver,javaee,java,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server (no https)"
},
"name": "processserver63-basic-s2i"
},
"labels": {
"template": "processserver63-basic-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new BPMS application has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -35,54 +40,63 @@
"required": false
},
{
+ "displayName": "KIE Server Persistence Dialect",
"description": "Hibernate persistence dialect.",
"name": "KIE_SERVER_PERSISTENCE_DIALECT",
"value": "org.hibernate.dialect.H2Dialect",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "processserver/library",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -90,6 +104,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -97,6 +112,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -104,10 +120,24 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -190,13 +220,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.3"
+ "name": "jboss-processserver63-openshift:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-mysql-persistent-s2i.json
index 89d0db1a6..f76b07b0b 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-mysql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-mysql-persistent-s2i.json
@@ -5,41 +5,48 @@
"annotations": {
"description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server MySQL applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "processserver,mysql,javaee,java,database,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server + MySQL (Persistent with https)"
},
"name": "processserver63-mysql-persistent-s2i"
},
"labels": {
"template": "processserver63-mysql-persistent-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent BPMS application (using MySQL) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Protocol",
"description": "The protocol to access the KIE Server REST interface.",
"name": "KIE_SERVER_PROTOCOL",
"value": "https",
"required": false
},
{
+ "displayName": "KIE Server Port",
"description": "The port to access the KIE Server REST interface.",
"name": "KIE_SERVER_PORT",
"value": "8443",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -47,108 +54,126 @@
"required": false
},
{
+ "displayName": "KIE Server Domain",
"description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
"name": "KIE_SERVER_DOMAIN",
"value": "other",
"required": false
},
{
+ "displayName": "KIE Server Persistence Dialect",
"description": "Hibernate persistence dialect.",
"name": "KIE_SERVER_PERSISTENCE_DIALECT",
"value": "org.hibernate.dialect.MySQL5Dialect",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "processserver/library",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
"name": "DB_JNDI",
"value": "java:jboss/datasources/ExampleDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "processserver-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -156,6 +181,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -163,46 +189,55 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -210,6 +245,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -217,6 +253,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -224,10 +261,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -251,7 +309,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -275,7 +334,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -381,13 +441,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.3"
+ "name": "jboss-processserver63-openshift:1.4"
}
}
},
@@ -681,7 +749,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-mysql-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-mysql-s2i.json
index 26cab29f8..a3be02eab 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-mysql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-mysql-s2i.json
@@ -5,41 +5,48 @@
"annotations": {
"description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server MySQL applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "processserver,mysql,javaee,java,database,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server + MySQL (Ephemeral with https)"
},
"name": "processserver63-mysql-s2i"
},
"labels": {
"template": "processserver63-mysql-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new BPMS application (using MySQL) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Protocol",
"description": "The protocol to access the KIE Server REST interface.",
"name": "KIE_SERVER_PROTOCOL",
"value": "https",
"required": false
},
{
+ "displayName": "KIE Server Port",
"description": "The port to access the KIE Server REST interface.",
"name": "KIE_SERVER_PORT",
"value": "8443",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -47,102 +54,119 @@
"required": false
},
{
+ "displayName": "KIE Server Domain",
"description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
"name": "KIE_SERVER_DOMAIN",
"value": "other",
"required": false
},
{
+ "displayName": "KIE Server Persistence Dialect",
"description": "Hibernate persistence dialect.",
"name": "KIE_SERVER_PERSISTENCE_DIALECT",
"value": "org.hibernate.dialect.MySQL5Dialect",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "processserver/library",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
"name": "DB_JNDI",
"value": "java:jboss/datasources/ExampleDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "processserver-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -150,6 +174,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -157,46 +182,55 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -204,6 +238,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -211,6 +246,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -218,10 +254,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -245,7 +302,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -269,7 +327,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -375,13 +434,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.3"
+ "name": "jboss-processserver63-openshift:1.4"
}
}
},
@@ -639,7 +706,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-postgresql-persistent-s2i.json
index 32a512829..361b177f9 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-postgresql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-postgresql-persistent-s2i.json
@@ -5,41 +5,48 @@
"annotations": {
"description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server PostgreSQL applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "processserver,postgresql,javaee,java,database,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server + PostgreSQL (Persistent with https)"
},
"name": "processserver63-postgresql-persistent-s2i"
},
"labels": {
"template": "processserver63-postgresql-persistent-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent BPMS application (using PostgreSQL) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Protocol",
"description": "The protocol to access the KIE Server REST interface.",
"name": "KIE_SERVER_PROTOCOL",
"value": "https",
"required": false
},
{
+ "displayName": "KIE Server Port",
"description": "The port to access the KIE Server REST interface.",
"name": "KIE_SERVER_PORT",
"value": "8443",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -47,108 +54,126 @@
"required": false
},
{
+ "displayName": "KIE Server Domain",
"description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
"name": "KIE_SERVER_DOMAIN",
"value": "other",
"required": false
},
{
+ "displayName": "KIE Server Persistence Dialect",
"description": "Hibernate persistence dialect.",
"name": "KIE_SERVER_PERSISTENCE_DIALECT",
"value": "org.hibernate.dialect.PostgreSQL82Dialect",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "processserver/library",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
"name": "DB_JNDI",
"value": "java:jboss/datasources/ExampleDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "processserver-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -156,6 +181,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -163,31 +189,37 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -195,6 +227,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -202,6 +235,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -209,10 +243,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -236,7 +291,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -260,7 +316,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -366,13 +423,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.3"
+ "name": "jboss-processserver63-openshift:1.4"
}
}
},
@@ -666,7 +731,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-postgresql-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-postgresql-s2i.json
index 55e2199bb..451915a1d 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-postgresql-s2i.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver63-postgresql-s2i.json
@@ -5,41 +5,48 @@
"annotations": {
"description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server PostgreSQL applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "processserver,postgresql,javaee,java,database,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server + PostgreSQL (Ephemeral with https)"
},
"name": "processserver63-postgresql-s2i"
},
"labels": {
"template": "processserver63-postgresql-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new BPMS application (using PostgreSQL) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Protocol",
"description": "The protocol to access the KIE Server REST interface.",
"name": "KIE_SERVER_PROTOCOL",
"value": "https",
"required": false
},
{
+ "displayName": "KIE Server Port",
"description": "The port to access the KIE Server REST interface.",
"name": "KIE_SERVER_PORT",
"value": "8443",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -47,102 +54,119 @@
"required": false
},
{
+ "displayName": "KIE Server Domain",
"description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
"name": "KIE_SERVER_DOMAIN",
"value": "other",
"required": false
},
{
+ "displayName": "KIE Server Persistence Dialect",
"description": "Hibernate persistence dialect.",
"name": "KIE_SERVER_PERSISTENCE_DIALECT",
"value": "org.hibernate.dialect.PostgreSQL82Dialect",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "processserver/library",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
"name": "DB_JNDI",
"value": "java:jboss/datasources/ExampleDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "processserver-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -150,6 +174,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -157,31 +182,37 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -189,6 +220,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -196,6 +228,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -203,10 +236,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -230,7 +284,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -254,7 +309,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -360,13 +416,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.3"
+ "name": "jboss-processserver63-openshift:1.4"
}
}
},
@@ -624,7 +688,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver64-amq-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver64-amq-mysql-persistent-s2i.json
new file mode 100644
index 000000000..293d04d63
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver64-amq-mysql-persistent-s2i.json
@@ -0,0 +1,1156 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for Red Hat JBoss BPM Suite 6.4 intelligent process server AMQ and MySQL applications with persistent storage built using S2I.",
+ "iconClass": "icon-jboss",
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.4 intelligent process server + A-MQ + MySQL (Persistent with https)"
+ },
+ "name": "processserver64-amq-mysql-persistent-s2i"
+ },
+ "labels": {
+ "template": "processserver64-amq-mysql-persistent-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new persistent BPMS application (using MySQL and A-MQ) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. And for the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "KIE Container Deployment",
+ "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Protocol",
+ "description": "The protocol to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "https",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Port",
+ "description": "The port to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PORT",
+ "value": "8443",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Username",
+ "description": "The user name to access the KIE Server REST or JMS interface.",
+ "name": "KIE_SERVER_USER",
+ "value": "kieserver",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Password",
+ "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
+ "name": "KIE_SERVER_PASSWORD",
+ "from": "[a-zA-Z]{6}[0-9]{1}!",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Domain",
+ "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "other",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server JMS Queues Request",
+ "description": "JNDI name of request queue for JMS.",
+ "name": "KIE_SERVER_JMS_QUEUES_REQUEST",
+ "value": "queue/KIE.SERVER.REQUEST",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server JMS Queues Response",
+ "description": "JNDI name of response queue for JMS.",
+ "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
+ "value": "queue/KIE.SERVER.RESPONSE",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Executor JMS Queue",
+ "description": "JNDI name of executor queue for JMS.",
+ "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
+ "value": "queue/KIE.SERVER.EXECUTOR",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Persistence Dialect",
+ "description": "Hibernate persistence dialect.",
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "org.hibernate.dialect.MySQL5Dialect",
+ "required": false
+ },
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "kie-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "processserver/library",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/ExampleDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "JMS Connection Factory JNDI Name",
+ "description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
+ "name": "MQ_JNDI",
+ "value": "java:/JmsXA",
+ "required": false
+ },
+ {
+ "displayName": "Split Data?",
+ "description": "Split the data directory for each node in a mesh.",
+ "name": "AMQ_SPLIT",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_QUEUES",
+ "value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE,KIE.SERVER.EXECUTOR",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "processserver-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-processserver64-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "processserver-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "processserver-keystore-volume",
+ "mountPath": "/etc/processserver-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "${KIE_SERVER_PROTOCOL}"
+ },
+ {
+ "name": "KIE_SERVER_PORT",
+ "value": "${KIE_SERVER_PORT}"
+ },
+ {
+ "name": "KIE_SERVER_USER",
+ "value": "${KIE_SERVER_USER}"
+ },
+ {
+ "name": "KIE_SERVER_PASSWORD",
+ "value": "${KIE_SERVER_PASSWORD}"
+ },
+ {
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "${KIE_SERVER_DOMAIN}"
+ },
+ {
+ "name": "KIE_SERVER_JMS_QUEUES_REQUEST",
+ "value": "${KIE_SERVER_JMS_QUEUES_REQUEST}"
+ },
+ {
+ "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
+ "value": "${KIE_SERVER_JMS_QUEUES_RESPONSE}"
+ },
+ {
+ "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
+ "value": "${KIE_SERVER_EXECUTOR_JMS_QUEUE}"
+ },
+ {
+ "name": "MQ_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-amq=MQ"
+ },
+ {
+ "name": "MQ_JNDI",
+ "value": "${MQ_JNDI}"
+ },
+ {
+ "name": "MQ_USERNAME",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "MQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "MQ_PROTOCOL",
+ "value": "tcp"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "${KIE_SERVER_PERSISTENCE_DIALECT}"
+ },
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB,${APPLICATION_NAME}-mysql=QUARTZ"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "QUARTZ_JNDI",
+ "value": "${DB_JNDI}NotManaged"
+ },
+ {
+ "name": "QUARTZ_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "QUARTZ_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "QUARTZ_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "QUARTZ_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "QUARTZ_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "QUARTZ_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "QUARTZ_JTA",
+ "value": "false"
+ },
+ {
+ "name": "QUARTZ_NONXA",
+ "value": "true"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/processserver-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "processserver-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/mysql/data",
+ "name": "${APPLICATION_NAME}-mysql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-mysql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-mysql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-63:1.0"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-63",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "mountPath": "/opt/amq/data",
+ "name": "${APPLICATION_NAME}-amq-pvol"
+ }
+ ],
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp-ssl",
+ "containerPort": 5671,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp-ssl",
+ "containerPort": 61612,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp-ssl",
+ "containerPort": 61617,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_SPLIT",
+ "value": "${AMQ_SPLIT}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-amq-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-amq-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteMany"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver64-amq-mysql-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver64-amq-mysql-s2i.json
new file mode 100644
index 000000000..760940b36
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver64-amq-mysql-s2i.json
@@ -0,0 +1,1034 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for Red Hat JBoss BPM Suite 6.4 intelligent process server AMQ and MySQL applications built using S2I.",
+ "iconClass": "icon-jboss",
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.4 intelligent process server + A-MQ + MySQL (Ephemeral with https)"
+ },
+ "name": "processserver64-amq-mysql-s2i"
+ },
+ "labels": {
+ "template": "processserver64-amq-mysql-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new BPMS application (using MySQL and A-MQ) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. And for the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "KIE Container Deployment",
+ "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Protocol",
+ "description": "The protocol to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "https",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Port",
+ "description": "The port to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PORT",
+ "value": "8443",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Username",
+ "description": "The user name to access the KIE Server REST or JMS interface.",
+ "name": "KIE_SERVER_USER",
+ "value": "kieserver",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Password",
+ "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
+ "name": "KIE_SERVER_PASSWORD",
+ "from": "[a-zA-Z]{6}[0-9]{1}!",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Domain",
+ "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "other",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server JMS Queues Request",
+ "description": "JNDI name of request queue for JMS.",
+ "name": "KIE_SERVER_JMS_QUEUES_REQUEST",
+ "value": "queue/KIE.SERVER.REQUEST",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server JMS Queues Response",
+ "description": "JNDI name of response queue for JMS.",
+ "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
+ "value": "queue/KIE.SERVER.RESPONSE",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Executor JMS Queue",
+ "description": "JNDI name of executor queue for JMS.",
+ "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
+ "value": "queue/KIE.SERVER.EXECUTOR",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Persistence Dialect",
+ "description": "Hibernate persistence dialect.",
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "org.hibernate.dialect.MySQL5Dialect",
+ "required": false
+ },
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "kie-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "processserver/library",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/ExampleDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "JMS Connection Factory JNDI Name",
+ "description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
+ "name": "MQ_JNDI",
+ "value": "java:/JmsXA",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_QUEUES",
+ "value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE,KIE.SERVER.EXECUTOR",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "processserver-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-processserver64-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "processserver-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "processserver-keystore-volume",
+ "mountPath": "/etc/processserver-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "${KIE_SERVER_PROTOCOL}"
+ },
+ {
+ "name": "KIE_SERVER_PORT",
+ "value": "${KIE_SERVER_PORT}"
+ },
+ {
+ "name": "KIE_SERVER_USER",
+ "value": "${KIE_SERVER_USER}"
+ },
+ {
+ "name": "KIE_SERVER_PASSWORD",
+ "value": "${KIE_SERVER_PASSWORD}"
+ },
+ {
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "${KIE_SERVER_DOMAIN}"
+ },
+ {
+ "name": "KIE_SERVER_JMS_QUEUES_REQUEST",
+ "value": "${KIE_SERVER_JMS_QUEUES_REQUEST}"
+ },
+ {
+ "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
+ "value": "${KIE_SERVER_JMS_QUEUES_RESPONSE}"
+ },
+ {
+ "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
+ "value": "${KIE_SERVER_EXECUTOR_JMS_QUEUE}"
+ },
+ {
+ "name": "MQ_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-amq=MQ"
+ },
+ {
+ "name": "MQ_JNDI",
+ "value": "${MQ_JNDI}"
+ },
+ {
+ "name": "MQ_USERNAME",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "MQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "MQ_PROTOCOL",
+ "value": "tcp"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "${KIE_SERVER_PERSISTENCE_DIALECT}"
+ },
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/processserver-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "processserver-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-63:1.0"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-63",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp-ssl",
+ "containerPort": 5671,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp-ssl",
+ "containerPort": 61612,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp-ssl",
+ "containerPort": 61617,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver64-amq-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver64-amq-postgresql-persistent-s2i.json
new file mode 100644
index 000000000..1603bccff
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver64-amq-postgresql-persistent-s2i.json
@@ -0,0 +1,1126 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for Red Hat JBoss BPM Suite 6.4 intelligent process server AMQ and PostgreSQL applications with persistent storage built using S2I.",
+ "iconClass": "icon-jboss",
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.4 intelligent process server + A-MQ + PostgreSQL (Persistent with https)"
+ },
+ "name": "processserver64-amq-postgresql-persistent-s2i"
+ },
+ "labels": {
+ "template": "processserver64-amq-postgresql-persistent-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new persistent BPMS application (using PostgreSQL and A-MQ) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. And for the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "KIE Container Deployment",
+ "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Protocol",
+ "description": "The protocol to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "https",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Port",
+ "description": "The port to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PORT",
+ "value": "8443",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Username",
+ "description": "The user name to access the KIE Server REST or JMS interface.",
+ "name": "KIE_SERVER_USER",
+ "value": "kieserver",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Password",
+ "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
+ "name": "KIE_SERVER_PASSWORD",
+ "from": "[a-zA-Z]{6}[0-9]{1}!",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Domain",
+ "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "other",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server JMS Queues Request",
+ "description": "JNDI name of request queue for JMS.",
+ "name": "KIE_SERVER_JMS_QUEUES_REQUEST",
+ "value": "queue/KIE.SERVER.REQUEST",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server JMS Queues Response",
+ "description": "JNDI name of response queue for JMS.",
+ "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
+ "value": "queue/KIE.SERVER.RESPONSE",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Executor JMS Queue",
+ "description": "JNDI name of executor queue for JMS.",
+ "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
+ "value": "queue/KIE.SERVER.EXECUTOR",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Persistence Dialect",
+ "description": "Hibernate persistence dialect.",
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "org.hibernate.dialect.PostgreSQL82Dialect",
+ "required": false
+ },
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "kie-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "processserver/library",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/ExampleDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "JMS Connection Factory JNDI Name",
+ "description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
+ "name": "MQ_JNDI",
+ "value": "java:/JmsXA",
+ "required": false
+ },
+ {
+ "displayName": "Split Data?",
+ "description": "Split the data directory for each node in a mesh.",
+ "name": "AMQ_SPLIT",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_QUEUES",
+ "value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE,KIE.SERVER.EXECUTOR",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "processserver-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-processserver64-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "processserver-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "processserver-keystore-volume",
+ "mountPath": "/etc/processserver-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "${KIE_SERVER_PROTOCOL}"
+ },
+ {
+ "name": "KIE_SERVER_PORT",
+ "value": "${KIE_SERVER_PORT}"
+ },
+ {
+ "name": "KIE_SERVER_USER",
+ "value": "${KIE_SERVER_USER}"
+ },
+ {
+ "name": "KIE_SERVER_PASSWORD",
+ "value": "${KIE_SERVER_PASSWORD}"
+ },
+ {
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "${KIE_SERVER_DOMAIN}"
+ },
+ {
+ "name": "KIE_SERVER_JMS_QUEUES_REQUEST",
+ "value": "${KIE_SERVER_JMS_QUEUES_REQUEST}"
+ },
+ {
+ "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
+ "value": "${KIE_SERVER_JMS_QUEUES_RESPONSE}"
+ },
+ {
+ "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
+ "value": "${KIE_SERVER_EXECUTOR_JMS_QUEUE}"
+ },
+ {
+ "name": "MQ_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-amq=MQ"
+ },
+ {
+ "name": "MQ_JNDI",
+ "value": "${MQ_JNDI}"
+ },
+ {
+ "name": "MQ_USERNAME",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "MQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "MQ_PROTOCOL",
+ "value": "tcp"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "${KIE_SERVER_PERSISTENCE_DIALECT}"
+ },
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB,${APPLICATION_NAME}-postgresql=QUARTZ"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "QUARTZ_JNDI",
+ "value": "${DB_JNDI}NotManaged"
+ },
+ {
+ "name": "QUARTZ_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "QUARTZ_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "QUARTZ_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "QUARTZ_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "QUARTZ_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "QUARTZ_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "QUARTZ_JTA",
+ "value": "false"
+ },
+ {
+ "name": "QUARTZ_NONXA",
+ "value": "true"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/processserver-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "processserver-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/pgsql/data",
+ "name": "${APPLICATION_NAME}-postgresql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-postgresql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-63:1.0"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-63",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "mountPath": "/opt/amq/data",
+ "name": "${APPLICATION_NAME}-amq-pvol"
+ }
+ ],
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp-ssl",
+ "containerPort": 5671,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp-ssl",
+ "containerPort": 61612,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp-ssl",
+ "containerPort": 61617,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_SPLIT",
+ "value": "${AMQ_SPLIT}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-amq-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-amq-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteMany"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver64-amq-postgresql-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver64-amq-postgresql-s2i.json
new file mode 100644
index 000000000..422f51c11
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver64-amq-postgresql-s2i.json
@@ -0,0 +1,1004 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for Red Hat JBoss BPM Suite 6.4 intelligent process server AMQ and PostgreSQL applications built using S2I.",
+ "iconClass": "icon-jboss",
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.4 intelligent process server + A-MQ + PostgreSQL (Ephemeral with https)"
+ },
+ "name": "processserver64-amq-postgresql-s2i"
+ },
+ "labels": {
+ "template": "processserver64-amq-postgresql-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new BPMS application (using PostgreSQL and A-MQ) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. And for the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "KIE Container Deployment",
+ "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Protocol",
+ "description": "The protocol to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "https",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Port",
+ "description": "The port to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PORT",
+ "value": "8443",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Username",
+ "description": "The user name to access the KIE Server REST or JMS interface.",
+ "name": "KIE_SERVER_USER",
+ "value": "kieserver",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Password",
+ "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
+ "name": "KIE_SERVER_PASSWORD",
+ "from": "[a-zA-Z]{6}[0-9]{1}!",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Domain",
+ "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "other",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server JMS Queues Request",
+ "description": "JNDI name of request queue for JMS.",
+ "name": "KIE_SERVER_JMS_QUEUES_REQUEST",
+ "value": "queue/KIE.SERVER.REQUEST",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server JMS Queues Response",
+ "description": "JNDI name of response queue for JMS.",
+ "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
+ "value": "queue/KIE.SERVER.RESPONSE",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Executor JMS Queue",
+ "description": "JNDI name of executor queue for JMS.",
+ "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
+ "value": "queue/KIE.SERVER.EXECUTOR",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Persistence Dialect",
+ "description": "Hibernate persistence dialect.",
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "org.hibernate.dialect.PostgreSQL82Dialect",
+ "required": false
+ },
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "kie-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "processserver/library",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/ExampleDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "JMS Connection Factory JNDI Name",
+ "description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
+ "name": "MQ_JNDI",
+ "value": "java:/JmsXA",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_QUEUES",
+ "value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE,KIE.SERVER.EXECUTOR",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "processserver-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-processserver64-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "processserver-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "processserver-keystore-volume",
+ "mountPath": "/etc/processserver-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "${KIE_SERVER_PROTOCOL}"
+ },
+ {
+ "name": "KIE_SERVER_PORT",
+ "value": "${KIE_SERVER_PORT}"
+ },
+ {
+ "name": "KIE_SERVER_USER",
+ "value": "${KIE_SERVER_USER}"
+ },
+ {
+ "name": "KIE_SERVER_PASSWORD",
+ "value": "${KIE_SERVER_PASSWORD}"
+ },
+ {
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "${KIE_SERVER_DOMAIN}"
+ },
+ {
+ "name": "KIE_SERVER_JMS_QUEUES_REQUEST",
+ "value": "${KIE_SERVER_JMS_QUEUES_REQUEST}"
+ },
+ {
+ "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
+ "value": "${KIE_SERVER_JMS_QUEUES_RESPONSE}"
+ },
+ {
+ "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
+ "value": "${KIE_SERVER_EXECUTOR_JMS_QUEUE}"
+ },
+ {
+ "name": "MQ_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-amq=MQ"
+ },
+ {
+ "name": "MQ_JNDI",
+ "value": "${MQ_JNDI}"
+ },
+ {
+ "name": "MQ_USERNAME",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "MQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "MQ_PROTOCOL",
+ "value": "tcp"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "${KIE_SERVER_PERSISTENCE_DIALECT}"
+ },
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/processserver-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "processserver-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-63:1.0"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-63",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp-ssl",
+ "containerPort": 5671,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp-ssl",
+ "containerPort": 61612,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp-ssl",
+ "containerPort": 61617,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver64-basic-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver64-basic-s2i.json
new file mode 100644
index 000000000..2bf15ff25
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver64-basic-s2i.json
@@ -0,0 +1,383 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for Red Hat JBoss BPM Suite 6.4 intelligent process server applications built using S2I.",
+ "iconClass": "icon-jboss",
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.4 intelligent process server (no https)"
+ },
+ "name": "processserver64-basic-s2i"
+ },
+ "labels": {
+ "template": "processserver64-basic-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new BPMS application has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}.",
+ "parameters": [
+ {
+ "displayName": "KIE Container Deployment",
+ "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Username",
+ "description": "The user name to access the KIE Server REST or JMS interface.",
+ "name": "KIE_SERVER_USER",
+ "value": "kieserver",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Password",
+ "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
+ "name": "KIE_SERVER_PASSWORD",
+ "from": "[a-zA-Z]{6}[0-9]{1}!",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Persistence Dialect",
+ "description": "Hibernate persistence dialect.",
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "org.hibernate.dialect.H2Dialect",
+ "required": false
+ },
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "kie-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "processserver/library",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Password",
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-processserver64-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "KIE_SERVER_USER",
+ "value": "${KIE_SERVER_USER}"
+ },
+ {
+ "name": "KIE_SERVER_PASSWORD",
+ "value": "${KIE_SERVER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver64-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver64-mysql-persistent-s2i.json
new file mode 100644
index 000000000..4673dfb0d
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver64-mysql-persistent-s2i.json
@@ -0,0 +1,860 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for Red Hat JBoss BPM Suite 6.4 intelligent process server MySQL applications with persistent storage built using S2I.",
+ "iconClass": "icon-jboss",
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.4 intelligent process server + MySQL (Persistent with https)"
+ },
+ "name": "processserver64-mysql-persistent-s2i"
+ },
+ "labels": {
+ "template": "processserver64-mysql-persistent-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new persistent BPMS application (using MySQL) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "KIE Container Deployment",
+ "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Protocol",
+ "description": "The protocol to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "https",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Port",
+ "description": "The port to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PORT",
+ "value": "8443",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Username",
+ "description": "The user name to access the KIE Server REST or JMS interface.",
+ "name": "KIE_SERVER_USER",
+ "value": "kieserver",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Password",
+ "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
+ "name": "KIE_SERVER_PASSWORD",
+ "from": "[a-zA-Z]{6}[0-9]{1}!",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Domain",
+ "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "other",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Persistence Dialect",
+ "description": "Hibernate persistence dialect.",
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "org.hibernate.dialect.MySQL5Dialect",
+ "required": false
+ },
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "kie-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "processserver/library",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/ExampleDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "processserver-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Password",
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-processserver64-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "processserver-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "processserver-keystore-volume",
+ "mountPath": "/etc/processserver-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "${KIE_SERVER_PROTOCOL}"
+ },
+ {
+ "name": "KIE_SERVER_PORT",
+ "value": "${KIE_SERVER_PORT}"
+ },
+ {
+ "name": "KIE_SERVER_USER",
+ "value": "${KIE_SERVER_USER}"
+ },
+ {
+ "name": "KIE_SERVER_PASSWORD",
+ "value": "${KIE_SERVER_PASSWORD}"
+ },
+ {
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "${KIE_SERVER_DOMAIN}"
+ },
+ {
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "${KIE_SERVER_PERSISTENCE_DIALECT}"
+ },
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB,${APPLICATION_NAME}-mysql=QUARTZ"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "QUARTZ_JNDI",
+ "value": "${DB_JNDI}NotManaged"
+ },
+ {
+ "name": "QUARTZ_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "QUARTZ_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "QUARTZ_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "QUARTZ_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "QUARTZ_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "QUARTZ_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "QUARTZ_JTA",
+ "value": "false"
+ },
+ {
+ "name": "QUARTZ_NONXA",
+ "value": "true"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/processserver-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "processserver-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/mysql/data",
+ "name": "${APPLICATION_NAME}-mysql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-mysql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-mysql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver64-mysql-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver64-mysql-s2i.json
new file mode 100644
index 000000000..9078f20b8
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver64-mysql-s2i.json
@@ -0,0 +1,783 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for Red Hat JBoss BPM Suite 6.4 intelligent process server MySQL applications built using S2I.",
+ "iconClass": "icon-jboss",
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.4 intelligent process server + MySQL (Ephemeral with https)"
+ },
+ "name": "processserver64-mysql-s2i"
+ },
+ "labels": {
+ "template": "processserver64-mysql-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new BPMS application (using MySQL) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "KIE Container Deployment",
+ "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Protocol",
+ "description": "The protocol to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "https",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Port",
+ "description": "The port to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PORT",
+ "value": "8443",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Username",
+ "description": "The user name to access the KIE Server REST or JMS interface.",
+ "name": "KIE_SERVER_USER",
+ "value": "kieserver",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Password",
+ "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
+ "name": "KIE_SERVER_PASSWORD",
+ "from": "[a-zA-Z]{6}[0-9]{1}!",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Domain",
+ "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "other",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Persistence Dialect",
+ "description": "Hibernate persistence dialect.",
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "org.hibernate.dialect.MySQL5Dialect",
+ "required": false
+ },
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "kie-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "processserver/library",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/ExampleDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "processserver-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Password",
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-processserver64-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "processserver-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "processserver-keystore-volume",
+ "mountPath": "/etc/processserver-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "${KIE_SERVER_PROTOCOL}"
+ },
+ {
+ "name": "KIE_SERVER_PORT",
+ "value": "${KIE_SERVER_PORT}"
+ },
+ {
+ "name": "KIE_SERVER_USER",
+ "value": "${KIE_SERVER_USER}"
+ },
+ {
+ "name": "KIE_SERVER_PASSWORD",
+ "value": "${KIE_SERVER_PASSWORD}"
+ },
+ {
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "${KIE_SERVER_DOMAIN}"
+ },
+ {
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "${KIE_SERVER_PERSISTENCE_DIALECT}"
+ },
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/processserver-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "processserver-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver64-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver64-postgresql-persistent-s2i.json
new file mode 100644
index 000000000..75b6d310e
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver64-postgresql-persistent-s2i.json
@@ -0,0 +1,830 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for Red Hat JBoss BPM Suite 6.4 intelligent process server PostgreSQL applications with persistent storage built using S2I.",
+ "iconClass": "icon-jboss",
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.4 intelligent process server + PostgreSQL (Persistent with https)"
+ },
+ "name": "processserver64-postgresql-persistent-s2i"
+ },
+ "labels": {
+ "template": "processserver64-postgresql-persistent-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new persistent BPMS application (using PostgreSQL) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "KIE Container Deployment",
+ "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Protocol",
+ "description": "The protocol to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "https",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Port",
+ "description": "The port to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PORT",
+ "value": "8443",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Username",
+ "description": "The user name to access the KIE Server REST or JMS interface.",
+ "name": "KIE_SERVER_USER",
+ "value": "kieserver",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Password",
+ "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
+ "name": "KIE_SERVER_PASSWORD",
+ "from": "[a-zA-Z]{6}[0-9]{1}!",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Domain",
+ "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "other",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Persistence Dialect",
+ "description": "Hibernate persistence dialect.",
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "org.hibernate.dialect.PostgreSQL82Dialect",
+ "required": false
+ },
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "kie-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "processserver/library",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/ExampleDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "processserver-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Password",
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-processserver64-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "processserver-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "processserver-keystore-volume",
+ "mountPath": "/etc/processserver-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "${KIE_SERVER_PROTOCOL}"
+ },
+ {
+ "name": "KIE_SERVER_PORT",
+ "value": "${KIE_SERVER_PORT}"
+ },
+ {
+ "name": "KIE_SERVER_USER",
+ "value": "${KIE_SERVER_USER}"
+ },
+ {
+ "name": "KIE_SERVER_PASSWORD",
+ "value": "${KIE_SERVER_PASSWORD}"
+ },
+ {
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "${KIE_SERVER_DOMAIN}"
+ },
+ {
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "${KIE_SERVER_PERSISTENCE_DIALECT}"
+ },
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB,${APPLICATION_NAME}-postgresql=QUARTZ"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "QUARTZ_JNDI",
+ "value": "${DB_JNDI}NotManaged"
+ },
+ {
+ "name": "QUARTZ_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "QUARTZ_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "QUARTZ_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "QUARTZ_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "QUARTZ_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "QUARTZ_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "QUARTZ_JTA",
+ "value": "false"
+ },
+ {
+ "name": "QUARTZ_NONXA",
+ "value": "true"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/processserver-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "processserver-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/pgsql/data",
+ "name": "${APPLICATION_NAME}-postgresql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-postgresql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver64-postgresql-s2i.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver64-postgresql-s2i.json
new file mode 100644
index 000000000..51923c0ad
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/processserver64-postgresql-s2i.json
@@ -0,0 +1,753 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for Red Hat JBoss BPM Suite 6.4 intelligent process server PostgreSQL applications built using S2I.",
+ "iconClass": "icon-jboss",
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.4 intelligent process server + PostgreSQL (Ephemeral with https)"
+ },
+ "name": "processserver64-postgresql-s2i"
+ },
+ "labels": {
+ "template": "processserver64-postgresql-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new BPMS application (using PostgreSQL) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "KIE Container Deployment",
+ "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Protocol",
+ "description": "The protocol to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "https",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Port",
+ "description": "The port to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PORT",
+ "value": "8443",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Username",
+ "description": "The user name to access the KIE Server REST or JMS interface.",
+ "name": "KIE_SERVER_USER",
+ "value": "kieserver",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Password",
+ "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
+ "name": "KIE_SERVER_PASSWORD",
+ "from": "[a-zA-Z]{6}[0-9]{1}!",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Domain",
+ "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "other",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Persistence Dialect",
+ "description": "Hibernate persistence dialect.",
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "org.hibernate.dialect.PostgreSQL82Dialect",
+ "required": false
+ },
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "kie-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "processserver/library",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/ExampleDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "processserver-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Password",
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-processserver64-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "processserver-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "processserver-keystore-volume",
+ "mountPath": "/etc/processserver-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "${KIE_SERVER_PROTOCOL}"
+ },
+ {
+ "name": "KIE_SERVER_PORT",
+ "value": "${KIE_SERVER_PORT}"
+ },
+ {
+ "name": "KIE_SERVER_USER",
+ "value": "${KIE_SERVER_USER}"
+ },
+ {
+ "name": "KIE_SERVER_PASSWORD",
+ "value": "${KIE_SERVER_PASSWORD}"
+ },
+ {
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "${KIE_SERVER_DOMAIN}"
+ },
+ {
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "${KIE_SERVER_PERSISTENCE_DIALECT}"
+ },
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/processserver-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "processserver-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso70-https.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso70-https.json
index fb0578a67..5e956f449 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso70-https.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso70-https.json
@@ -5,110 +5,129 @@
"annotations": {
"description": "Application template for SSO 7.0",
"iconClass" : "icon-jboss",
- "tags" : "sso,keycloak,java,jboss,xpaas",
- "version" : "1.3.2"
+ "tags" : "sso,keycloak,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.0"
},
"name": "sso70-https"
},
"labels": {
"template": "sso70-https",
- "xpaas" : "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new SSO service has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "sso",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "sso-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "sso-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate (e.g. jboss)",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate (e.g. mykeystorepass)",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
- "required": false
+ "required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "sso-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate (e.g. secret-key)",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate (e.g. password)",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -116,54 +135,65 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "SSO Admin Username",
"description": "SSO Server admin username",
"name": "SSO_ADMIN_USERNAME",
- "value": "admin",
- "required": false
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
},
{
+ "displayName": "SSO Admin Password",
"description": "SSO Server admin password",
"name": "SSO_ADMIN_PASSWORD",
- "value": "admin",
- "required": false
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
},
{
+ "displayName": "SSO Realm",
"description": "Realm to be created in the SSO server (e.g. demo).",
"name": "SSO_REALM",
"value": "",
"required": false
},
{
+ "displayName": "SSO Service Username",
"description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
"name": "SSO_SERVICE_USERNAME",
"value": "",
"required": false
},
{
+ "displayName": "SSO Service Password",
"description": "The password for the SSO service user.",
"name": "SSO_SERVICE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store",
"description": "The name of the truststore file within the secret (e.g. truststore.jks)",
"name": "SSO_TRUSTSTORE",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Password",
"description": "The password for the truststore and certificate (e.g. mykeystorepass)",
"name": "SSO_TRUSTSTORE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Secret",
"description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
"name": "SSO_TRUSTSTORE_SECRET",
"value": "sso-app-secret",
@@ -283,10 +313,10 @@
"containerNames": [
"${APPLICATION_NAME}"
],
- "from": {
+ "from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "redhat-sso70-openshift:1.3"
+ "name": "redhat-sso70-openshift:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso70-mysql-persistent.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso70-mysql-persistent.json
index dcbb24bf1..0fb2703c7 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso70-mysql-persistent.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso70-mysql-persistent.json
@@ -5,123 +5,145 @@
"annotations": {
"description": "Application template for SSO 7.0 MySQL applications with persistent storage",
"iconClass" : "icon-jboss",
- "tags" : "sso,keycloak,mysql,java,database,jboss,xpaas",
- "version" : "1.3.2"
+ "tags" : "sso,keycloak,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.0 + MySQL (Persistent)"
},
"name": "sso70-mysql-persistent"
},
"labels": {
"template": "sso70-mysql-persistent",
- "xpaas" : "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent SSO service (using MySQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "sso",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/KeycloakDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "sso-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "sso-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate (e.g. jboss)",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate (e.g. mykeystorepass)",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
- "required": false
+ "required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -129,6 +151,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -136,36 +159,42 @@
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "sso-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate (e.g. secret-key)",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate (e.g. password)",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -173,58 +202,76 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "SSO Admin Username",
"description": "SSO Server admin username",
"name": "SSO_ADMIN_USERNAME",
- "value": "admin",
- "required": false
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
},
{
+ "displayName": "SSO Admin Password",
"description": "SSO Server admin password",
"name": "SSO_ADMIN_PASSWORD",
- "value": "admin",
- "required": false
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
},
{
+ "displayName": "SSO Realm",
"description": "Realm to be created in the SSO server (e.g. demo).",
"name": "SSO_REALM",
"value": "",
"required": false
},
{
+ "displayName": "SSO Service Username",
"description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
"name": "SSO_SERVICE_USERNAME",
"value": "",
"required": false
},
{
+ "displayName": "SSO Service Password",
"description": "The password for the SSO service user.",
"name": "SSO_SERVICE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store",
"description": "The name of the truststore file within the secret (e.g. truststore.jks)",
"name": "SSO_TRUSTSTORE",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Password",
"description": "The password for the truststore and certificate (e.g. mykeystorepass)",
"name": "SSO_TRUSTSTORE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Secret",
"description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
"name": "SSO_TRUSTSTORE_SECRET",
"value": "sso-app-secret",
"required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -248,7 +295,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -272,7 +320,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -364,10 +413,10 @@
"containerNames": [
"${APPLICATION_NAME}"
],
- "from": {
+ "from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "redhat-sso70-openshift:1.3"
+ "name": "redhat-sso70-openshift:1.4"
}
}
},
@@ -639,7 +688,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso70-mysql.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso70-mysql.json
index 1768f7a1b..9beae806b 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso70-mysql.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso70-mysql.json
@@ -5,123 +5,145 @@
"annotations": {
"description": "Application template for SSO 7.0 MySQL applications",
"iconClass" : "icon-jboss",
- "tags" : "sso,keycloak,mysql,java,database,jboss,xpaas",
- "version" : "1.3.2"
+ "tags" : "sso,keycloak,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.0 + MySQL (Ephemeral)"
},
"name": "sso70-mysql"
},
"labels": {
"template": "sso70-mysql",
- "xpaas" : "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new SSO service (using MySQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "sso",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/KeycloakDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "sso-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "sso-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate (e.g. jboss)",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate (e.g. mykeystorepass)",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
- "required": false
+ "required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -129,6 +151,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -136,30 +159,35 @@
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "sso-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate (e.g. secret-key)",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate (e.g. password)",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -167,58 +195,76 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "SSO Admin Username",
"description": "SSO Server admin username",
"name": "SSO_ADMIN_USERNAME",
- "value": "admin",
- "required": false
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
},
{
+ "displayName": "SSO Admin Password",
"description": "SSO Server admin password",
"name": "SSO_ADMIN_PASSWORD",
- "value": "admin",
- "required": false
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
},
{
+ "displayName": "SSO Realm",
"description": "Realm to be created in the SSO server (e.g. demo).",
"name": "SSO_REALM",
"value": "",
"required": false
},
{
+ "displayName": "SSO Service Username",
"description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
"name": "SSO_SERVICE_USERNAME",
"value": "",
"required": false
},
{
+ "displayName": "SSO Service Password",
"description": "The password for the SSO service user.",
"name": "SSO_SERVICE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store",
"description": "The name of the truststore file within the secret (e.g. truststore.jks)",
"name": "SSO_TRUSTSTORE",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Password",
"description": "The password for the truststore and certificate (e.g. mykeystorepass)",
"name": "SSO_TRUSTSTORE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Secret",
"description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
"name": "SSO_TRUSTSTORE_SECRET",
"value": "sso-app-secret",
"required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -240,10 +286,11 @@
"name": "${APPLICATION_NAME}",
"labels": {
"application": "${APPLICATION_NAME}",
- "component": "server"
+ "component": "server"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -268,7 +315,8 @@
"component": "server"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -349,7 +397,7 @@
"name": "${APPLICATION_NAME}",
"labels": {
"application": "${APPLICATION_NAME}",
- "component": "server"
+ "component": "server"
}
},
"spec": {
@@ -364,10 +412,10 @@
"containerNames": [
"${APPLICATION_NAME}"
],
- "from": {
+ "from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "redhat-sso70-openshift:1.3"
+ "name": "redhat-sso70-openshift:1.4"
}
}
},
@@ -641,7 +689,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso70-postgresql-persistent.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso70-postgresql-persistent.json
index 4c2f81f2e..e22399351 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso70-postgresql-persistent.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso70-postgresql-persistent.json
@@ -5,108 +5,127 @@
"annotations": {
"description": "Application template for SSO 7.0 PostgreSQL applications with persistent storage",
"iconClass" : "icon-jboss",
- "tags" : "sso,keycloak,postrgresql,java,database,jboss,xpaas",
- "version" : "1.3.2"
+ "tags" : "sso,keycloak,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.0 + PostgreSQL (Persistent)"
},
"name": "sso70-postgresql-persistent"
},
"labels": {
"template": "sso70-postgresql-persistent",
- "xpaas" : "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent SSO service (using PostgreSQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "sso",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/KeycloakDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "sso-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "sso-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate (e.g. jboss)",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate (e.g. mykeystorepass)",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
- "required": false
+ "required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -114,6 +133,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -121,36 +141,42 @@
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "sso-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate (e.g. secret-key)",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate (e.g. password)",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -158,58 +184,76 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "SSO Admin Username",
"description": "SSO Server admin username",
"name": "SSO_ADMIN_USERNAME",
- "value": "admin",
- "required": false
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
},
{
+ "displayName": "SSO Admin Password",
"description": "SSO Server admin password",
"name": "SSO_ADMIN_PASSWORD",
- "value": "admin",
- "required": false
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
},
{
+ "displayName": "SSO Realm",
"description": "Realm to be created in the SSO server (e.g. demo).",
"name": "SSO_REALM",
"value": "",
"required": false
},
{
+ "displayName": "SSO Service Username",
"description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
"name": "SSO_SERVICE_USERNAME",
"value": "",
"required": false
},
{
+ "displayName": "SSO Service Password",
"description": "The password for the SSO service user.",
"name": "SSO_SERVICE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store",
"description": "The name of the truststore file within the secret (e.g. truststore.jks)",
"name": "SSO_TRUSTSTORE",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Password",
"description": "The password for the truststore and certificate (e.g. mykeystorepass)",
"name": "SSO_TRUSTSTORE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Secret",
"description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
"name": "SSO_TRUSTSTORE_SECRET",
"value": "sso-app-secret",
"required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -233,7 +277,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -257,7 +302,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -349,10 +395,10 @@
"containerNames": [
"${APPLICATION_NAME}"
],
- "from": {
+ "from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "redhat-sso70-openshift:1.3"
+ "name": "redhat-sso70-openshift:1.4"
}
}
},
@@ -624,7 +670,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso70-postgresql.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso70-postgresql.json
index d8402ef72..aa8ebaa8e 100644
--- a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso70-postgresql.json
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso70-postgresql.json
@@ -5,108 +5,127 @@
"annotations": {
"description": "Application template for SSO 7.0 PostgreSQL applications",
"iconClass" : "icon-jboss",
- "tags" : "sso,keycloak,postrgresql,java,database,jboss,xpaas",
- "version" : "1.3.2"
+ "tags" : "sso,keycloak,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.0 + PostgreSQL (Ephemeral)"
},
"name": "sso70-postgresql"
},
"labels": {
"template": "sso70-postgresql",
- "xpaas" : "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new SSO service (using PostgreSQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "sso",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/KeycloakDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "sso-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "sso-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate (e.g. jboss)",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate (e.g. mykeystorepass)",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
- "required": false
+ "required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -114,6 +133,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -121,30 +141,35 @@
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "sso-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate (e.g. secret-key)",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate (e.g. password)",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -152,58 +177,76 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "SSO Admin Username",
"description": "SSO Server admin username",
"name": "SSO_ADMIN_USERNAME",
- "value": "admin",
- "required": false
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
},
{
+ "displayName": "SSO Admin Password",
"description": "SSO Server admin password",
"name": "SSO_ADMIN_PASSWORD",
- "value": "admin",
- "required": false
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
},
{
+ "displayName": "SSO Realm",
"description": "Realm to be created in the SSO server (e.g. demo).",
"name": "SSO_REALM",
"value": "",
"required": false
},
{
+ "displayName": "SSO Service Username",
"description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
"name": "SSO_SERVICE_USERNAME",
"value": "",
"required": false
},
{
+ "displayName": "SSO Service Password",
"description": "The password for the SSO service user.",
"name": "SSO_SERVICE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store",
"description": "The name of the truststore file within the secret (e.g. truststore.jks)",
"name": "SSO_TRUSTSTORE",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Password",
"description": "The password for the truststore and certificate (e.g. mykeystorepass)",
"name": "SSO_TRUSTSTORE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Secret",
"description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
"name": "SSO_TRUSTSTORE_SECRET",
"value": "sso-app-secret",
"required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -228,7 +271,8 @@
"component": "server"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -253,7 +297,8 @@
"component": "server"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -349,10 +394,10 @@
"containerNames": [
"${APPLICATION_NAME}"
],
- "from": {
+ "from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "redhat-sso70-openshift:1.3"
+ "name": "redhat-sso70-openshift:1.4"
}
}
},
@@ -626,7 +671,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso71-https.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso71-https.json
new file mode 100644
index 000000000..bee86d7c4
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso71-https.json
@@ -0,0 +1,544 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for SSO 7.1",
+ "iconClass" : "icon-jboss",
+ "tags" : "sso,keycloak,jboss,xpaas",
+ "version": "1.0.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.1"
+ },
+ "name": "sso71-https"
+ },
+ "labels": {
+ "template": "sso71-https",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new SSO service has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "sso",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "sso-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate (e.g. jboss)",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. mykeystorepass)",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate (e.g. secret-key)",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. password)",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Username",
+ "description": "SSO Server admin username",
+ "name": "SSO_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Password",
+ "description": "SSO Server admin password",
+ "name": "SSO_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Realm",
+ "description": "Realm to be created in the SSO server (e.g. demo).",
+ "name": "SSO_REALM",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Username",
+ "description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Password",
+ "description": "The password for the SSO service user.",
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store",
+ "description": "The name of the truststore file within the secret (e.g. truststore.jks)",
+ "name": "SSO_TRUSTSTORE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Password",
+ "description": "The password for the truststore and certificate (e.g. mykeystorepass)",
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Secret",
+ "description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
+ "name": "SSO_TRUSTSTORE_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "redhat-sso71-openshift:1.1"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "sso-truststore-volume",
+ "mountPath": "/etc/sso-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "lifecycle": {
+ "preStop": {
+ "exec": {
+ "command": [
+ "/opt/eap/bin/jboss-cli.sh",
+ "-c",
+ ":shutdown(timeout=60)"
+ ]
+ }
+ }
+ },
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "SSO_ADMIN_USERNAME",
+ "value": "${SSO_ADMIN_USERNAME}"
+ },
+ {
+ "name": "SSO_ADMIN_PASSWORD",
+ "value": "${SSO_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "SSO_REALM",
+ "value": "${SSO_REALM}"
+ },
+ {
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "${SSO_SERVICE_USERNAME}"
+ },
+ {
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "${SSO_SERVICE_PASSWORD}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE",
+ "value": "${SSO_TRUSTSTORE}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_DIR",
+ "value": "/etc/sso-secret-volume"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "${SSO_TRUSTSTORE_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ },
+ {
+ "name": "sso-truststore-volume",
+ "secret": {
+ "secretName": "${SSO_TRUSTSTORE_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso71-mysql-persistent.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso71-mysql-persistent.json
new file mode 100644
index 000000000..49b37f348
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso71-mysql-persistent.json
@@ -0,0 +1,799 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for SSO 7.1 MySQL applications with persistent storage",
+ "iconClass" : "icon-jboss",
+ "tags" : "sso,keycloak,jboss,xpaas",
+ "version": "1.0.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.1 + MySQL (Persistent)"
+ },
+ "name": "sso71-mysql-persistent"
+ },
+ "labels": {
+ "template": "sso71-mysql-persistent",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new persistent SSO service (using MySQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "sso",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/KeycloakDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "sso-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate (e.g. jboss)",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. mykeystorepass)",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate (e.g. secret-key)",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. password)",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Username",
+ "description": "SSO Server admin username",
+ "name": "SSO_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Password",
+ "description": "SSO Server admin password",
+ "name": "SSO_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Realm",
+ "description": "Realm to be created in the SSO server (e.g. demo).",
+ "name": "SSO_REALM",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Username",
+ "description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Password",
+ "description": "The password for the SSO service user.",
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store",
+ "description": "The name of the truststore file within the secret (e.g. truststore.jks)",
+ "name": "SSO_TRUSTSTORE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Password",
+ "description": "The password for the truststore and certificate (e.g. mykeystorepass)",
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Secret",
+ "description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
+ "name": "SSO_TRUSTSTORE_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "redhat-sso71-openshift:1.1"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "sso-truststore-volume",
+ "mountPath": "/etc/sso-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "lifecycle": {
+ "preStop": {
+ "exec": {
+ "command": [
+ "/opt/eap/bin/jboss-cli.sh",
+ "-c",
+ ":shutdown(timeout=60)"
+ ]
+ }
+ }
+ },
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "SSO_ADMIN_USERNAME",
+ "value": "${SSO_ADMIN_USERNAME}"
+ },
+ {
+ "name": "SSO_ADMIN_PASSWORD",
+ "value": "${SSO_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "SSO_REALM",
+ "value": "${SSO_REALM}"
+ },
+ {
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "${SSO_SERVICE_USERNAME}"
+ },
+ {
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "${SSO_SERVICE_PASSWORD}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE",
+ "value": "${SSO_TRUSTSTORE}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_DIR",
+ "value": "/etc/sso-secret-volume"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "${SSO_TRUSTSTORE_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ },
+ {
+ "name": "sso-truststore-volume",
+ "secret": {
+ "secretName": "${SSO_TRUSTSTORE_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/mysql/data",
+ "name": "${APPLICATION_NAME}-mysql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-mysql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-mysql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso71-mysql.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso71-mysql.json
new file mode 100644
index 000000000..634a75bab
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso71-mysql.json
@@ -0,0 +1,767 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for SSO 7.1 MySQL applications",
+ "iconClass" : "icon-jboss",
+ "tags" : "sso,keycloak,jboss,xpaas",
+ "version": "1.0.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.1 + MySQL (Ephemeral)"
+ },
+ "name": "sso71-mysql"
+ },
+ "labels": {
+ "template": "sso71-mysql",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new SSO service (using MySQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "sso",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/KeycloakDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "sso-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate (e.g. jboss)",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. mykeystorepass)",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate (e.g. secret-key)",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. password)",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Username",
+ "description": "SSO Server admin username",
+ "name": "SSO_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Password",
+ "description": "SSO Server admin password",
+ "name": "SSO_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Realm",
+ "description": "Realm to be created in the SSO server (e.g. demo).",
+ "name": "SSO_REALM",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Username",
+ "description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Password",
+ "description": "The password for the SSO service user.",
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store",
+ "description": "The name of the truststore file within the secret (e.g. truststore.jks)",
+ "name": "SSO_TRUSTSTORE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Password",
+ "description": "The password for the truststore and certificate (e.g. mykeystorepass)",
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Secret",
+ "description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
+ "name": "SSO_TRUSTSTORE_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "database"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "redhat-sso71-openshift:1.1"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "sso-truststore-volume",
+ "mountPath": "/etc/sso-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "lifecycle": {
+ "preStop": {
+ "exec": {
+ "command": [
+ "/opt/eap/bin/jboss-cli.sh",
+ "-c",
+ ":shutdown(timeout=60)"
+ ]
+ }
+ }
+ },
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "SSO_ADMIN_USERNAME",
+ "value": "${SSO_ADMIN_USERNAME}"
+ },
+ {
+ "name": "SSO_ADMIN_PASSWORD",
+ "value": "${SSO_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "SSO_REALM",
+ "value": "${SSO_REALM}"
+ },
+ {
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "${SSO_SERVICE_USERNAME}"
+ },
+ {
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "${SSO_SERVICE_PASSWORD}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE",
+ "value": "${SSO_TRUSTSTORE}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_DIR",
+ "value": "/etc/sso-secret-volume"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "${SSO_TRUSTSTORE_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ },
+ {
+ "name": "sso-truststore-volume",
+ "secret": {
+ "secretName": "${SSO_TRUSTSTORE_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "database"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}",
+ "component": "database"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso71-postgresql-persistent.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso71-postgresql-persistent.json
new file mode 100644
index 000000000..c53bb9d5b
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso71-postgresql-persistent.json
@@ -0,0 +1,773 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for SSO 7.1 PostgreSQL applications with persistent storage",
+ "iconClass" : "icon-jboss",
+ "tags" : "sso,keycloak,jboss,xpaas",
+ "version": "1.0.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.1 + PostgreSQL (Persistent)"
+ },
+ "name": "sso71-postgresql-persistent"
+ },
+ "labels": {
+ "template": "sso71-postgresql-persistent",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new persistent SSO service (using PostgreSQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "sso",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/KeycloakDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "sso-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate (e.g. jboss)",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. mykeystorepass)",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate (e.g. secret-key)",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. password)",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Username",
+ "description": "SSO Server admin username",
+ "name": "SSO_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Password",
+ "description": "SSO Server admin password",
+ "name": "SSO_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Realm",
+ "description": "Realm to be created in the SSO server (e.g. demo).",
+ "name": "SSO_REALM",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Username",
+ "description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Password",
+ "description": "The password for the SSO service user.",
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store",
+ "description": "The name of the truststore file within the secret (e.g. truststore.jks)",
+ "name": "SSO_TRUSTSTORE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Password",
+ "description": "The password for the truststore and certificate (e.g. mykeystorepass)",
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Secret",
+ "description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
+ "name": "SSO_TRUSTSTORE_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "redhat-sso71-openshift:1.1"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "sso-truststore-volume",
+ "mountPath": "/etc/sso-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "lifecycle": {
+ "preStop": {
+ "exec": {
+ "command": [
+ "/opt/eap/bin/jboss-cli.sh",
+ "-c",
+ ":shutdown(timeout=60)"
+ ]
+ }
+ }
+ },
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "SSO_ADMIN_USERNAME",
+ "value": "${SSO_ADMIN_USERNAME}"
+ },
+ {
+ "name": "SSO_ADMIN_PASSWORD",
+ "value": "${SSO_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "SSO_REALM",
+ "value": "${SSO_REALM}"
+ },
+ {
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "${SSO_SERVICE_USERNAME}"
+ },
+ {
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "${SSO_SERVICE_PASSWORD}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE",
+ "value": "${SSO_TRUSTSTORE}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_DIR",
+ "value": "/etc/sso-secret-volume"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "${SSO_TRUSTSTORE_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ },
+ {
+ "name": "sso-truststore-volume",
+ "secret": {
+ "secretName": "${SSO_TRUSTSTORE_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/pgsql/data",
+ "name": "${APPLICATION_NAME}-postgresql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-postgresql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso71-postgresql.json b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso71-postgresql.json
new file mode 100644
index 000000000..c1fc41eda
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v1.5/xpaas-templates/sso71-postgresql.json
@@ -0,0 +1,741 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for SSO 7.1 PostgreSQL applications",
+ "iconClass" : "icon-jboss",
+ "tags" : "sso,keycloak,jboss,xpaas",
+ "version": "1.0.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.1 + PostgreSQL (Ephemeral)"
+ },
+ "name": "sso71-postgresql"
+ },
+ "labels": {
+ "template": "sso71-postgresql",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new SSO service (using PostgreSQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "sso",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/KeycloakDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "sso-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate (e.g. jboss)",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. mykeystorepass)",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate (e.g. secret-key)",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. password)",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Username",
+ "description": "SSO Server admin username",
+ "name": "SSO_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Password",
+ "description": "SSO Server admin password",
+ "name": "SSO_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Realm",
+ "description": "Realm to be created in the SSO server (e.g. demo).",
+ "name": "SSO_REALM",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Username",
+ "description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Password",
+ "description": "The password for the SSO service user.",
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store",
+ "description": "The name of the truststore file within the secret (e.g. truststore.jks)",
+ "name": "SSO_TRUSTSTORE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Password",
+ "description": "The password for the truststore and certificate (e.g. mykeystorepass)",
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Secret",
+ "description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
+ "name": "SSO_TRUSTSTORE_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "database"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "redhat-sso71-openshift:1.1"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "sso-truststore-volume",
+ "mountPath": "/etc/sso-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "lifecycle": {
+ "preStop": {
+ "exec": {
+ "command": [
+ "/opt/eap/bin/jboss-cli.sh",
+ "-c",
+ ":shutdown(timeout=60)"
+ ]
+ }
+ }
+ },
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "SSO_ADMIN_USERNAME",
+ "value": "${SSO_ADMIN_USERNAME}"
+ },
+ {
+ "name": "SSO_ADMIN_PASSWORD",
+ "value": "${SSO_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "SSO_REALM",
+ "value": "${SSO_REALM}"
+ },
+ {
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "${SSO_SERVICE_USERNAME}"
+ },
+ {
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "${SSO_SERVICE_PASSWORD}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE",
+ "value": "${SSO_TRUSTSTORE}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_DIR",
+ "value": "/etc/sso-secret-volume"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "${SSO_TRUSTSTORE_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ },
+ {
+ "name": "sso-truststore-volume",
+ "secret": {
+ "secretName": "${SSO_TRUSTSTORE_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "database"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}",
+ "component": "database"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.6/cfme-templates/cfme-pv-app-example.yaml b/roles/openshift_examples/files/examples/v3.6/cfme-templates/cfme-pv-app-example.yaml
deleted file mode 100644
index 14bdd1dca..000000000
--- a/roles/openshift_examples/files/examples/v3.6/cfme-templates/cfme-pv-app-example.yaml
+++ /dev/null
@@ -1,13 +0,0 @@
-apiVersion: v1
-kind: PersistentVolume
-metadata:
- name: cloudforms
-spec:
- capacity:
- storage: 2Gi
- accessModes:
- - ReadWriteOnce
- nfs:
- path: /opt/nfs/volumes-app
- server: 10.19.0.216
- persistentVolumeReclaimPolicy: Recycle
diff --git a/roles/openshift_examples/files/examples/v3.6/cfme-templates/cfme-pv-db-example.yaml b/roles/openshift_examples/files/examples/v3.6/cfme-templates/cfme-pv-db-example.yaml
new file mode 100644
index 000000000..250a99b8d
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.6/cfme-templates/cfme-pv-db-example.yaml
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+ name: cfme-pv01
+spec:
+ capacity:
+ storage: 15Gi
+ accessModes:
+ - ReadWriteOnce
+ nfs:
+ path: /exports/cfme-pv01
+ server: <your-nfs-host-here>
+ persistentVolumeReclaimPolicy: Retain
diff --git a/roles/openshift_examples/files/examples/v3.6/cfme-templates/cfme-pv-example.yaml b/roles/openshift_examples/files/examples/v3.6/cfme-templates/cfme-pv-example.yaml
deleted file mode 100644
index 709d8d976..000000000
--- a/roles/openshift_examples/files/examples/v3.6/cfme-templates/cfme-pv-example.yaml
+++ /dev/null
@@ -1,13 +0,0 @@
-apiVersion: v1
-kind: PersistentVolume
-metadata:
- name: nfs-pv01
-spec:
- capacity:
- storage: 2Gi
- accessModes:
- - ReadWriteOnce
- nfs:
- path: /opt/nfs/volumes
- server: 10.19.0.216
- persistentVolumeReclaimPolicy: Recycle
diff --git a/roles/openshift_examples/files/examples/v3.6/cfme-templates/cfme-pv-region-example.yaml b/roles/openshift_examples/files/examples/v3.6/cfme-templates/cfme-pv-region-example.yaml
new file mode 100644
index 000000000..cba9bbe35
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.6/cfme-templates/cfme-pv-region-example.yaml
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+ name: cfme-pv02
+spec:
+ capacity:
+ storage: 5Gi
+ accessModes:
+ - ReadWriteOnce
+ nfs:
+ path: /exports/cfme-pv02
+ server: <your-nfs-host-here>
+ persistentVolumeReclaimPolicy: Retain
diff --git a/roles/openshift_examples/files/examples/v3.6/cfme-templates/cfme-pv-server-example.yaml b/roles/openshift_examples/files/examples/v3.6/cfme-templates/cfme-pv-server-example.yaml
new file mode 100644
index 000000000..c08c21265
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.6/cfme-templates/cfme-pv-server-example.yaml
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+ name: cfme-pv03
+spec:
+ capacity:
+ storage: 5Gi
+ accessModes:
+ - ReadWriteOnce
+ nfs:
+ path: /exports/cfme-pv03
+ server: <your-nfs-host-here>
+ persistentVolumeReclaimPolicy: Retain
diff --git a/roles/openshift_examples/files/examples/v3.6/cfme-templates/cfme-template.yaml b/roles/openshift_examples/files/examples/v3.6/cfme-templates/cfme-template.yaml
index 4f25a9c8f..3bc6c5813 100644
--- a/roles/openshift_examples/files/examples/v3.6/cfme-templates/cfme-template.yaml
+++ b/roles/openshift_examples/files/examples/v3.6/cfme-templates/cfme-template.yaml
@@ -17,6 +17,7 @@ objects:
service.alpha.openshift.io/dependencies: '[{"name":"${DATABASE_SERVICE_NAME}","namespace":"","kind":"Service"},{"name":"${MEMCACHED_SERVICE_NAME}","namespace":"","kind":"Service"}]'
name: ${NAME}
spec:
+ clusterIP: None
ports:
- name: http
port: 80
@@ -48,11 +49,27 @@ objects:
annotations:
description: "Keeps track of changes in the CloudForms app image"
spec:
- dockerImageRepository: registry.access.redhat.com/cloudforms/cfme-openshift-app
+ dockerImageRepository: "${APPLICATION_IMG_NAME}"
+- apiVersion: v1
+ kind: ImageStream
+ metadata:
+ name: cfme-openshift-postgresql
+ annotations:
+ description: "Keeps track of changes in the CloudForms postgresql image"
+ spec:
+ dockerImageRepository: "${POSTGRESQL_IMG_NAME}"
+- apiVersion: v1
+ kind: ImageStream
+ metadata:
+ name: cfme-openshift-memcached
+ annotations:
+ description: "Keeps track of changes in the CloudForms memcached image"
+ spec:
+ dockerImageRepository: "${MEMCACHED_IMG_NAME}"
- apiVersion: v1
kind: PersistentVolumeClaim
metadata:
- name: ${DATABASE_SERVICE_NAME}
+ name: "${NAME}-${DATABASE_SERVICE_NAME}"
spec:
accessModes:
- ReadWriteOnce
@@ -62,45 +79,41 @@ objects:
- apiVersion: v1
kind: PersistentVolumeClaim
metadata:
- name: ${NAME}
+ name: "${NAME}-region"
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
- storage: ${APPLICATION_VOLUME_CAPACITY}
-- apiVersion: v1
- kind: "DeploymentConfig"
+ storage: ${APPLICATION_REGION_VOLUME_CAPACITY}
+- apiVersion: apps/v1beta1
+ kind: "StatefulSet"
metadata:
name: ${NAME}
annotations:
description: "Defines how to deploy the CloudForms appliance"
spec:
+ serviceName: "${NAME}"
+ replicas: 1
template:
metadata:
labels:
name: ${NAME}
name: ${NAME}
spec:
- volumes:
- -
- name: "cfme-app-volume"
- persistentVolumeClaim:
- claimName: ${NAME}
containers:
- - image: cloudforms/cfme-openshift-app:${APPLICATION_IMG_TAG}
- imagePullPolicy: IfNotPresent
- name: cloudforms
+ - name: cloudforms
+ image: "${APPLICATION_IMG_NAME}:${APPLICATION_IMG_TAG}"
livenessProbe:
- httpGet:
- path: /
- port: 80
+ tcpSocket:
+ port: 443
initialDelaySeconds: 480
timeoutSeconds: 3
readinessProbe:
httpGet:
path: /
- port: 80
+ port: 443
+ scheme: HTTPS
initialDelaySeconds: 200
timeoutSeconds: 3
ports:
@@ -112,8 +125,11 @@ objects:
privileged: true
volumeMounts:
-
- name: "cfme-app-volume"
+ name: "${NAME}-server"
mountPath: "/persistent"
+ -
+ name: "${NAME}-region"
+ mountPath: "/persistent-region"
env:
-
name: "APPLICATION_INIT_DELAY"
@@ -144,29 +160,32 @@ objects:
value: "${POSTGRESQL_SHARED_BUFFERS}"
resources:
requests:
- memory: "${MEMORY_APPLICATION_MIN}"
+ memory: "${APPLICATION_MEM_REQ}"
+ cpu: "${APPLICATION_CPU_REQ}"
+ limits:
+ memory: "${APPLICATION_MEM_LIMIT}"
lifecycle:
preStop:
exec:
command:
- /opt/rh/cfme-container-scripts/sync-pv-data
- replicas: 1
- selector:
- name: ${NAME}
- triggers:
- - type: "ConfigChange"
- - type: "ImageChange"
- imageChangeParams:
- automatic: true
- containerNames:
- - "cloudforms"
- from:
- kind: "ImageStreamTag"
- name: "cfme-openshift-app:${APPLICATION_IMG_TAG}"
- strategy:
- type: "Recreate"
- recreateParams:
- timeoutSeconds: 1200
+ volumes:
+ -
+ name: "${NAME}-region"
+ persistentVolumeClaim:
+ claimName: ${NAME}-region
+ volumeClaimTemplates:
+ - metadata:
+ name: "${NAME}-server"
+ annotations:
+ # Uncomment this if using dynamic volume provisioning.
+ # https://docs.openshift.org/latest/install_config/persistent_storage/dynamically_provisioning_pvs.html
+ # volume.alpha.kubernetes.io/storage-class: anything
+ spec:
+ accessModes: [ ReadWriteOnce ]
+ resources:
+ requests:
+ storage: "${APPLICATION_VOLUME_CAPACITY}"
- apiVersion: v1
kind: "Service"
metadata:
@@ -182,14 +201,6 @@ objects:
selector:
name: "${MEMCACHED_SERVICE_NAME}"
- apiVersion: v1
- kind: ImageStream
- metadata:
- name: cfme-openshift-memcached
- annotations:
- description: "Keeps track of changes in the CloudForms memcached image"
- spec:
- dockerImageRepository: registry.access.redhat.com/cloudforms/cfme-openshift-memcached
-- apiVersion: v1
kind: "DeploymentConfig"
metadata:
name: "${MEMCACHED_SERVICE_NAME}"
@@ -223,7 +234,7 @@ objects:
containers:
-
name: "memcached"
- image: "cloudforms/cfme-openshift-memcached:${MEMCACHED_IMG_TAG}"
+ image: "${MEMCACHED_IMG_NAME}:${MEMCACHED_IMG_TAG}"
ports:
-
containerPort: 11211
@@ -249,8 +260,11 @@ objects:
name: "MEMCACHED_SLAB_PAGE_SIZE"
value: "${MEMCACHED_SLAB_PAGE_SIZE}"
resources:
+ requests:
+ memory: "${MEMCACHED_MEM_REQ}"
+ cpu: "${MEMCACHED_CPU_REQ}"
limits:
- memory: "${MEMORY_MEMCACHED_LIMIT}"
+ memory: "${MEMCACHED_MEM_LIMIT}"
- apiVersion: v1
kind: "Service"
metadata:
@@ -266,14 +280,6 @@ objects:
selector:
name: "${DATABASE_SERVICE_NAME}"
- apiVersion: v1
- kind: ImageStream
- metadata:
- name: cfme-openshift-postgresql
- annotations:
- description: "Keeps track of changes in the CloudForms postgresql image"
- spec:
- dockerImageRepository: registry.access.redhat.com/cloudforms/cfme-openshift-postgresql
-- apiVersion: v1
kind: "DeploymentConfig"
metadata:
name: "${DATABASE_SERVICE_NAME}"
@@ -307,11 +313,11 @@ objects:
-
name: "cfme-pgdb-volume"
persistentVolumeClaim:
- claimName: ${DATABASE_SERVICE_NAME}
+ claimName: "${NAME}-${DATABASE_SERVICE_NAME}"
containers:
-
name: "postgresql"
- image: "cloudforms/cfme-openshift-postgresql:${POSTGRESQL_IMG_TAG}"
+ image: "${POSTGRESQL_IMG_NAME}:${POSTGRESQL_IMG_TAG}"
ports:
-
containerPort: 5432
@@ -350,8 +356,11 @@ objects:
name: "POSTGRESQL_SHARED_BUFFERS"
value: "${POSTGRESQL_SHARED_BUFFERS}"
resources:
+ requests:
+ memory: "${POSTGRESQL_MEM_REQ}"
+ cpu: "${POSTGRESQL_CPU_REQ}"
limits:
- memory: "${MEMORY_POSTGRESQL_LIMIT}"
+ memory: "${POSTGRESQL_MEM_LIMIT}"
parameters:
-
@@ -420,36 +429,87 @@ parameters:
name: "POSTGRESQL_SHARED_BUFFERS"
displayName: "PostgreSQL Shared Buffer Amount"
description: "Amount of memory dedicated for PostgreSQL shared memory buffers."
- value: "64MB"
+ value: "256MB"
-
- name: "MEMORY_APPLICATION_MIN"
- displayName: "Application Memory Minimum"
+ name: "APPLICATION_CPU_REQ"
+ displayName: "Application Min CPU Requested"
+ required: true
+ description: "Minimum amount of CPU time the Application container will need (expressed in millicores)."
+ value: "1000m"
+ -
+ name: "POSTGRESQL_CPU_REQ"
+ displayName: "PostgreSQL Min CPU Requested"
+ required: true
+ description: "Minimum amount of CPU time the PostgreSQL container will need (expressed in millicores)."
+ value: "500m"
+ -
+ name: "MEMCACHED_CPU_REQ"
+ displayName: "Memcached Min CPU Requested"
+ required: true
+ description: "Minimum amount of CPU time the Memcached container will need (expressed in millicores)."
+ value: "200m"
+ -
+ name: "APPLICATION_MEM_REQ"
+ displayName: "Application Min RAM Requested"
required: true
description: "Minimum amount of memory the Application container will need."
- value: "4096Mi"
+ value: "6144Mi"
+ -
+ name: "POSTGRESQL_MEM_REQ"
+ displayName: "PostgreSQL Min RAM Requested"
+ required: true
+ description: "Minimum amount of memory the PostgreSQL container will need."
+ value: "1024Mi"
-
- name: "MEMORY_POSTGRESQL_LIMIT"
- displayName: "PostgreSQL Memory Limit"
+ name: "MEMCACHED_MEM_REQ"
+ displayName: "Memcached Min RAM Requested"
required: true
- description: "Maximum amount of memory the PostgreSQL container can use."
- value: "2048Mi"
+ description: "Minimum amount of memory the Memcached container will need."
+ value: "64Mi"
-
- name: "MEMORY_MEMCACHED_LIMIT"
- displayName: "Memcached Memory Limit"
+ name: "APPLICATION_MEM_LIMIT"
+ displayName: "Application Max RAM Limit"
required: true
- description: "Maximum amount of memory the Memcached container can use."
+ description: "Maximum amount of memory the Application container can consume."
+ value: "16384Mi"
+ -
+ name: "POSTGRESQL_MEM_LIMIT"
+ displayName: "PostgreSQL Max RAM Limit"
+ required: true
+ description: "Maximum amount of memory the PostgreSQL container can consume."
+ value: "8192Mi"
+ -
+ name: "MEMCACHED_MEM_LIMIT"
+ displayName: "Memcached Max RAM Limit"
+ required: true
+ description: "Maximum amount of memory the Memcached container can consume."
value: "256Mi"
-
+ name: "POSTGRESQL_IMG_NAME"
+ displayName: "PostgreSQL Image Name"
+ description: "This is the PostgreSQL image name requested to deploy."
+ value: "registry.access.redhat.com/cloudforms45/cfme-openshift-postgresql"
+ -
name: "POSTGRESQL_IMG_TAG"
displayName: "PostgreSQL Image Tag"
description: "This is the PostgreSQL image tag/version requested to deploy."
value: "latest"
-
+ name: "MEMCACHED_IMG_NAME"
+ displayName: "Memcached Image Name"
+ description: "This is the Memcached image name requested to deploy."
+ value: "registry.access.redhat.com/cloudforms45/cfme-openshift-memcached"
+ -
name: "MEMCACHED_IMG_TAG"
displayName: "Memcached Image Tag"
description: "This is the Memcached image tag/version requested to deploy."
value: "latest"
-
+ name: "APPLICATION_IMG_NAME"
+ displayName: "Application Image Name"
+ description: "This is the Application image name requested to deploy."
+ value: "registry.access.redhat.com/cloudforms45/cfme-openshift-app"
+ -
name: "APPLICATION_IMG_TAG"
displayName: "Application Image Tag"
description: "This is the Application image tag/version requested to deploy."
@@ -464,16 +524,22 @@ parameters:
displayName: "Application Init Delay"
required: true
description: "Delay in seconds before we attempt to initialize the application."
- value: "30"
+ value: "15"
-
name: "APPLICATION_VOLUME_CAPACITY"
displayName: "Application Volume Capacity"
required: true
description: "Volume space available for application data."
- value: "1Gi"
+ value: "5Gi"
+ -
+ name: "APPLICATION_REGION_VOLUME_CAPACITY"
+ displayName: "Application Region Volume Capacity"
+ required: true
+ description: "Volume space available for region application data."
+ value: "5Gi"
-
name: "DATABASE_VOLUME_CAPACITY"
displayName: "Database Volume Capacity"
required: true
description: "Volume space available for database."
- value: "1Gi"
+ value: "15Gi"
diff --git a/roles/openshift_examples/files/examples/v3.6/cfme-templates/jboss-middleware-manager-pv-example.yaml b/roles/openshift_examples/files/examples/v3.6/cfme-templates/jboss-middleware-manager-pv-example.yaml
new file mode 100644
index 000000000..240f6cbdf
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.6/cfme-templates/jboss-middleware-manager-pv-example.yaml
@@ -0,0 +1,58 @@
+#
+# Copyright 2016-2017 Red Hat, Inc. and/or its affiliates
+# and other contributors as indicated by the @author tags.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+apiVersion: v1
+kind: Template
+parameters:
+- name: HAWKULAR_SERVICES_DATA_LIMIT
+ description: Maximum amount data used by hawkular-services container (mostly logging)
+ displayName: Hawkular Services Container Data Limit
+ value: 1Gi
+- name: CASSANDRA_DATA_LIMIT
+ description: Maximum amount data used by Cassandra container
+ displayName: Cassandra Container Data Limit
+ value: 2Gi
+
+objects:
+- apiVersion: v1
+ kind: PersistentVolume
+ metadata:
+ name: h-services-pv
+ labels:
+ type: h-services
+ spec:
+ capacity:
+ storage: ${HAWKULAR_SERVICES_DATA_LIMIT}
+ accessModes:
+ - ReadWriteOnce
+ persistentVolumeReclaimPolicy: Retain
+ hostPath:
+ path: /tmp/pv-services
+- apiVersion: v1
+ kind: PersistentVolume
+ metadata:
+ name: cassandra-pv
+ labels:
+ type: cassandra
+ spec:
+ capacity:
+ storage: ${CASSANDRA_DATA_LIMIT}
+ accessModes:
+ - ReadWriteOnce
+ persistentVolumeReclaimPolicy: Retain
+ hostPath:
+ path: /tmp/pv-cassandra
diff --git a/roles/openshift_examples/files/examples/v3.6/cfme-templates/jboss-middleware-manager-template.yaml b/roles/openshift_examples/files/examples/v3.6/cfme-templates/jboss-middleware-manager-template.yaml
new file mode 100644
index 000000000..bbc0c7044
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.6/cfme-templates/jboss-middleware-manager-template.yaml
@@ -0,0 +1,254 @@
+#
+# Copyright 2016-2017 Red Hat, Inc. and/or its affiliates
+# and other contributors as indicated by the @author tags.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+apiVersion: v1
+kind: Template
+metadata:
+ name: hawkular-services
+ annotations:
+ openshift.io/display-name: Hawkular Services
+ description: Hawkular-Services all-in-one (including Hawkular Metrics, Hawkular Alerts and Hawkular Inventory).
+ iconClass: icon-wildfly
+ tags: hawkular,hawkular-services,metrics,alerts,manageiq,cassandra
+
+parameters:
+- name: HAWKULAR_SERVICES_IMAGE
+ description: What docker image should be used for hawkular-services.
+ displayName: Hawkular Services Docker Image
+ value: registry.access.redhat.com/jboss-mm-7-tech-preview/middleware-manager:latest
+- name: CASSANDRA_IMAGE
+ description: What docker image should be used for cassandra node.
+ displayName: Cassandra Docker Image
+ value: registry.access.redhat.com/openshift3/metrics-cassandra:3.5.0
+- name: CASSANDRA_MEMORY_LIMIT
+ description: Maximum amount of memory for Cassandra container.
+ displayName: Cassandra Memory Limit
+ value: 2Gi
+- name: CASSANDRA_DATA_LIMIT
+ description: Maximum amount data used by Cassandra container.
+ displayName: Cassandra Container Data Limit
+ value: 2Gi
+- name: HAWKULAR_SERVICES_DATA_LIMIT
+ description: Maximum amount data used by hawkular-services container (mostly logging).
+ displayName: Hawkular Services Container Data Limit
+ value: 1Gi
+- name: ROUTE_NAME
+ description: Public route with this name will be created.
+ displayName: Route Name
+ value: hawkular-services
+- name: ROUTE_HOSTNAME
+ description: Under this hostname the Hawkular Services will be accessible, if left blank a value will be defaulted.
+ displayName: Hostname
+- name: HAWKULAR_USER
+ description: Username that is used for accessing the Hawkular Services, if left blank a value will be generated.
+ displayName: Hawkular User
+ from: '[a-zA-Z0-9]{16}'
+ generate: expression
+- name: HAWKULAR_PASSWORD
+ description: Password that is used for accessing the Hawkular Services, if left blank a value will be generated.
+ displayName: Hawkular Password
+ from: '[a-zA-Z0-9]{16}'
+ generate: expression
+labels:
+ template: hawkular-services
+message: Credentials for hawkular-services are ${HAWKULAR_USER}:${HAWKULAR_PASSWORD}
+
+objects:
+- apiVersion: v1
+ kind: Service
+ metadata:
+ annotations:
+ description: Exposes and load balances the application pods
+ service.alpha.openshift.io/dependencies: '[{"name":"hawkular-cassandra","namespace":"","kind":"Service"}]'
+ name: hawkular-services
+ spec:
+ ports:
+ - name: http-8080-tcp
+ port: 8080
+ protocol: TCP
+ targetPort: 8080
+ - name: admin-9990-tcp
+ port: 9990
+ protocol: TCP
+ targetPort: 9990
+ selector:
+ name: hawkular-services
+ type: ClusterIP
+- apiVersion: v1
+ kind: Service
+ metadata:
+ annotations:
+ description: Cassandra Service
+ name: hawkular-cassandra
+ spec:
+ ports:
+ - name: cql-9042-tcp
+ port: 9042
+ protocol: TCP
+ targetPort: 9042
+ selector:
+ name: hawkular-cassandra
+- apiVersion: v1
+ kind: Route
+ metadata:
+ name: ${ROUTE_NAME}
+ spec:
+ host: ${ROUTE_HOSTNAME}
+ to:
+ kind: Service
+ name: hawkular-services
+ port:
+ targetPort: http-8080-tcp
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ annotations:
+ description: Defines how to deploy the application server
+ name: hawkular-services
+ spec:
+ replicas: 1
+ selector:
+ name: hawkular-services
+ strategy:
+ type: Rolling
+ template:
+ metadata:
+ labels:
+ name: hawkular-services
+ spec:
+ containers:
+ - image: ${HAWKULAR_SERVICES_IMAGE}
+ env:
+ - name: HAWKULAR_BACKEND
+ value: remote
+ - name: CASSANDRA_NODES
+ value: hawkular-cassandra
+ - name: HAWKULAR_USER
+ value: ${HAWKULAR_USER}
+ - name: HAWKULAR_PASSWORD
+ value: ${HAWKULAR_PASSWORD}
+ imagePullPolicy: IfNotPresent
+ name: hawkular-services
+ volumeMounts:
+ - name: h-services-data
+ mountPath: /var/opt/hawkular
+ ports:
+ - containerPort: 8080
+ - containerPort: 9990
+ livenessProbe:
+ exec:
+ command:
+ - /opt/hawkular/bin/ready.sh
+ initialDelaySeconds: 180
+ timeoutSeconds: 3
+ readinessProbe:
+ exec:
+ command:
+ - /opt/hawkular/bin/ready.sh
+ initialDelaySeconds: 120
+ timeoutSeconds: 3
+ periodSeconds: 5
+ successThreshold: 1
+ failureThreshold: 12
+ resources:
+ requests:
+ memory: 1024Mi
+ cpu: 2000m
+ dnsPolicy: ClusterFirst
+ restartPolicy: Always
+ volumes:
+ - name: h-services-data
+ persistentVolumeClaim:
+ claimName: h-services-pvc
+
+- apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ annotations:
+ description: Defines how to deploy the cassandra
+ name: hawkular-cassandra
+ spec:
+ replicas: 1
+ selector:
+ name: hawkular-cassandra
+ strategy:
+ type: Recreate
+ rollingParams:
+ timeoutSeconds: 300
+ template:
+ metadata:
+ labels:
+ name: hawkular-cassandra
+ spec:
+ containers:
+ - image: ${CASSANDRA_IMAGE}
+ imagePullPolicy: Always
+ name: hawkular-cassandra
+ env:
+ - name: DATA_VOLUME
+ value: /var/lib/cassandra
+ volumeMounts:
+ - name: cassandra-data
+ mountPath: /var/lib/cassandra
+ ports:
+ - containerPort: 9042
+ - containerPort: 9160
+ readinessProbe:
+ exec:
+ command: ['nodetool', 'status']
+ initialDelaySeconds: 30
+ timeoutSeconds: 10
+ periodSeconds: 15
+ successThreshold: 1
+ failureThreshold: 3
+ livenessProbe:
+ exec:
+ command: ['nodetool', 'status']
+ initialDelaySeconds: 300
+ timeoutSeconds: 10
+ periodSeconds: 15
+ successThreshold: 1
+ failureThreshold: 3
+ resources:
+ limits:
+ memory: ${CASSANDRA_MEMORY_LIMIT}
+ volumes:
+ - name: cassandra-data
+ persistentVolumeClaim:
+ claimName: cassandra-pvc
+
+- apiVersion: v1
+ kind: PersistentVolumeClaim
+ metadata:
+ name: h-services-pvc
+ spec:
+ accessModes:
+ - ReadWriteOnce
+ resources:
+ requests:
+ storage: 1Gi
+- apiVersion: v1
+ kind: PersistentVolumeClaim
+ metadata:
+ name: cassandra-pvc
+ spec:
+ accessModes:
+ - ReadWriteOnce
+ resources:
+ requests:
+ storage: 1Gi
diff --git a/roles/openshift_examples/files/examples/v3.6/db-templates/mariadb-ephemeral-template.json b/roles/openshift_examples/files/examples/v3.6/db-templates/mariadb-ephemeral-template.json
index f347f1f9f..536f7275e 100644
--- a/roles/openshift_examples/files/examples/v3.6/db-templates/mariadb-ephemeral-template.json
+++ b/roles/openshift_examples/files/examples/v3.6/db-templates/mariadb-ephemeral-template.json
@@ -23,7 +23,12 @@
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
- "name": "${DATABASE_SERVICE_NAME}"
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['database-user']}",
+ "template.openshift.io/expose-password": "{.data['database-password']}",
+ "template.openshift.io/expose-root_password": "{.data['database-root-password']}"
+ }
},
"stringData" : {
"database-user" : "${MYSQL_USER}",
@@ -35,7 +40,10 @@
"kind": "Service",
"apiVersion": "v1",
"metadata": {
- "name": "${DATABASE_SERVICE_NAME}"
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "mysql://{.spec.clusterIP}:{.spec.ports[?(.name==\"mariadb\")].port}"
+ }
},
"spec": {
"ports": [
diff --git a/roles/openshift_examples/files/examples/v3.6/db-templates/mariadb-persistent-template.json b/roles/openshift_examples/files/examples/v3.6/db-templates/mariadb-persistent-template.json
index 6ed744777..3b7fdccce 100644
--- a/roles/openshift_examples/files/examples/v3.6/db-templates/mariadb-persistent-template.json
+++ b/roles/openshift_examples/files/examples/v3.6/db-templates/mariadb-persistent-template.json
@@ -23,7 +23,12 @@
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
- "name": "${DATABASE_SERVICE_NAME}"
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['database-user']}",
+ "template.openshift.io/expose-password": "{.data['database-password']}",
+ "template.openshift.io/expose-root_password": "{.data['database-root-password']}"
+ }
},
"stringData" : {
"database-user" : "${MYSQL_USER}",
@@ -35,7 +40,10 @@
"kind": "Service",
"apiVersion": "v1",
"metadata": {
- "name": "${DATABASE_SERVICE_NAME}"
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "mysql://{.spec.clusterIP}:{.spec.ports[?(.name==\"mariadb\")].port}"
+ }
},
"spec": {
"ports": [
diff --git a/roles/openshift_examples/files/examples/v3.6/db-templates/mongodb-ephemeral-template.json b/roles/openshift_examples/files/examples/v3.6/db-templates/mongodb-ephemeral-template.json
index 97a8abf6d..ee274194f 100644
--- a/roles/openshift_examples/files/examples/v3.6/db-templates/mongodb-ephemeral-template.json
+++ b/roles/openshift_examples/files/examples/v3.6/db-templates/mongodb-ephemeral-template.json
@@ -24,7 +24,12 @@
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
- "name": "${DATABASE_SERVICE_NAME}"
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['database-user']}",
+ "template.openshift.io/expose-password": "{.data['database-password']}",
+ "template.openshift.io/expose-admin_password": "{.data['database-admin-password']}"
+ }
},
"stringData" : {
"database-user" : "${MONGODB_USER}",
@@ -37,7 +42,10 @@
"apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
- "creationTimestamp": null
+ "creationTimestamp": null,
+ "annotations": {
+ "template.openshift.io/expose-uri": "mongodb://{.spec.clusterIP}:{.spec.ports[?(.name==\"mongo\")].port}"
+ }
},
"spec": {
"ports": [
diff --git a/roles/openshift_examples/files/examples/v3.6/db-templates/mongodb-persistent-template.json b/roles/openshift_examples/files/examples/v3.6/db-templates/mongodb-persistent-template.json
index 0656219fb..e5ba43669 100644
--- a/roles/openshift_examples/files/examples/v3.6/db-templates/mongodb-persistent-template.json
+++ b/roles/openshift_examples/files/examples/v3.6/db-templates/mongodb-persistent-template.json
@@ -24,7 +24,12 @@
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
- "name": "${DATABASE_SERVICE_NAME}"
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['database-user']}",
+ "template.openshift.io/expose-password": "{.data['database-password']}",
+ "template.openshift.io/expose-admin_password": "{.data['database-admin-password']}"
+ }
},
"stringData" : {
"database-user" : "${MONGODB_USER}",
@@ -37,7 +42,10 @@
"apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
- "creationTimestamp": null
+ "creationTimestamp": null,
+ "annotations": {
+ "template.openshift.io/expose-uri": "mongodb://{.spec.clusterIP}:{.spec.ports[?(.name==\"mongo\")].port}"
+ }
},
"spec": {
"ports": [
diff --git a/roles/openshift_examples/files/examples/v3.6/db-templates/mysql-ephemeral-template.json b/roles/openshift_examples/files/examples/v3.6/db-templates/mysql-ephemeral-template.json
index d60b4647d..969e62ac5 100644
--- a/roles/openshift_examples/files/examples/v3.6/db-templates/mysql-ephemeral-template.json
+++ b/roles/openshift_examples/files/examples/v3.6/db-templates/mysql-ephemeral-template.json
@@ -23,7 +23,12 @@
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
- "name": "${DATABASE_SERVICE_NAME}"
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['database-user']}",
+ "template.openshift.io/expose-password": "{.data['database-password']}",
+ "template.openshift.io/expose-root_password": "{.data['database-root-password']}"
+ }
},
"stringData" : {
"database-user" : "${MYSQL_USER}",
@@ -36,7 +41,10 @@
"apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
- "creationTimestamp": null
+ "creationTimestamp": null,
+ "annotations": {
+ "template.openshift.io/expose-uri": "mysql://{.spec.clusterIP}:{.spec.ports[?(.name==\"mysql\")].port}"
+ }
},
"spec": {
"ports": [
diff --git a/roles/openshift_examples/files/examples/v3.6/db-templates/mysql-persistent-template.json b/roles/openshift_examples/files/examples/v3.6/db-templates/mysql-persistent-template.json
index c2bfa40fd..4f39d41a5 100644
--- a/roles/openshift_examples/files/examples/v3.6/db-templates/mysql-persistent-template.json
+++ b/roles/openshift_examples/files/examples/v3.6/db-templates/mysql-persistent-template.json
@@ -23,7 +23,12 @@
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
- "name": "${DATABASE_SERVICE_NAME}"
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['database-user']}",
+ "template.openshift.io/expose-password": "{.data['database-password']}",
+ "template.openshift.io/expose-root_password": "{.data['database-root-password']}"
+ }
},
"stringData" : {
"database-user" : "${MYSQL_USER}",
@@ -35,7 +40,10 @@
"kind": "Service",
"apiVersion": "v1",
"metadata": {
- "name": "${DATABASE_SERVICE_NAME}"
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "mysql://{.spec.clusterIP}:{.spec.ports[?(.name==\"mysql\")].port}"
+ }
},
"spec": {
"ports": [
diff --git a/roles/openshift_examples/files/examples/v3.6/db-templates/postgresql-ephemeral-template.json b/roles/openshift_examples/files/examples/v3.6/db-templates/postgresql-ephemeral-template.json
index 7a16e742a..c37102cb0 100644
--- a/roles/openshift_examples/files/examples/v3.6/db-templates/postgresql-ephemeral-template.json
+++ b/roles/openshift_examples/files/examples/v3.6/db-templates/postgresql-ephemeral-template.json
@@ -24,7 +24,11 @@
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
- "name": "${DATABASE_SERVICE_NAME}"
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['database-user']}",
+ "template.openshift.io/expose-password": "{.data['database-password']}"
+ }
},
"stringData" : {
"database-user" : "${POSTGRESQL_USER}",
@@ -36,7 +40,10 @@
"apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
- "creationTimestamp": null
+ "creationTimestamp": null,
+ "annotations": {
+ "template.openshift.io/expose-uri": "postgres://{.spec.clusterIP}:{.spec.ports[?(.name==\"postgresql\")].port}"
+ }
},
"spec": {
"ports": [
diff --git a/roles/openshift_examples/files/examples/v3.6/db-templates/postgresql-persistent-template.json b/roles/openshift_examples/files/examples/v3.6/db-templates/postgresql-persistent-template.json
index 242212d6f..32dc93a95 100644
--- a/roles/openshift_examples/files/examples/v3.6/db-templates/postgresql-persistent-template.json
+++ b/roles/openshift_examples/files/examples/v3.6/db-templates/postgresql-persistent-template.json
@@ -24,7 +24,11 @@
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
- "name": "${DATABASE_SERVICE_NAME}"
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['database-user']}",
+ "template.openshift.io/expose-password": "{.data['database-password']}"
+ }
},
"stringData" : {
"database-user" : "${POSTGRESQL_USER}",
@@ -36,7 +40,10 @@
"apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
- "creationTimestamp": null
+ "creationTimestamp": null,
+ "annotations": {
+ "template.openshift.io/expose-uri": "postgres://{.spec.clusterIP}:{.spec.ports[?(.name==\"postgresql\")].port}"
+ }
},
"spec": {
"ports": [
diff --git a/roles/openshift_examples/files/examples/v3.6/db-templates/redis-ephemeral-template.json b/roles/openshift_examples/files/examples/v3.6/db-templates/redis-ephemeral-template.json
index e9af50937..6bb683e52 100644
--- a/roles/openshift_examples/files/examples/v3.6/db-templates/redis-ephemeral-template.json
+++ b/roles/openshift_examples/files/examples/v3.6/db-templates/redis-ephemeral-template.json
@@ -24,7 +24,10 @@
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
- "name": "${DATABASE_SERVICE_NAME}"
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-password": "{.data['database-password']}"
+ }
},
"stringData" : {
"database-password" : "${REDIS_PASSWORD}"
@@ -35,7 +38,10 @@
"apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
- "creationTimestamp": null
+ "creationTimestamp": null,
+ "annotations": {
+ "template.openshift.io/expose-uri": "redis://{.spec.clusterIP}:{.spec.ports[?(.name==\"redis\")].port}"
+ }
},
"spec": {
"ports": [
diff --git a/roles/openshift_examples/files/examples/v3.6/db-templates/redis-persistent-template.json b/roles/openshift_examples/files/examples/v3.6/db-templates/redis-persistent-template.json
index aa27578a9..9e8be2309 100644
--- a/roles/openshift_examples/files/examples/v3.6/db-templates/redis-persistent-template.json
+++ b/roles/openshift_examples/files/examples/v3.6/db-templates/redis-persistent-template.json
@@ -24,7 +24,10 @@
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
- "name": "${DATABASE_SERVICE_NAME}"
+ "name": "${DATABASE_SERVICE_NAME}",
+ "annotations": {
+ "template.openshift.io/expose-password": "{.data['database-password']}"
+ }
},
"stringData" : {
"database-password" : "${REDIS_PASSWORD}"
@@ -35,7 +38,10 @@
"apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
- "creationTimestamp": null
+ "creationTimestamp": null,
+ "annotations": {
+ "template.openshift.io/expose-uri": "redis://{.spec.clusterIP}:{.spec.ports[?(.name==\"redis\")].port}"
+ }
},
"spec": {
"ports": [
diff --git a/roles/openshift_examples/files/examples/v3.6/image-streams/image-streams-centos7.json b/roles/openshift_examples/files/examples/v3.6/image-streams/image-streams-centos7.json
index 2583018b7..6cef21945 100644
--- a/roles/openshift_examples/files/examples/v3.6/image-streams/image-streams-centos7.json
+++ b/roles/openshift_examples/files/examples/v3.6/image-streams/image-streams-centos7.json
@@ -7,6 +7,51 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
+ "name": "httpd",
+ "annotations": {
+ "openshift.io/display-name": "Httpd"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": "Httpd (Latest)",
+ "description": "Build and serve static content via Httpd on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/httpd-container/blob/master/2.4/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of Httpd available on OpenShift, including major versions updates.",
+ "iconClass": "icon-apache",
+ "tags": "builder,httpd",
+ "supports":"httpd",
+ "sampleRepo": "https://github.com/openshift/httpd-ex.git"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "2.4"
+ }
+ },
+ {
+ "name": "2.4",
+ "annotations": {
+ "openshift.io/display-name": "Httpd 2.4",
+ "description": "Build and serve static content via Httpd on CentOS 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/httpd-container/blob/master/2.4/README.md.",
+ "iconClass": "icon-apache",
+ "tags": "builder,httpd",
+ "supports":"httpd",
+ "version": "2.4",
+ "sampleRepo": "https://github.com/openshift/httpd-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "centos/httpd-24-centos7:latest"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
"name": "ruby",
"annotations": {
"openshift.io/display-name": "Ruby"
diff --git a/roles/openshift_examples/files/examples/v3.6/image-streams/image-streams-rhel7.json b/roles/openshift_examples/files/examples/v3.6/image-streams/image-streams-rhel7.json
index b65f0a5e3..abdae01e3 100644
--- a/roles/openshift_examples/files/examples/v3.6/image-streams/image-streams-rhel7.json
+++ b/roles/openshift_examples/files/examples/v3.6/image-streams/image-streams-rhel7.json
@@ -7,6 +7,51 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
+ "name": "httpd",
+ "annotations": {
+ "openshift.io/display-name": "Httpd"
+ }
+ },
+ "spec": {
+ "tags": [
+ {
+ "name": "latest",
+ "annotations": {
+ "openshift.io/display-name": "Httpd (Latest)",
+ "description": "Build and serve static content via Httpd on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/httpd-container/blob/master/2.4/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version of Httpd available on OpenShift, including major versions updates.",
+ "iconClass": "icon-apache",
+ "tags": "builder,httpd",
+ "supports":"httpd",
+ "sampleRepo": "https://github.com/openshift/httpd-ex.git"
+ },
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "2.4"
+ }
+ },
+ {
+ "name": "2.4",
+ "annotations": {
+ "openshift.io/display-name": "Httpd 2.4",
+ "description": "Build and serve static content via Httpd on RHEL 7. For more information about using this builder image, including OpenShift considerations, see https://github.com/sclorg/httpd-container/blob/master/2.4/README.md.",
+ "iconClass": "icon-apache",
+ "tags": "builder,httpd",
+ "supports":"httpd",
+ "version": "2.4",
+ "sampleRepo": "https://github.com/openshift/httpd-ex.git"
+ },
+ "from": {
+ "kind": "DockerImage",
+ "name": "registry.access.redhat.com/rhscl/httpd-24-rhel7"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
"name": "ruby",
"annotations": {
"openshift.io/display-name": "Ruby"
diff --git a/roles/openshift_examples/files/examples/v3.6/quickstart-templates/README.md b/roles/openshift_examples/files/examples/v3.6/quickstart-templates/README.md
index f48d8d4a8..6d2ccbf7f 100644
--- a/roles/openshift_examples/files/examples/v3.6/quickstart-templates/README.md
+++ b/roles/openshift_examples/files/examples/v3.6/quickstart-templates/README.md
@@ -17,6 +17,7 @@ instantiating them.
* [Dancer persistent](https://raw.githubusercontent.com/openshift/dancer-ex/master/openshift/templates/dancer-mysql-persistent.json) - Provides a basic Dancer (Perl) application with a persistent MySQL database. Note: requires available persistent volumes. For more information see the [source repository](https://github.com/openshift/dancer-ex).
* [Django](https://raw.githubusercontent.com/openshift/django-ex/master/openshift/templates/django-postgresql.json) - Provides a basic Django (Python) application with a PostgreSQL database. For more information see the [source repository](https://github.com/openshift/django-ex).
* [Django persistent](https://raw.githubusercontent.com/openshift/django-ex/master/openshift/templates/django-postgresql-persistent.json) - Provides a basic Django (Python) application with a persistent PostgreSQL database. Note: requires available persistent volumes. For more information see the [source repository](https://github.com/openshift/django-ex).
+* [Httpd](https://raw.githubusercontent.com/openshift/httpd-ex/master/openshift/templates/httpd.json) - Provides a basic Httpd static content application. For more information see the [source repository](https://github.com/openshift/httpd-ex).
* [NodeJS](https://raw.githubusercontent.com/openshift/nodejs-ex/master/openshift/templates/nodejs-mongodb.json) - Provides a basic NodeJS application with a MongoDB database. For more information see the [source repository](https://github.com/openshift/nodejs-ex).
* [NodeJS persistent](https://raw.githubusercontent.com/openshift/nodejs-ex/master/openshift/templates/nodejs-mongodb-persistent.json) - Provides a basic NodeJS application with a persistent MongoDB database. Note: requires available persistent volumes. For more information see the [source repository](https://github.com/openshift/nodejs-ex).
* [Rails](https://raw.githubusercontent.com/openshift/rails-ex/master/openshift/templates/rails-postgresql.json) - Provides a basic Rails (Ruby) application with a PostgreSQL database. For more information see the [source repository](https://github.com/openshift/rails-ex).
diff --git a/roles/openshift_examples/files/examples/v3.6/quickstart-templates/cakephp-mysql-persistent.json b/roles/openshift_examples/files/examples/v3.6/quickstart-templates/cakephp-mysql-persistent.json
index eb3d296be..6d987ee33 100644
--- a/roles/openshift_examples/files/examples/v3.6/quickstart-templates/cakephp-mysql-persistent.json
+++ b/roles/openshift_examples/files/examples/v3.6/quickstart-templates/cakephp-mysql-persistent.json
@@ -60,7 +60,10 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}"
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
@@ -510,7 +513,7 @@
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
- "description": "A secret string used to configure the GitHub webhook.",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
diff --git a/roles/openshift_examples/files/examples/v3.6/quickstart-templates/cakephp-mysql.json b/roles/openshift_examples/files/examples/v3.6/quickstart-templates/cakephp-mysql.json
index da2454d2e..fb2ef206e 100644
--- a/roles/openshift_examples/files/examples/v3.6/quickstart-templates/cakephp-mysql.json
+++ b/roles/openshift_examples/files/examples/v3.6/quickstart-templates/cakephp-mysql.json
@@ -60,7 +60,10 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}"
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
@@ -484,7 +487,7 @@
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
- "description": "A secret string used to configure the GitHub webhook.",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
diff --git a/roles/openshift_examples/files/examples/v3.6/quickstart-templates/dancer-mysql-persistent.json b/roles/openshift_examples/files/examples/v3.6/quickstart-templates/dancer-mysql-persistent.json
index ec335daa0..7ffb25e14 100644
--- a/roles/openshift_examples/files/examples/v3.6/quickstart-templates/dancer-mysql-persistent.json
+++ b/roles/openshift_examples/files/examples/v3.6/quickstart-templates/dancer-mysql-persistent.json
@@ -58,7 +58,10 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}"
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
@@ -475,7 +478,7 @@
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
- "description": "A secret string used to configure the GitHub webhook.",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
diff --git a/roles/openshift_examples/files/examples/v3.6/quickstart-templates/dancer-mysql.json b/roles/openshift_examples/files/examples/v3.6/quickstart-templates/dancer-mysql.json
index 6304586dd..d787e376b 100644
--- a/roles/openshift_examples/files/examples/v3.6/quickstart-templates/dancer-mysql.json
+++ b/roles/openshift_examples/files/examples/v3.6/quickstart-templates/dancer-mysql.json
@@ -58,7 +58,10 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}"
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
@@ -449,7 +452,7 @@
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
- "description": "A secret string used to configure the GitHub webhook.",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
diff --git a/roles/openshift_examples/files/examples/v3.6/quickstart-templates/django-postgresql-persistent.json b/roles/openshift_examples/files/examples/v3.6/quickstart-templates/django-postgresql-persistent.json
index 152bf1c7c..a2070207b 100644
--- a/roles/openshift_examples/files/examples/v3.6/quickstart-templates/django-postgresql-persistent.json
+++ b/roles/openshift_examples/files/examples/v3.6/quickstart-templates/django-postgresql-persistent.json
@@ -58,7 +58,10 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}"
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
@@ -479,7 +482,7 @@
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
- "description": "A secret string used to configure the GitHub webhook.",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
diff --git a/roles/openshift_examples/files/examples/v3.6/quickstart-templates/django-postgresql.json b/roles/openshift_examples/files/examples/v3.6/quickstart-templates/django-postgresql.json
index f3b5f97f3..0d33c6e0e 100644
--- a/roles/openshift_examples/files/examples/v3.6/quickstart-templates/django-postgresql.json
+++ b/roles/openshift_examples/files/examples/v3.6/quickstart-templates/django-postgresql.json
@@ -58,7 +58,10 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}"
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
@@ -453,7 +456,7 @@
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
- "description": "A secret string used to configure the GitHub webhook.",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
diff --git a/roles/openshift_examples/files/examples/v3.6/quickstart-templates/dotnet-example.json b/roles/openshift_examples/files/examples/v3.6/quickstart-templates/dotnet-example.json
index a09d71a00..af46579c8 100644
--- a/roles/openshift_examples/files/examples/v3.6/quickstart-templates/dotnet-example.json
+++ b/roles/openshift_examples/files/examples/v3.6/quickstart-templates/dotnet-example.json
@@ -4,7 +4,7 @@
"metadata": {
"name": "dotnet-example",
"annotations": {
- "openshift.io/display-name": ".NET Core",
+ "openshift.io/display-name": ".NET Core Example",
"description": "An example .NET Core application.",
"tags": "quickstart,dotnet,.net",
"iconClass": "icon-dotnet",
diff --git a/roles/openshift_examples/files/examples/v3.6/quickstart-templates/httpd.json b/roles/openshift_examples/files/examples/v3.6/quickstart-templates/httpd.json
new file mode 100644
index 000000000..ac671cc06
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.6/quickstart-templates/httpd.json
@@ -0,0 +1,274 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "httpd-example",
+ "annotations": {
+ "openshift.io/display-name": "Httpd",
+ "description": "An example Httpd application that serves static content. For more information about using this template, including OpenShift considerations, see https://github.com/openshift/httpd-ex/blob/master/README.md.",
+ "tags": "quickstart,httpd",
+ "iconClass": "icon-apache",
+ "template.openshift.io/long-description": "This template defines resources needed to develop a static application served by httpd, including a build configuration and application deployment configuration.",
+ "template.openshift.io/provider-display-name": "Red Hat, Inc.",
+ "template.openshift.io/documentation-url": "https://github.com/openshift/httpd-ex",
+ "template.openshift.io/support-url": "https://access.redhat.com"
+ }
+ },
+ "message": "The following service(s) have been created in your project: ${NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/openshift/httpd-ex/blob/master/README.md.",
+ "labels": {
+ "template": "httpd-example"
+ },
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Exposes and load balances the application pods"
+ }
+ },
+ "spec": {
+ "ports": [
+ {
+ "name": "web",
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
+ },
+ "spec": {
+ "host": "${APPLICATION_DOMAIN}",
+ "to": {
+ "kind": "Service",
+ "name": "${NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Keeps track of changes in the application image"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to build the application"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${NAMESPACE}",
+ "name": "httpd:2.4"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange"
+ },
+ {
+ "type": "ConfigChange"
+ },
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${NAME}",
+ "annotations": {
+ "description": "Defines how to deploy the application server"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Rolling"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "httpd-example"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "name": "${NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${NAME}",
+ "labels": {
+ "name": "${NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "httpd-example",
+ "image": " ",
+ "ports": [
+ {
+ "containerPort": 8080
+ }
+ ],
+ "readinessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 3,
+ "httpGet": {
+ "path": "/",
+ "port": 8080
+ }
+ },
+ "livenessProbe": {
+ "timeoutSeconds": 3,
+ "initialDelaySeconds": 30,
+ "httpGet": {
+ "path": "/",
+ "port": 8080
+ }
+ },
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ },
+ "env": [
+ ],
+ "resources": {
+ "limits": {
+ "memory": "${MEMORY_LIMIT}"
+ }
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ],
+ "parameters": [
+ {
+ "name": "NAME",
+ "displayName": "Name",
+ "description": "The name assigned to all of the frontend objects defined in this template.",
+ "required": true,
+ "value": "httpd-example"
+ },
+ {
+ "name": "NAMESPACE",
+ "displayName": "Namespace",
+ "description": "The OpenShift Namespace where the ImageStream resides.",
+ "required": true,
+ "value": "openshift"
+ },
+ {
+ "name": "MEMORY_LIMIT",
+ "displayName": "Memory Limit",
+ "description": "Maximum amount of memory the container can use.",
+ "required": true,
+ "value": "512Mi"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_URL",
+ "displayName": "Git Repository URL",
+ "description": "The URL of the repository with your application source code.",
+ "required": true,
+ "value": "https://github.com/openshift/httpd-ex.git"
+ },
+ {
+ "name": "SOURCE_REPOSITORY_REF",
+ "displayName": "Git Reference",
+ "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch."
+ },
+ {
+ "name": "CONTEXT_DIR",
+ "displayName": "Context Directory",
+ "description": "Set this to the relative path to your project if it is not in the root of your repository."
+ },
+ {
+ "name": "APPLICATION_DOMAIN",
+ "displayName": "Application Hostname",
+ "description": "The exposed hostname that will route to the httpd service, if left blank a value will be defaulted.",
+ "value": ""
+ },
+ {
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "displayName": "GitHub Webhook Secret",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{40}"
+ },
+ {
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "displayName": "Generic Webhook Secret",
+ "description": "A secret string used to configure the Generic webhook.",
+ "generate": "expression",
+ "from": "[a-zA-Z0-9]{40}"
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.6/quickstart-templates/jenkins-ephemeral-template.json b/roles/openshift_examples/files/examples/v3.6/quickstart-templates/jenkins-ephemeral-template.json
index 264e4b2de..ce96684a9 100644
--- a/roles/openshift_examples/files/examples/v3.6/quickstart-templates/jenkins-ephemeral-template.json
+++ b/roles/openshift_examples/files/examples/v3.6/quickstart-templates/jenkins-ephemeral-template.json
@@ -22,7 +22,10 @@
"apiVersion": "v1",
"metadata": {
"name": "${JENKINS_SERVICE_NAME}",
- "creationTimestamp": null
+ "creationTimestamp": null,
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
},
"spec": {
"to": {
diff --git a/roles/openshift_examples/files/examples/v3.6/quickstart-templates/jenkins-persistent-template.json b/roles/openshift_examples/files/examples/v3.6/quickstart-templates/jenkins-persistent-template.json
index b47bdf353..34b2b920b 100644
--- a/roles/openshift_examples/files/examples/v3.6/quickstart-templates/jenkins-persistent-template.json
+++ b/roles/openshift_examples/files/examples/v3.6/quickstart-templates/jenkins-persistent-template.json
@@ -22,7 +22,10 @@
"apiVersion": "v1",
"metadata": {
"name": "${JENKINS_SERVICE_NAME}",
- "creationTimestamp": null
+ "creationTimestamp": null,
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
},
"spec": {
"to": {
diff --git a/roles/openshift_examples/files/examples/v3.6/quickstart-templates/nodejs-mongodb-persistent.json b/roles/openshift_examples/files/examples/v3.6/quickstart-templates/nodejs-mongodb-persistent.json
index c570ca5d5..a9c365361 100644
--- a/roles/openshift_examples/files/examples/v3.6/quickstart-templates/nodejs-mongodb-persistent.json
+++ b/roles/openshift_examples/files/examples/v3.6/quickstart-templates/nodejs-mongodb-persistent.json
@@ -58,7 +58,10 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}"
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
@@ -102,7 +105,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${NAMESPACE}",
- "name": "nodejs:4"
+ "name": "nodejs:6"
},
"env": [
{
@@ -491,7 +494,7 @@
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
- "description": "A secret string used to configure the GitHub webhook.",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
diff --git a/roles/openshift_examples/files/examples/v3.6/quickstart-templates/nodejs-mongodb.json b/roles/openshift_examples/files/examples/v3.6/quickstart-templates/nodejs-mongodb.json
index 161f1582e..53a6147d5 100644
--- a/roles/openshift_examples/files/examples/v3.6/quickstart-templates/nodejs-mongodb.json
+++ b/roles/openshift_examples/files/examples/v3.6/quickstart-templates/nodejs-mongodb.json
@@ -58,7 +58,10 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}"
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
@@ -102,7 +105,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${NAMESPACE}",
- "name": "nodejs:4"
+ "name": "nodejs:6"
},
"env": [
{
@@ -467,7 +470,7 @@
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
- "description": "A secret string used to configure the GitHub webhook.",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
diff --git a/roles/openshift_examples/files/examples/v3.6/quickstart-templates/rails-postgresql-persistent.json b/roles/openshift_examples/files/examples/v3.6/quickstart-templates/rails-postgresql-persistent.json
index b400cfdb3..f07a43071 100644
--- a/roles/openshift_examples/files/examples/v3.6/quickstart-templates/rails-postgresql-persistent.json
+++ b/roles/openshift_examples/files/examples/v3.6/quickstart-templates/rails-postgresql-persistent.json
@@ -23,7 +23,11 @@
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}"
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['application-user']}",
+ "template.openshift.io/expose-password": "{.data['application-password']}"
+ }
},
"stringData" : {
"database-user" : "${DATABASE_USER}",
@@ -60,7 +64,10 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}"
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
@@ -526,7 +533,7 @@
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
- "description": "A secret string used to configure the GitHub webhook.",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
diff --git a/roles/openshift_examples/files/examples/v3.6/quickstart-templates/rails-postgresql.json b/roles/openshift_examples/files/examples/v3.6/quickstart-templates/rails-postgresql.json
index fa67412ff..a7992c988 100644
--- a/roles/openshift_examples/files/examples/v3.6/quickstart-templates/rails-postgresql.json
+++ b/roles/openshift_examples/files/examples/v3.6/quickstart-templates/rails-postgresql.json
@@ -23,7 +23,11 @@
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}"
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-username": "{.data['application-user']}",
+ "template.openshift.io/expose-password": "{.data['application-password']}"
+ }
},
"stringData" : {
"database-user" : "${DATABASE_USER}",
@@ -60,7 +64,10 @@
"kind": "Route",
"apiVersion": "v1",
"metadata": {
- "name": "${NAME}"
+ "name": "${NAME}",
+ "annotations": {
+ "template.openshift.io/expose-uri": "http://{.spec.host}{.spec.path}"
+ }
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
@@ -500,7 +507,7 @@
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
- "description": "A secret string used to configure the GitHub webhook.",
+ "description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-streams/jboss-image-streams.json b/roles/openshift_examples/files/examples/v3.6/xpaas-streams/jboss-image-streams.json
index 049f3f884..0bb56452b 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-streams/jboss-image-streams.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-streams/jboss-image-streams.json
@@ -12,7 +12,10 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-webserver30-tomcat7-openshift"
+ "name": "jboss-webserver30-tomcat7-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/jboss-webserver-3/webserver30-tomcat7-openshift",
@@ -23,10 +26,11 @@
"description": "JBoss Web Server 3.0 Tomcat 7 S2I images.",
"iconClass": "icon-jboss",
"tags": "builder,tomcat,tomcat7,java,jboss,xpaas",
- "supports":"tomcat7:3.0,tomcat:7,java:8,xpaas:1.1",
+ "supports": "tomcat7:3.0,tomcat:7,java:8,xpaas:1.1",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "tomcat-websocket-chat",
- "version": "1.1"
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7"
}
},
{
@@ -35,10 +39,23 @@
"description": "JBoss Web Server 3.0 Tomcat 7 S2I images.",
"iconClass": "icon-jboss",
"tags": "builder,tomcat,tomcat7,java,jboss,xpaas",
- "supports":"tomcat7:3.0,tomcat:7,java:8,xpaas:1.2",
+ "supports": "tomcat7:3.0,tomcat:7,java:8,xpaas:1.2",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "tomcat-websocket-chat",
- "version": "1.2"
+ "version": "1.2",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7"
+ }
+ },
+ {
+ "name": "1.3",
+ "annotations": {
+ "description": "JBoss Web Server 3.0 Tomcat 7 S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "builder,tomcat,tomcat7,java,jboss,xpaas",
+ "supports":"tomcat7:3.0,tomcat:7,java:8,xpaas:1.3",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "tomcat-websocket-chat",
+ "version": "1.3"
}
}
]
@@ -48,7 +65,10 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-webserver30-tomcat8-openshift"
+ "name": "jboss-webserver30-tomcat8-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/jboss-webserver-3/webserver30-tomcat8-openshift",
@@ -59,10 +79,11 @@
"description": "JBoss Web Server 3.0 Tomcat 8 S2I images.",
"iconClass": "icon-jboss",
"tags": "builder,tomcat,tomcat8,java,jboss,xpaas",
- "supports":"tomcat8:3.0,tomcat:8,java:8,xpaas:1.1",
+ "supports": "tomcat8:3.0,tomcat:8,java:8,xpaas:1.1",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "tomcat-websocket-chat",
- "version": "1.1"
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8"
}
},
{
@@ -71,10 +92,23 @@
"description": "JBoss Web Server 3.0 Tomcat 8 S2I images.",
"iconClass": "icon-jboss",
"tags": "builder,tomcat,tomcat8,java,jboss,xpaas",
- "supports":"tomcat8:3.0,tomcat:8,java:8,xpaas:1.2",
+ "supports": "tomcat8:3.0,tomcat:8,java:8,xpaas:1.2",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "tomcat-websocket-chat",
- "version": "1.2"
+ "version": "1.2",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8"
+ }
+ },
+ {
+ "name": "1.3",
+ "annotations": {
+ "description": "JBoss Web Server 3.0 Tomcat 8 S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "builder,tomcat,tomcat8,java,jboss,xpaas",
+ "supports":"tomcat8:3.0,tomcat:8,java:8,xpaas:1.3",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "tomcat-websocket-chat",
+ "version": "1.3"
}
}
]
@@ -84,7 +118,66 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-eap64-openshift"
+ "name": "jboss-webserver31-tomcat7-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 7"
+ }
+ },
+ "spec": {
+ "dockerImageRepository": "registry.access.redhat.com/jboss-webserver-3/webserver31-tomcat7-openshift",
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "description": "JBoss Web Server 3.1 Tomcat 7 S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "builder,tomcat,tomcat7,java,jboss,xpaas",
+ "supports": "tomcat7:3.1,tomcat:7,java:8,xpaas:1.4",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "tomcat-websocket-chat",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 7"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-webserver31-tomcat8-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 8"
+ }
+ },
+ "spec": {
+ "dockerImageRepository": "registry.access.redhat.com/jboss-webserver-3/webserver31-tomcat8-openshift",
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "description": "JBoss Web Server 3.1 Tomcat 8 S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "builder,tomcat,tomcat8,java,jboss,xpaas",
+ "supports": "tomcat8:3.1,tomcat:8,java:8,xpaas:1.4",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "tomcat-websocket-chat",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 8"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-eap64-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/jboss-eap-6/eap64-openshift",
@@ -95,11 +188,12 @@
"description": "JBoss EAP 6.4 S2I images.",
"iconClass": "icon-jboss",
"tags": "builder,eap,javaee,java,jboss,xpaas",
- "supports":"eap:6.4,javaee:6,java:8,xpaas:1.1",
+ "supports": "eap:6.4,javaee:6,java:8,xpaas:1.1",
"sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
"sampleContextDir": "kitchensink",
"sampleRef": "6.4.x",
- "version": "1.1"
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4"
}
},
{
@@ -108,11 +202,12 @@
"description": "JBoss EAP 6.4 S2I images.",
"iconClass": "icon-jboss",
"tags": "builder,eap,javaee,java,jboss,xpaas",
- "supports":"eap:6.4,javaee:6,java:8,xpaas:1.2",
+ "supports": "eap:6.4,javaee:6,java:8,xpaas:1.2",
"sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
"sampleContextDir": "kitchensink",
"sampleRef": "6.4.x",
- "version": "1.2"
+ "version": "1.2",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4"
}
},
{
@@ -121,11 +216,12 @@
"description": "JBoss EAP 6.4 S2I images.",
"iconClass": "icon-jboss",
"tags": "builder,eap,javaee,java,jboss,xpaas",
- "supports":"eap:6.4,javaee:6,java:8,xpaas:1.3",
+ "supports": "eap:6.4,javaee:6,java:8,xpaas:1.3",
"sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
"sampleContextDir": "kitchensink",
"sampleRef": "6.4.x",
- "version": "1.3"
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4"
}
},
{
@@ -134,11 +230,25 @@
"description": "JBoss EAP 6.4 S2I images.",
"iconClass": "icon-jboss",
"tags": "builder,eap,javaee,java,jboss,xpaas",
- "supports":"eap:6.4,javaee:6,java:8,xpaas:1.4",
+ "supports": "eap:6.4,javaee:6,java:8,xpaas:1.4",
"sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
"sampleContextDir": "kitchensink",
"sampleRef": "6.4.x",
- "version": "1.4"
+ "version": "1.4",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4"
+ }
+ },
+ {
+ "name": "1.5",
+ "annotations": {
+ "description": "JBoss EAP 6.4 S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "builder,eap,javaee,java,jboss,xpaas",
+ "supports":"eap:6.4,javaee:6,java:8,xpaas:1.5",
+ "sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
+ "sampleContextDir": "kitchensink",
+ "sampleRef": "6.4.x",
+ "version": "1.5"
}
}
]
@@ -148,7 +258,10 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-eap70-openshift"
+ "name": "jboss-eap70-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/jboss-eap-7/eap70-openshift",
@@ -159,11 +272,12 @@
"description": "JBoss EAP 7.0 S2I images.",
"iconClass": "icon-jboss",
"tags": "builder,eap,javaee,java,jboss,xpaas",
- "supports":"eap:7.0,javaee:7,java:8,xpaas:1.3",
+ "supports": "eap:7.0,javaee:7,java:8,xpaas:1.3",
"sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
"sampleContextDir": "kitchensink",
"sampleRef": "7.0.0.GA",
- "version": "1.3"
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0"
}
},
{
@@ -172,11 +286,25 @@
"description": "JBoss EAP 7.0 S2I images.",
"iconClass": "icon-jboss",
"tags": "builder,eap,javaee,java,jboss,xpaas",
- "supports":"eap:7.0,javaee:7,java:8,xpaas:1.4",
+ "supports": "eap:7.0,javaee:7,java:8,xpaas:1.4",
"sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
"sampleContextDir": "kitchensink",
"sampleRef": "7.0.0.GA",
- "version": "1.4"
+ "version": "1.4",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0"
+ }
+ },
+ {
+ "name": "1.5",
+ "annotations": {
+ "description": "JBoss EAP 7.0 S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "builder,eap,javaee,java,jboss,xpaas",
+ "supports":"eap:7.0,javaee:7,java:8,xpaas:1.5",
+ "sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
+ "sampleContextDir": "kitchensink",
+ "sampleRef": "7.0.0.GA",
+ "version": "1.5"
}
}
]
@@ -186,7 +314,10 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-decisionserver62-openshift"
+ "name": "jboss-decisionserver62-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.2 decision server"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/jboss-decisionserver-6/decisionserver62-openshift",
@@ -196,12 +327,13 @@
"annotations": {
"description": "Red Hat JBoss BRMS 6.2 decision server S2I images.",
"iconClass": "icon-jboss",
- "tags": "builder,decisionserver,java,xpaas",
- "supports":"decisionserver:6.2,java:8,xpaas:1.2",
+ "tags": "builder,decisionserver,xpaas",
+ "supports": "decisionserver:6.2,xpaas:1.2",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "decisionserver/hellorules",
"sampleRef": "1.2",
- "version": "1.2"
+ "version": "1.2",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.2 decision server"
}
}
]
@@ -211,7 +343,10 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-decisionserver63-openshift"
+ "name": "jboss-decisionserver63-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.3 decision server"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/jboss-decisionserver-6/decisionserver63-openshift",
@@ -221,12 +356,51 @@
"annotations": {
"description": "Red Hat JBoss BRMS 6.3 decision server S2I images.",
"iconClass": "icon-jboss",
+ "tags": "builder,decisionserver,xpaas",
+ "supports": "decisionserver:6.3,xpaas:1.3",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "decisionserver/hellorules",
+ "sampleRef": "1.3",
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.3 decision server"
+ }
+ },
+ {
+ "name": "1.4",
+ "annotations": {
+ "description": "Red Hat JBoss BRMS 6.3 decision server S2I images.",
+ "iconClass": "icon-jboss",
"tags": "builder,decisionserver,java,xpaas",
- "supports":"decisionserver:6.3,java:8,xpaas:1.3",
+ "supports":"decisionserver:6.3,java:8,xpaas:1.4",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "decisionserver/hellorules",
"sampleRef": "1.3",
- "version": "1.3"
+ "version": "1.4"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-decisionserver64-openshift"
+ },
+ "spec": {
+ "dockerImageRepository": "registry.access.redhat.com/jboss-decisionserver-6/decisionserver64-openshift",
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "description": "Red Hat JBoss BRMS 6.4 decision server S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "builder,decisionserver,java,xpaas",
+ "supports":"decisionserver:6.4,java:8,xpaas:1.4",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "decisionserver/hellorules",
+ "sampleRef": "1.3",
+ "version": "1.0"
}
}
]
@@ -236,7 +410,10 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-processserver63-openshift"
+ "name": "jboss-processserver63-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/jboss-processserver-6/processserver63-openshift",
@@ -246,12 +423,26 @@
"annotations": {
"description": "Red Hat JBoss BPM Suite 6.3 intelligent process server S2I images.",
"iconClass": "icon-jboss",
+ "tags": "builder,processserver,xpaas",
+ "supports": "processserver:6.3,xpaas:1.3",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "processserver/library",
+ "sampleRef": "1.3",
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server"
+ }
+ },
+ {
+ "name": "1.4",
+ "annotations": {
+ "description": "Red Hat JBoss BPM Suite 6.3 intelligent process server S2I images.",
+ "iconClass": "icon-jboss",
"tags": "builder,processserver,java,xpaas",
- "supports":"processserver:6.3,java:8,xpaas:1.3",
+ "supports":"processserver:6.3,java:8,xpaas:1.4",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"sampleContextDir": "processserver/library",
"sampleRef": "1.3",
- "version": "1.3"
+ "version": "1.4"
}
}
]
@@ -261,7 +452,35 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-datagrid65-openshift"
+ "name": "jboss-processserver64-openshift"
+ },
+ "spec": {
+ "dockerImageRepository": "registry.access.redhat.com/jboss-processserver-6/processserver64-openshift",
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "description": "Red Hat JBoss BPM Suite 6.4 intelligent process server S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "builder,processserver,java,xpaas",
+ "supports":"processserver:6.4,java:8,xpaas:1.4",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "sampleContextDir": "processserver/library",
+ "sampleRef": "1.3",
+ "version": "1.0"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-datagrid65-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/jboss-datagrid-6/datagrid65-openshift",
@@ -271,9 +490,56 @@
"annotations": {
"description": "JBoss Data Grid 6.5 S2I images.",
"iconClass": "icon-jboss",
- "tags": "datagrid,java,jboss,xpaas",
- "supports":"datagrid:6.5,java:8,xpaas:1.2",
- "version": "1.2"
+ "tags": "datagrid,jboss,xpaas",
+ "supports": "datagrid:6.5,xpaas:1.2",
+ "version": "1.2",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5"
+ }
+ },
+ {
+ "name": "1.3",
+ "annotations": {
+ "description": "JBoss Data Grid 6.5 S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "datagrid,jboss,xpaas",
+ "supports": "datagrid:6.5,xpaas:1.4",
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5"
+ }
+ },
+ {
+ "name": "1.4",
+ "annotations": {
+ "description": "JBoss Data Grid 6.5 S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "datagrid,jboss,xpaas",
+ "supports":"datagrid:6.5,xpaas:1.4",
+ "version": "1.4"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-datagrid65-client-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 Client Modules for EAP"
+ }
+ },
+ "spec": {
+ "dockerImageRepository": "registry.access.redhat.com/jboss-datagrid-6/datagrid65-client-openshift",
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "description": "JBoss Data Grid 6.5 Client Modules for EAP.",
+ "iconClass": "icon-jboss",
+ "tags": "client,jboss,xpaas",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 Client Modules for EAP"
}
}
]
@@ -283,7 +549,10 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-datavirt63-openshift"
+ "name": "jboss-datavirt63-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.3"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/jboss-datavirt-6/datavirt63-openshift",
@@ -293,9 +562,56 @@
"annotations": {
"description": "Red Hat JBoss Data Virtualization 6.3 S2I images.",
"iconClass": "icon-jboss",
- "tags": "datavirt,java,jboss,xpaas",
- "supports":"datavirt:6.3,java:8,xpaas:1.4",
- "version": "1.0"
+ "tags": "datavirt,jboss,xpaas",
+ "supports": "datavirt:6.3,xpaas:1.4",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.3"
+ }
+ },
+ {
+ "name": "1.1",
+ "annotations": {
+ "description": "Red Hat JBoss Data Virtualization 6.3 S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "datavirt,jboss,xpaas",
+ "supports": "datavirt:6.3,xpaas:1.4",
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.3"
+ }
+ },
+ {
+ "name": "1.2",
+ "annotations": {
+ "description": "Red Hat JBoss Data Virtualization 6.3 S2I images.",
+ "iconClass": "icon-jboss",
+ "tags": "datavirt,jboss,xpaas",
+ "supports":"datavirt:6.3,xpaas:1.4",
+ "version": "1.2"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-datavirt63-driver-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.5 JDBC Driver Modules for EAP"
+ }
+ },
+ "spec": {
+ "dockerImageRepository": "registry.access.redhat.com/jboss-datavirt-6/datavirt63-driver-openshift",
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "description": "JBoss Data Virtualization 6.5 JDBC Driver Modules for EAP.",
+ "iconClass": "icon-jboss",
+ "tags": "client,jboss,xpaas",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.5 JDBC Driver Modules for EAP"
}
}
]
@@ -305,7 +621,10 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "jboss-amq-62"
+ "name": "jboss-amq-62",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/jboss-amq-6/amq62-openshift",
@@ -316,8 +635,9 @@
"description": "JBoss A-MQ 6.2 broker image.",
"iconClass": "icon-jboss",
"tags": "messaging,amq,jboss,xpaas",
- "supports":"amq:6.2,messaging,xpaas:1.1",
- "version": "1.1"
+ "supports": "amq:6.2,messaging,xpaas:1.1",
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2"
}
},
{
@@ -326,8 +646,9 @@
"description": "JBoss A-MQ 6.2 broker image.",
"iconClass": "icon-jboss",
"tags": "messaging,amq,jboss,xpaas",
- "supports":"amq:6.2,messaging,xpaas:1.2",
- "version": "1.2"
+ "supports": "amq:6.2,messaging,xpaas:1.2",
+ "version": "1.2",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2"
}
},
{
@@ -336,8 +657,45 @@
"description": "JBoss A-MQ 6.2 broker image.",
"iconClass": "icon-jboss",
"tags": "messaging,amq,jboss,xpaas",
- "supports":"amq:6.2,messaging,xpaas:1.3",
- "version": "1.3"
+ "supports": "amq:6.2,messaging,xpaas:1.3",
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2"
+ }
+ },
+ {
+ "name": "1.4",
+ "annotations": {
+ "description": "JBoss A-MQ 6.2 broker image.",
+ "iconClass": "icon-jboss",
+ "tags": "messaging,amq,jboss,xpaas",
+ "supports":"amq:6.2,messaging,xpaas:1.4",
+ "version": "1.4"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "jboss-amq-63",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.3"
+ }
+ },
+ "spec": {
+ "dockerImageRepository": "registry.access.redhat.com/jboss-amq-6/amq63-openshift",
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "description": "JBoss A-MQ 6.3 broker image.",
+ "iconClass": "icon-jboss",
+ "tags": "messaging,amq,jboss,xpaas",
+ "supports": "amq:6.3,messaging,xpaas:1.0",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.3"
}
}
]
@@ -348,8 +706,9 @@
"apiVersion": "v1",
"metadata": {
"name": "redhat-sso70-openshift",
- "annotations": {
- "description": "Red Hat SSO 7.0"
+ "annotations": {
+ "description": "Red Hat SSO 7.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.0"
}
},
"spec": {
@@ -361,8 +720,20 @@
"description": "Red Hat SSO 7.0",
"iconClass": "icon-jboss",
"tags": "sso,keycloak,redhat",
- "supports":"sso:7.0,xpaas:1.3",
- "version": "1.3"
+ "supports": "sso:7.0,xpaas:1.3",
+ "version": "1.3",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.0"
+ }
+ },
+ {
+ "name": "1.4",
+ "annotations": {
+ "description": "Red Hat SSO 7.0",
+ "iconClass": "icon-jboss",
+ "tags": "sso,keycloak,redhat",
+ "supports": "sso:7.0,xpaas:1.4",
+ "version": "1.4",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.0"
}
}
]
@@ -372,7 +743,48 @@
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
- "name": "redhat-openjdk18-openshift"
+ "name": "redhat-sso71-openshift",
+ "annotations": {
+ "description": "Red Hat SSO 7.1",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.1"
+ }
+ },
+ "spec": {
+ "dockerImageRepository": "registry.access.redhat.com/redhat-sso-7/sso71-openshift",
+ "tags": [
+ {
+ "name": "1.0",
+ "annotations": {
+ "description": "Red Hat SSO 7.1",
+ "iconClass": "icon-jboss",
+ "tags": "sso,keycloak,redhat",
+ "supports": "sso:7.1,xpaas:1.4",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.1"
+ }
+ },
+ {
+ "name": "1.1",
+ "annotations": {
+ "description": "Red Hat SSO 7.1",
+ "iconClass": "icon-jboss",
+ "tags": "sso,keycloak,redhat",
+ "supports": "sso:7.1,xpaas:1.4",
+ "version": "1.1",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.1"
+ }
+ }
+ ]
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "redhat-openjdk18-openshift",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat OpenJDK 8"
+ }
},
"spec": {
"dockerImageRepository": "registry.access.redhat.com/redhat-openjdk-18/openjdk18-openshift",
@@ -384,11 +796,24 @@
"description": "Build and run Java applications using Maven and OpenJDK 8.",
"iconClass": "icon-jboss",
"tags": "builder,java,xpaas,openjdk",
- "supports":"java:8,xpaas:1.0",
+ "supports": "java:8,xpaas:1.0",
"sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts",
"sampleContextDir": "undertow-servlet",
"version": "1.0"
}
+ },
+ {
+ "name": "1.1",
+ "annotations": {
+ "openshift.io/display-name": "Red Hat OpenJDK 8",
+ "description": "Build and run Java applications using Maven and OpenJDK 8.",
+ "iconClass": "icon-jboss",
+ "tags": "builder,java,xpaas,openjdk",
+ "supports": "java:8,xpaas:1.4",
+ "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "sampleContextDir": "undertow-servlet",
+ "version": "1.1"
+ }
}
]
}
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/amq62-basic.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/amq62-basic.json
index ab35afead..af20b373a 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/amq62-basic.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/amq62-basic.json
@@ -6,46 +6,54 @@
"description": "Application template for JBoss A-MQ brokers. These can be deployed as standalone or in a mesh. This template doesn't feature SSL support.",
"iconClass": "icon-jboss",
"tags": "messaging,amq,jboss,xpaas",
- "version": "1.3.1"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2 (Ephemeral, no SSL)"
},
"name": "amq62-basic"
},
"labels": {
"template": "amq62-basic",
- "xpaas": "1.3.1"
+ "xpaas": "1.4.0"
},
+ "message": "A new messaging service has been created in your project. It will handle the protocol(s) \"${MQ_PROTOCOL}\". The username/password for accessing the service is ${MQ_USERNAME}/${MQ_PASSWORD}.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "broker",
"required": true
},
{
+ "displayName": "A-MQ Protocols",
"description": "Protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. If left empty, queues will be still created dynamically.",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. If left empty, topics will be still created dynamically.",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ Serializable Packages",
"description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
"name": "MQ_SERIALIZABLE_PACKAGES",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -53,6 +61,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -60,18 +69,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
@@ -171,7 +183,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The broker's OpenWire port."
+ "description": "The broker's OpenWire port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-amqp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp\", \"kind\": \"Service\"}]"
}
}
},
@@ -202,7 +215,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/amq62-persistent-ssl.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/amq62-persistent-ssl.json
index c12f06dec..5acdbfabf 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/amq62-persistent-ssl.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/amq62-persistent-ssl.json
@@ -6,58 +6,68 @@
"description": "Application template for JBoss A-MQ brokers. These are deployed as standalone and use persistent storage for saving messages. This template supports SSL and requires usage of OpenShift secrets.",
"iconClass": "icon-jboss",
"tags": "messaging,amq,jboss,xpaas",
- "version": "1.3.1"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2 (Persistent with SSL)"
},
"name": "amq62-persistent-ssl"
},
"labels": {
"template": "amq62-persistent-ssl",
- "xpaas": "1.3.1"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent messaging service with SSL support has been created in your project. It will handle the protocol(s) \"${MQ_PROTOCOL}\". The username/password for accessing the service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"amq-service-account\" service account and a secret named \"${AMQ_SECRET}\" containing the trust store and key store files (\"${AMQ_TRUSTSTORE}\" and \"${AMQ_KEYSTORE}\") used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "broker",
"required": true
},
{
+ "displayName": "Split Data?",
"description": "Split the data directory for each node in a mesh.",
"name": "AMQ_SPLIT",
"value": "false",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. If left empty, queues will be still created dynamically.",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. If left empty, topics will be still created dynamically.",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ Serializable Packages",
"description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
"name": "MQ_SERIALIZABLE_PACKAGES",
"value": "",
"required": false
},
{
- "description": "Size of persistent storage for database volume.",
+ "displayName": "A-MQ Volume Size",
+ "description": "Size of the volume used by A-MQ for persisting messages.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -65,6 +75,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -72,48 +83,56 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "Secret Name",
"description": "Name of a secret containing SSL related files",
"name": "AMQ_SECRET",
"value": "amq-app-secret",
"required": true
},
{
+ "displayName": "Trust Store Filename",
"description": "SSL trust store filename",
"name": "AMQ_TRUSTSTORE",
"value": "broker.ts",
"required": true
},
{
+ "displayName": "Trust Store Password",
"description": "SSL trust store password",
"name": "AMQ_TRUSTSTORE_PASSWORD",
"value": "",
"required": true
},
{
+ "displayName": "A-MQ Keystore Filename",
"description": "SSL key store filename",
"name": "AMQ_KEYSTORE",
"value": "broker.ks",
"required": true
},
{
+ "displayName": "A-MQ Keystore Password",
"description": "Password for accessing SSL keystore",
"name": "AMQ_KEYSTORE_PASSWORD",
"value": "",
"required": true
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
@@ -309,7 +328,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The broker's OpenWire (SSL) port."
+ "description": "The broker's OpenWire (SSL) port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-amqp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-amqp-ssl\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt-ssl\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp-ssl\", \"kind\": \"Service\"}]"
}
}
},
@@ -340,7 +360,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/amq62-persistent.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/amq62-persistent.json
index 897ce0395..b8089cd6d 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/amq62-persistent.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/amq62-persistent.json
@@ -6,58 +6,68 @@
"description": "Application template for JBoss A-MQ brokers. These can be deployed as standalone and use persistent storage for saving messages. This template doesn't feature SSL support.",
"iconClass": "icon-jboss",
"tags": "messaging,amq,jboss,xpaas",
- "version": "1.3.1"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2 (Persistent, no SSL)"
},
"name": "amq62-persistent"
},
"labels": {
"template": "amq62-persistent",
- "xpaas": "1.3.1"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent messaging service has been created in your project. It will handle the protocol(s) \"${MQ_PROTOCOL}\". The username/password for accessing the service is ${MQ_USERNAME}/${MQ_PASSWORD}.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "broker",
"required": true
},
{
+ "displayName": "Split Data?",
"description": "Split the data directory for each node in a mesh.",
"name": "AMQ_SPLIT",
"value": "false",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. If left empty, queues will be still created dynamically.",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. If left empty, topics will be still created dynamically.",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ Serializable Packages",
"description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
"name": "MQ_SERIALIZABLE_PACKAGES",
"value": "",
"required": false
},
{
- "description": "Size of persistent storage for database volume.",
+ "displayName": "A-MQ Volume Size",
+ "description": "Size of the volume used by A-MQ for persisting messages.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -65,6 +75,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -72,18 +83,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
@@ -183,7 +197,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The broker's OpenWire port."
+ "description": "The broker's OpenWire port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-amqp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp\", \"kind\": \"Service\"}]"
}
}
},
@@ -214,7 +229,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/amq62-ssl.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/amq62-ssl.json
index 97d110286..b52fdbfb0 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/amq62-ssl.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/amq62-ssl.json
@@ -6,46 +6,54 @@
"description": "Application template for JBoss A-MQ brokers. These can be deployed as standalone or in a mesh. This template supports SSL and requires usage of OpenShift secrets.",
"iconClass": "icon-jboss",
"tags": "messaging,amq,jboss,xpaas",
- "version": "1.3.1"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.2 (Ephemeral with SSL)"
},
"name": "amq62-ssl"
},
"labels": {
"template": "amq62-ssl",
- "xpaas": "1.3.1"
+ "xpaas": "1.4.0"
},
+ "message": "A new messaging service with SSL support has been created in your project. It will handle the protocol(s) \"${MQ_PROTOCOL}\". The username/password for accessing the service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"amq-service-account\" service account and a secret named \"${AMQ_SECRET}\" containing the trust store and key store files (\"${AMQ_TRUSTSTORE}\" and \"${AMQ_KEYSTORE}\") used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "broker",
"required": true
},
{
+ "displayName": "A-MQ Protocols",
"description": "Protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. SSL variants of these protocols will be configured automaticaly.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. If left empty, queues will be still created dynamically.",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. If left empty, topics will be still created dynamically.",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ Serializable Packages",
"description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
"name": "MQ_SERIALIZABLE_PACKAGES",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -53,6 +61,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -60,48 +69,56 @@
"required": false
},
{
+ "displayName": "Secret Name",
"description": "Name of a secret containing SSL related files",
"name": "AMQ_SECRET",
"value": "amq-app-secret",
"required": true
},
{
+ "displayName": "Trust Store Filename",
"description": "SSL trust store filename",
"name": "AMQ_TRUSTSTORE",
"value": "broker.ts",
"required": true
},
{
+ "displayName": "Trust Store Password",
"description": "SSL trust store password",
"name": "AMQ_TRUSTSTORE_PASSWORD",
"value": "",
"required": true
},
{
+ "displayName": "A-MQ Keystore Filename",
"description": "SSL key store filename",
"name": "AMQ_KEYSTORE",
"value": "broker.ks",
"required": true
},
{
+ "displayName": "A-MQ Keystore Password",
"description": "Password for accessing SSL keystore",
"name": "AMQ_KEYSTORE_PASSWORD",
"value": "",
"required": true
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
@@ -297,7 +314,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The broker's OpenWire (SSL) port."
+ "description": "The broker's OpenWire (SSL) port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-amqp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-amqp-ssl\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt-ssl\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp-ssl\", \"kind\": \"Service\"}]"
}
}
},
@@ -328,7 +346,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/amq63-basic.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/amq63-basic.json
new file mode 100644
index 000000000..d29f6a300
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/amq63-basic.json
@@ -0,0 +1,334 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for JBoss A-MQ brokers. These can be deployed as standalone or in a mesh. This template doesn't feature SSL support.",
+ "iconClass": "icon-jboss",
+ "tags": "messaging,amq,jboss,xpaas",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.3 (Ephemeral, no SSL)"
+ },
+ "name": "amq63-basic"
+ },
+ "labels": {
+ "template": "amq63-basic",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new messaging service has been created in your project. It will handle the protocol(s) \"${MQ_PROTOCOL}\". The username/password for accessing the service is ${MQ_USERNAME}/${MQ_PASSWORD}.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "broker",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. If left empty, queues will be still created dynamically.",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. If left empty, topics will be still created dynamically.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Serializable Packages",
+ "description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5672,
+ "targetPort": 5672
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-amqp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's AMQP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 1883,
+ "targetPort": 1883
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-mqtt",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's MQTT port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61613,
+ "targetPort": 61613
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-stomp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's STOMP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-amqp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Rolling",
+ "rollingParams": {
+ "maxSurge": 0
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-63:1.0"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-63",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "AMQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "${MQ_SERIALIZABLE_PACKAGES}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/amq63-persistent-ssl.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/amq63-persistent-ssl.json
new file mode 100644
index 000000000..47f6396dd
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/amq63-persistent-ssl.json
@@ -0,0 +1,569 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for JBoss A-MQ brokers. These are deployed as standalone and use persistent storage for saving messages. This template supports SSL and requires usage of OpenShift secrets.",
+ "iconClass": "icon-jboss",
+ "tags": "messaging,amq,jboss,xpaas",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.3 (Persistent with SSL)"
+ },
+ "name": "amq63-persistent-ssl"
+ },
+ "labels": {
+ "template": "amq63-persistent-ssl",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new persistent messaging service with SSL support has been created in your project. It will handle the protocol(s) \"${MQ_PROTOCOL}\". The username/password for accessing the service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"amq-service-account\" service account and a secret named \"${AMQ_SECRET}\" containing the trust store and key store files (\"${AMQ_TRUSTSTORE}\" and \"${AMQ_KEYSTORE}\") used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "broker",
+ "required": true
+ },
+ {
+ "displayName": "Split Data?",
+ "description": "Split the data directory for each node in a mesh.",
+ "name": "AMQ_SPLIT",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. If left empty, queues will be still created dynamically.",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. If left empty, topics will be still created dynamically.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Serializable Packages",
+ "description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Volume Size",
+ "description": "Size of the volume used by A-MQ for persisting messages.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "Name of a secret containing SSL related files",
+ "name": "AMQ_SECRET",
+ "value": "amq-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Trust Store Filename",
+ "description": "SSL trust store filename",
+ "name": "AMQ_TRUSTSTORE",
+ "value": "broker.ts",
+ "required": true
+ },
+ {
+ "displayName": "Trust Store Password",
+ "description": "SSL trust store password",
+ "name": "AMQ_TRUSTSTORE_PASSWORD",
+ "value": "",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Keystore Filename",
+ "description": "SSL key store filename",
+ "name": "AMQ_KEYSTORE",
+ "value": "broker.ks",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Keystore Password",
+ "description": "Password for accessing SSL keystore",
+ "name": "AMQ_KEYSTORE_PASSWORD",
+ "value": "",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5672,
+ "targetPort": 5672
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-amqp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's AMQP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5671,
+ "targetPort": 5671
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-amqp-ssl",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's AMQP SSL port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 1883,
+ "targetPort": 1883
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-mqtt",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's MQTT port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8883,
+ "targetPort": 8883
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-mqtt-ssl",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's MQTT SSL port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61613,
+ "targetPort": 61613
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-stomp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's STOMP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61612,
+ "targetPort": 61612
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-stomp-ssl",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's STOMP SSL port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61617,
+ "targetPort": 61617
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp-ssl",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire (SSL) port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-amqp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-amqp-ssl\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt-ssl\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp-ssl\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Rolling",
+ "rollingParams": {
+ "maxSurge": 0
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-63:1.0"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "amq-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-63",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "broker-secret-volume",
+ "mountPath": "/etc/amq-secret-volume",
+ "readOnly": true
+ },
+ {
+ "mountPath": "/opt/amq/data",
+ "name": "${APPLICATION_NAME}-amq-pvol"
+ }
+ ],
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp-ssl",
+ "containerPort": 5671,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt-ssl",
+ "containerPort": 8883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp-ssl",
+ "containerPort": 61612,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp-ssl",
+ "containerPort": 61617,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "AMQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "${MQ_SERIALIZABLE_PACKAGES}"
+ },
+ {
+ "name": "AMQ_SPLIT",
+ "value": "${AMQ_SPLIT}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_KEYSTORE_TRUSTSTORE_DIR",
+ "value": "/etc/amq-secret-volume"
+ },
+ {
+ "name": "AMQ_TRUSTSTORE",
+ "value": "${AMQ_TRUSTSTORE}"
+ },
+ {
+ "name": "AMQ_TRUSTSTORE_PASSWORD",
+ "value": "${AMQ_TRUSTSTORE_PASSWORD}"
+ },
+ {
+ "name": "AMQ_KEYSTORE",
+ "value": "${AMQ_KEYSTORE}"
+ },
+ {
+ "name": "AMQ_KEYSTORE_PASSWORD",
+ "value": "${AMQ_KEYSTORE_PASSWORD}"
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "broker-secret-volume",
+ "secret": {
+ "secretName": "${AMQ_SECRET}"
+ }
+ },
+ {
+ "name": "${APPLICATION_NAME}-amq-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-amq-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteMany"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/amq63-persistent.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/amq63-persistent.json
new file mode 100644
index 000000000..4b64203c4
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/amq63-persistent.json
@@ -0,0 +1,386 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for JBoss A-MQ brokers. These can be deployed as standalone and use persistent storage for saving messages. This template doesn't feature SSL support.",
+ "iconClass": "icon-jboss",
+ "tags": "messaging,amq,jboss,xpaas",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.3 (Persistent, no SSL)"
+ },
+ "name": "amq63-persistent"
+ },
+ "labels": {
+ "template": "amq63-persistent",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new persistent messaging service has been created in your project. It will handle the protocol(s) \"${MQ_PROTOCOL}\". The username/password for accessing the service is ${MQ_USERNAME}/${MQ_PASSWORD}.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "broker",
+ "required": true
+ },
+ {
+ "displayName": "Split Data?",
+ "description": "Split the data directory for each node in a mesh.",
+ "name": "AMQ_SPLIT",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. If left empty, queues will be still created dynamically.",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. If left empty, topics will be still created dynamically.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Serializable Packages",
+ "description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Volume Size",
+ "description": "Size of the volume used by A-MQ for persisting messages.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5672,
+ "targetPort": 5672
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-amqp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's AMQP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 1883,
+ "targetPort": 1883
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-mqtt",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's MQTT port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61613,
+ "targetPort": 61613
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-stomp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's STOMP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-amqp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Rolling",
+ "rollingParams": {
+ "maxSurge": 0
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-63:1.0"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-63",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "mountPath": "/opt/amq/data",
+ "name": "${APPLICATION_NAME}-amq-pvol"
+ }
+ ],
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "AMQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "${MQ_SERIALIZABLE_PACKAGES}"
+ },
+ {
+ "name": "AMQ_SPLIT",
+ "value": "${AMQ_SPLIT}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-amq-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-amq-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteMany"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/amq63-ssl.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/amq63-ssl.json
new file mode 100644
index 000000000..20ad50016
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/amq63-ssl.json
@@ -0,0 +1,521 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for JBoss A-MQ brokers. These can be deployed as standalone or in a mesh. This template supports SSL and requires usage of OpenShift secrets.",
+ "iconClass": "icon-jboss",
+ "tags": "messaging,amq,jboss,xpaas",
+ "version": "1.0",
+ "openshift.io/display-name": "Red Hat JBoss A-MQ 6.3 (Ephemeral with SSL)"
+ },
+ "name": "amq63-ssl"
+ },
+ "labels": {
+ "template": "amq63-ssl",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new messaging service with SSL support has been created in your project. It will handle the protocol(s) \"${MQ_PROTOCOL}\". The username/password for accessing the service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"amq-service-account\" service account and a secret named \"${AMQ_SECRET}\" containing the trust store and key store files (\"${AMQ_TRUSTSTORE}\" and \"${AMQ_KEYSTORE}\") used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "broker",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. SSL variants of these protocols will be configured automaticaly.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. If left empty, queues will be still created dynamically.",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. If left empty, topics will be still created dynamically.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Serializable Packages",
+ "description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "Name of a secret containing SSL related files",
+ "name": "AMQ_SECRET",
+ "value": "amq-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Trust Store Filename",
+ "description": "SSL trust store filename",
+ "name": "AMQ_TRUSTSTORE",
+ "value": "broker.ts",
+ "required": true
+ },
+ {
+ "displayName": "Trust Store Password",
+ "description": "SSL trust store password",
+ "name": "AMQ_TRUSTSTORE_PASSWORD",
+ "value": "",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Keystore Filename",
+ "description": "SSL key store filename",
+ "name": "AMQ_KEYSTORE",
+ "value": "broker.ks",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Keystore Password",
+ "description": "Password for accessing SSL keystore",
+ "name": "AMQ_KEYSTORE_PASSWORD",
+ "value": "",
+ "required": true
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5672,
+ "targetPort": 5672
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-amqp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's AMQP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5671,
+ "targetPort": 5671
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-amqp-ssl",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's AMQP SSL port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 1883,
+ "targetPort": 1883
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-mqtt",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's MQTT port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8883,
+ "targetPort": 8883
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-mqtt-ssl",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's MQTT SSL port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61613,
+ "targetPort": 61613
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-stomp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's STOMP port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61612,
+ "targetPort": 61612
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-stomp-ssl",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's STOMP SSL port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61617,
+ "targetPort": 61617
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp-ssl",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire (SSL) port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-amqp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-amqp-ssl\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-mqtt-ssl\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-stomp-ssl\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Rolling",
+ "rollingParams": {
+ "maxSurge": 0
+ }
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-63:1.0"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "amq-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-63",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "broker-secret-volume",
+ "mountPath": "/etc/amq-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp-ssl",
+ "containerPort": 5671,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt-ssl",
+ "containerPort": 8883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp-ssl",
+ "containerPort": 61612,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp-ssl",
+ "containerPort": 61617,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "AMQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "MQ_SERIALIZABLE_PACKAGES",
+ "value": "${MQ_SERIALIZABLE_PACKAGES}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_KEYSTORE_TRUSTSTORE_DIR",
+ "value": "/etc/amq-secret-volume"
+ },
+ {
+ "name": "AMQ_TRUSTSTORE",
+ "value": "${AMQ_TRUSTSTORE}"
+ },
+ {
+ "name": "AMQ_TRUSTSTORE_PASSWORD",
+ "value": "${AMQ_TRUSTSTORE_PASSWORD}"
+ },
+ {
+ "name": "AMQ_KEYSTORE",
+ "value": "${AMQ_KEYSTORE}"
+ },
+ {
+ "name": "AMQ_KEYSTORE_PASSWORD",
+ "value": "${AMQ_KEYSTORE_PASSWORD}"
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "broker-secret-volume",
+ "secret": {
+ "secretName": "${AMQ_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datagrid65-basic.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datagrid65-basic.json
index 56e76016f..32433bef0 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datagrid65-basic.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datagrid65-basic.json
@@ -6,76 +6,103 @@
"iconClass": "icon-jboss",
"description": "Application template for JDG 6.5 applications.",
"tags": "datagrid,jboss,xpaas",
- "version": "1.2.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 (Ephemeral, no https)"
},
"name": "datagrid65-basic"
},
"labels": {
"template": "datagrid65-basic",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new data grid service has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\".",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "datagrid-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Username",
"description": "User name for JDG user.",
"name": "USERNAME",
"value": "",
"required": false
},
{
- "description": "Password for JDG user.",
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
"name": "PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "Infinispan Connectors",
"description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
"name": "INFINISPAN_CONNECTORS",
"value": "hotrod,memcached,rest",
"required": false
},
{
+ "displayName": "Cache Names",
"description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.",
"name": "CACHE_NAMES",
"value": "",
"required": false
},
{
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
"description": "",
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "",
"required": false
},
{
+ "displayName": "Memcached Cache Name",
"description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
"name": "MEMCACHED_CACHE",
"value": "default",
"required": false
},
{
+ "displayName": "REST Security Domain",
"description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
"name": "REST_SECURITY_DOMAIN",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -200,7 +227,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datagrid65-openshift:1.2"
+ "name": "jboss-datagrid65-openshift:1.4"
}
}
},
@@ -267,9 +294,14 @@
"protocol": "TCP"
},
{
- "name": "hotrod",
+ "name": "hotrod-internal",
"containerPort": 11222,
"protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
}
],
"env": [
@@ -302,6 +334,14 @@
"value": "${CACHE_NAMES}"
},
{
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datagrid65-https.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datagrid65-https.json
index 639ac2e11..e6f020400 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datagrid65-https.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datagrid65-https.json
@@ -6,130 +6,166 @@
"iconClass": "icon-jboss",
"description": "Application template for JDG 6.5 applications.",
"tags": "datagrid,jboss,xpaas",
- "version": "1.2.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 (Ephemeral with https)"
},
"name": "datagrid65-https"
},
"labels": {
"template": "datagrid65-https",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new data grid service has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". Please be sure to create the \"datagrid-service-account\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "datagrid-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Username",
"description": "User name for JDG user.",
"name": "USERNAME",
"value": "",
"required": false
},
{
- "description": "Password for JDG user.",
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
"name": "PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "datagrid-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "Infinispan Connectors",
"description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
"name": "INFINISPAN_CONNECTORS",
"value": "hotrod,memcached,rest",
"required": false
},
{
+ "displayName": "Cache Names",
"description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.",
"name": "CACHE_NAMES",
"value": "",
"required": false
},
{
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
"description": "",
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "",
"required": false
},
{
+ "displayName": "Memcached Cache Name",
"description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
"name": "MEMCACHED_CACHE",
"value": "default",
"required": false
},
{
+ "displayName": "REST Security Domain",
"description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
"name": "REST_SECURITY_DOMAIN",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "datagrid-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -301,7 +337,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datagrid65-openshift:1.2"
+ "name": "jboss-datagrid65-openshift:1.4"
}
}
},
@@ -386,9 +422,14 @@
"protocol": "TCP"
},
{
- "name": "hotrod",
+ "name": "hotrod-internal",
"containerPort": 11222,
"protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
}
],
"env": [
@@ -437,6 +478,14 @@
"value": "${CACHE_NAMES}"
},
{
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datagrid65-mysql-persistent.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datagrid65-mysql-persistent.json
index 22ca3f0a0..ff57a7936 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datagrid65-mysql-persistent.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datagrid65-mysql-persistent.json
@@ -6,82 +6,96 @@
"iconClass": "icon-jboss",
"description": "Application template for JDG 6.5 and MySQL applications with persistent storage.",
"tags": "datagrid,jboss,xpaas",
- "version": "1.2.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 + MySQL (Persistent with https)"
},
"name": "datagrid65-mysql-persistent"
},
"labels": {
"template": "datagrid65-mysql-persistent",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new data grid service (using MySQL with persistent storage) has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"datagrid-service-account\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "datagrid-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Username",
"description": "User name for JDG user.",
"name": "USERNAME",
"value": "",
"required": false
},
{
- "description": "Password for JDG user.",
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
"name": "PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "datagrid-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
"name": "DB_JNDI",
"value": "java:/jboss/datasources/mysql",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -89,6 +103,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -96,117 +111,158 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "Infinispan Connectors",
"description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
"name": "INFINISPAN_CONNECTORS",
"value": "hotrod,memcached,rest",
"required": false
},
{
+ "displayName": "Cache Names",
"description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.",
"name": "CACHE_NAMES",
"value": "",
"required": false
},
{
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
"description": "",
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "",
"required": false
},
{
+ "displayName": "Memcached Cache Name",
"description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
"name": "MEMCACHED_CACHE",
"value": "default",
"required": false
},
{
+ "displayName": "REST Security Domain",
"description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
"name": "REST_SECURITY_DOMAIN",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "datagrid-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
"generate": "expression",
"required": true
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -230,7 +286,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTP port."
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -254,7 +311,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTPS port."
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -278,7 +336,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "Memcached service for clustered applications."
+ "description": "Memcached service for clustered applications.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -302,7 +361,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "Hot Rod service for clustered applications."
+ "description": "Hot Rod service for clustered applications.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -397,7 +457,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datagrid65-openshift:1.2"
+ "name": "jboss-datagrid65-openshift:1.4"
}
}
},
@@ -482,9 +542,14 @@
"protocol": "TCP"
},
{
- "name": "hotrod",
+ "name": "hotrod-internal",
"containerPort": 11222,
"protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
}
],
"env": [
@@ -585,6 +650,14 @@
"value": "${CACHE_NAMES}"
},
{
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
},
@@ -669,7 +742,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datagrid65-mysql.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datagrid65-mysql.json
index e1a585d24..44902de25 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datagrid65-mysql.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datagrid65-mysql.json
@@ -6,82 +6,96 @@
"iconClass": "icon-jboss",
"description": "Application template for JDG 6.5 and MySQL applications.",
"tags": "datagrid,jboss,xpaas",
- "version": "1.2.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 + MySQL (Ephemeral with https)"
},
"name": "datagrid65-mysql"
},
"labels": {
"template": "datagrid65-mysql",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new data grid service (using MySQL) has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"datagrid-service-account\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "datagrid-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Username",
"description": "User name for JDG user.",
"name": "USERNAME",
"value": "",
"required": false
},
{
- "description": "Password for JDG user.",
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
"name": "PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "datagrid-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
"name": "DB_JNDI",
"value": "java:/jboss/datasources/mysql",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -89,6 +103,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -96,111 +111,151 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "Infinispan Connectors",
"description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
"name": "INFINISPAN_CONNECTORS",
"value": "hotrod,memcached,rest",
"required": false
},
{
+ "displayName": "Cache Names",
"description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.",
"name": "CACHE_NAMES",
"value": "",
"required": false
},
{
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
"description": "",
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "",
"required": false
},
{
+ "displayName": "Memcached Cache Name",
"description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
"name": "MEMCACHED_CACHE",
"value": "default",
"required": false
},
{
+ "displayName": "REST Security Domain",
"description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
"name": "REST_SECURITY_DOMAIN",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "datagrid-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
"generate": "expression",
"required": true
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -224,7 +279,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTP port."
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -248,7 +304,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTPS port."
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -272,7 +329,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "Memcached service for clustered applications."
+ "description": "Memcached service for clustered applications.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -296,7 +354,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "Hot Rod service for clustered applications."
+ "description": "Hot Rod service for clustered applications.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -391,7 +450,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datagrid65-openshift:1.2"
+ "name": "jboss-datagrid65-openshift:1.4"
}
}
},
@@ -476,9 +535,14 @@
"protocol": "TCP"
},
{
- "name": "hotrod",
+ "name": "hotrod-internal",
"containerPort": 11222,
"protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
}
],
"env": [
@@ -579,6 +643,14 @@
"value": "${CACHE_NAMES}"
},
{
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
},
@@ -663,7 +735,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datagrid65-postgresql-persistent.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datagrid65-postgresql-persistent.json
index 12720eb19..6b90e1370 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datagrid65-postgresql-persistent.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datagrid65-postgresql-persistent.json
@@ -6,82 +6,96 @@
"iconClass": "icon-jboss",
"description": "Application template for JDG 6.5 and PostgreSQL applications with persistent storage.",
"tags": "datagrid,jboss,xpaas",
- "version": "1.3.2"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 + PostgreSQL (Persistent with https)"
},
"name": "datagrid65-postgresql-persistent"
},
"labels": {
"template": "datagrid65-postgresql-persistent",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new data grid service (using PostgreSQL with persistent storage) has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"datagrid-service-account\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "datagrid-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Username",
"description": "User name for JDG user.",
"name": "USERNAME",
"value": "",
"required": false
},
{
- "description": "Password for JDG user.",
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
"name": "PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "datagrid-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/postgresql",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -89,6 +103,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -96,102 +111,140 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "Infinispan Connectors",
"description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
"name": "INFINISPAN_CONNECTORS",
"value": "hotrod,memcached,rest",
"required": false
},
{
+ "displayName": "Cache Names",
"description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.",
"name": "CACHE_NAMES",
"value": "",
"required": false
},
{
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
"description": "",
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "",
"required": false
},
{
+ "displayName": "Memcached Cache Name",
"description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
"name": "MEMCACHED_CACHE",
"value": "default",
"required": false
},
{
+ "displayName": "REST Security Domain",
"description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
"name": "REST_SECURITY_DOMAIN",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "datagrid-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
"generate": "expression",
"required": true
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -215,7 +268,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTP port."
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -239,7 +293,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTPS port."
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -382,7 +437,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datagrid65-openshift:1.2"
+ "name": "jboss-datagrid65-openshift:1.4"
}
}
},
@@ -467,9 +522,14 @@
"protocol": "TCP"
},
{
- "name": "hotrod",
+ "name": "hotrod-internal",
"containerPort": 11222,
"protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
}
],
"env": [
@@ -570,6 +630,14 @@
"value": "${CACHE_NAMES}"
},
{
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
},
@@ -654,7 +722,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datagrid65-postgresql.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datagrid65-postgresql.json
index da8015fb0..ae36376db 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datagrid65-postgresql.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datagrid65-postgresql.json
@@ -6,82 +6,96 @@
"iconClass": "icon-jboss",
"description": "Application template for JDG 6.5 and PostgreSQL applications built using.",
"tags": "datagrid,jboss,xpaas",
- "version": "1.3.2"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Grid 6.5 + PostgreSQL (Ephemeral with https)"
},
"name": "datagrid65-postgresql"
},
"labels": {
"template": "datagrid65-postgresql",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new data grid service (using PostgreSQL) has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"datagrid-service-account\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "datagrid-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Username",
"description": "User name for JDG user.",
"name": "USERNAME",
"value": "",
"required": false
},
{
- "description": "Password for JDG user.",
+ "displayName": "Password",
+ "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)",
"name": "PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "datagrid-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/postgresql",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -89,6 +103,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -96,96 +111,133 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "Infinispan Connectors",
"description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')",
"name": "INFINISPAN_CONNECTORS",
"value": "hotrod,memcached,rest",
"required": false
},
{
+ "displayName": "Cache Names",
"description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configurd for each entry.",
"name": "CACHE_NAMES",
"value": "",
"required": false
},
{
+ "displayName": "Datavirt Cache Names",
+ "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: <name>, <name>_staging and <name>_alias.",
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Default Cache Type",
+ "description": "Default cache type for all caches. If empty then distributed will be the default",
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Encryption Requires SSL Client Authentication?",
"description": "",
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "",
"required": false
},
{
+ "displayName": "Memcached Cache Name",
"description": "The name of the cache to expose through this memcached connector (defaults to 'default')",
"name": "MEMCACHED_CACHE",
"value": "default",
"required": false
},
{
+ "displayName": "REST Security Domain",
"description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint",
"name": "REST_SECURITY_DOMAIN",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "datagrid-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
"generate": "expression",
"required": true
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -209,7 +261,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTP port."
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -233,7 +286,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTPS port."
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -376,7 +430,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datagrid65-openshift:1.2"
+ "name": "jboss-datagrid65-openshift:1.4"
}
}
},
@@ -461,9 +515,14 @@
"protocol": "TCP"
},
{
- "name": "hotrod",
+ "name": "hotrod-internal",
"containerPort": 11222,
"protocol": "TCP"
+ },
+ {
+ "name": "hotrod",
+ "containerPort": 11333,
+ "protocol": "TCP"
}
],
"env": [
@@ -564,6 +623,14 @@
"value": "${CACHE_NAMES}"
},
{
+ "name": "DATAVIRT_CACHE_NAMES",
+ "value": "${DATAVIRT_CACHE_NAMES}"
+ },
+ {
+ "name": "CACHE_TYPE_DEFAULT",
+ "value": "${CACHE_TYPE_DEFAULT}"
+ },
+ {
"name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH",
"value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}"
},
@@ -648,7 +715,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datavirt63-basic-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datavirt63-basic-s2i.json
index 7d64dac98..ea2f13742 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datavirt63-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datavirt63-basic-s2i.json
@@ -6,7 +6,8 @@
"iconClass": "icon-jboss",
"description": "Application template for JBoss Data Virtualization 6.3 services built using S2I.",
"tags": "jdv,datavirt,jboss,xpaas",
- "version": "1.4.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.3 (no SSL)"
},
"name": "datavirt63-basic-s2i"
},
@@ -60,6 +61,7 @@
},
{
"description": "The name of the service account to use for the deployment. The service account should be configured to allow usage of the secret specified by CONFIGURATION_NAME.",
+ "displayName": "Service Account Name",
"name": "SERVICE_ACCOUNT_NAME",
"value": "datavirt-service-account",
"required": true
@@ -133,6 +135,27 @@
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "description": "Comma delimited list of source directories containing VDBs for deployment",
+ "displayName": "VDB Deployment Directories",
+ "name": "VDB_DIRS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Artifact Directories",
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -215,7 +238,22 @@
"uri": "${SOURCE_REPOSITORY_URL}",
"ref": "${SOURCE_REPOSITORY_REF}"
},
- "contextDir": "${CONTEXT_DIR}"
+ "contextDir": "${CONTEXT_DIR}",
+ "images": [
+ {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-datagrid65-client-openshift:1.0"
+ },
+ "paths": [
+ {
+ "destinationDir": "./${CONTEXT_DIR}/extensions/datagrid65",
+ "sourcePath": "/extensions/."
+ }
+ ]
+ }
+ ]
},
"strategy": {
"type": "Source",
@@ -224,8 +262,26 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datavirt63-openshift:1.0"
- }
+ "name": "jboss-datavirt63-openshift:1.2"
+ },
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "CUSTOM_INSTALL_DIRECTORIES",
+ "value": "extensions/*"
+ },
+ {
+ "name": "VDB_DIRS",
+ "value": "${VDB_DIRS}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ]
}
},
"output": {
@@ -252,6 +308,15 @@
"imageChange": {}
},
{
+ "type": "ImageChange",
+ "imageChange": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "jboss-datagrid65-client-openshift:1.0"
+ }
+ }
+ },
+ {
"type": "ConfigChange"
}
]
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datavirt63-extensions-support-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datavirt63-extensions-support-s2i.json
index 1e7c03b99..22b579ecc 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datavirt63-extensions-support-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datavirt63-extensions-support-s2i.json
@@ -6,7 +6,8 @@
"iconClass": "icon-jboss",
"description": "Application template for JBoss Data Virtualization 6.3 services built using S2I. Includes support for installing extensions (e.g. third-party DB drivers) and the ability to configure certificates for serving secure content.",
"tags": "jdv,datavirt,jboss,xpaas",
- "version": "1.4.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.3 (with SSL and Extensions)"
},
"name": "datavirt63-extensions-support-s2i"
},
@@ -102,6 +103,7 @@
},
{
"description": "The name of the service account to use for the deployment. The service account should be configured to allow usage of the secret(s) specified by CONFIGURATION_NAME, HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "displayName": "Service Account Name",
"name": "SERVICE_ACCOUNT_NAME",
"value": "datavirt-service-account",
"required": true
@@ -238,6 +240,27 @@
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "description": "Comma delimited list of source directories containing VDBs for deployment",
+ "displayName": "VDB Deployment Directories",
+ "name": "VDB_DIRS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Artifact Directories",
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -446,6 +469,19 @@
{
"from": {
"kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-datagrid65-client-openshift:1.0"
+ },
+ "paths": [
+ {
+ "destinationDir": "./${CONTEXT_DIR}/extensions/datagrid65",
+ "sourcePath": "/extensions/."
+ }
+ ]
+ },
+ {
+ "from": {
+ "kind": "ImageStreamTag",
"name": "${APPLICATION_NAME}-ext:latest"
},
"paths": [
@@ -464,12 +500,24 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datavirt63-openshift:1.0"
+ "name": "jboss-datavirt63-openshift:1.2"
},
"env": [
{
"name": "CUSTOM_INSTALL_DIRECTORIES",
"value": "extensions/*"
+ },
+ {
+ "name": "VDB_DIRS",
+ "value": "${VDB_DIRS}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
]
}
@@ -507,6 +555,15 @@
}
},
{
+ "type": "ImageChange",
+ "imageChange": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "jboss-datagrid65-client-openshift:1.0"
+ }
+ }
+ },
+ {
"type": "ConfigChange"
}
]
@@ -713,7 +770,7 @@
},
{
"name": "DATAVIRT_TRANSPORT_KEYSTORE",
- "value": "/etc/datavirt-secret-volume/${HTTPS_KEYSTORE}"
+ "value": "${HTTPS_KEYSTORE}"
},
{
"name": "DATAVIRT_TRANSPORT_KEYSTORE_TYPE",
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datavirt63-secure-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datavirt63-secure-s2i.json
index 07f926ff3..9392c20a6 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datavirt63-secure-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/datavirt63-secure-s2i.json
@@ -6,7 +6,8 @@
"iconClass": "icon-jboss",
"description": "Application template for JBoss Data Virtualization 6.3 services built using S2I. Includes ability to configure certificates for serving secure content.",
"tags": "jdv,datavirt,jboss,xpaas",
- "version": "1.4.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Data Virtualization 6.3 (with SSL)"
},
"name": "datavirt63-secure-s2i"
},
@@ -74,6 +75,7 @@
},
{
"description": "The name of the service account to use for the deployment. The service account should be configured to allow usage of the secret(s) specified by CONFIGURATION_NAME, HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "displayName": "Service Account Name",
"name": "SERVICE_ACCOUNT_NAME",
"value": "datavirt-service-account",
"required": true
@@ -210,6 +212,168 @@
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "description": "Comma delimited list of source directories containing VDBs for deployment",
+ "displayName": "VDB Deployment Directories",
+ "name": "VDB_DIRS",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The URL for the SSO server (e.g. https://secure-sso-myproject.example.com/auth). This is the URL through which the user will be redirected when a login or token is required by the application.",
+ "displayName": "SSO Server URL",
+ "name": "SSO_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The URL for the interal SSO service, where secure-sso is the kubernetes service exposed by the SSO server. This is used to create the application client(s) (see SSO_USERNAME). This can also be the same as SSO_URL.",
+ "displayName": "SSO Server Service URL",
+ "name": "SSO_SERVICE_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The SSO realm to which the application client(s) should be associated (e.g. demo).",
+ "displayName": "SSO Realm",
+ "name": "SSO_REALM",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The username used to access the SSO service. This is used to create the appliction client(s) within the specified SSO realm. This should match the SSO_SERVICE_USERNAME specified through one of the sso70-* templates.",
+ "displayName": "SSO Username",
+ "name": "SSO_USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The password for the SSO service user.",
+ "displayName": "SSO User's Password",
+ "name": "SSO_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "SSO Realm Public Key. Public key is recommended to be passed into the template to avoid man-in-the-middle security vulnerability. This can be retrieved from the SSO server, for the specified realm.",
+ "displayName": "SSO Realm Public Key",
+ "name": "SSO_PUBLIC_KEY",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "SSO Client Access Type. true or false",
+ "displayName": "SSO Bearer Only",
+ "name": "SSO_BEARER_ONLY",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The name of the secret containing the keystore file",
+ "displayName": "SSO SAML Keystore Secret",
+ "name": "SSO_SAML_KEYSTORE_SECRET",
+ "value": "datavirt-app-secret",
+ "required": false
+ },
+ {
+ "description": "The name of the keystore file within the secret",
+ "displayName": "SSO SAML Keystore File",
+ "name": "SSO_SAML_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "description": "The name associated with the server certificate",
+ "displayName": "SSO SAML Certificate Alias",
+ "name": "SSO_SAML_CERTIFICATE_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The password for the keystore and certificate",
+ "name": "SSO_SAML_KEYSTORE_PASSWORD",
+ "displayName": "SSO SAML Keystore Password",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The SSO Client Secret for Confidential Access",
+ "name": "SSO_SECRET",
+ "displayName": "SSO Client Secret",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "description": "Enable CORS for SSO applications. true or false",
+ "name": "SSO_ENABLE_CORS",
+ "displayName": "SSO Enable CORS",
+ "value": "false",
+ "required": false
+ },
+ {
+ "description": "SSO logout page for SAML applications",
+ "name": "SSO_SAML_LOGOUT_PAGE",
+ "displayName": "SSO SAML Logout Page",
+ "value": "/",
+ "required": false
+ },
+ {
+ "description": "If true SSL communication between EAP and the SSO Server will be insecure (i.e. certificate validation is disabled with curl)",
+ "name": "SSO_DISABLE_SSL_CERTIFICATE_VALIDATION",
+ "displayName": "SSO Disable SSL Certificate Validation",
+ "value": "true",
+ "required": false
+ },
+ {
+ "description": "The name of the truststore file within the secret (e.g. truststore.jks)",
+ "name": "SSO_TRUSTSTORE",
+ "displayName": "SSO Truststore File",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The password for the truststore and certificate (e.g. mykeystorepass)",
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "displayName": "SSO Truststore Password",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
+ "name": "SSO_TRUSTSTORE_SECRET",
+ "displayName": "SSO Truststore Secret",
+ "value": "datavirt-app-secret",
+ "required": false
+ },
+ {
+ "description": "Comma delimited list of deployments that shoulds be exploded and enabled for SSO OpenIDConnect via auth-method",
+ "name": "SSO_OPENIDCONNECT_DEPLOYMENTS",
+ "displayName": "SSO OpenIDConnect Deployments",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "Comma delimited list of deployments that shoulds be exploded and enabled for SSO SAML via auth-method",
+ "name": "SSO_SAML_DEPLOYMENTS",
+ "displayName": "SSO SAML Deployments",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Artifact Directories",
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -354,7 +518,22 @@
"uri": "${SOURCE_REPOSITORY_URL}",
"ref": "${SOURCE_REPOSITORY_REF}"
},
- "contextDir": "${CONTEXT_DIR}"
+ "contextDir": "${CONTEXT_DIR}",
+ "images": [
+ {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-datagrid65-client-openshift:1.0"
+ },
+ "paths": [
+ {
+ "destinationDir": "./${CONTEXT_DIR}/extensions/datagrid65",
+ "sourcePath": "/extensions/."
+ }
+ ]
+ }
+ ]
},
"strategy": {
"type": "Source",
@@ -363,8 +542,26 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-datavirt63-openshift:1.0"
- }
+ "name": "jboss-datavirt63-openshift:1.2"
+ },
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "CUSTOM_INSTALL_DIRECTORIES",
+ "value": "extensions/*"
+ },
+ {
+ "name": "VDB_DIRS",
+ "value": "${VDB_DIRS}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ]
}
},
"output": {
@@ -391,6 +588,15 @@
"imageChange": {}
},
{
+ "type": "ImageChange",
+ "imageChange": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "jboss-datagrid65-client-openshift:1.0"
+ }
+ }
+ },
+ {
"type": "ConfigChange"
}
]
@@ -597,7 +803,7 @@
},
{
"name": "DATAVIRT_TRANSPORT_KEYSTORE",
- "value": "/etc/datavirt-secret-volume/${HTTPS_KEYSTORE}"
+ "value": "${HTTPS_KEYSTORE}"
},
{
"name": "DATAVIRT_TRANSPORT_KEYSTORE_TYPE",
@@ -610,6 +816,98 @@
{
"name": "DATAVIRT_TRANSPORT_KEYSTORE_PASSWORD",
"value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "SSO_URL",
+ "value": "${SSO_URL}"
+ },
+ {
+ "name": "SSO_SERVICE_URL",
+ "value": "${SSO_SERVICE_URL}"
+ },
+ {
+ "name": "SSO_REALM",
+ "value": "${SSO_REALM}"
+ },
+ {
+ "name": "SSO_USERNAME",
+ "value": "${SSO_USERNAME}"
+ },
+ {
+ "name": "SSO_PASSWORD",
+ "value": "${SSO_PASSWORD}"
+ },
+ {
+ "name": "SSO_PUBLIC_KEY",
+ "value": "${SSO_PUBLIC_KEY}"
+ },
+ {
+ "name": "SSO_BEARER_ONLY",
+ "value": "${SSO_BEARER_ONLY}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE_SECRET",
+ "value": "${SSO_SAML_KEYSTORE_SECRET}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE",
+ "value": "${SSO_SAML_KEYSTORE}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE_DIR",
+ "value": "/etc/sso-saml-secret-volume"
+ },
+ {
+ "name": "SSO_SAML_CERTIFICATE_NAME",
+ "value": "${SSO_SAML_CERTIFICATE_NAME}"
+ },
+ {
+ "name": "SSO_SAML_KEYSTORE_PASSWORD",
+ "value": "${SSO_SAML_KEYSTORE_PASSWORD}"
+ },
+ {
+ "name": "SSO_SECRET",
+ "value": "${SSO_SECRET}"
+ },
+ {
+ "name": "SSO_ENABLE_CORS",
+ "value": "${SSO_ENABLE_CORS}"
+ },
+ {
+ "name": "SSO_SAML_LOGOUT_PAGE",
+ "value": "${SSO_SAML_LOGOUT_PAGE}"
+ },
+ {
+ "name": "SSO_DISABLE_SSL_CERTIFICATE_VALIDATION",
+ "value": "${SSO_DISABLE_SSL_CERTIFICATE_VALIDATION}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE",
+ "value": "${SSO_TRUSTSTORE}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_DIR",
+ "value": "/etc/sso-secret-volume"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "${SSO_TRUSTSTORE_PASSWORD}"
+ },
+ {
+ "name": "SSO_OPENIDCONNECT_DEPLOYMENTS",
+ "value": "${SSO_OPENIDCONNECT_DEPLOYMENTS}"
+ },
+ {
+ "name": "SSO_SAML_DEPLOYMENTS",
+ "value": "${SSO_SAML_DEPLOYMENTS}"
+ },
+ {
+ "name": "HOSTNAME_HTTP",
+ "value": "${HOSTNAME_HTTP}"
+ },
+ {
+ "name": "HOSTNAME_HTTPS",
+ "value": "${HOSTNAME_HTTPS}"
}
]
}
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver62-amq-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver62-amq-s2i.json
index 754a3b4c0..1989036fa 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver62-amq-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver62-amq-s2i.json
@@ -5,8 +5,9 @@
"annotations": {
"description": "Application template for Red Hat JBoss BRMS 6.2 decision server A-MQ applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "decisionserver,amq,java,messaging,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "decisionserver,jboss,xpaas",
+ "version": "1.3.3",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.2 decision server + A-MQ (with https)"
},
"name": "decisionserver62-amq-s2i"
},
@@ -14,20 +15,24 @@
"template": "decisionserver62-amq-s2i",
"xpaas": "1.3.3"
},
+ "message": "A new BRMS/A-MQ application with SSL support has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"decisionserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "HelloRulesContainer=org.openshift.quickstarts:decisionserver-hellorules:1.2.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -35,102 +40,119 @@
"required": false
},
{
+ "displayName": "KIE Server Domain",
"description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
"name": "KIE_SERVER_DOMAIN",
"value": "other",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Response",
"description": "JNDI name of response queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
"value": "queue/KIE.SERVER.RESPONSE",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "decisionserver/hellorules",
"required": false
},
{
+ "displayName": "JMS Connection Factory JNDI Name",
"description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
"name": "MQ_JNDI",
"value": "java:/JmsXA",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_QUEUES",
"value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "decisionserver-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -138,6 +160,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -145,18 +168,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -164,6 +190,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -171,6 +198,7 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
@@ -198,7 +226,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTP port."
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -222,7 +251,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTPS port."
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -564,7 +594,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver62-basic-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver62-basic-s2i.json
index 8be4ac90b..25b2c162c 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver62-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver62-basic-s2i.json
@@ -5,8 +5,9 @@
"annotations": {
"description": "Application template for Red Hat JBoss BRMS 6.2 decision server applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "decisionserver,java,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "decisionserver,jboss,xpaas",
+ "version": "1.3.3",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.2 decision server (no https)"
},
"name": "decisionserver62-basic-s2i"
},
@@ -14,20 +15,24 @@
"template": "decisionserver62-basic-s2i",
"xpaas": "1.3.3"
},
+ "message": "A new BRMS application has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "HelloRulesContainer=org.openshift.quickstarts:decisionserver-hellorules:1.2.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -35,48 +40,56 @@
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "decisionserver/hellorules",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -84,6 +97,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -91,6 +105,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -98,6 +113,7 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver62-https-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver62-https-s2i.json
index bf9047599..85605d642 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver62-https-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver62-https-s2i.json
@@ -5,8 +5,9 @@
"annotations": {
"description": "Application template for Red Hat JBoss BRMS 6.2 decision server HTTPS applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "decisionserver,java,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "decisionserver,jboss,xpaas",
+ "version": "1.3.3",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.2 decision server (with https)"
},
"name": "decisionserver62-https-s2i"
},
@@ -14,32 +15,38 @@
"template": "decisionserver62-https-s2i",
"xpaas": "1.3.3"
},
+ "message": "A new BRMS application with SSL support has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. Please be sure to create the \"decisionserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "HelloRulesContainer=org.openshift.quickstarts:decisionserver-hellorules:1.2.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Protocol",
"description": "The protocol to access the KIE Server REST interface.",
"name": "KIE_SERVER_PROTOCOL",
"value": "https",
"required": false
},
{
+ "displayName": "KIE Server Port",
"description": "The port to access the KIE Server REST interface.",
"name": "KIE_SERVER_PORT",
"value": "8443",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -47,78 +54,91 @@
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "decisionserver/hellorules",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "decisionserver-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -126,6 +146,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -133,6 +154,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -140,6 +162,7 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver63-amq-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver63-amq-s2i.json
index 51e667e02..ecea54d94 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver63-amq-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver63-amq-s2i.json
@@ -5,29 +5,34 @@
"annotations": {
"description": "Application template for Red Hat JBoss BRMS 6.3 decision server A-MQ applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "decisionserver,amq,java,messaging,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "decisionserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.3 decision server + A-MQ (with https)"
},
"name": "decisionserver63-amq-s2i"
},
"labels": {
"template": "decisionserver63-amq-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new BRMS/A-MQ application with SSL support has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"decisionserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "decisionserver-hellorules=org.openshift.quickstarts:decisionserver-hellorules:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -35,108 +40,126 @@
"required": false
},
{
+ "displayName": "KIE Server Domain",
"description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
"name": "KIE_SERVER_DOMAIN",
"value": "other",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Request",
"description": "JNDI name of request queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_REQUEST",
"value": "queue/KIE.SERVER.REQUEST",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Response",
"description": "JNDI name of response queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
"value": "queue/KIE.SERVER.RESPONSE",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "decisionserver/hellorules",
"required": false
},
{
+ "displayName": "JMS Connection Factory JNDI Name",
"description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
"name": "MQ_JNDI",
"value": "java:/JmsXA",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_QUEUES",
"value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "decisionserver-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -144,6 +167,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -151,18 +175,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -170,6 +197,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -177,10 +205,24 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -204,7 +246,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTP port."
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -228,7 +271,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTPS port."
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -334,13 +378,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-decisionserver63-openshift:1.3"
+ "name": "jboss-decisionserver63-openshift:1.4"
}
}
},
@@ -574,7 +626,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver63-basic-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver63-basic-s2i.json
index c5f0d006a..d655dbe94 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver63-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver63-basic-s2i.json
@@ -5,29 +5,34 @@
"annotations": {
"description": "Application template for Red Hat JBoss BRMS 6.3 decision server applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "decisionserver,java,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "decisionserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.3 decision server (no https)"
},
"name": "decisionserver63-basic-s2i"
},
"labels": {
"template": "decisionserver63-basic-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new BRMS application has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "decisionserver-hellorules=org.openshift.quickstarts:decisionserver-hellorules:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -35,48 +40,56 @@
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "decisionserver/hellorules",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -84,6 +97,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -91,6 +105,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -98,10 +113,24 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -184,13 +213,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-decisionserver63-openshift:1.3"
+ "name": "jboss-decisionserver63-openshift:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver63-https-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver63-https-s2i.json
index 3db0e4c84..78e79c0cf 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver63-https-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver63-https-s2i.json
@@ -5,41 +5,48 @@
"annotations": {
"description": "Application template for Red Hat JBoss BRMS 6.3 decision server HTTPS applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "decisionserver,java,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "decisionserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.3 decision server (with https)"
},
"name": "decisionserver63-https-s2i"
},
"labels": {
"template": "decisionserver63-https-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new BRMS application with SSL support has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. Please be sure to create the \"decisionserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "decisionserver-hellorules=org.openshift.quickstarts:decisionserver-hellorules:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Protocol",
"description": "The protocol to access the KIE Server REST interface.",
"name": "KIE_SERVER_PROTOCOL",
"value": "https",
"required": false
},
{
+ "displayName": "KIE Server Port",
"description": "The port to access the KIE Server REST interface.",
"name": "KIE_SERVER_PORT",
"value": "8443",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -47,78 +54,91 @@
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "decisionserver/hellorules",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "decisionserver-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -126,6 +146,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -133,6 +154,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -140,10 +162,24 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -273,13 +309,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-decisionserver63-openshift:1.3"
+ "name": "jboss-decisionserver63-openshift:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver64-amq-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver64-amq-s2i.json
new file mode 100644
index 000000000..c688a2a67
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver64-amq-s2i.json
@@ -0,0 +1,748 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for Red Hat JBoss BRMS 6.4 decision server A-MQ applications built using S2I.",
+ "iconClass": "icon-jboss",
+ "tags": "decisionserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.4 decision server + A-MQ (with https)"
+ },
+ "name": "decisionserver64-amq-s2i"
+ },
+ "labels": {
+ "template": "decisionserver64-amq-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new BRMS/A-MQ application with SSL support has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"decisionserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "KIE Container Deployment",
+ "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "decisionserver-hellorules=org.openshift.quickstarts:decisionserver-hellorules:1.3.0.Final",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Username",
+ "description": "The user name to access the KIE Server REST or JMS interface.",
+ "name": "KIE_SERVER_USER",
+ "value": "kieserver",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Password",
+ "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
+ "name": "KIE_SERVER_PASSWORD",
+ "from": "[a-zA-Z]{6}[0-9]{1}!",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Domain",
+ "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "other",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server JMS Queues Request",
+ "description": "JNDI name of request queue for JMS.",
+ "name": "KIE_SERVER_JMS_QUEUES_REQUEST",
+ "value": "queue/KIE.SERVER.REQUEST",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server JMS Queues Response",
+ "description": "JNDI name of response queue for JMS.",
+ "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
+ "value": "queue/KIE.SERVER.RESPONSE",
+ "required": false
+ },
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "kie-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "decisionserver/hellorules",
+ "required": false
+ },
+ {
+ "displayName": "JMS Connection Factory JNDI Name",
+ "description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
+ "name": "MQ_JNDI",
+ "value": "java:/JmsXA",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_QUEUES",
+ "value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "decisionserver-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTP service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's HTTPS service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-decisionserver64-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "decisionserver-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "decisionserver-keystore-volume",
+ "mountPath": "/etc/decisionserver-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "KIE_SERVER_USER",
+ "value": "${KIE_SERVER_USER}"
+ },
+ {
+ "name": "KIE_SERVER_PASSWORD",
+ "value": "${KIE_SERVER_PASSWORD}"
+ },
+ {
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "${KIE_SERVER_DOMAIN}"
+ },
+ {
+ "name": "KIE_SERVER_JMS_QUEUES_REQUEST",
+ "value": "${KIE_SERVER_JMS_QUEUES_REQUEST}"
+ },
+ {
+ "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
+ "value": "${KIE_SERVER_JMS_QUEUES_RESPONSE}"
+ },
+ {
+ "name": "MQ_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-amq=MQ"
+ },
+ {
+ "name": "MQ_JNDI",
+ "value": "${MQ_JNDI}"
+ },
+ {
+ "name": "MQ_USERNAME",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "MQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "MQ_PROTOCOL",
+ "value": "tcp"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/decisionserver-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "decisionserver-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-63:1.0"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-63",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp-ssl",
+ "containerPort": 5671,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp-ssl",
+ "containerPort": 61612,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp-ssl",
+ "containerPort": 61617,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver64-basic-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver64-basic-s2i.json
new file mode 100644
index 000000000..778c51844
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver64-basic-s2i.json
@@ -0,0 +1,376 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for Red Hat JBoss BRMS 6.4 decision server applications built using S2I.",
+ "iconClass": "icon-jboss",
+ "tags": "decisionserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.4 decision server (no https)"
+ },
+ "name": "decisionserver64-basic-s2i"
+ },
+ "labels": {
+ "template": "decisionserver64-basic-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new BRMS application has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}.",
+ "parameters": [
+ {
+ "displayName": "KIE Container Deployment",
+ "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "decisionserver-hellorules=org.openshift.quickstarts:decisionserver-hellorules:1.3.0.Final",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Username",
+ "description": "The user name to access the KIE Server REST or JMS interface.",
+ "name": "KIE_SERVER_USER",
+ "value": "kieserver",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Password",
+ "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
+ "name": "KIE_SERVER_PASSWORD",
+ "from": "[a-zA-Z]{6}[0-9]{1}!",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "kie-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "decisionserver/hellorules",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Password",
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-decisionserver64-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "KIE_SERVER_USER",
+ "value": "${KIE_SERVER_USER}"
+ },
+ {
+ "name": "KIE_SERVER_PASSWORD",
+ "value": "${KIE_SERVER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver64-https-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver64-https-s2i.json
new file mode 100644
index 000000000..e6c6961c1
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/decisionserver64-https-s2i.json
@@ -0,0 +1,517 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for Red Hat JBoss BRMS 6.4 decision server HTTPS applications built using S2I.",
+ "iconClass": "icon-jboss",
+ "tags": "decisionserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BRMS 6.4 decision server (with https)"
+ },
+ "name": "decisionserver64-https-s2i"
+ },
+ "labels": {
+ "template": "decisionserver64-https-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new BRMS application with SSL support has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. Please be sure to create the \"decisionserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "KIE Container Deployment",
+ "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "decisionserver-hellorules=org.openshift.quickstarts:decisionserver-hellorules:1.3.0.Final",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Protocol",
+ "description": "The protocol to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "https",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Port",
+ "description": "The port to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PORT",
+ "value": "8443",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Username",
+ "description": "The user name to access the KIE Server REST or JMS interface.",
+ "name": "KIE_SERVER_USER",
+ "value": "kieserver",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Password",
+ "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
+ "name": "KIE_SERVER_PASSWORD",
+ "from": "[a-zA-Z]{6}[0-9]{1}!",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "kie-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "decisionserver/hellorules",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "decisionserver-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Password",
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-decisionserver64-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "decisionserver-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "decisionserver-keystore-volume",
+ "mountPath": "/etc/decisionserver-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "${KIE_SERVER_PROTOCOL}"
+ },
+ {
+ "name": "KIE_SERVER_PORT",
+ "value": "${KIE_SERVER_PORT}"
+ },
+ {
+ "name": "KIE_SERVER_USER",
+ "value": "${KIE_SERVER_USER}"
+ },
+ {
+ "name": "KIE_SERVER_PASSWORD",
+ "value": "${KIE_SERVER_PASSWORD}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/decisionserver-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "decisionserver-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-amq-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-amq-persistent-s2i.json
index 72dbb4302..912838175 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-amq-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-amq-persistent-s2i.json
@@ -5,131 +5,153 @@
"annotations": {
"description": "Application template for EAP 6 A-MQ applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,amq,javaee,java,messaging,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + A-MQ (Persistent with https)"
},
"name": "eap64-amq-persistent-s2i"
},
"labels": {
"template": "eap64-amq-persistent-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 and A-MQ persistent based application with SSL support has been created in your project. The username/password for accessing the A-MQ service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "6.4.x",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "helloworld-mdb",
"required": false
},
{
- "description": "Size of persistent storage for database volume.",
+ "displayName": "A-MQ Volume Size",
+ "description": "Size of the volume used by A-MQ for persisting messages.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "JMS Connection Factory JNDI Name",
"description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/ConnectionFactory",
"name": "MQ_JNDI",
"value": "java:/ConnectionFactory",
"required": false
},
{
+ "displayName": "Split Data?",
"description": "Split the data directory for each node in a mesh.",
"name": "AMQ_SPLIT",
"value": "false",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_QUEUES",
"value": "HELLOWORLDMDBQueue",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_TOPICS",
"value": "HELLOWORLDMDBTopic",
"required": false
},
{
+ "displayName": "A-MQ Serializable Packages",
"description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
"name": "MQ_SERIALIZABLE_PACKAGES",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -137,6 +159,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -144,18 +167,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -163,6 +189,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -170,36 +197,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -207,10 +240,24 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -234,7 +281,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTP port."
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -258,7 +306,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTPS port."
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -360,11 +409,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
}
}
},
@@ -641,7 +700,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-amq-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-amq-s2i.json
index 9dd847451..dd4c7a27b 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-amq-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-amq-s2i.json
@@ -5,119 +5,139 @@
"annotations": {
"description": "Application template for EAP 6 A-MQ applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,amq,javaee,java,messaging,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + A-MQ (Ephemeral with https)"
},
"name": "eap64-amq-s2i"
},
"labels": {
"template": "eap64-amq-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 and A-MQ based application with SSL support has been created in your project. The username/password for accessing the A-MQ service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-developer/jboss-eap-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "6.4.x",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "helloworld-mdb",
"required": false
},
{
+ "displayName": "JMS Connection Factory JNDI Name",
"description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/ConnectionFactory",
"name": "MQ_JNDI",
"value": "java:/ConnectionFactory",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_QUEUES",
"value": "HELLOWORLDMDBQueue",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_TOPICS",
"value": "HELLOWORLDMDBTopic",
"required": false
},
{
+ "displayName": "A-MQ Serializable Packages",
"description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
"name": "MQ_SERIALIZABLE_PACKAGES",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -125,6 +145,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -132,18 +153,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -151,6 +175,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -158,36 +183,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -195,10 +226,24 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -222,7 +267,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTP port."
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -246,7 +292,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTPS port."
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -348,11 +395,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
}
}
},
@@ -626,7 +683,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-basic-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-basic-s2i.json
index 7b1800b7b..e13b3851b 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-basic-s2i.json
@@ -6,58 +6,68 @@
"iconClass": "icon-jboss",
"description": "Application template for EAP 6 applications built using S2I.",
"tags": "eap,javaee,java,jboss,xpaas",
- "version": "1.3.2"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 (no https)"
},
"name": "eap64-basic-s2i"
},
"labels": {
"template": "eap64-basic-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 based application has been created in your project.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-developer/jboss-eap-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "6.4.x",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "kitchensink",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -65,6 +75,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -72,6 +83,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -79,12 +91,14 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -92,10 +106,24 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -174,11 +202,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-https-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-https-s2i.json
index 31716d84c..0da32eb40 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-https-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-https-s2i.json
@@ -6,100 +6,117 @@
"iconClass": "icon-jboss",
"description": "Application template for EAP 6 applications built using S2I.",
"tags": "eap,javaee,java,jboss,xpaas",
- "version": "1.3.2"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 (with https)"
},
"name": "eap64-https-s2i"
},
"labels": {
"template": "eap64-https-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 based application with SSL support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-developer/jboss-eap-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "6.4.x",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "kitchensink",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -107,6 +124,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -114,6 +132,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -121,36 +140,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -158,10 +183,24 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -287,11 +326,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-mongodb-persistent-s2i.json
index 212431056..77b75466d 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-mongodb-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-mongodb-persistent-s2i.json
@@ -5,149 +5,175 @@
"annotations": {
"description": "Application template for EAP 6 MongoDB applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,mongodb,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + MongoDB (Persistent with https)"
},
"name": "eap64-mongodb-persistent-s2i"
},
"labels": {
"template": "eap64-mongodb-persistent-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 and MongoDB persistent based application with SSL support has been created in your project. The username/password for accessing the MongoDB database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-mongodb",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
"name": "DB_JNDI",
"value": "",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MongoDB No Preallocation",
"description": "Disable data file preallocation.",
"name": "MONGODB_NOPREALLOC",
"required": false
},
{
+ "displayName": "MongoDB Small Files",
"description": "Set MongoDB to use a smaller default data file size.",
"name": "MONGODB_SMALLFILES",
"required": false
},
{
+ "displayName": "MongoDB Quiet",
"description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
"name": "MONGODB_QUIET",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -155,6 +181,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -162,6 +189,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -169,6 +197,7 @@
"required": true
},
{
+ "displayName": "Database admin password",
"description": "Database admin password",
"name": "DB_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -176,6 +205,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -183,6 +213,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -190,36 +221,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -227,10 +264,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
}
],
"objects": [
@@ -254,7 +312,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -278,7 +337,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -380,11 +440,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
}
}
},
@@ -674,7 +744,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mongodb:latest"
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-mongodb-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-mongodb-s2i.json
index 13fbbdd93..2785782d4 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-mongodb-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-mongodb-s2i.json
@@ -5,143 +5,168 @@
"annotations": {
"description": "Application template for EAP 6 MongoDB applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,mongodb,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + MongoDB (Ephemeral with https)"
},
"name": "eap64-mongodb-s2i"
},
"labels": {
"template": "eap64-mongodb-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 and MongoDB based application with SSL support has been created in your project. The username/password for accessing the MongoDB database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-mongodb",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
"name": "DB_JNDI",
"value": "",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MongoDB No Preallocation",
"description": "Disable data file preallocation.",
"name": "MONGODB_NOPREALLOC",
"required": false
},
{
+ "displayName": "MongoDB Small Files",
"description": "Set MongoDB to use a smaller default data file size.",
"name": "MONGODB_SMALLFILES",
"required": false
},
{
+ "displayName": "MongoDB Quiet",
"description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
"name": "MONGODB_QUIET",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -149,6 +174,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -156,6 +182,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -163,6 +190,7 @@
"required": true
},
{
+ "displayName": "Database admin password",
"description": "Database admin password",
"name": "DB_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -170,6 +198,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -177,6 +206,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -184,36 +214,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -221,10 +257,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
}
],
"objects": [
@@ -248,7 +305,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -272,7 +330,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -374,11 +433,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
}
}
},
@@ -668,7 +737,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mongodb:latest"
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-mysql-persistent-s2i.json
index 69fdec206..cca0f9c2b 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-mysql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-mysql-persistent-s2i.json
@@ -5,159 +5,187 @@
"annotations": {
"description": "Application template for EAP 6 MySQL applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,mysql,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + MySQL (Persistent with https)"
},
"name": "eap64-mysql-persistent-s2i"
},
"labels": {
"template": "eap64-mysql-persistent-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 and MySQL persistent based application with SSL support has been created in your project. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/TodoListDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -165,6 +193,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -172,6 +201,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -179,6 +209,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -186,6 +217,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -193,36 +225,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -230,10 +268,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -257,7 +316,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -281,7 +341,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -383,11 +444,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
}
}
},
@@ -681,7 +752,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-mysql-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-mysql-s2i.json
index 2bd3c249f..5766506fd 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-mysql-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-mysql-s2i.json
@@ -5,153 +5,180 @@
"annotations": {
"description": "Application template for EAP 6 MySQL applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,mysql,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + MySQL (Ephemeral with https)"
},
"name": "eap64-mysql-s2i"
},
"labels": {
"template": "eap64-mysql-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 and MySQL based application with SSL support has been created in your project. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/TodoListDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -159,6 +186,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -166,6 +194,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -173,6 +202,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -180,6 +210,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -187,36 +218,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -224,10 +261,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -251,7 +309,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -275,7 +334,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -377,11 +437,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
}
}
},
@@ -675,7 +745,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-postgresql-persistent-s2i.json
index 31f245950..01891774d 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-postgresql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-postgresql-persistent-s2i.json
@@ -5,144 +5,169 @@
"annotations": {
"description": "Application template for EAP 6 PostgreSQL applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,postgresql,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + PostgreSQL (Persistent with https)"
},
"name": "eap64-postgresql-persistent-s2i"
},
"labels": {
"template": "eap64-postgresql-persistent-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 and PostgreSQL persistent based application with SSL support has been created in your project. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/TodoListDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -150,6 +175,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -157,6 +183,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -164,6 +191,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -171,6 +199,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -178,36 +207,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -215,10 +250,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -242,7 +298,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -266,7 +323,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -368,11 +426,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
}
}
},
@@ -666,7 +734,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-postgresql-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-postgresql-s2i.json
index eac964697..e00f2b0e3 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-postgresql-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-postgresql-s2i.json
@@ -5,138 +5,162 @@
"annotations": {
"description": "Application template for EAP 6 PostgreSQL applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,postgresql,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + PostgreSQL (Ephemeral with https)"
},
"name": "eap64-postgresql-s2i"
},
"labels": {
"template": "eap64-postgresql-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 and PostgreSQL based application with SSL support has been created in your project. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/TodoListDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -144,6 +168,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -151,6 +176,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -158,6 +184,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -165,6 +192,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -172,36 +200,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -209,10 +243,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -236,7 +291,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -260,7 +316,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -362,11 +419,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
}
}
},
@@ -660,7 +727,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-sso-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-sso-s2i.json
index 09023be71..ec0739d04 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-sso-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-sso-s2i.json
@@ -3,103 +3,120 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "iconClass" : "icon-jboss",
+ "iconClass": "icon-jboss",
"description": "Application template for EAP 6 applications built using S2I, enabled for SSO.",
- "tags": "eap,javaee,java,jboss,xpaas,sso,keycloak",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 + Single Sign-On (with https)"
},
"name": "eap64-sso-s2i"
},
"labels": {
"template": "eap64-sso-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 6 based application with SSL and SSO support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Hostname for http service route (e.g. eap-app-myproject.example.com). Required for SSO-enabled applications. This is added to the white list of redirects in the SSO server.",
"name": "HOSTNAME_HTTP",
"value": "",
"required": true
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Hostname for https service route (e.g. secure-eap-app-myproject.example.com). Required for SSO-enabled applications. This is added to the white list of redirects in the SSO server.",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": true
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/redhat-developer/redhat-sso-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "7.0.x-ose",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate (e.g. jboss)",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate (e.g. mykeystorepass)",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -107,6 +124,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -114,6 +132,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -121,36 +140,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate (e.g. secret-key)",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate (e.g. password)",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -158,84 +183,98 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
},
{
+ "displayName": "URL for SSO",
"description": "The URL for the SSO server (e.g. https://secure-sso-myproject.example.com/auth). This is the URL through which the user will be redirected when a login or token is required by the application.",
"name": "SSO_URL",
"value": "",
"required": true
},
{
- "description": "The URL for the interal SSO service, where secure-sso is the kubernetes service exposed by the SSO server. This is used to create the application client(s) (see SSO_USERNAME). This can also be the same as SSO_URL.",
+ "displayName": "URL for SSO (internal service)",
+ "description": "The URL for the internal SSO service, where secure-sso is the kubernetes service exposed by the SSO server. This is used to create the application client(s) (see SSO_USERNAME). This can also be the same as SSO_URL.",
"name": "SSO_SERVICE_URL",
"value": "https://secure-sso:8443/auth",
"required": false
},
{
+ "displayName": "SSO Realm",
"description": "The SSO realm to which the application client(s) should be associated (e.g. demo).",
"name": "SSO_REALM",
"value": "",
"required": true
},
{
+ "displayName": "SSO Username",
"description": "The username used to access the SSO service. This is used to create the appliction client(s) within the specified SSO realm. This should match the SSO_SERVICE_USERNAME specified through one of the sso70-* templates.",
"name": "SSO_USERNAME",
"value": "",
"required": false
},
{
+ "displayName": "SSO Password",
"description": "The password for the SSO service user.",
"name": "SSO_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Public Key",
"description": "SSO Public Key. Public key is recommended to be passed into the template to avoid man-in-the-middle security vulnerability. This can be retrieved from the SSO server, for the specified realm.",
"name": "SSO_PUBLIC_KEY",
"value": "",
"required": false
},
{
+ "displayName": "SSO Bearer Only?",
"description": "SSO Client Access Type",
"name": "SSO_BEARER_ONLY",
"value": "",
"required": false
},
{
+ "displayName": "Artifact Directories",
"description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
"name": "ARTIFACT_DIR",
"value": "app-jee-jsp/target,service-jee-jaxrs/target,app-profile-jee-jsp/target,app-profile-saml-jee-jsp/target",
"required": false
},
{
+ "displayName": "SSO SAML Keystore Secret",
"description": "The name of the secret containing the keystore file",
"name": "SSO_SAML_KEYSTORE_SECRET",
"value": "eap-app-secret",
"required": false
},
{
+ "displayName": "SSO SAML Keystore",
"description": "The name of the keystore file within the secret",
"name": "SSO_SAML_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "SSO SAML Certificate Name",
"description": "The name associated with the server certificate",
"name": "SSO_SAML_CERTIFICATE_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "SSO SAML Keystore Password",
"description": "The password for the keystore and certificate",
"name": "SSO_SAML_KEYSTORE_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "SSO Client Secret",
"description": "The SSO Client Secret for Confidential Access",
"name": "SSO_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -243,42 +282,55 @@
"required": true
},
{
+ "displayName": "Enable CORS for SSO?",
"description": "Enable CORS for SSO applications",
"name": "SSO_ENABLE_CORS",
"value": "false",
"required": false
},
{
+ "displayName": "SSO SAML Logout Page",
"description": "SSO logout page for SAML applications",
"name": "SSO_SAML_LOGOUT_PAGE",
"value": "/",
"required": false
},
{
+ "displayName": "Disable SSL Validation in EAP->SSO communication",
"description": "If true SSL communication between EAP and the SSO Server will be insecure (i.e. certificate validation is disabled with curl)",
"name": "SSO_DISABLE_SSL_CERTIFICATE_VALIDATION",
"value": "true",
"required": false
},
{
+ "displayName": "SSO Trust Store",
"description": "The name of the truststore file within the secret (e.g. truststore.jks)",
"name": "SSO_TRUSTSTORE",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Password",
"description": "The password for the truststore and certificate (e.g. mykeystorepass)",
"name": "SSO_TRUSTSTORE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Secret",
"description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
"name": "SSO_TRUSTSTORE_SECRET",
"value": "eap-app-secret",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
}
- ],
+ ],
"objects": [
{
"kind": "Service",
@@ -406,7 +458,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap64-openshift:1.4"
+ "name": "jboss-eap64-openshift:1.5"
},
"env": [
{
@@ -416,6 +468,10 @@
{
"name": "MAVEN_ARGS_APPEND",
"value": ""
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
}
]
}
@@ -615,7 +671,7 @@
"name": "HORNETQ_TOPICS",
"value": "${HORNETQ_TOPICS}"
},
- {
+ {
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "${JGROUPS_ENCRYPT_SECRET}"
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-third-party-db-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-third-party-db-s2i.json
new file mode 100644
index 000000000..e8f6d6585
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap64-third-party-db-s2i.json
@@ -0,0 +1,646 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-jboss",
+ "description": "Application template for EAP 6 DB applications built using S2I. Includes support for installing third-party DB drivers.",
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 6.4 (with https, supporting third-party DB drivers)"
+ },
+ "name": "eap64-third-party-db-s2i"
+ },
+ "labels": {
+ "template": "eap64-third-party-db-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new EAP 6 based application with SSL support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets:\"${CONFIGURATION_NAME}\" containing the datasource configuration details required by the deployed application(s); \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Configuration Secret Name",
+ "description": "The name of the secret containing configuration properties for the datasources.",
+ "name": "CONFIGURATION_NAME",
+ "value": "eap-app-config",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "master",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "datavirt/hibernate-webapp",
+ "required": false
+ },
+ {
+ "displayName": "Drivers ImageStreamTag",
+ "description": "ImageStreamTag definition for the image containing the drivers and configuration, e.g. jboss-datavirt63-openshift:1.0-driver",
+ "name": "EXTENSIONS_IMAGE",
+ "value": "jboss-datavirt63-driver-openshift:1.0",
+ "required": true
+ },
+ {
+ "displayName": "Drivers ImageStream Namespace",
+ "description": "Namespace within which the ImageStream definition for the image containing the drivers and configuration is located.",
+ "name": "EXTENSIONS_IMAGE_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Drivers Image Install Directory",
+ "description": "Full path to the directory within the extensions image where the extensions are located (e.g. install.sh, modules/, etc.)",
+ "name": "EXTENSIONS_INSTALL_DIR",
+ "value": "/extensions",
+ "required": true
+ },
+ {
+ "displayName": "Queue Names",
+ "description": "Queue names to preconfigure within HornetQ subsystem.",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topic Names",
+ "description": "Topic names to preconfigure within HornetQ subsystem.",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Cluster Admin Password",
+ "description": "Admin password for HornetQ cluster.",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "A secret string used to configure the GitHub webhook.",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "A secret string used to configure the Generic webhook.",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore to be used for securing JGroups communications.",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the JGroups secret.",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the JGroups server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "secret-key",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "password",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "Password used by JGroups to authenticate nodes in the cluster.",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}",
+ "images": [
+ {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${EXTENSIONS_IMAGE_NAMESPACE}",
+ "name": "${EXTENSIONS_IMAGE}"
+ },
+ "paths": [
+ {
+ "destinationDir": "./${CONTEXT_DIR}/extensions/extras",
+ "sourcePath": "${EXTENSIONS_INSTALL_DIR}/."
+ }
+ ]
+ }
+ ]
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "CUSTOM_INSTALL_DIRECTORIES",
+ "value": "extensions/*"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap64-openshift:1.5"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${EXTENSIONS_IMAGE_NAMESPACE}",
+ "name": "${EXTENSIONS_IMAGE}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "configuration",
+ "mountPath": "/etc/eap-environment",
+ "readOnly": true
+ },
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "ENV_FILES",
+ "value": "/etc/eap-environment/*"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "configuration",
+ "secret": {
+ "secretName": "${CONFIGURATION_NAME}"
+ }
+ },
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-amq-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-amq-persistent-s2i.json
index f08cdf2f9..3f0eba6e3 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-amq-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-amq-persistent-s2i.json
@@ -5,131 +5,153 @@
"annotations": {
"description": "Application template for EAP 7 A-MQ applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,amq,javaee,java,messaging,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + A-MQ (Persistent with https)"
},
"name": "eap70-amq-persistent-s2i"
},
"labels": {
"template": "eap70-amq-persistent-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 and A-MQ persistent based application with SSL support has been created in your project. The username/password for accessing the A-MQ service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "helloworld-mdb",
"required": false
},
{
- "description": "Size of persistent storage for database volume.",
+ "displayName": "A-MQ Volume Size",
+ "description": "Size of the volume used by A-MQ for persisting messages.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "JMS Connection Factory JNDI Name",
"description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/ConnectionFactory",
"name": "MQ_JNDI",
"value": "java:/ConnectionFactory",
"required": false
},
{
+ "displayName": "Split Data?",
"description": "Split the data directory for each node in a mesh.",
"name": "AMQ_SPLIT",
"value": "false",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_QUEUES",
"value": "HELLOWORLDMDBQueue",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_TOPICS",
"value": "HELLOWORLDMDBTopic",
"required": false
},
{
+ "displayName": "A-MQ Serializable Packages",
"description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
"name": "MQ_SERIALIZABLE_PACKAGES",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap7-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -137,6 +159,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -144,18 +167,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -163,6 +189,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -170,36 +197,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -207,10 +240,24 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -234,7 +281,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTP port."
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -258,7 +306,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTPS port."
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -360,11 +409,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
}
}
},
@@ -641,7 +700,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-amq-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-amq-s2i.json
index 3ca9e9fab..f2d65f353 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-amq-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-amq-s2i.json
@@ -5,119 +5,139 @@
"annotations": {
"description": "Application template for EAP 7 A-MQ applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,amq,javaee,java,messaging,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + A-MQ (with https)"
},
"name": "eap70-amq-s2i"
},
"labels": {
"template": "eap70-amq-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 and A-MQ based application with SSL support has been created in your project. The username/password for accessing the A-MQ service is ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "helloworld-mdb",
"required": false
},
{
+ "displayName": "JMS Connection Factory JNDI Name",
"description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/ConnectionFactory",
"name": "MQ_JNDI",
"value": "java:/ConnectionFactory",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_QUEUES",
"value": "HELLOWORLDMDBQueue",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_TOPICS",
"value": "HELLOWORLDMDBTopic",
"required": false
},
{
+ "displayName": "A-MQ Serializable Packages",
"description": "List of packages that are allowed to be serialized for use in ObjectMessage, separated by commas. If your app doesn't use ObjectMessages, leave this blank. This is a security enforcement. For the rationale, see http://activemq.apache.org/objectmessage.html",
"name": "MQ_SERIALIZABLE_PACKAGES",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap7-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap7-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -125,6 +145,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -132,18 +153,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -151,6 +175,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -158,36 +183,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -195,10 +226,24 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -222,7 +267,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTP port."
+ "description": "The web server's HTTP port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -246,7 +292,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's HTTPS port."
+ "description": "The web server's HTTPS port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -348,11 +395,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
}
}
},
@@ -626,7 +683,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-basic-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-basic-s2i.json
index 83b4d5b24..c33e3f7cb 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-basic-s2i.json
@@ -6,58 +6,68 @@
"iconClass": "icon-jboss",
"description": "Application template for EAP 7 applications built using S2I.",
"tags": "eap,javaee,java,jboss,xpaas",
- "version": "1.3.2"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 (no https)"
},
"name": "eap70-basic-s2i"
},
"labels": {
"template": "eap70-basic-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 based application has been created in your project.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-developer/jboss-eap-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "7.0.0.GA",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "kitchensink",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ cluster password",
"description": "A-MQ cluster admin password",
"name": "MQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -65,6 +75,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -72,6 +83,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -79,12 +91,14 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -92,10 +106,24 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -174,11 +202,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-https-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-https-s2i.json
index 1292442a4..7542d31c8 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-https-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-https-s2i.json
@@ -6,100 +6,117 @@
"iconClass": "icon-jboss",
"description": "Application template for EAP 7 applications built using S2I.",
"tags": "eap,javaee,java,jboss,xpaas",
- "version": "1.3.2"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 (with https)"
},
"name": "eap70-https-s2i"
},
"labels": {
"template": "eap70-https-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 based application with SSL support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-developer/jboss-eap-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "7.0.0.GA",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "kitchensink",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap7-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap7-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "A-MQ cluster password",
"description": "A-MQ cluster admin password",
"name": "MQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -107,6 +124,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -114,6 +132,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -121,36 +140,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -158,10 +183,24 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -287,11 +326,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-mongodb-persistent-s2i.json
index 99db77d58..8a7da66c1 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-mongodb-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-mongodb-persistent-s2i.json
@@ -5,149 +5,175 @@
"annotations": {
"description": "Application template for EAP 7 MongoDB applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,mongodb,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + MongoDB (Persistent with https)"
},
"name": "eap70-mongodb-persistent-s2i"
},
"labels": {
"template": "eap70-mongodb-persistent-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 and MongoDB persistent based application with SSL support has been created in your project. The username/password for accessing the MongoDB database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-mongodb",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
"name": "DB_JNDI",
"value": "",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap7-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap7-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MongoDB No Preallocation",
"description": "Disable data file preallocation.",
"name": "MONGODB_NOPREALLOC",
"required": false
},
{
+ "displayName": "MongoDB Small Files",
"description": "Set MongoDB to use a smaller default data file size.",
"name": "MONGODB_SMALLFILES",
"required": false
},
{
+ "displayName": "MongoDB Quiet",
"description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
"name": "MONGODB_QUIET",
"required": false
},
{
+ "displayName": "A-MQ cluster password",
"description": "A-MQ cluster admin password",
"name": "MQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -155,6 +181,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -162,6 +189,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -169,6 +197,7 @@
"required": true
},
{
+ "displayName": "Database admin password",
"description": "Database admin password",
"name": "DB_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -176,6 +205,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -183,6 +213,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -190,36 +221,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -227,10 +264,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
}
],
"objects": [
@@ -254,7 +312,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -278,7 +337,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -380,11 +440,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
}
}
},
@@ -685,7 +755,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mongodb:latest"
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-mongodb-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-mongodb-s2i.json
index c8150c231..ae52a3deb 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-mongodb-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-mongodb-s2i.json
@@ -5,143 +5,168 @@
"annotations": {
"description": "Application template for EAP 7 MongoDB applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,mongodb,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + MongoDB (Ephemeral with https)"
},
"name": "eap70-mongodb-s2i"
},
"labels": {
"template": "eap70-mongodb-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 and MongoDB based application with SSL support has been created in your project. The username/password for accessing the MongoDB database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-mongodb",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
"name": "DB_JNDI",
"value": "",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap7-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap7-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MongoDB No Preallocation",
"description": "Disable data file preallocation.",
"name": "MONGODB_NOPREALLOC",
"required": false
},
{
+ "displayName": "MongoDB Small Files",
"description": "Set MongoDB to use a smaller default data file size.",
"name": "MONGODB_SMALLFILES",
"required": false
},
{
+ "displayName": "MongoDB Quiet",
"description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
"name": "MONGODB_QUIET",
"required": false
},
{
+ "displayName": "A-MQ cluster password",
"description": "A-MQ cluster admin password",
"name": "MQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -149,6 +174,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -156,6 +182,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -163,6 +190,7 @@
"required": true
},
{
+ "displayName": "Database admin password",
"description": "Database admin password",
"name": "DB_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -170,6 +198,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -177,6 +206,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -184,36 +214,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -221,10 +257,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
}
],
"objects": [
@@ -248,7 +305,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -272,7 +330,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -374,11 +433,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
}
}
},
@@ -679,7 +748,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mongodb:latest"
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-mysql-persistent-s2i.json
index f8e5c2b04..a0a3d7717 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-mysql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-mysql-persistent-s2i.json
@@ -5,159 +5,187 @@
"annotations": {
"description": "Application template for EAP 7 MySQL applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,mysql,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + MySQL (Persistent with https)"
},
"name": "eap70-mysql-persistent-s2i"
},
"labels": {
"template": "eap70-mysql-persistent-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 and MySQL persistent based application with SSL support has been created in your project. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/TodoListDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap7-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap7-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "A-MQ cluster password",
"description": "A-MQ cluster admin password",
"name": "MQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -165,6 +193,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -172,6 +201,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -179,6 +209,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -186,6 +217,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -193,36 +225,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -230,10 +268,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -257,7 +316,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -281,7 +341,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -383,11 +444,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
}
}
},
@@ -696,7 +767,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-mysql-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-mysql-s2i.json
index 1edeb62e7..8255ade5d 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-mysql-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-mysql-s2i.json
@@ -5,153 +5,180 @@
"annotations": {
"description": "Application template for EAP 7 MySQL applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,mysql,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + MySQL (Ephemeral with https)"
},
"name": "eap70-mysql-s2i"
},
"labels": {
"template": "eap70-mysql-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 and MySQL based application with SSL support has been created in your project. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/TodoListDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap7-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap7-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "A-MQ cluster password",
"description": "A-MQ cluster admin password",
"name": "MQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -159,6 +186,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -166,6 +194,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -173,6 +202,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -180,6 +210,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -187,36 +218,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -224,10 +261,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -251,7 +309,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -275,7 +334,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -377,11 +437,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
}
}
},
@@ -690,7 +760,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-postgresql-persistent-s2i.json
index d11df06ee..436c541d8 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-postgresql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-postgresql-persistent-s2i.json
@@ -5,144 +5,169 @@
"annotations": {
"description": "Application template for EAP 7 PostgreSQL applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,postgresql,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + PostgreSQL (Persistent with https)"
},
"name": "eap70-postgresql-persistent-s2i"
},
"labels": {
"template": "eap70-postgresql-persistent-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 and PostgreSQL persistent based application with SSL support has been created in your project. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/TodoListDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap7-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap7-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "A-MQ cluster password",
"description": "A-MQ cluster admin password",
"name": "MQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -150,6 +175,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -157,6 +183,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -164,6 +191,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -171,6 +199,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -178,36 +207,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -215,10 +250,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -242,7 +298,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -266,7 +323,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -368,11 +426,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
}
}
},
@@ -681,7 +749,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-postgresql-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-postgresql-s2i.json
index 6b7f6d707..a2a37a886 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-postgresql-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-postgresql-s2i.json
@@ -5,138 +5,162 @@
"annotations": {
"description": "Application template for EAP 7 PostgreSQL applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "eap,postgresql,javaee,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + PostgreSQL (Ephemeral with https)"
},
"name": "eap70-postgresql-s2i"
},
"labels": {
"template": "eap70-postgresql-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 and PostgreSQL based application with SSL support has been created in your project. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/TodoListDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "MQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap7-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap7-app-secret",
- "required": false
+ "required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "A-MQ cluster password",
"description": "A-MQ cluster admin password",
"name": "MQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -144,6 +168,7 @@
"required": true
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -151,6 +176,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -158,6 +184,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -165,6 +192,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -172,36 +200,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -209,10 +243,31 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -236,7 +291,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -260,7 +316,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -362,11 +419,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
}
}
},
@@ -675,7 +742,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-sso-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-sso-s2i.json
index 811602220..08a844cd9 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-sso-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-sso-s2i.json
@@ -3,103 +3,120 @@
"apiVersion": "v1",
"metadata": {
"annotations": {
- "iconClass" : "icon-jboss",
+ "iconClass": "icon-jboss",
"description": "Application template for EAP 6 applications built using S2I, enabled for SSO.",
- "tags": "eap,javaee,java,jboss,xpaas,sso,keycloak",
- "version": "1.3.2"
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 + Single Sign-On (with https)"
},
"name": "eap70-sso-s2i"
},
"labels": {
"template": "eap70-sso-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new EAP 7 based application with SSL and SSO support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "eap-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Hostname for http service route (e.g. eap-app-myproject.example.com). Required for SSO-enabled applications. This is added to the white list of redirects in the SSO server.",
"name": "HOSTNAME_HTTP",
"value": "",
"required": true
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Hostname for https service route (e.g. secure-eap-app-myproject.example.com). Required for SSO-enabled applications. This is added to the white list of redirects in the SSO server.",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": true
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/redhat-developer/redhat-sso-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "7.0.x-ose",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "eap7-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "eap7-app-secret",
"required": true
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate (e.g. jboss)",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate (e.g. mykeystorepass)",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -107,6 +124,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -114,6 +132,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -121,36 +140,42 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate (e.g. secret-key)",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate (e.g. password)",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -158,84 +183,98 @@
"required": true
},
{
+ "displayName": "Deploy Exploded Archives",
"description": "Controls whether exploded deployment content should be automatically deployed",
"name": "AUTO_DEPLOY_EXPLODED",
"value": "false",
"required": false
},
{
+ "displayName": "URL for SSO",
"description": "The URL for the SSO server (e.g. https://secure-sso-myproject.example.com/auth). This is the URL through which the user will be redirected when a login or token is required by the application.",
"name": "SSO_URL",
"value": "",
"required": true
},
{
- "description": "The URL for the interal SSO service, where secure-sso (the default) is the kubernetes service exposed by the SSO server. This is used to create the application client(s) (see SSO_USERNAME). This can also be the same as SSO_URL.",
+ "displayName": "URL for SSO (internal service)",
+ "description": "The URL for the internal SSO service, where secure-sso (the default) is the kubernetes service exposed by the SSO server. This is used to create the application client(s) (see SSO_USERNAME). This can also be the same as SSO_URL.",
"name": "SSO_SERVICE_URL",
"value": "https://secure-sso:8443/auth",
"required": false
},
{
+ "displayName": "SSO Realm",
"description": "The SSO realm to which the application client(s) should be associated (e.g. demo).",
"name": "SSO_REALM",
"value": "",
"required": true
},
{
+ "displayName": "SSO Username",
"description": "The username used to access the SSO service. This is used to create the appliction client(s) within the specified SSO realm. This should match the SSO_SERVICE_USERNAME specified through one of the sso70-* templates.",
"name": "SSO_USERNAME",
"value": "",
"required": false
},
{
+ "displayName": "SSO Password",
"description": "The password for the SSO service user.",
"name": "SSO_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Public Key",
"description": "SSO Public Key. Public key is recommended to be passed into the template to avoid man-in-the-middle security vulnerability",
"name": "SSO_PUBLIC_KEY",
"value": "",
"required": false
},
{
+ "displayName": "SSO Bearer Only?",
"description": "SSO Client Access Type",
"name": "SSO_BEARER_ONLY",
"value": "",
"required": false
},
{
+ "displayName": "Artifact Directories",
"description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
"name": "ARTIFACT_DIR",
"value": "app-jee-jsp/target,service-jee-jaxrs/target,app-profile-jee-jsp/target,app-profile-saml-jee-jsp/target",
"required": false
},
{
+ "displayName": "SSO SAML Keystore Secret",
"description": "The name of the secret containing the keystore file",
"name": "SSO_SAML_KEYSTORE_SECRET",
"value": "eap7-app-secret",
"required": false
},
{
+ "displayName": "SSO SAML Keystore",
"description": "The name of the keystore file within the secret",
"name": "SSO_SAML_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "SSO SAML Certificate Name",
"description": "The name associated with the server certificate",
"name": "SSO_SAML_CERTIFICATE_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "SSO SAML Keystore Password",
"description": "The password for the keystore and certificate",
"name": "SSO_SAML_KEYSTORE_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "SSO Client Secret",
"description": "The SSO Client Secret for Confidential Access",
"name": "SSO_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -243,42 +282,55 @@
"required": true
},
{
+ "displayName": "Enable CORS for SSO?",
"description": "Enable CORS for SSO applications",
"name": "SSO_ENABLE_CORS",
"value": "false",
"required": false
},
{
+ "displayName": "SSO SAML Logout Page",
"description": "SSO logout page for SAML applications",
"name": "SSO_SAML_LOGOUT_PAGE",
"value": "/",
"required": false
},
{
+ "displayName": "Disable SSL Validation in EAP->SSO communication",
"description": "If true SSL communication between EAP and the SSO Server will be insecure (i.e. certificate validation is disabled with curl)",
"name": "SSO_DISABLE_SSL_CERTIFICATE_VALIDATION",
"value": "true",
"required": false
},
{
+ "displayName": "SSO Trust Store",
"description": "The name of the truststore file within the secret (e.g. truststore.jks)",
"name": "SSO_TRUSTSTORE",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Password",
"description": "The password for the truststore and certificate (e.g. mykeystorepass)",
"name": "SSO_TRUSTSTORE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Secret",
"description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
"name": "SSO_TRUSTSTORE_SECRET",
"value": "eap7-app-secret",
"required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
}
- ],
+ ],
"objects": [
{
"kind": "Service",
@@ -406,7 +458,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-eap70-openshift:1.4"
+ "name": "jboss-eap70-openshift:1.5"
},
"env": [
{
@@ -416,6 +468,10 @@
{
"name": "MAVEN_ARGS_APPEND",
"value": ""
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
}
]
}
@@ -593,7 +649,7 @@
{
"name": "HOSTNAME_HTTPS",
"value": "${HOSTNAME_HTTPS}"
- },
+ },
{
"name": "HTTPS_KEYSTORE_DIR",
"value": "/etc/eap-secret-volume"
@@ -626,7 +682,7 @@
"name": "HORNETQ_TOPICS",
"value": "${HORNETQ_TOPICS}"
},
- {
+ {
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "${JGROUPS_ENCRYPT_SECRET}"
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-third-party-db-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-third-party-db-s2i.json
new file mode 100644
index 000000000..9e854d7ab
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/eap70-third-party-db-s2i.json
@@ -0,0 +1,657 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-jboss",
+ "description": "Application template for EAP 7 DB applications built using S2I. Includes support for installing third-party DB drivers.",
+ "tags": "eap,javaee,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss EAP 7.0 (with https, supporting third-party DB drivers)"
+ },
+ "name": "eap70-third-party-db-s2i"
+ },
+ "labels": {
+ "template": "eap70-third-party-db-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new EAP 7 based application with SSL support has been created in your project. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets:\"${CONFIGURATION_NAME}\" containing the datasource configuration details required by the deployed application(s); \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "eap-app",
+ "required": true
+ },
+ {
+ "displayName": "Configuration Secret Name",
+ "description": "The name of the secret containing configuration properties for the datasources.",
+ "name": "CONFIGURATION_NAME",
+ "value": "eap-app-config",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "master",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "datavirt/hibernate-webapp",
+ "required": false
+ },
+ {
+ "displayName": "Drivers ImageStreamTag",
+ "description": "ImageStreamTag definition for the image containing the drivers and configuration, e.g. jboss-datavirt63-openshift:1.0-driver",
+ "name": "EXTENSIONS_IMAGE",
+ "value": "jboss-datavirt63-driver-openshift:1.0",
+ "required": true
+ },
+ {
+ "displayName": "Drivers ImageStream Namespace",
+ "description": "Namespace within which the ImageStream definition for the image containing the drivers and configuration is located.",
+ "name": "EXTENSIONS_IMAGE_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Drivers Image Install Directory",
+ "description": "Full path to the directory within the extensions image where the extensions are located (e.g. install.sh, modules/, etc.)",
+ "name": "EXTENSIONS_INSTALL_DIR",
+ "value": "/extensions",
+ "required": true
+ },
+ {
+ "displayName": "Queue Names",
+ "description": "Queue names to preconfigure within Messaging subsystem.",
+ "name": "MQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topic Names",
+ "description": "Topic names to preconfigure within Messaging subsystem.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "eap-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "eap-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "Messaging Cluster Admin Password",
+ "description": "Admin password for Messaging cluster.",
+ "name": "MQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "A secret string used to configure the GitHub webhook.",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "A secret string used to configure the Generic webhook.",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore to be used for securing JGroups communications.",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "eap-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the JGroups secret.",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the JGroups server certificate",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "secret-key",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "password",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "Password used by JGroups to authenticate nodes in the cluster.",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Deploy Exploded Archives",
+ "description": "Controls whether exploded deployment content should be automatically deployed",
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}",
+ "images": [
+ {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${EXTENSIONS_IMAGE_NAMESPACE}",
+ "name": "${EXTENSIONS_IMAGE}"
+ },
+ "paths": [
+ {
+ "destinationDir": "./${CONTEXT_DIR}/extensions/extras",
+ "sourcePath": "${EXTENSIONS_INSTALL_DIR}/."
+ }
+ ]
+ }
+ ]
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "CUSTOM_INSTALL_DIRECTORIES",
+ "value": "extensions/*"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-eap70-openshift:1.5"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${EXTENSIONS_IMAGE_NAMESPACE}",
+ "name": "${EXTENSIONS_IMAGE}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "configuration",
+ "mountPath": "/etc/eap-environment",
+ "readOnly": true
+ },
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "lifecycle": {
+ "preStop": {
+ "exec": {
+ "command": [
+ "/opt/eap/bin/jboss-cli.sh",
+ "-c",
+ ":shutdown(timeout=60)"
+ ]
+ }
+ }
+ },
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "ENV_FILES",
+ "value": "/etc/eap-environment/*"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "MQ_CLUSTER_PASSWORD",
+ "value": "${MQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "AUTO_DEPLOY_EXPLODED",
+ "value": "${AUTO_DEPLOY_EXPLODED}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "configuration",
+ "secret": {
+ "secretName": "${CONFIGURATION_NAME}"
+ }
+ },
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-basic-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-basic-s2i.json
index 413a6de87..4e42e0eca 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-basic-s2i.json
@@ -6,46 +6,54 @@
"iconClass": "icon-tomcat",
"description": "Application template for JWS applications built using S2I.",
"tags": "tomcat,tomcat7,java,jboss,xpaas",
- "version": "1.2.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7 (no https)"
},
"name": "jws30-tomcat7-basic-s2i"
},
"labels": {
"template": "jws30-tomcat7-basic-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new JWS application for Tomcat 7 has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "tomcat-websocket-chat",
"required": false
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -53,6 +61,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -60,6 +69,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -67,6 +77,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -74,10 +85,24 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -156,11 +181,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat7-openshift:1.2"
+ "name": "jboss-webserver30-tomcat7-openshift:1.3"
}
}
},
@@ -248,7 +283,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-https-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-https-s2i.json
index 610ea9441..f5fc2e581 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-https-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-https-s2i.json
@@ -6,76 +6,89 @@
"iconClass": "icon-tomcat",
"description": "Application template for JWS applications built using S2I.",
"tags": "tomcat,tomcat7,java,jboss,xpaas",
- "version": "1.2.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7 (with https)"
},
"name": "jws30-tomcat7-https-s2i"
},
"labels": {
"template": "jws30-tomcat7-https-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new JWS application for Tomcat 7 has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "tomcat-websocket-chat",
"required": false
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -83,6 +96,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -90,6 +104,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -97,6 +112,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -104,10 +120,24 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -233,11 +263,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat7-openshift:1.2"
+ "name": "jboss-webserver30-tomcat7-openshift:1.3"
}
}
},
@@ -326,7 +366,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-mongodb-persistent-s2i.json
index 6ef9d6e4c..2a73a182c 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-mongodb-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-mongodb-persistent-s2i.json
@@ -5,125 +5,147 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS MongoDB applications with persistent storage built using S2I.",
- "tags": "tomcat,tomcat7,mongodb,java,database,jboss,xpaas",
- "version": "1.2.0"
+ "tags": "tomcat,tomcat7,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7 + MongoDB (Persistent with https)"
},
"name": "jws30-tomcat7-mongodb-persistent-s2i"
},
"labels": {
"template": "jws30-tomcat7-mongodb-persistent-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent JWS application for Tomcat 7 (using MongoDB) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MongoDB database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-mongodb",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
"name": "DB_JNDI",
"value": "",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MongoDB No Preallocation",
"description": "Disable data file preallocation.",
"name": "MONGODB_NOPREALLOC",
"required": false
},
{
+ "displayName": "MongoDB Small Files",
"description": "Set MongoDB to use a smaller default data file size.",
"name": "MONGODB_SMALLFILES",
"required": false
},
{
+ "displayName": "MongoDB Quiet",
"description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
"name": "MONGODB_QUIET",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -131,6 +153,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -138,6 +161,7 @@
"required": true
},
{
+ "displayName": "Database admin password",
"description": "Database admin password",
"name": "DB_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -145,6 +169,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -152,6 +177,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -159,6 +185,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -166,6 +193,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -173,10 +201,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
}
],
"objects": [
@@ -200,7 +249,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -224,7 +274,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -326,11 +377,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat7-openshift:1.2"
+ "name": "jboss-webserver30-tomcat7-openshift:1.3"
}
}
},
@@ -419,7 +480,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -547,7 +608,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mongodb:latest"
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-mongodb-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-mongodb-s2i.json
index 9b48f8ae7..a71dfa634 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-mongodb-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-mongodb-s2i.json
@@ -5,119 +5,140 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS MongoDB applications built using S2I.",
- "tags": "tomcat,tomcat7,mongodb,java,database,jboss,xpaas",
- "version": "1.2.0"
+ "tags": "tomcat,tomcat7,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7 + MongoDB (Ephemeral with https)"
},
"name": "jws30-tomcat7-mongodb-s2i"
},
"labels": {
"template": "jws30-tomcat7-mongodb-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new JWS application for Tomcat 7 (using MongoDB) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MongoDB database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-mongodb",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
"name": "DB_JNDI",
"value": "",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MongoDB No Preallocation",
"description": "Disable data file preallocation.",
"name": "MONGODB_NOPREALLOC",
"required": false
},
{
+ "displayName": "MongoDB Small Files",
"description": "Set MongoDB to use a smaller default data file size.",
"name": "MONGODB_SMALLFILES",
"required": false
},
{
+ "displayName": "MongoDB Quiet",
"description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
"name": "MONGODB_QUIET",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -125,6 +146,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -132,6 +154,7 @@
"required": true
},
{
+ "displayName": "Database admin password",
"description": "Database admin password",
"name": "DB_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -139,6 +162,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -146,6 +170,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -153,6 +178,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -160,6 +186,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -167,10 +194,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
}
],
"objects": [
@@ -194,7 +242,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -218,7 +267,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -320,11 +370,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat7-openshift:1.2"
+ "name": "jboss-webserver30-tomcat7-openshift:1.3"
}
}
},
@@ -413,7 +473,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -541,7 +601,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mongodb:latest"
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-mysql-persistent-s2i.json
index 30af703ce..9a05dcbd5 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-mysql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-mysql-persistent-s2i.json
@@ -5,135 +5,159 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS MySQL applications with persistent storage built using S2I.",
- "tags": "tomcat,tomcat7,mysql,java,database,jboss,xpaas",
- "version": "1.2.0"
+ "tags": "tomcat,tomcat7,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7 + MySQL (Persistent with https)"
},
"name": "jws30-tomcat7-mysql-persistent-s2i"
},
"labels": {
"template": "jws30-tomcat7-mysql-persistent-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent JWS application for Tomcat 7 (using MySQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/mysqlDS",
"name": "DB_JNDI",
"value": "jboss/datasources/defaultDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -141,6 +165,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -148,6 +173,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -155,6 +181,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -162,6 +189,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -169,6 +197,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -176,10 +205,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -203,7 +253,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -227,7 +278,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -329,11 +381,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat7-openshift:1.2"
+ "name": "jboss-webserver30-tomcat7-openshift:1.3"
}
}
},
@@ -422,7 +484,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -546,7 +608,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-mysql-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-mysql-s2i.json
index c2843af63..553a30a44 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-mysql-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-mysql-s2i.json
@@ -5,129 +5,152 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS MySQL applications built using S2I.",
- "tags": "tomcat,tomcat7,mysql,java,database,jboss,xpaas",
- "version": "1.2.0"
+ "tags": "tomcat,tomcat7,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7 + MySQL (Ephemeral with https)"
},
"name": "jws30-tomcat7-mysql-s2i"
},
"labels": {
"template": "jws30-tomcat7-mysql-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new JWS application for Tomcat 7 (using MySQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/mysqlDS",
"name": "DB_JNDI",
"value": "jboss/datasources/defaultDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -135,6 +158,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -142,6 +166,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -149,6 +174,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -156,6 +182,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -163,6 +190,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -170,10 +198,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -197,7 +246,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -221,7 +271,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -323,11 +374,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat7-openshift:1.2"
+ "name": "jboss-webserver30-tomcat7-openshift:1.3"
}
}
},
@@ -416,7 +477,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -540,7 +601,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-postgresql-persistent-s2i.json
index b8372f374..a5c6c8a56 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-postgresql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-postgresql-persistent-s2i.json
@@ -5,120 +5,141 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS PostgreSQL applications with persistent storage built using S2I.",
- "tags": "tomcat,tomcat7,postgresql,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "tomcat,tomcat7,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7 + PostgreSQL (Persistent with https)"
},
"name": "jws30-tomcat7-postgresql-persistent-s2i"
},
"labels": {
"template": "jws30-tomcat7-postgresql-persistent-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent JWS application for Tomcat 7 (using PostgreSQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the PostgreSQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/postgresqlDS",
"name": "DB_JNDI",
"value": "jboss/datasources/defaultDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -126,6 +147,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -133,6 +155,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -140,6 +163,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -147,6 +171,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -154,6 +179,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -161,10 +187,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -188,7 +235,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -212,7 +260,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -314,11 +363,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat7-openshift:1.2"
+ "name": "jboss-webserver30-tomcat7-openshift:1.3"
}
}
},
@@ -407,7 +466,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -531,7 +590,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-postgresql-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-postgresql-s2i.json
index cd5bb9fa4..61a3208e4 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-postgresql-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat7-postgresql-s2i.json
@@ -5,114 +5,134 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS PostgreSQL applications built using S2I.",
- "tags": "tomcat,tomcat7,postgresql,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "tomcat,tomcat7,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 7 + PostgreSQL (Ephemeral with https)"
},
"name": "jws30-tomcat7-postgresql-s2i"
},
"labels": {
"template": "jws30-tomcat7-postgresql-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new JWS application for Tomcat 7 (using PostgreSQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the PostgreSQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/postgresqlDS",
"name": "DB_JNDI",
"value": "jboss/datasources/defaultDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -120,6 +140,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -127,6 +148,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -134,6 +156,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -141,6 +164,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -148,6 +172,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -155,10 +180,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -182,7 +228,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -206,7 +253,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -308,11 +356,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat7-openshift:1.2"
+ "name": "jboss-webserver30-tomcat7-openshift:1.3"
}
}
},
@@ -401,7 +459,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -525,7 +583,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-basic-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-basic-s2i.json
index cb1e49d29..75d08e99d 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-basic-s2i.json
@@ -6,46 +6,54 @@
"iconClass": "icon-tomcat",
"description": "Application template for JWS applications built using S2I.",
"tags": "tomcat,tomcat8,java,jboss,xpaas",
- "version": "1.2.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8 (no https)"
},
"name": "jws30-tomcat8-basic-s2i"
},
"labels": {
"template": "jws30-tomcat8-basic-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new JWS application for Tomcat 8 has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "tomcat-websocket-chat",
"required": false
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -53,6 +61,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -60,6 +69,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -67,6 +77,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -74,10 +85,24 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -156,11 +181,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat8-openshift:1.2"
+ "name": "jboss-webserver30-tomcat8-openshift:1.3"
}
}
},
@@ -248,7 +283,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-https-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-https-s2i.json
index 21d5662c7..71577bec4 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-https-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-https-s2i.json
@@ -6,76 +6,89 @@
"iconClass": "icon-tomcat",
"description": "Application template for JWS applications built using S2I.",
"tags": "tomcat,tomcat8,java,jboss,xpaas",
- "version": "1.2.0"
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8 (with https)"
},
"name": "jws30-tomcat8-https-s2i"
},
"labels": {
"template": "jws30-tomcat8-https-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new JWS application for Tomcat 8 has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "tomcat-websocket-chat",
"required": false
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -83,6 +96,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -90,6 +104,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -97,6 +112,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -104,10 +120,24 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -233,11 +263,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat8-openshift:1.2"
+ "name": "jboss-webserver30-tomcat8-openshift:1.3"
}
}
},
@@ -326,7 +366,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-mongodb-persistent-s2i.json
index 34657d826..de86dd83e 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-mongodb-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-mongodb-persistent-s2i.json
@@ -5,125 +5,147 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS MongoDB applications with persistent storage built using S2I.",
- "tags": "tomcat,tomcat8,mongodb,java,database,jboss,xpaas",
- "version": "1.2.0"
+ "tags": "tomcat,tomcat8,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8 + MongoDB (Persistent with https)"
},
"name": "jws30-tomcat8-mongodb-persistent-s2i"
},
+ "message": "A new persistent JWS application for Tomcat 8 (using MongoDB) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MongoDB database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"labels": {
"template": "jws30-tomcat8-mongodb-persistent-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-mongodb",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
"name": "DB_JNDI",
"value": "",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MongoDB No Preallocation",
"description": "Disable data file preallocation.",
"name": "MONGODB_NOPREALLOC",
"required": false
},
{
+ "displayName": "MongoDB Small Files",
"description": "Set MongoDB to use a smaller default data file size.",
"name": "MONGODB_SMALLFILES",
"required": false
},
{
+ "displayName": "MongoDB Quiet",
"description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
"name": "MONGODB_QUIET",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -131,6 +153,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -138,6 +161,7 @@
"required": true
},
{
+ "displayName": "Database admin password",
"description": "Database admin password",
"name": "DB_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -145,6 +169,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -152,6 +177,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -159,6 +185,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -166,6 +193,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -173,10 +201,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
}
],
"objects": [
@@ -200,7 +249,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -224,7 +274,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -326,11 +377,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat8-openshift:1.2"
+ "name": "jboss-webserver30-tomcat8-openshift:1.3"
}
}
},
@@ -419,7 +480,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -547,7 +608,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mongodb:latest"
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-mongodb-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-mongodb-s2i.json
index 974cfaddb..6dc85e226 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-mongodb-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-mongodb-s2i.json
@@ -5,119 +5,140 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS MongoDB applications built using S2I.",
- "tags": "tomcat,tomcat8,mongodb,java,database,jboss,xpaas",
- "version": "1.2.0"
+ "tags": "tomcat,tomcat8,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8 + MongoDB (Ephemeral with https)"
},
"name": "jws30-tomcat8-mongodb-s2i"
},
"labels": {
"template": "jws30-tomcat8-mongodb-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new JWS application for Tomcat 8 (using MongoDB) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MongoDB database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-mongodb",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
"name": "DB_JNDI",
"value": "",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MongoDB No Preallocation",
"description": "Disable data file preallocation.",
"name": "MONGODB_NOPREALLOC",
"required": false
},
{
+ "displayName": "MongoDB Small Files",
"description": "Set MongoDB to use a smaller default data file size.",
"name": "MONGODB_SMALLFILES",
"required": false
},
{
+ "displayName": "MongoDB Quiet",
"description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
"name": "MONGODB_QUIET",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -125,6 +146,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -132,6 +154,7 @@
"required": true
},
{
+ "displayName": "Database admin password",
"description": "Database admin password",
"name": "DB_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -139,6 +162,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -146,6 +170,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -153,6 +178,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -160,6 +186,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -167,10 +194,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
}
],
"objects": [
@@ -194,7 +242,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -218,7 +267,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
}
}
},
@@ -320,11 +370,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat8-openshift:1.2"
+ "name": "jboss-webserver30-tomcat8-openshift:1.3"
}
}
},
@@ -413,7 +473,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -541,7 +601,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mongodb:latest"
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-mysql-persistent-s2i.json
index 7a8231cc5..0e96b58a9 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-mysql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-mysql-persistent-s2i.json
@@ -5,135 +5,159 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS MySQL applications with persistent storage built using S2I.",
- "tags": "tomcat,tomcat8,mysql,java,database,jboss,xpaas",
- "version": "1.2.0"
+ "tags": "tomcat,tomcat8,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8 + MySQL (Persistent with https)"
},
"name": "jws30-tomcat8-mysql-persistent-s2i"
},
"labels": {
"template": "jws30-tomcat8-mysql-persistent-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent JWS application for Tomcat 8 (using MySQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/mysqlDS",
"name": "DB_JNDI",
"value": "jboss/datasources/defaultDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -141,6 +165,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -148,6 +173,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -155,6 +181,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -162,6 +189,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -169,6 +197,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -176,10 +205,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -203,7 +253,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -227,7 +278,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -329,11 +381,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat8-openshift:1.2"
+ "name": "jboss-webserver30-tomcat8-openshift:1.3"
}
}
},
@@ -422,7 +484,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -546,7 +608,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-mysql-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-mysql-s2i.json
index cda21f237..08b040863 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-mysql-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-mysql-s2i.json
@@ -5,129 +5,152 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS MySQL applications built using S2I.",
- "tags": "tomcat,tomcat8,mysql,java,database,jboss,xpaas",
- "version": "1.2.0"
+ "tags": "tomcat,tomcat8,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8 + MySQL (Ephemeral with https)"
},
"name": "jws30-tomcat8-mysql-s2i"
},
"labels": {
"template": "jws30-tomcat8-mysql-s2i",
- "xpaas": "1.2.0"
+ "xpaas": "1.4.0"
},
+ "message": "A new JWS application for Tomcat 8 (using MySQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/mysqlDS",
"name": "DB_JNDI",
"value": "jboss/datasources/defaultDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -135,6 +158,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -142,6 +166,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -149,6 +174,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -156,6 +182,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -163,6 +190,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -170,10 +198,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -197,7 +246,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -221,7 +271,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -323,11 +374,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat8-openshift:1.2"
+ "name": "jboss-webserver30-tomcat8-openshift:1.3"
}
}
},
@@ -416,7 +477,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -540,7 +601,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-postgresql-persistent-s2i.json
index 4dfc98015..f117e6624 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-postgresql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-postgresql-persistent-s2i.json
@@ -5,120 +5,141 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS PostgreSQL applications with persistent storage built using S2I.",
- "tags": "tomcat,tomcat8,postgresql,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "tomcat,tomcat8,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8 + PostgreSQL (Persistent with https)"
},
"name": "jws30-tomcat8-postgresql-persistent-s2i"
},
"labels": {
"template": "jws30-tomcat8-postgresql-persistent-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent JWS application for Tomcat 8 (using PostgreSQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the PostgreSQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/postgresqlDS",
"name": "DB_JNDI",
"value": "jboss/datasources/defaultDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -126,6 +147,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -133,6 +155,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -140,6 +163,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -147,6 +171,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -154,6 +179,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -161,10 +187,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -188,7 +235,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -212,7 +260,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -314,11 +363,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat8-openshift:1.2"
+ "name": "jboss-webserver30-tomcat8-openshift:1.3"
}
}
},
@@ -407,7 +466,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -531,7 +590,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-postgresql-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-postgresql-s2i.json
index f6c85668c..faece1269 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-postgresql-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws30-tomcat8-postgresql-s2i.json
@@ -5,114 +5,134 @@
"annotations": {
"iconClass": "icon-tomcat",
"description": "Application template for JWS PostgreSQL applications built using S2I.",
- "tags": "tomcat,tomcat8,postgresql,java,database,jboss,xpaas",
- "version": "1.3.2"
+ "tags": "tomcat,tomcat8,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.0 Tomcat 8 + (PostgreSQL with https)"
},
"name": "jws30-tomcat8-postgresql-s2i"
},
"labels": {
"template": "jws30-tomcat8-postgresql-s2i",
- "xpaas": "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new JWS application for Tomcat 8 (using PostgreSQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the PostgreSQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "jws-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.2",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "todolist/todolist-jdbc",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/postgresqlDS",
"name": "DB_JNDI",
"value": "jboss/datasources/defaultDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Secret Name",
"description": "The name of the secret containing the certificate files",
"name": "JWS_HTTPS_SECRET",
"value": "jws-app-secret",
"required": true
},
{
+ "displayName": "Certificate Name",
"description": "The name of the certificate file within the secret",
"name": "JWS_HTTPS_CERTIFICATE",
"value": "server.crt",
"required": false
},
{
+ "displayName": "Certificate Key Name",
"description": "The name of the certificate key file within the secret",
"name": "JWS_HTTPS_CERTIFICATE_KEY",
"value": "server.key",
"required": false
},
{
+ "displayName": "Certificate Password",
"description": "The certificate password",
"name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -120,6 +140,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -127,6 +148,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Username",
"description": "JWS Admin User",
"name": "JWS_ADMIN_USERNAME",
"from": "[a-zA-Z0-9]{8}",
@@ -134,6 +156,7 @@
"required": true
},
{
+ "displayName": "JWS Admin Password",
"description": "JWS Admin Password",
"name": "JWS_ADMIN_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -141,6 +164,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -148,6 +172,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -155,10 +180,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -182,7 +228,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -206,7 +253,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -308,11 +356,21 @@
"strategy": {
"type": "Source",
"sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-webserver30-tomcat8-openshift:1.2"
+ "name": "jboss-webserver30-tomcat8-openshift:1.3"
}
}
},
@@ -400,7 +458,7 @@
"command": [
"/bin/bash",
"-c",
- "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
]
}
},
@@ -524,7 +582,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat7-basic-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat7-basic-s2i.json
new file mode 100644
index 000000000..6db6e8cc6
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat7-basic-s2i.json
@@ -0,0 +1,319 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-tomcat",
+ "description": "Application template for JWS applications built using S2I.",
+ "tags": "tomcat,tomcat7,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 7 (no https)"
+ },
+ "name": "jws31-tomcat7-basic-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat7-basic-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new JWS application for Tomcat 7 has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "tomcat-websocket-chat",
+ "required": false
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat7-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat7-https-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat7-https-s2i.json
new file mode 100644
index 000000000..fd5fca316
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat7-https-s2i.json
@@ -0,0 +1,438 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-tomcat",
+ "description": "Application template for JWS applications built using S2I.",
+ "tags": "tomcat,tomcat7,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 7 (with https)"
+ },
+ "name": "jws31-tomcat7-https-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat7-https-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new JWS application for Tomcat 7 has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "tomcat-websocket-chat",
+ "required": false
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat7-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat7-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat7-mongodb-persistent-s2i.json
new file mode 100644
index 000000000..6bbea8ab8
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat7-mongodb-persistent-s2i.json
@@ -0,0 +1,715 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-tomcat",
+ "description": "Application template for JWS MongoDB applications with persistent storage built using S2I.",
+ "tags": "tomcat,tomcat7,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 7 + MongoDB (Persistent with https)"
+ },
+ "name": "jws31-tomcat7-mongodb-persistent-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat7-mongodb-persistent-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new persistent JWS application for Tomcat 7 (using MongoDB) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MongoDB database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-mongodb",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
+ "name": "DB_JNDI",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB No Preallocation",
+ "description": "Disable data file preallocation.",
+ "name": "MONGODB_NOPREALLOC",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Small Files",
+ "description": "Set MongoDB to use a smaller default data file size.",
+ "name": "MONGODB_SMALLFILES",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Quiet",
+ "description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
+ "name": "MONGODB_QUIET",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database admin password",
+ "description": "Database admin password",
+ "name": "DB_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 27017,
+ "targetPort": 27017
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat7-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mongodb=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mongodb"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "image": "mongodb",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 27017,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/mongodb/data",
+ "name": "${APPLICATION_NAME}-mongodb-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "MONGODB_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MONGODB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MONGODB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_NOPREALLOC",
+ "value": "${MONGODB_NOPREALLOC}"
+ },
+ {
+ "name": "MONGODB_SMALLFILES",
+ "value": "${MONGODB_SMALLFILES}"
+ },
+ {
+ "name": "MONGODB_QUIET",
+ "value": "${MONGODB_QUIET}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-mongodb-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-mongodb-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat7-mongodb-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat7-mongodb-s2i.json
new file mode 100644
index 000000000..a565ee4c0
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat7-mongodb-s2i.json
@@ -0,0 +1,674 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-tomcat",
+ "description": "Application template for JWS MongoDB applications built using S2I.",
+ "tags": "tomcat,tomcat7,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 7 + MongoDB (Ephemeral with https)"
+ },
+ "name": "jws31-tomcat7-mongodb-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat7-mongodb-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new JWS application for Tomcat 7 (using MongoDB) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MongoDB database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-mongodb",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
+ "name": "DB_JNDI",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB No Preallocation",
+ "description": "Disable data file preallocation.",
+ "name": "MONGODB_NOPREALLOC",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Small Files",
+ "description": "Set MongoDB to use a smaller default data file size.",
+ "name": "MONGODB_SMALLFILES",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Quiet",
+ "description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
+ "name": "MONGODB_QUIET",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database admin password",
+ "description": "Database admin password",
+ "name": "DB_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 27017,
+ "targetPort": 27017
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat7-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mongodb=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mongodb"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "image": "mongodb",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 27017,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MONGODB_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MONGODB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MONGODB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_NOPREALLOC",
+ "value": "${MONGODB_NOPREALLOC}"
+ },
+ {
+ "name": "MONGODB_SMALLFILES",
+ "value": "${MONGODB_SMALLFILES}"
+ },
+ {
+ "name": "MONGODB_QUIET",
+ "value": "${MONGODB_QUIET}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat7-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat7-mysql-persistent-s2i.json
new file mode 100644
index 000000000..be6899958
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat7-mysql-persistent-s2i.json
@@ -0,0 +1,718 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-tomcat",
+ "description": "Application template for JWS MySQL applications with persistent storage built using S2I.",
+ "tags": "tomcat,tomcat7,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 7 + MySQL (Persistent with https)"
+ },
+ "name": "jws31-tomcat7-mysql-persistent-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat7-mysql-persistent-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new persistent JWS application for Tomcat 7 (using MySQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/mysqlDS",
+ "name": "DB_JNDI",
+ "value": "jboss/datasources/defaultDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat7-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/mysql/data",
+ "name": "${APPLICATION_NAME}-mysql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-mysql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-mysql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat7-mysql-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat7-mysql-s2i.json
new file mode 100644
index 000000000..2983cc905
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat7-mysql-s2i.json
@@ -0,0 +1,677 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-tomcat",
+ "description": "Application template for JWS MySQL applications built using S2I.",
+ "tags": "tomcat,tomcat7,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 7 + MySQL (Ephemeral with https)"
+ },
+ "name": "jws31-tomcat7-mysql-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat7-mysql-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new JWS application for Tomcat 7 (using MySQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/mysqlDS",
+ "name": "DB_JNDI",
+ "value": "jboss/datasources/defaultDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat7-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat7-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat7-postgresql-persistent-s2i.json
new file mode 100644
index 000000000..cc5ea452c
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat7-postgresql-persistent-s2i.json
@@ -0,0 +1,692 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-tomcat",
+ "description": "Application template for JWS PostgreSQL applications with persistent storage built using S2I.",
+ "tags": "tomcat,tomcat7,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 7 + PostgreSQL (Persistent with https)"
+ },
+ "name": "jws31-tomcat7-postgresql-persistent-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat7-postgresql-persistent-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new persistent JWS application for Tomcat 7 (using PostgreSQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the PostgreSQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/postgresqlDS",
+ "name": "DB_JNDI",
+ "value": "jboss/datasources/defaultDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat7-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/pgsql/data",
+ "name": "${APPLICATION_NAME}-postgresql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-postgresql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat7-postgresql-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat7-postgresql-s2i.json
new file mode 100644
index 000000000..bd23e1558
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat7-postgresql-s2i.json
@@ -0,0 +1,651 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-tomcat",
+ "description": "Application template for JWS PostgreSQL applications built using S2I.",
+ "tags": "tomcat,tomcat7,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 7 + PostgreSQL (Ephemeral with https)"
+ },
+ "name": "jws31-tomcat7-postgresql-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat7-postgresql-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new JWS application for Tomcat 7 (using PostgreSQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the PostgreSQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/postgresqlDS",
+ "name": "DB_JNDI",
+ "value": "jboss/datasources/defaultDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat7-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat8-basic-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat8-basic-s2i.json
new file mode 100644
index 000000000..f3a5786f6
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat8-basic-s2i.json
@@ -0,0 +1,319 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-tomcat",
+ "description": "Application template for JWS applications built using S2I.",
+ "tags": "tomcat,tomcat8,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 8 (no https)"
+ },
+ "name": "jws31-tomcat8-basic-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat8-basic-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new JWS application for Tomcat 8 has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "tomcat-websocket-chat",
+ "required": false
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat8-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat8-https-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat8-https-s2i.json
new file mode 100644
index 000000000..634948a80
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat8-https-s2i.json
@@ -0,0 +1,438 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-tomcat",
+ "description": "Application template for JWS applications built using S2I.",
+ "tags": "tomcat,tomcat8,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 8 (with https)"
+ },
+ "name": "jws31-tomcat8-https-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat8-https-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new JWS application for Tomcat 8 has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "tomcat-websocket-chat",
+ "required": false
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat8-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat8-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat8-mongodb-persistent-s2i.json
new file mode 100644
index 000000000..1ad60d8cc
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat8-mongodb-persistent-s2i.json
@@ -0,0 +1,715 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-tomcat",
+ "description": "Application template for JWS MongoDB applications with persistent storage built using S2I.",
+ "tags": "tomcat,tomcat8,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 8 + MongoDB (Persistent with https)"
+ },
+ "name": "jws31-tomcat8-mongodb-persistent-s2i"
+ },
+ "message": "A new persistent JWS application for Tomcat 8 (using MongoDB) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MongoDB database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "labels": {
+ "template": "jws31-tomcat8-mongodb-persistent-s2i",
+ "xpaas": "1.4.0"
+ },
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-mongodb",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
+ "name": "DB_JNDI",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB No Preallocation",
+ "description": "Disable data file preallocation.",
+ "name": "MONGODB_NOPREALLOC",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Small Files",
+ "description": "Set MongoDB to use a smaller default data file size.",
+ "name": "MONGODB_SMALLFILES",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Quiet",
+ "description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
+ "name": "MONGODB_QUIET",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database admin password",
+ "description": "Database admin password",
+ "name": "DB_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 27017,
+ "targetPort": 27017
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat8-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mongodb=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mongodb"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "image": "mongodb",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 27017,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/mongodb/data",
+ "name": "${APPLICATION_NAME}-mongodb-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "MONGODB_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MONGODB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MONGODB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_NOPREALLOC",
+ "value": "${MONGODB_NOPREALLOC}"
+ },
+ {
+ "name": "MONGODB_SMALLFILES",
+ "value": "${MONGODB_SMALLFILES}"
+ },
+ {
+ "name": "MONGODB_QUIET",
+ "value": "${MONGODB_QUIET}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-mongodb-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-mongodb-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat8-mongodb-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat8-mongodb-s2i.json
new file mode 100644
index 000000000..f3e918afc
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat8-mongodb-s2i.json
@@ -0,0 +1,674 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-tomcat",
+ "description": "Application template for JWS MongoDB applications built using S2I.",
+ "tags": "tomcat,tomcat8,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 8 + MongoDB (Ephemeral with https)"
+ },
+ "name": "jws31-tomcat8-mongodb-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat8-mongodb-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new JWS application for Tomcat 8 (using MongoDB) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MongoDB database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD} (Admin password is \"${DB_ADMIN_PASSWORD}\"). Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-mongodb",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb",
+ "name": "DB_JNDI",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB No Preallocation",
+ "description": "Disable data file preallocation.",
+ "name": "MONGODB_NOPREALLOC",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Small Files",
+ "description": "Set MongoDB to use a smaller default data file size.",
+ "name": "MONGODB_SMALLFILES",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Quiet",
+ "description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.",
+ "name": "MONGODB_QUIET",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database admin password",
+ "description": "Database admin password",
+ "name": "DB_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MongoDB Image Stream Tag",
+ "description": "The tag to use for the \"mongodb\" image stream. Typically, this aligns with the major.minor version of MongoDB.",
+ "name": "MONGODB_IMAGE_STREAM_TAG",
+ "value": "3.2",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mongodb\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 27017,
+ "targetPort": 27017
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat8-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mongodb=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mongodb"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mongodb:${MONGODB_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mongodb",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mongodb",
+ "image": "mongodb",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 27017,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MONGODB_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MONGODB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MONGODB_ADMIN_PASSWORD",
+ "value": "${DB_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "MONGODB_NOPREALLOC",
+ "value": "${MONGODB_NOPREALLOC}"
+ },
+ {
+ "name": "MONGODB_SMALLFILES",
+ "value": "${MONGODB_SMALLFILES}"
+ },
+ {
+ "name": "MONGODB_QUIET",
+ "value": "${MONGODB_QUIET}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat8-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat8-mysql-persistent-s2i.json
new file mode 100644
index 000000000..08b456440
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat8-mysql-persistent-s2i.json
@@ -0,0 +1,718 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-tomcat",
+ "description": "Application template for JWS MySQL applications with persistent storage built using S2I.",
+ "tags": "tomcat,tomcat8,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 8 + MySQL (Persistent with https)"
+ },
+ "name": "jws31-tomcat8-mysql-persistent-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat8-mysql-persistent-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new persistent JWS application for Tomcat 8 (using MySQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/mysqlDS",
+ "name": "DB_JNDI",
+ "value": "jboss/datasources/defaultDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat8-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/mysql/data",
+ "name": "${APPLICATION_NAME}-mysql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-mysql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-mysql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat8-mysql-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat8-mysql-s2i.json
new file mode 100644
index 000000000..260515b73
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat8-mysql-s2i.json
@@ -0,0 +1,677 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-tomcat",
+ "description": "Application template for JWS MySQL applications built using S2I.",
+ "tags": "tomcat,tomcat8,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 8 + MySQL (Ephemeral with https)"
+ },
+ "name": "jws31-tomcat8-mysql-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat8-mysql-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new JWS application for Tomcat 8 (using MySQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/mysqlDS",
+ "name": "DB_JNDI",
+ "value": "jboss/datasources/defaultDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat8-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat8-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat8-postgresql-persistent-s2i.json
new file mode 100644
index 000000000..eef5b6939
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat8-postgresql-persistent-s2i.json
@@ -0,0 +1,692 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-tomcat",
+ "description": "Application template for JWS PostgreSQL applications with persistent storage built using S2I.",
+ "tags": "tomcat,tomcat8,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 8 + PostgreSQL (Persistent with https)"
+ },
+ "name": "jws31-tomcat8-postgresql-persistent-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat8-postgresql-persistent-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new persistent JWS application for Tomcat 8 (using PostgreSQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the PostgreSQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/postgresqlDS",
+ "name": "DB_JNDI",
+ "value": "jboss/datasources/defaultDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat8-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/pgsql/data",
+ "name": "${APPLICATION_NAME}-postgresql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-postgresql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat8-postgresql-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat8-postgresql-s2i.json
new file mode 100644
index 000000000..07ef7218a
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/jws31-tomcat8-postgresql-s2i.json
@@ -0,0 +1,649 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "iconClass": "icon-tomcat",
+ "description": "Application template for JWS PostgreSQL applications built using S2I.",
+ "tags": "tomcat,tomcat8,java,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss Web Server 3.1 Tomcat 8 + (PostgreSQL with https)"
+ },
+ "name": "jws31-tomcat8-postgresql-s2i"
+ },
+ "labels": {
+ "template": "jws31-tomcat8-postgresql-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new JWS application for Tomcat 8 (using PostgreSQL) has been created in your project. The username/password for administering your JWS is ${JWS_ADMIN_USERNAME}/${JWS_ADMIN_PASSWORD}. For accessing the PostgreSQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"jws-service-account\" service account and the secret named \"${JWS_HTTPS_SECRET}\" containing the ${JWS_HTTPS_CERTIFICATE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "jws-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.2",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "todolist/todolist-jdbc",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. jboss/datasources/postgresqlDS",
+ "name": "DB_JNDI",
+ "value": "jboss/datasources/defaultDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Secret Name",
+ "description": "The name of the secret containing the certificate files",
+ "name": "JWS_HTTPS_SECRET",
+ "value": "jws-app-secret",
+ "required": true
+ },
+ {
+ "displayName": "Certificate Name",
+ "description": "The name of the certificate file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "server.crt",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Key Name",
+ "description": "The name of the certificate key file within the secret",
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "server.key",
+ "required": false
+ },
+ {
+ "displayName": "Certificate Password",
+ "description": "The certificate password",
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Username",
+ "description": "JWS Admin User",
+ "name": "JWS_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JWS Admin Password",
+ "description": "JWS Admin Password",
+ "name": "JWS_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-webserver31-tomcat8-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "jws-service-account",
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "curl --noproxy '*' -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'"
+ ]
+ }
+ },
+ "volumeMounts": [
+ {
+ "name": "jws-certificate-volume",
+ "mountPath": "/etc/jws-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_DIR",
+ "value": "/etc/jws-secret-volume"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE",
+ "value": "${JWS_HTTPS_CERTIFICATE}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_KEY",
+ "value": "${JWS_HTTPS_CERTIFICATE_KEY}"
+ },
+ {
+ "name": "JWS_HTTPS_CERTIFICATE_PASSWORD",
+ "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}"
+ },
+ {
+ "name": "JWS_ADMIN_USERNAME",
+ "value": "${JWS_ADMIN_USERNAME}"
+ },
+ {
+ "name": "JWS_ADMIN_PASSWORD",
+ "value": "${JWS_ADMIN_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "jws-certificate-volume",
+ "secret": {
+ "secretName": "${JWS_HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/openjdk18-web-basic-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/openjdk18-web-basic-s2i.json
index 143e16756..a48e204ae 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/openjdk18-web-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/openjdk18-web-basic-s2i.json
@@ -6,13 +6,14 @@
"iconClass": "icon-jboss",
"description": "Application template for Java applications built using S2I.",
"tags": "java,xpaas",
- "version": "1.0.0"
+ "version": "1.1.0",
+ "openshift.io/display-name": "Red Hat OpenJDK 8"
},
"name": "openjdk18-web-basic-s2i"
},
"labels": {
"template": "openjdk18-web-basic-s2i",
- "xpaas": "1.0.0"
+ "xpaas": "1.4.0"
},
"message": "A new java application has been created in your project.",
"parameters": [
@@ -155,7 +156,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "redhat-openjdk18-openshift:1.0"
+ "name": "redhat-openjdk18-openshift:1.1"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-amq-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-amq-mysql-persistent-s2i.json
index 1dea463ac..d1705c88c 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-amq-mysql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-amq-mysql-persistent-s2i.json
@@ -5,41 +5,48 @@
"annotations": {
"description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server AMQ and MySQL applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "processserver,amq,mysql,javaee,java,database,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server + A-MQ + MySQL (Persistent with https)"
},
"name": "processserver63-amq-mysql-persistent-s2i"
},
"labels": {
"template": "processserver63-amq-mysql-persistent-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent BPMS application (using MySQL and A-MQ) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. And for the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Protocol",
"description": "The protocol to access the KIE Server REST interface.",
"name": "KIE_SERVER_PROTOCOL",
"value": "https",
"required": false
},
{
+ "displayName": "KIE Server Port",
"description": "The port to access the KIE Server REST interface.",
"name": "KIE_SERVER_PORT",
"value": "8443",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -47,144 +54,168 @@
"required": false
},
{
+ "displayName": "KIE Server Domain",
"description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
"name": "KIE_SERVER_DOMAIN",
"value": "other",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Request",
"description": "JNDI name of request queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_REQUEST",
"value": "queue/KIE.SERVER.REQUEST",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Response",
"description": "JNDI name of response queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
"value": "queue/KIE.SERVER.RESPONSE",
"required": false
},
{
+ "displayName": "KIE Server Executor JMS Queue",
"description": "JNDI name of executor queue for JMS.",
"name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
"value": "queue/KIE.SERVER.EXECUTOR",
"required": false
},
{
+ "displayName": "KIE Server Persistence Dialect",
"description": "Hibernate persistence dialect.",
"name": "KIE_SERVER_PERSISTENCE_DIALECT",
"value": "org.hibernate.dialect.MySQL5Dialect",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "processserver/library",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
"name": "DB_JNDI",
"value": "java:jboss/datasources/ExampleDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "JMS Connection Factory JNDI Name",
"description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
"name": "MQ_JNDI",
"value": "java:/JmsXA",
"required": false
},
{
+ "displayName": "Split Data?",
"description": "Split the data directory for each node in a mesh.",
"name": "AMQ_SPLIT",
"value": "false",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_QUEUES",
"value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE,KIE.SERVER.EXECUTOR",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "processserver-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -192,6 +223,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -199,46 +231,55 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -246,6 +287,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -253,18 +295,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -272,6 +317,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -279,10 +325,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -306,7 +373,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -330,7 +398,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -460,13 +529,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.3"
+ "name": "jboss-processserver63-openshift:1.4"
}
}
},
@@ -788,7 +865,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
@@ -919,7 +996,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-amq-mysql-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-amq-mysql-s2i.json
index 42264585b..665cb76a3 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-amq-mysql-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-amq-mysql-s2i.json
@@ -5,41 +5,48 @@
"annotations": {
"description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server AMQ and MySQL applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "processserver,amq,mysql,javaee,java,database,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server + A-MQ + MySQL (Ephemeral with https)"
},
"name": "processserver63-amq-mysql-s2i"
},
"labels": {
"template": "processserver63-amq-mysql-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new BPMS application (using MySQL and A-MQ) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. And for the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Protocol",
"description": "The protocol to access the KIE Server REST interface.",
"name": "KIE_SERVER_PROTOCOL",
"value": "https",
"required": false
},
{
+ "displayName": "KIE Server Port",
"description": "The port to access the KIE Server REST interface.",
"name": "KIE_SERVER_PORT",
"value": "8443",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -47,132 +54,154 @@
"required": false
},
{
+ "displayName": "KIE Server Domain",
"description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
"name": "KIE_SERVER_DOMAIN",
"value": "other",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Request",
"description": "JNDI name of request queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_REQUEST",
"value": "queue/KIE.SERVER.REQUEST",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Response",
"description": "JNDI name of response queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
"value": "queue/KIE.SERVER.RESPONSE",
"required": false
},
{
+ "displayName": "KIE Server Executor JMS Queue",
"description": "JNDI name of executor queue for JMS.",
"name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
"value": "queue/KIE.SERVER.EXECUTOR",
"required": false
},
{
+ "displayName": "KIE Server Persistence Dialect",
"description": "Hibernate persistence dialect.",
"name": "KIE_SERVER_PERSISTENCE_DIALECT",
"value": "org.hibernate.dialect.MySQL5Dialect",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "processserver/library",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
"name": "DB_JNDI",
"value": "java:jboss/datasources/ExampleDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "JMS Connection Factory JNDI Name",
"description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
"name": "MQ_JNDI",
"value": "java:/JmsXA",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_QUEUES",
"value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE,KIE.SERVER.EXECUTOR",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "processserver-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -180,6 +209,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -187,46 +217,55 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -234,6 +273,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -241,18 +281,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -260,6 +303,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -267,10 +311,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -294,7 +359,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -318,7 +384,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -448,13 +515,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.3"
+ "name": "jboss-processserver63-openshift:1.4"
}
}
},
@@ -740,7 +815,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
@@ -837,7 +912,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-amq-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-amq-postgresql-persistent-s2i.json
index f6d0c99ed..5a395a0f3 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-amq-postgresql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-amq-postgresql-persistent-s2i.json
@@ -5,41 +5,48 @@
"annotations": {
"description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server AMQ and PostgreSQL applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "processserver,amq,postgresql,javaee,java,database,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server + A-MQ + PostgreSQL (Persistent with https)"
},
"name": "processserver63-amq-postgresql-persistent-s2i"
},
"labels": {
"template": "processserver63-amq-postgresql-persistent-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent BPMS application (using PostgreSQL and A-MQ) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. And for the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Protocol",
"description": "The protocol to access the KIE Server REST interface.",
"name": "KIE_SERVER_PROTOCOL",
"value": "https",
"required": false
},
{
+ "displayName": "KIE Server Port",
"description": "The port to access the KIE Server REST interface.",
"name": "KIE_SERVER_PORT",
"value": "8443",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -47,144 +54,168 @@
"required": false
},
{
+ "displayName": "KIE Server Domain",
"description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
"name": "KIE_SERVER_DOMAIN",
"value": "other",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Request",
"description": "JNDI name of request queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_REQUEST",
"value": "queue/KIE.SERVER.REQUEST",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Response",
"description": "JNDI name of response queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
"value": "queue/KIE.SERVER.RESPONSE",
"required": false
},
{
+ "displayName": "KIE Server Executor JMS Queue",
"description": "JNDI name of executor queue for JMS.",
"name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
"value": "queue/KIE.SERVER.EXECUTOR",
"required": false
},
{
+ "displayName": "KIE Server Persistence Dialect",
"description": "Hibernate persistence dialect.",
"name": "KIE_SERVER_PERSISTENCE_DIALECT",
"value": "org.hibernate.dialect.PostgreSQL82Dialect",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "processserver/library",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
"name": "DB_JNDI",
"value": "java:jboss/datasources/ExampleDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "JMS Connection Factory JNDI Name",
"description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
"name": "MQ_JNDI",
"value": "java:/JmsXA",
"required": false
},
{
+ "displayName": "Split Data?",
"description": "Split the data directory for each node in a mesh.",
"name": "AMQ_SPLIT",
"value": "false",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_QUEUES",
"value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE,KIE.SERVER.EXECUTOR",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "processserver-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -192,6 +223,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -199,31 +231,37 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -231,6 +269,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -238,18 +277,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -257,6 +299,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -264,10 +307,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -291,7 +355,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -315,7 +380,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -445,13 +511,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.3"
+ "name": "jboss-processserver63-openshift:1.4"
}
}
},
@@ -773,7 +847,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
@@ -892,7 +966,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-amq-postgresql-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-amq-postgresql-s2i.json
index 41c726cf0..e7c5efdc9 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-amq-postgresql-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-amq-postgresql-s2i.json
@@ -5,41 +5,48 @@
"annotations": {
"description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server AMQ and PostgreSQL applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "processserver,amq,postgresql,javaee,java,database,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server + A-MQ + PostgreSQL (Ephemeral with https)"
},
"name": "processserver63-amq-postgresql-s2i"
},
"labels": {
"template": "processserver63-amq-postgresql-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new BPMS application (using PostgreSQL and A-MQ) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. And for the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Protocol",
"description": "The protocol to access the KIE Server REST interface.",
"name": "KIE_SERVER_PROTOCOL",
"value": "https",
"required": false
},
{
+ "displayName": "KIE Server Port",
"description": "The port to access the KIE Server REST interface.",
"name": "KIE_SERVER_PORT",
"value": "8443",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -47,132 +54,154 @@
"required": false
},
{
+ "displayName": "KIE Server Domain",
"description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
"name": "KIE_SERVER_DOMAIN",
"value": "other",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Request",
"description": "JNDI name of request queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_REQUEST",
"value": "queue/KIE.SERVER.REQUEST",
"required": false
},
{
+ "displayName": "KIE Server JMS Queues Response",
"description": "JNDI name of response queue for JMS.",
"name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
"value": "queue/KIE.SERVER.RESPONSE",
"required": false
},
{
+ "displayName": "KIE Server Executor JMS Queue",
"description": "JNDI name of executor queue for JMS.",
"name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
"value": "queue/KIE.SERVER.EXECUTOR",
"required": false
},
{
+ "displayName": "KIE Server Persistence Dialect",
"description": "Hibernate persistence dialect.",
"name": "KIE_SERVER_PERSISTENCE_DIALECT",
"value": "org.hibernate.dialect.PostgreSQL82Dialect",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "processserver/library",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
"name": "DB_JNDI",
"value": "java:jboss/datasources/ExampleDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "JMS Connection Factory JNDI Name",
"description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
"name": "MQ_JNDI",
"value": "java:/JmsXA",
"required": false
},
{
+ "displayName": "A-MQ Protocols",
"description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
"name": "MQ_PROTOCOL",
"value": "openwire",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_QUEUES",
"value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE,KIE.SERVER.EXECUTOR",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
"name": "MQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "processserver-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -180,6 +209,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -187,31 +217,37 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "A-MQ Username",
"description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -219,6 +255,7 @@
"required": false
},
{
+ "displayName": "A-MQ Password",
"description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
"name": "MQ_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -226,18 +263,21 @@
"required": false
},
{
+ "displayName": "A-MQ Mesh Discovery Type",
"description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
"name": "AMQ_MESH_DISCOVERY_TYPE",
"value": "kube",
"required": false
},
{
+ "displayName": "A-MQ Storage Limit",
"description": "The A-MQ storage usage limit",
"name": "AMQ_STORAGE_USAGE_LIMIT",
"value": "100 gb",
"required": false
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -245,6 +285,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -252,10 +293,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -279,7 +341,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -303,7 +366,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
}
}
},
@@ -433,13 +497,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.3"
+ "name": "jboss-processserver63-openshift:1.4"
}
}
},
@@ -725,7 +797,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
@@ -810,7 +882,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-amq-62:1.3"
+ "name": "jboss-amq-62:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-basic-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-basic-s2i.json
index 170c919cb..e70d20a6e 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-basic-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-basic-s2i.json
@@ -5,29 +5,34 @@
"annotations": {
"description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "processserver,javaee,java,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server (no https)"
},
"name": "processserver63-basic-s2i"
},
"labels": {
"template": "processserver63-basic-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new BPMS application has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -35,54 +40,63 @@
"required": false
},
{
+ "displayName": "KIE Server Persistence Dialect",
"description": "Hibernate persistence dialect.",
"name": "KIE_SERVER_PERSISTENCE_DIALECT",
"value": "org.hibernate.dialect.H2Dialect",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "processserver/library",
"required": false
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -90,6 +104,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -97,6 +112,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -104,10 +120,24 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
}
],
"objects": [
@@ -190,13 +220,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.3"
+ "name": "jboss-processserver63-openshift:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-mysql-persistent-s2i.json
index 89d0db1a6..f76b07b0b 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-mysql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-mysql-persistent-s2i.json
@@ -5,41 +5,48 @@
"annotations": {
"description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server MySQL applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "processserver,mysql,javaee,java,database,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server + MySQL (Persistent with https)"
},
"name": "processserver63-mysql-persistent-s2i"
},
"labels": {
"template": "processserver63-mysql-persistent-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent BPMS application (using MySQL) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Protocol",
"description": "The protocol to access the KIE Server REST interface.",
"name": "KIE_SERVER_PROTOCOL",
"value": "https",
"required": false
},
{
+ "displayName": "KIE Server Port",
"description": "The port to access the KIE Server REST interface.",
"name": "KIE_SERVER_PORT",
"value": "8443",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -47,108 +54,126 @@
"required": false
},
{
+ "displayName": "KIE Server Domain",
"description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
"name": "KIE_SERVER_DOMAIN",
"value": "other",
"required": false
},
{
+ "displayName": "KIE Server Persistence Dialect",
"description": "Hibernate persistence dialect.",
"name": "KIE_SERVER_PERSISTENCE_DIALECT",
"value": "org.hibernate.dialect.MySQL5Dialect",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "processserver/library",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
"name": "DB_JNDI",
"value": "java:jboss/datasources/ExampleDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "processserver-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -156,6 +181,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -163,46 +189,55 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -210,6 +245,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -217,6 +253,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -224,10 +261,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -251,7 +309,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -275,7 +334,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -381,13 +441,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.3"
+ "name": "jboss-processserver63-openshift:1.4"
}
}
},
@@ -681,7 +749,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-mysql-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-mysql-s2i.json
index 26cab29f8..a3be02eab 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-mysql-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-mysql-s2i.json
@@ -5,41 +5,48 @@
"annotations": {
"description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server MySQL applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "processserver,mysql,javaee,java,database,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server + MySQL (Ephemeral with https)"
},
"name": "processserver63-mysql-s2i"
},
"labels": {
"template": "processserver63-mysql-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new BPMS application (using MySQL) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Protocol",
"description": "The protocol to access the KIE Server REST interface.",
"name": "KIE_SERVER_PROTOCOL",
"value": "https",
"required": false
},
{
+ "displayName": "KIE Server Port",
"description": "The port to access the KIE Server REST interface.",
"name": "KIE_SERVER_PORT",
"value": "8443",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -47,102 +54,119 @@
"required": false
},
{
+ "displayName": "KIE Server Domain",
"description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
"name": "KIE_SERVER_DOMAIN",
"value": "other",
"required": false
},
{
+ "displayName": "KIE Server Persistence Dialect",
"description": "Hibernate persistence dialect.",
"name": "KIE_SERVER_PERSISTENCE_DIALECT",
"value": "org.hibernate.dialect.MySQL5Dialect",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "processserver/library",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
"name": "DB_JNDI",
"value": "java:jboss/datasources/ExampleDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "processserver-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -150,6 +174,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -157,46 +182,55 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -204,6 +238,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -211,6 +246,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -218,10 +254,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -245,7 +302,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -269,7 +327,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -375,13 +434,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.3"
+ "name": "jboss-processserver63-openshift:1.4"
}
}
},
@@ -639,7 +706,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-postgresql-persistent-s2i.json
index 32a512829..361b177f9 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-postgresql-persistent-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-postgresql-persistent-s2i.json
@@ -5,41 +5,48 @@
"annotations": {
"description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server PostgreSQL applications with persistent storage built using S2I.",
"iconClass": "icon-jboss",
- "tags": "processserver,postgresql,javaee,java,database,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server + PostgreSQL (Persistent with https)"
},
"name": "processserver63-postgresql-persistent-s2i"
},
"labels": {
"template": "processserver63-postgresql-persistent-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent BPMS application (using PostgreSQL) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Protocol",
"description": "The protocol to access the KIE Server REST interface.",
"name": "KIE_SERVER_PROTOCOL",
"value": "https",
"required": false
},
{
+ "displayName": "KIE Server Port",
"description": "The port to access the KIE Server REST interface.",
"name": "KIE_SERVER_PORT",
"value": "8443",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -47,108 +54,126 @@
"required": false
},
{
+ "displayName": "KIE Server Domain",
"description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
"name": "KIE_SERVER_DOMAIN",
"value": "other",
"required": false
},
{
+ "displayName": "KIE Server Persistence Dialect",
"description": "Hibernate persistence dialect.",
"name": "KIE_SERVER_PERSISTENCE_DIALECT",
"value": "org.hibernate.dialect.PostgreSQL82Dialect",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "processserver/library",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
"name": "DB_JNDI",
"value": "java:jboss/datasources/ExampleDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "processserver-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -156,6 +181,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -163,31 +189,37 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -195,6 +227,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -202,6 +235,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -209,10 +243,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -236,7 +291,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -260,7 +316,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -366,13 +423,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.3"
+ "name": "jboss-processserver63-openshift:1.4"
}
}
},
@@ -666,7 +731,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-postgresql-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-postgresql-s2i.json
index 55e2199bb..451915a1d 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-postgresql-s2i.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver63-postgresql-s2i.json
@@ -5,41 +5,48 @@
"annotations": {
"description": "Application template for Red Hat JBoss BPM Suite 6.3 intelligent process server PostgreSQL applications built using S2I.",
"iconClass": "icon-jboss",
- "tags": "processserver,postgresql,javaee,java,database,jboss,xpaas",
- "version": "1.3.3"
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.3 intelligent process server + PostgreSQL (Ephemeral with https)"
},
"name": "processserver63-postgresql-s2i"
},
"labels": {
"template": "processserver63-postgresql-s2i",
- "xpaas": "1.3.3"
+ "xpaas": "1.4.0"
},
+ "message": "A new BPMS application (using PostgreSQL) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
"parameters": [
{
+ "displayName": "KIE Container Deployment",
"description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
"required": false
},
{
+ "displayName": "KIE Server Protocol",
"description": "The protocol to access the KIE Server REST interface.",
"name": "KIE_SERVER_PROTOCOL",
"value": "https",
"required": false
},
{
+ "displayName": "KIE Server Port",
"description": "The port to access the KIE Server REST interface.",
"name": "KIE_SERVER_PORT",
"value": "8443",
"required": false
},
{
+ "displayName": "KIE Server Username",
"description": "The user name to access the KIE Server REST or JMS interface.",
"name": "KIE_SERVER_USER",
"value": "kieserver",
"required": false
},
{
+ "displayName": "KIE Server Password",
"description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
"name": "KIE_SERVER_PASSWORD",
"from": "[a-zA-Z]{6}[0-9]{1}!",
@@ -47,102 +54,119 @@
"required": false
},
{
+ "displayName": "KIE Server Domain",
"description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
"name": "KIE_SERVER_DOMAIN",
"value": "other",
"required": false
},
{
+ "displayName": "KIE Server Persistence Dialect",
"description": "Hibernate persistence dialect.",
"name": "KIE_SERVER_PERSISTENCE_DIALECT",
"value": "org.hibernate.dialect.PostgreSQL82Dialect",
"required": false
},
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "kie-app",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Git Repository URL",
"description": "Git source URI for application",
"name": "SOURCE_REPOSITORY_URL",
"value": "https://github.com/jboss-openshift/openshift-quickstarts",
"required": true
},
{
+ "displayName": "Git Reference",
"description": "Git branch/tag reference",
"name": "SOURCE_REPOSITORY_REF",
"value": "1.3",
"required": false
},
{
+ "displayName": "Context Directory",
"description": "Path within Git project to build; empty for root project directory.",
"name": "CONTEXT_DIR",
"value": "processserver/library",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
"name": "DB_JNDI",
"value": "java:jboss/datasources/ExampleDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Queues",
"description": "Queue names",
"name": "HORNETQ_QUEUES",
"value": "",
"required": false
},
{
+ "displayName": "Topics",
"description": "Topic names",
"name": "HORNETQ_TOPICS",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "processserver-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate",
"name": "HTTPS_NAME",
"value": "jboss",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate",
"name": "HTTPS_PASSWORD",
"value": "mykeystorepass",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -150,6 +174,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -157,31 +182,37 @@
"required": true
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "HornetQ Password",
"description": "HornetQ cluster admin password",
"name": "HORNETQ_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -189,6 +220,7 @@
"required": true
},
{
+ "displayName": "Github Webhook Secret",
"description": "GitHub trigger secret",
"name": "GITHUB_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -196,6 +228,7 @@
"required": true
},
{
+ "displayName": "Generic Webhook Secret",
"description": "Generic build trigger secret",
"name": "GENERIC_WEBHOOK_SECRET",
"from": "[a-zA-Z0-9]{8}",
@@ -203,10 +236,31 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -230,7 +284,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -254,7 +309,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -360,13 +416,21 @@
{
"name": "KIE_CONTAINER_DEPLOYMENT",
"value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
}
],
"forcePull": true,
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "jboss-processserver63-openshift:1.3"
+ "name": "jboss-processserver63-openshift:1.4"
}
}
},
@@ -624,7 +688,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver64-amq-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver64-amq-mysql-persistent-s2i.json
new file mode 100644
index 000000000..293d04d63
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver64-amq-mysql-persistent-s2i.json
@@ -0,0 +1,1156 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for Red Hat JBoss BPM Suite 6.4 intelligent process server AMQ and MySQL applications with persistent storage built using S2I.",
+ "iconClass": "icon-jboss",
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.4 intelligent process server + A-MQ + MySQL (Persistent with https)"
+ },
+ "name": "processserver64-amq-mysql-persistent-s2i"
+ },
+ "labels": {
+ "template": "processserver64-amq-mysql-persistent-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new persistent BPMS application (using MySQL and A-MQ) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. And for the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "KIE Container Deployment",
+ "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Protocol",
+ "description": "The protocol to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "https",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Port",
+ "description": "The port to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PORT",
+ "value": "8443",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Username",
+ "description": "The user name to access the KIE Server REST or JMS interface.",
+ "name": "KIE_SERVER_USER",
+ "value": "kieserver",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Password",
+ "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
+ "name": "KIE_SERVER_PASSWORD",
+ "from": "[a-zA-Z]{6}[0-9]{1}!",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Domain",
+ "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "other",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server JMS Queues Request",
+ "description": "JNDI name of request queue for JMS.",
+ "name": "KIE_SERVER_JMS_QUEUES_REQUEST",
+ "value": "queue/KIE.SERVER.REQUEST",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server JMS Queues Response",
+ "description": "JNDI name of response queue for JMS.",
+ "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
+ "value": "queue/KIE.SERVER.RESPONSE",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Executor JMS Queue",
+ "description": "JNDI name of executor queue for JMS.",
+ "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
+ "value": "queue/KIE.SERVER.EXECUTOR",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Persistence Dialect",
+ "description": "Hibernate persistence dialect.",
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "org.hibernate.dialect.MySQL5Dialect",
+ "required": false
+ },
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "kie-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "processserver/library",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/ExampleDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "JMS Connection Factory JNDI Name",
+ "description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
+ "name": "MQ_JNDI",
+ "value": "java:/JmsXA",
+ "required": false
+ },
+ {
+ "displayName": "Split Data?",
+ "description": "Split the data directory for each node in a mesh.",
+ "name": "AMQ_SPLIT",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_QUEUES",
+ "value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE,KIE.SERVER.EXECUTOR",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "processserver-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-processserver64-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "processserver-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "processserver-keystore-volume",
+ "mountPath": "/etc/processserver-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "${KIE_SERVER_PROTOCOL}"
+ },
+ {
+ "name": "KIE_SERVER_PORT",
+ "value": "${KIE_SERVER_PORT}"
+ },
+ {
+ "name": "KIE_SERVER_USER",
+ "value": "${KIE_SERVER_USER}"
+ },
+ {
+ "name": "KIE_SERVER_PASSWORD",
+ "value": "${KIE_SERVER_PASSWORD}"
+ },
+ {
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "${KIE_SERVER_DOMAIN}"
+ },
+ {
+ "name": "KIE_SERVER_JMS_QUEUES_REQUEST",
+ "value": "${KIE_SERVER_JMS_QUEUES_REQUEST}"
+ },
+ {
+ "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
+ "value": "${KIE_SERVER_JMS_QUEUES_RESPONSE}"
+ },
+ {
+ "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
+ "value": "${KIE_SERVER_EXECUTOR_JMS_QUEUE}"
+ },
+ {
+ "name": "MQ_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-amq=MQ"
+ },
+ {
+ "name": "MQ_JNDI",
+ "value": "${MQ_JNDI}"
+ },
+ {
+ "name": "MQ_USERNAME",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "MQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "MQ_PROTOCOL",
+ "value": "tcp"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "${KIE_SERVER_PERSISTENCE_DIALECT}"
+ },
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB,${APPLICATION_NAME}-mysql=QUARTZ"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "QUARTZ_JNDI",
+ "value": "${DB_JNDI}NotManaged"
+ },
+ {
+ "name": "QUARTZ_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "QUARTZ_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "QUARTZ_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "QUARTZ_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "QUARTZ_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "QUARTZ_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "QUARTZ_JTA",
+ "value": "false"
+ },
+ {
+ "name": "QUARTZ_NONXA",
+ "value": "true"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/processserver-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "processserver-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/mysql/data",
+ "name": "${APPLICATION_NAME}-mysql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-mysql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-mysql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-63:1.0"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-63",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "mountPath": "/opt/amq/data",
+ "name": "${APPLICATION_NAME}-amq-pvol"
+ }
+ ],
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp-ssl",
+ "containerPort": 5671,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp-ssl",
+ "containerPort": 61612,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp-ssl",
+ "containerPort": 61617,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_SPLIT",
+ "value": "${AMQ_SPLIT}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-amq-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-amq-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteMany"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver64-amq-mysql-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver64-amq-mysql-s2i.json
new file mode 100644
index 000000000..760940b36
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver64-amq-mysql-s2i.json
@@ -0,0 +1,1034 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for Red Hat JBoss BPM Suite 6.4 intelligent process server AMQ and MySQL applications built using S2I.",
+ "iconClass": "icon-jboss",
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.4 intelligent process server + A-MQ + MySQL (Ephemeral with https)"
+ },
+ "name": "processserver64-amq-mysql-s2i"
+ },
+ "labels": {
+ "template": "processserver64-amq-mysql-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new BPMS application (using MySQL and A-MQ) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. And for the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "KIE Container Deployment",
+ "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Protocol",
+ "description": "The protocol to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "https",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Port",
+ "description": "The port to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PORT",
+ "value": "8443",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Username",
+ "description": "The user name to access the KIE Server REST or JMS interface.",
+ "name": "KIE_SERVER_USER",
+ "value": "kieserver",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Password",
+ "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
+ "name": "KIE_SERVER_PASSWORD",
+ "from": "[a-zA-Z]{6}[0-9]{1}!",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Domain",
+ "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "other",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server JMS Queues Request",
+ "description": "JNDI name of request queue for JMS.",
+ "name": "KIE_SERVER_JMS_QUEUES_REQUEST",
+ "value": "queue/KIE.SERVER.REQUEST",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server JMS Queues Response",
+ "description": "JNDI name of response queue for JMS.",
+ "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
+ "value": "queue/KIE.SERVER.RESPONSE",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Executor JMS Queue",
+ "description": "JNDI name of executor queue for JMS.",
+ "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
+ "value": "queue/KIE.SERVER.EXECUTOR",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Persistence Dialect",
+ "description": "Hibernate persistence dialect.",
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "org.hibernate.dialect.MySQL5Dialect",
+ "required": false
+ },
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "kie-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "processserver/library",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/ExampleDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "JMS Connection Factory JNDI Name",
+ "description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
+ "name": "MQ_JNDI",
+ "value": "java:/JmsXA",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_QUEUES",
+ "value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE,KIE.SERVER.EXECUTOR",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "processserver-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-processserver64-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "processserver-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "processserver-keystore-volume",
+ "mountPath": "/etc/processserver-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "${KIE_SERVER_PROTOCOL}"
+ },
+ {
+ "name": "KIE_SERVER_PORT",
+ "value": "${KIE_SERVER_PORT}"
+ },
+ {
+ "name": "KIE_SERVER_USER",
+ "value": "${KIE_SERVER_USER}"
+ },
+ {
+ "name": "KIE_SERVER_PASSWORD",
+ "value": "${KIE_SERVER_PASSWORD}"
+ },
+ {
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "${KIE_SERVER_DOMAIN}"
+ },
+ {
+ "name": "KIE_SERVER_JMS_QUEUES_REQUEST",
+ "value": "${KIE_SERVER_JMS_QUEUES_REQUEST}"
+ },
+ {
+ "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
+ "value": "${KIE_SERVER_JMS_QUEUES_RESPONSE}"
+ },
+ {
+ "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
+ "value": "${KIE_SERVER_EXECUTOR_JMS_QUEUE}"
+ },
+ {
+ "name": "MQ_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-amq=MQ"
+ },
+ {
+ "name": "MQ_JNDI",
+ "value": "${MQ_JNDI}"
+ },
+ {
+ "name": "MQ_USERNAME",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "MQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "MQ_PROTOCOL",
+ "value": "tcp"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "${KIE_SERVER_PERSISTENCE_DIALECT}"
+ },
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/processserver-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "processserver-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-63:1.0"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-63",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp-ssl",
+ "containerPort": 5671,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp-ssl",
+ "containerPort": 61612,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp-ssl",
+ "containerPort": 61617,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver64-amq-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver64-amq-postgresql-persistent-s2i.json
new file mode 100644
index 000000000..1603bccff
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver64-amq-postgresql-persistent-s2i.json
@@ -0,0 +1,1126 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for Red Hat JBoss BPM Suite 6.4 intelligent process server AMQ and PostgreSQL applications with persistent storage built using S2I.",
+ "iconClass": "icon-jboss",
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.4 intelligent process server + A-MQ + PostgreSQL (Persistent with https)"
+ },
+ "name": "processserver64-amq-postgresql-persistent-s2i"
+ },
+ "labels": {
+ "template": "processserver64-amq-postgresql-persistent-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new persistent BPMS application (using PostgreSQL and A-MQ) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. And for the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "KIE Container Deployment",
+ "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Protocol",
+ "description": "The protocol to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "https",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Port",
+ "description": "The port to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PORT",
+ "value": "8443",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Username",
+ "description": "The user name to access the KIE Server REST or JMS interface.",
+ "name": "KIE_SERVER_USER",
+ "value": "kieserver",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Password",
+ "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
+ "name": "KIE_SERVER_PASSWORD",
+ "from": "[a-zA-Z]{6}[0-9]{1}!",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Domain",
+ "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "other",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server JMS Queues Request",
+ "description": "JNDI name of request queue for JMS.",
+ "name": "KIE_SERVER_JMS_QUEUES_REQUEST",
+ "value": "queue/KIE.SERVER.REQUEST",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server JMS Queues Response",
+ "description": "JNDI name of response queue for JMS.",
+ "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
+ "value": "queue/KIE.SERVER.RESPONSE",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Executor JMS Queue",
+ "description": "JNDI name of executor queue for JMS.",
+ "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
+ "value": "queue/KIE.SERVER.EXECUTOR",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Persistence Dialect",
+ "description": "Hibernate persistence dialect.",
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "org.hibernate.dialect.PostgreSQL82Dialect",
+ "required": false
+ },
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "kie-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "processserver/library",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/ExampleDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "JMS Connection Factory JNDI Name",
+ "description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
+ "name": "MQ_JNDI",
+ "value": "java:/JmsXA",
+ "required": false
+ },
+ {
+ "displayName": "Split Data?",
+ "description": "Split the data directory for each node in a mesh.",
+ "name": "AMQ_SPLIT",
+ "value": "false",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_QUEUES",
+ "value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE,KIE.SERVER.EXECUTOR",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "processserver-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-processserver64-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "processserver-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "processserver-keystore-volume",
+ "mountPath": "/etc/processserver-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "${KIE_SERVER_PROTOCOL}"
+ },
+ {
+ "name": "KIE_SERVER_PORT",
+ "value": "${KIE_SERVER_PORT}"
+ },
+ {
+ "name": "KIE_SERVER_USER",
+ "value": "${KIE_SERVER_USER}"
+ },
+ {
+ "name": "KIE_SERVER_PASSWORD",
+ "value": "${KIE_SERVER_PASSWORD}"
+ },
+ {
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "${KIE_SERVER_DOMAIN}"
+ },
+ {
+ "name": "KIE_SERVER_JMS_QUEUES_REQUEST",
+ "value": "${KIE_SERVER_JMS_QUEUES_REQUEST}"
+ },
+ {
+ "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
+ "value": "${KIE_SERVER_JMS_QUEUES_RESPONSE}"
+ },
+ {
+ "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
+ "value": "${KIE_SERVER_EXECUTOR_JMS_QUEUE}"
+ },
+ {
+ "name": "MQ_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-amq=MQ"
+ },
+ {
+ "name": "MQ_JNDI",
+ "value": "${MQ_JNDI}"
+ },
+ {
+ "name": "MQ_USERNAME",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "MQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "MQ_PROTOCOL",
+ "value": "tcp"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "${KIE_SERVER_PERSISTENCE_DIALECT}"
+ },
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB,${APPLICATION_NAME}-postgresql=QUARTZ"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "QUARTZ_JNDI",
+ "value": "${DB_JNDI}NotManaged"
+ },
+ {
+ "name": "QUARTZ_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "QUARTZ_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "QUARTZ_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "QUARTZ_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "QUARTZ_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "QUARTZ_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "QUARTZ_JTA",
+ "value": "false"
+ },
+ {
+ "name": "QUARTZ_NONXA",
+ "value": "true"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/processserver-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "processserver-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/pgsql/data",
+ "name": "${APPLICATION_NAME}-postgresql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-postgresql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-63:1.0"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-63",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "mountPath": "/opt/amq/data",
+ "name": "${APPLICATION_NAME}-amq-pvol"
+ }
+ ],
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp-ssl",
+ "containerPort": 5671,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp-ssl",
+ "containerPort": 61612,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp-ssl",
+ "containerPort": 61617,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_SPLIT",
+ "value": "${AMQ_SPLIT}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-amq-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-amq-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteMany"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver64-amq-postgresql-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver64-amq-postgresql-s2i.json
new file mode 100644
index 000000000..422f51c11
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver64-amq-postgresql-s2i.json
@@ -0,0 +1,1004 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for Red Hat JBoss BPM Suite 6.4 intelligent process server AMQ and PostgreSQL applications built using S2I.",
+ "iconClass": "icon-jboss",
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.4 intelligent process server + A-MQ + PostgreSQL (Ephemeral with https)"
+ },
+ "name": "processserver64-amq-postgresql-s2i"
+ },
+ "labels": {
+ "template": "processserver64-amq-postgresql-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new BPMS application (using PostgreSQL and A-MQ) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. And for the A-MQ service use the credentials ${MQ_USERNAME}/${MQ_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "KIE Container Deployment",
+ "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Protocol",
+ "description": "The protocol to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "https",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Port",
+ "description": "The port to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PORT",
+ "value": "8443",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Username",
+ "description": "The user name to access the KIE Server REST or JMS interface.",
+ "name": "KIE_SERVER_USER",
+ "value": "kieserver",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Password",
+ "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
+ "name": "KIE_SERVER_PASSWORD",
+ "from": "[a-zA-Z]{6}[0-9]{1}!",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Domain",
+ "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "other",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server JMS Queues Request",
+ "description": "JNDI name of request queue for JMS.",
+ "name": "KIE_SERVER_JMS_QUEUES_REQUEST",
+ "value": "queue/KIE.SERVER.REQUEST",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server JMS Queues Response",
+ "description": "JNDI name of response queue for JMS.",
+ "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
+ "value": "queue/KIE.SERVER.RESPONSE",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Executor JMS Queue",
+ "description": "JNDI name of executor queue for JMS.",
+ "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
+ "value": "queue/KIE.SERVER.EXECUTOR",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Persistence Dialect",
+ "description": "Hibernate persistence dialect.",
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "org.hibernate.dialect.PostgreSQL82Dialect",
+ "required": false
+ },
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "kie-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "processserver/library",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/ExampleDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "JMS Connection Factory JNDI Name",
+ "description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/JmsXA",
+ "name": "MQ_JNDI",
+ "value": "java:/JmsXA",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Protocols",
+ "description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.",
+ "name": "MQ_PROTOCOL",
+ "value": "openwire",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_QUEUES",
+ "value": "KIE.SERVER.REQUEST,KIE.SERVER.RESPONSE,KIE.SERVER.EXECUTOR",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.",
+ "name": "MQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "processserver-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Username",
+ "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Password",
+ "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.",
+ "name": "MQ_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Mesh Discovery Type",
+ "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount:<namespace>:default' where <namespace> is the project namespace.",
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "kube",
+ "required": false
+ },
+ {
+ "displayName": "A-MQ Storage Limit",
+ "description": "The A-MQ storage usage limit",
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "100 gb",
+ "required": false
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"},{\"name\": \"${APPLICATION_NAME}-amq-tcp\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 61616,
+ "targetPort": 61616
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq-tcp",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The broker's OpenWire port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-processserver64-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "processserver-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "processserver-keystore-volume",
+ "mountPath": "/etc/processserver-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "${KIE_SERVER_PROTOCOL}"
+ },
+ {
+ "name": "KIE_SERVER_PORT",
+ "value": "${KIE_SERVER_PORT}"
+ },
+ {
+ "name": "KIE_SERVER_USER",
+ "value": "${KIE_SERVER_USER}"
+ },
+ {
+ "name": "KIE_SERVER_PASSWORD",
+ "value": "${KIE_SERVER_PASSWORD}"
+ },
+ {
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "${KIE_SERVER_DOMAIN}"
+ },
+ {
+ "name": "KIE_SERVER_JMS_QUEUES_REQUEST",
+ "value": "${KIE_SERVER_JMS_QUEUES_REQUEST}"
+ },
+ {
+ "name": "KIE_SERVER_JMS_QUEUES_RESPONSE",
+ "value": "${KIE_SERVER_JMS_QUEUES_RESPONSE}"
+ },
+ {
+ "name": "KIE_SERVER_EXECUTOR_JMS_QUEUE",
+ "value": "${KIE_SERVER_EXECUTOR_JMS_QUEUE}"
+ },
+ {
+ "name": "MQ_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-amq=MQ"
+ },
+ {
+ "name": "MQ_JNDI",
+ "value": "${MQ_JNDI}"
+ },
+ {
+ "name": "MQ_USERNAME",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "MQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "MQ_PROTOCOL",
+ "value": "tcp"
+ },
+ {
+ "name": "MQ_QUEUES",
+ "value": "${MQ_QUEUES}"
+ },
+ {
+ "name": "MQ_TOPICS",
+ "value": "${MQ_TOPICS}"
+ },
+ {
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "${KIE_SERVER_PERSISTENCE_DIALECT}"
+ },
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/processserver-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "processserver-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-amq"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-amq-63:1.0"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-amq",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-amq",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-amq",
+ "image": "jboss-amq-63",
+ "imagePullPolicy": "Always",
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/amq/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp",
+ "containerPort": 5672,
+ "protocol": "TCP"
+ },
+ {
+ "name": "amqp-ssl",
+ "containerPort": 5671,
+ "protocol": "TCP"
+ },
+ {
+ "name": "mqtt",
+ "containerPort": 1883,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp",
+ "containerPort": 61613,
+ "protocol": "TCP"
+ },
+ {
+ "name": "stomp-ssl",
+ "containerPort": 61612,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp",
+ "containerPort": 61616,
+ "protocol": "TCP"
+ },
+ {
+ "name": "tcp-ssl",
+ "containerPort": 61617,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "AMQ_USER",
+ "value": "${MQ_USERNAME}"
+ },
+ {
+ "name": "AMQ_PASSWORD",
+ "value": "${MQ_PASSWORD}"
+ },
+ {
+ "name": "AMQ_TRANSPORTS",
+ "value": "${MQ_PROTOCOL}"
+ },
+ {
+ "name": "AMQ_MESH_DISCOVERY_TYPE",
+ "value": "${AMQ_MESH_DISCOVERY_TYPE}"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAME",
+ "value": "${APPLICATION_NAME}-amq-tcp"
+ },
+ {
+ "name": "AMQ_MESH_SERVICE_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "AMQ_STORAGE_USAGE_LIMIT",
+ "value": "${AMQ_STORAGE_USAGE_LIMIT}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver64-basic-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver64-basic-s2i.json
new file mode 100644
index 000000000..2bf15ff25
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver64-basic-s2i.json
@@ -0,0 +1,383 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for Red Hat JBoss BPM Suite 6.4 intelligent process server applications built using S2I.",
+ "iconClass": "icon-jboss",
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.4 intelligent process server (no https)"
+ },
+ "name": "processserver64-basic-s2i"
+ },
+ "labels": {
+ "template": "processserver64-basic-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new BPMS application has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}.",
+ "parameters": [
+ {
+ "displayName": "KIE Container Deployment",
+ "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Username",
+ "description": "The user name to access the KIE Server REST or JMS interface.",
+ "name": "KIE_SERVER_USER",
+ "value": "kieserver",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Password",
+ "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
+ "name": "KIE_SERVER_PASSWORD",
+ "from": "[a-zA-Z]{6}[0-9]{1}!",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Persistence Dialect",
+ "description": "Hibernate persistence dialect.",
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "org.hibernate.dialect.H2Dialect",
+ "required": false
+ },
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "kie-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts.git",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "processserver/library",
+ "required": false
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Password",
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-processserver64-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "KIE_SERVER_USER",
+ "value": "${KIE_SERVER_USER}"
+ },
+ {
+ "name": "KIE_SERVER_PASSWORD",
+ "value": "${KIE_SERVER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver64-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver64-mysql-persistent-s2i.json
new file mode 100644
index 000000000..4673dfb0d
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver64-mysql-persistent-s2i.json
@@ -0,0 +1,860 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for Red Hat JBoss BPM Suite 6.4 intelligent process server MySQL applications with persistent storage built using S2I.",
+ "iconClass": "icon-jboss",
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.4 intelligent process server + MySQL (Persistent with https)"
+ },
+ "name": "processserver64-mysql-persistent-s2i"
+ },
+ "labels": {
+ "template": "processserver64-mysql-persistent-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new persistent BPMS application (using MySQL) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "KIE Container Deployment",
+ "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Protocol",
+ "description": "The protocol to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "https",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Port",
+ "description": "The port to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PORT",
+ "value": "8443",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Username",
+ "description": "The user name to access the KIE Server REST or JMS interface.",
+ "name": "KIE_SERVER_USER",
+ "value": "kieserver",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Password",
+ "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
+ "name": "KIE_SERVER_PASSWORD",
+ "from": "[a-zA-Z]{6}[0-9]{1}!",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Domain",
+ "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "other",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Persistence Dialect",
+ "description": "Hibernate persistence dialect.",
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "org.hibernate.dialect.MySQL5Dialect",
+ "required": false
+ },
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "kie-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "processserver/library",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/ExampleDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "processserver-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Password",
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-processserver64-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "processserver-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "processserver-keystore-volume",
+ "mountPath": "/etc/processserver-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "${KIE_SERVER_PROTOCOL}"
+ },
+ {
+ "name": "KIE_SERVER_PORT",
+ "value": "${KIE_SERVER_PORT}"
+ },
+ {
+ "name": "KIE_SERVER_USER",
+ "value": "${KIE_SERVER_USER}"
+ },
+ {
+ "name": "KIE_SERVER_PASSWORD",
+ "value": "${KIE_SERVER_PASSWORD}"
+ },
+ {
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "${KIE_SERVER_DOMAIN}"
+ },
+ {
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "${KIE_SERVER_PERSISTENCE_DIALECT}"
+ },
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB,${APPLICATION_NAME}-mysql=QUARTZ"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "QUARTZ_JNDI",
+ "value": "${DB_JNDI}NotManaged"
+ },
+ {
+ "name": "QUARTZ_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "QUARTZ_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "QUARTZ_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "QUARTZ_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "QUARTZ_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "QUARTZ_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "QUARTZ_JTA",
+ "value": "false"
+ },
+ {
+ "name": "QUARTZ_NONXA",
+ "value": "true"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/processserver-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "processserver-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/mysql/data",
+ "name": "${APPLICATION_NAME}-mysql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-mysql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-mysql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver64-mysql-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver64-mysql-s2i.json
new file mode 100644
index 000000000..9078f20b8
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver64-mysql-s2i.json
@@ -0,0 +1,783 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for Red Hat JBoss BPM Suite 6.4 intelligent process server MySQL applications built using S2I.",
+ "iconClass": "icon-jboss",
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.4 intelligent process server + MySQL (Ephemeral with https)"
+ },
+ "name": "processserver64-mysql-s2i"
+ },
+ "labels": {
+ "template": "processserver64-mysql-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new BPMS application (using MySQL) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "KIE Container Deployment",
+ "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Protocol",
+ "description": "The protocol to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "https",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Port",
+ "description": "The port to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PORT",
+ "value": "8443",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Username",
+ "description": "The user name to access the KIE Server REST or JMS interface.",
+ "name": "KIE_SERVER_USER",
+ "value": "kieserver",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Password",
+ "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
+ "name": "KIE_SERVER_PASSWORD",
+ "from": "[a-zA-Z]{6}[0-9]{1}!",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Domain",
+ "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "other",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Persistence Dialect",
+ "description": "Hibernate persistence dialect.",
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "org.hibernate.dialect.MySQL5Dialect",
+ "required": false
+ },
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "kie-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "processserver/library",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/ExampleDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "processserver-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Password",
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-processserver64-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "processserver-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "processserver-keystore-volume",
+ "mountPath": "/etc/processserver-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "${KIE_SERVER_PROTOCOL}"
+ },
+ {
+ "name": "KIE_SERVER_PORT",
+ "value": "${KIE_SERVER_PORT}"
+ },
+ {
+ "name": "KIE_SERVER_USER",
+ "value": "${KIE_SERVER_USER}"
+ },
+ {
+ "name": "KIE_SERVER_PASSWORD",
+ "value": "${KIE_SERVER_PASSWORD}"
+ },
+ {
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "${KIE_SERVER_DOMAIN}"
+ },
+ {
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "${KIE_SERVER_PERSISTENCE_DIALECT}"
+ },
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/processserver-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "processserver-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver64-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver64-postgresql-persistent-s2i.json
new file mode 100644
index 000000000..75b6d310e
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver64-postgresql-persistent-s2i.json
@@ -0,0 +1,830 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for Red Hat JBoss BPM Suite 6.4 intelligent process server PostgreSQL applications with persistent storage built using S2I.",
+ "iconClass": "icon-jboss",
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.4 intelligent process server + PostgreSQL (Persistent with https)"
+ },
+ "name": "processserver64-postgresql-persistent-s2i"
+ },
+ "labels": {
+ "template": "processserver64-postgresql-persistent-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new persistent BPMS application (using PostgreSQL) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "KIE Container Deployment",
+ "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Protocol",
+ "description": "The protocol to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "https",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Port",
+ "description": "The port to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PORT",
+ "value": "8443",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Username",
+ "description": "The user name to access the KIE Server REST or JMS interface.",
+ "name": "KIE_SERVER_USER",
+ "value": "kieserver",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Password",
+ "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
+ "name": "KIE_SERVER_PASSWORD",
+ "from": "[a-zA-Z]{6}[0-9]{1}!",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Domain",
+ "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "other",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Persistence Dialect",
+ "description": "Hibernate persistence dialect.",
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "org.hibernate.dialect.PostgreSQL82Dialect",
+ "required": false
+ },
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "kie-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "processserver/library",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/ExampleDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "processserver-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Password",
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-processserver64-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "processserver-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "processserver-keystore-volume",
+ "mountPath": "/etc/processserver-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "${KIE_SERVER_PROTOCOL}"
+ },
+ {
+ "name": "KIE_SERVER_PORT",
+ "value": "${KIE_SERVER_PORT}"
+ },
+ {
+ "name": "KIE_SERVER_USER",
+ "value": "${KIE_SERVER_USER}"
+ },
+ {
+ "name": "KIE_SERVER_PASSWORD",
+ "value": "${KIE_SERVER_PASSWORD}"
+ },
+ {
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "${KIE_SERVER_DOMAIN}"
+ },
+ {
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "${KIE_SERVER_PERSISTENCE_DIALECT}"
+ },
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB,${APPLICATION_NAME}-postgresql=QUARTZ"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "QUARTZ_JNDI",
+ "value": "${DB_JNDI}NotManaged"
+ },
+ {
+ "name": "QUARTZ_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "QUARTZ_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "QUARTZ_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "QUARTZ_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "QUARTZ_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "QUARTZ_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "QUARTZ_JTA",
+ "value": "false"
+ },
+ {
+ "name": "QUARTZ_NONXA",
+ "value": "true"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/processserver-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "processserver-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/pgsql/data",
+ "name": "${APPLICATION_NAME}-postgresql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-postgresql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver64-postgresql-s2i.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver64-postgresql-s2i.json
new file mode 100644
index 000000000..51923c0ad
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/processserver64-postgresql-s2i.json
@@ -0,0 +1,753 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for Red Hat JBoss BPM Suite 6.4 intelligent process server PostgreSQL applications built using S2I.",
+ "iconClass": "icon-jboss",
+ "tags": "processserver,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat JBoss BPM Suite 6.4 intelligent process server + PostgreSQL (Ephemeral with https)"
+ },
+ "name": "processserver64-postgresql-s2i"
+ },
+ "labels": {
+ "template": "processserver64-postgresql-s2i",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new BPMS application (using PostgreSQL) has been created in your project. The username/password for accessing the KIE Server REST or JMS interface is ${KIE_SERVER_USER}/${KIE_SERVER_PASSWORD}. For accessing the MySQL database \"${DB_DATABASE}\" use the credentials ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"processserver-service-account\" service account and the secret named \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content.",
+ "parameters": [
+ {
+ "displayName": "KIE Container Deployment",
+ "description": "The KIE Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2",
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "processserver-library=org.openshift.quickstarts:processserver-library:1.3.0.Final",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Protocol",
+ "description": "The protocol to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "https",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Port",
+ "description": "The port to access the KIE Server REST interface.",
+ "name": "KIE_SERVER_PORT",
+ "value": "8443",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Username",
+ "description": "The user name to access the KIE Server REST or JMS interface.",
+ "name": "KIE_SERVER_USER",
+ "value": "kieserver",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Password",
+ "description": "The password to access the KIE Server REST or JMS interface. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s).",
+ "name": "KIE_SERVER_PASSWORD",
+ "from": "[a-zA-Z]{6}[0-9]{1}!",
+ "generate": "expression",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Domain",
+ "description": "JAAS LoginContext domain that shall be used to authenticate users when using JMS.",
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "other",
+ "required": false
+ },
+ {
+ "displayName": "KIE Server Persistence Dialect",
+ "description": "Hibernate persistence dialect.",
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "org.hibernate.dialect.PostgreSQL82Dialect",
+ "required": false
+ },
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "kie-app",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure-<application-name>-<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Git Repository URL",
+ "description": "Git source URI for application",
+ "name": "SOURCE_REPOSITORY_URL",
+ "value": "https://github.com/jboss-openshift/openshift-quickstarts",
+ "required": true
+ },
+ {
+ "displayName": "Git Reference",
+ "description": "Git branch/tag reference",
+ "name": "SOURCE_REPOSITORY_REF",
+ "value": "1.3",
+ "required": false
+ },
+ {
+ "displayName": "Context Directory",
+ "description": "Path within Git project to build; empty for root project directory.",
+ "name": "CONTEXT_DIR",
+ "value": "processserver/library",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/ExampleDS",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/ExampleDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Queues",
+ "description": "Queue names",
+ "name": "HORNETQ_QUEUES",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Topics",
+ "description": "Topic names",
+ "name": "HORNETQ_TOPICS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "processserver-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate",
+ "name": "HTTPS_NAME",
+ "value": "jboss",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate",
+ "name": "HTTPS_PASSWORD",
+ "value": "mykeystorepass",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "HornetQ Password",
+ "description": "HornetQ cluster admin password",
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Github Webhook Secret",
+ "description": "GitHub trigger secret",
+ "name": "GITHUB_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Generic Webhook Secret",
+ "description": "Generic build trigger secret",
+ "name": "GENERIC_WEBHOOK_SECRET",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "Maven mirror URL",
+ "description": "Maven mirror to use for S2I builds",
+ "name": "MAVEN_MIRROR_URL",
+ "value": "",
+ "required": false
+ },
+ {
+ "description": "List of directories from which archives will be copied into the deployment folder. If unspecified, all archives in /target will be copied.",
+ "name": "ARTIFACT_DIR",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "ImageStream",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "BuildConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "source": {
+ "type": "Git",
+ "git": {
+ "uri": "${SOURCE_REPOSITORY_URL}",
+ "ref": "${SOURCE_REPOSITORY_REF}"
+ },
+ "contextDir": "${CONTEXT_DIR}"
+ },
+ "strategy": {
+ "type": "Source",
+ "sourceStrategy": {
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "MAVEN_MIRROR_URL",
+ "value": "${MAVEN_MIRROR_URL}"
+ },
+ {
+ "name": "ARTIFACT_DIR",
+ "value": "${ARTIFACT_DIR}"
+ }
+ ],
+ "forcePull": true,
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "jboss-processserver64-openshift:1.0"
+ }
+ }
+ },
+ "output": {
+ "to": {
+ "kind": "ImageStreamTag",
+ "name": "${APPLICATION_NAME}:latest"
+ }
+ },
+ "triggers": [
+ {
+ "type": "GitHub",
+ "github": {
+ "secret": "${GITHUB_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "Generic",
+ "generic": {
+ "secret": "${GENERIC_WEBHOOK_SECRET}"
+ }
+ },
+ {
+ "type": "ImageChange",
+ "imageChange": {}
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ]
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStream",
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "processserver-service-account",
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "processserver-keystore-volume",
+ "mountPath": "/etc/processserver-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "KIE_CONTAINER_DEPLOYMENT",
+ "value": "${KIE_CONTAINER_DEPLOYMENT}"
+ },
+ {
+ "name": "KIE_SERVER_PROTOCOL",
+ "value": "${KIE_SERVER_PROTOCOL}"
+ },
+ {
+ "name": "KIE_SERVER_PORT",
+ "value": "${KIE_SERVER_PORT}"
+ },
+ {
+ "name": "KIE_SERVER_USER",
+ "value": "${KIE_SERVER_USER}"
+ },
+ {
+ "name": "KIE_SERVER_PASSWORD",
+ "value": "${KIE_SERVER_PASSWORD}"
+ },
+ {
+ "name": "KIE_SERVER_DOMAIN",
+ "value": "${KIE_SERVER_DOMAIN}"
+ },
+ {
+ "name": "KIE_SERVER_PERSISTENCE_DIALECT",
+ "value": "${KIE_SERVER_PERSISTENCE_DIALECT}"
+ },
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/processserver-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_CLUSTER_PASSWORD",
+ "value": "${HORNETQ_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "HORNETQ_QUEUES",
+ "value": "${HORNETQ_QUEUES}"
+ },
+ {
+ "name": "HORNETQ_TOPICS",
+ "value": "${HORNETQ_TOPICS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "processserver-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso70-https.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso70-https.json
index fb0578a67..5e956f449 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso70-https.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso70-https.json
@@ -5,110 +5,129 @@
"annotations": {
"description": "Application template for SSO 7.0",
"iconClass" : "icon-jboss",
- "tags" : "sso,keycloak,java,jboss,xpaas",
- "version" : "1.3.2"
+ "tags" : "sso,keycloak,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.0"
},
"name": "sso70-https"
},
"labels": {
"template": "sso70-https",
- "xpaas" : "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new SSO service has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "sso",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "sso-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "sso-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate (e.g. jboss)",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate (e.g. mykeystorepass)",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
- "required": false
+ "required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "sso-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate (e.g. secret-key)",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate (e.g. password)",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -116,54 +135,65 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "SSO Admin Username",
"description": "SSO Server admin username",
"name": "SSO_ADMIN_USERNAME",
- "value": "admin",
- "required": false
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
},
{
+ "displayName": "SSO Admin Password",
"description": "SSO Server admin password",
"name": "SSO_ADMIN_PASSWORD",
- "value": "admin",
- "required": false
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
},
{
+ "displayName": "SSO Realm",
"description": "Realm to be created in the SSO server (e.g. demo).",
"name": "SSO_REALM",
"value": "",
"required": false
},
{
+ "displayName": "SSO Service Username",
"description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
"name": "SSO_SERVICE_USERNAME",
"value": "",
"required": false
},
{
+ "displayName": "SSO Service Password",
"description": "The password for the SSO service user.",
"name": "SSO_SERVICE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store",
"description": "The name of the truststore file within the secret (e.g. truststore.jks)",
"name": "SSO_TRUSTSTORE",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Password",
"description": "The password for the truststore and certificate (e.g. mykeystorepass)",
"name": "SSO_TRUSTSTORE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Secret",
"description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
"name": "SSO_TRUSTSTORE_SECRET",
"value": "sso-app-secret",
@@ -283,10 +313,10 @@
"containerNames": [
"${APPLICATION_NAME}"
],
- "from": {
+ "from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "redhat-sso70-openshift:1.3"
+ "name": "redhat-sso70-openshift:1.4"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso70-mysql-persistent.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso70-mysql-persistent.json
index dcbb24bf1..0fb2703c7 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso70-mysql-persistent.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso70-mysql-persistent.json
@@ -5,123 +5,145 @@
"annotations": {
"description": "Application template for SSO 7.0 MySQL applications with persistent storage",
"iconClass" : "icon-jboss",
- "tags" : "sso,keycloak,mysql,java,database,jboss,xpaas",
- "version" : "1.3.2"
+ "tags" : "sso,keycloak,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.0 + MySQL (Persistent)"
},
"name": "sso70-mysql-persistent"
},
"labels": {
"template": "sso70-mysql-persistent",
- "xpaas" : "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent SSO service (using MySQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "sso",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/KeycloakDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "sso-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "sso-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate (e.g. jboss)",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate (e.g. mykeystorepass)",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
- "required": false
+ "required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -129,6 +151,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -136,36 +159,42 @@
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "sso-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate (e.g. secret-key)",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate (e.g. password)",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -173,58 +202,76 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "SSO Admin Username",
"description": "SSO Server admin username",
"name": "SSO_ADMIN_USERNAME",
- "value": "admin",
- "required": false
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
},
{
+ "displayName": "SSO Admin Password",
"description": "SSO Server admin password",
"name": "SSO_ADMIN_PASSWORD",
- "value": "admin",
- "required": false
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
},
{
+ "displayName": "SSO Realm",
"description": "Realm to be created in the SSO server (e.g. demo).",
"name": "SSO_REALM",
"value": "",
"required": false
},
{
+ "displayName": "SSO Service Username",
"description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
"name": "SSO_SERVICE_USERNAME",
"value": "",
"required": false
},
{
+ "displayName": "SSO Service Password",
"description": "The password for the SSO service user.",
"name": "SSO_SERVICE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store",
"description": "The name of the truststore file within the secret (e.g. truststore.jks)",
"name": "SSO_TRUSTSTORE",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Password",
"description": "The password for the truststore and certificate (e.g. mykeystorepass)",
"name": "SSO_TRUSTSTORE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Secret",
"description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
"name": "SSO_TRUSTSTORE_SECRET",
"value": "sso-app-secret",
"required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -248,7 +295,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -272,7 +320,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -364,10 +413,10 @@
"containerNames": [
"${APPLICATION_NAME}"
],
- "from": {
+ "from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "redhat-sso70-openshift:1.3"
+ "name": "redhat-sso70-openshift:1.4"
}
}
},
@@ -639,7 +688,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso70-mysql.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso70-mysql.json
index 1768f7a1b..9beae806b 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso70-mysql.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso70-mysql.json
@@ -5,123 +5,145 @@
"annotations": {
"description": "Application template for SSO 7.0 MySQL applications",
"iconClass" : "icon-jboss",
- "tags" : "sso,keycloak,mysql,java,database,jboss,xpaas",
- "version" : "1.3.2"
+ "tags" : "sso,keycloak,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.0 + MySQL (Ephemeral)"
},
"name": "sso70-mysql"
},
"labels": {
"template": "sso70-mysql",
- "xpaas" : "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new SSO service (using MySQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "sso",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/KeycloakDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "sso-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "sso-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate (e.g. jboss)",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate (e.g. mykeystorepass)",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
- "required": false
+ "required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "MySQL Lower Case Table Names",
"description": "Sets how the table names are stored and compared.",
"name": "MYSQL_LOWER_CASE_TABLE_NAMES",
"required": false
},
{
+ "displayName": "MySQL Maximum number of connections",
"description": "The maximum permitted number of simultaneous client connections.",
"name": "MYSQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "MySQL FullText Minimum Word Length",
"description": "The minimum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MIN_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL FullText Maximum Word Length",
"description": "The maximum length of the word to be included in a FULLTEXT index.",
"name": "MYSQL_FT_MAX_WORD_LEN",
"required": false
},
{
+ "displayName": "MySQL AIO",
"description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
"name": "MYSQL_AIO",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -129,6 +151,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -136,30 +159,35 @@
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "sso-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate (e.g. secret-key)",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate (e.g. password)",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -167,58 +195,76 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "SSO Admin Username",
"description": "SSO Server admin username",
"name": "SSO_ADMIN_USERNAME",
- "value": "admin",
- "required": false
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
},
{
+ "displayName": "SSO Admin Password",
"description": "SSO Server admin password",
"name": "SSO_ADMIN_PASSWORD",
- "value": "admin",
- "required": false
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
},
{
+ "displayName": "SSO Realm",
"description": "Realm to be created in the SSO server (e.g. demo).",
"name": "SSO_REALM",
"value": "",
"required": false
},
{
+ "displayName": "SSO Service Username",
"description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
"name": "SSO_SERVICE_USERNAME",
"value": "",
"required": false
},
{
+ "displayName": "SSO Service Password",
"description": "The password for the SSO service user.",
"name": "SSO_SERVICE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store",
"description": "The name of the truststore file within the secret (e.g. truststore.jks)",
"name": "SSO_TRUSTSTORE",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Password",
"description": "The password for the truststore and certificate (e.g. mykeystorepass)",
"name": "SSO_TRUSTSTORE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Secret",
"description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
"name": "SSO_TRUSTSTORE_SECRET",
"value": "sso-app-secret",
"required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
}
],
"objects": [
@@ -240,10 +286,11 @@
"name": "${APPLICATION_NAME}",
"labels": {
"application": "${APPLICATION_NAME}",
- "component": "server"
+ "component": "server"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -268,7 +315,8 @@
"component": "server"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
}
}
},
@@ -349,7 +397,7 @@
"name": "${APPLICATION_NAME}",
"labels": {
"application": "${APPLICATION_NAME}",
- "component": "server"
+ "component": "server"
}
},
"spec": {
@@ -364,10 +412,10 @@
"containerNames": [
"${APPLICATION_NAME}"
],
- "from": {
+ "from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "redhat-sso70-openshift:1.3"
+ "name": "redhat-sso70-openshift:1.4"
}
}
},
@@ -641,7 +689,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso70-postgresql-persistent.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso70-postgresql-persistent.json
index 4c2f81f2e..e22399351 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso70-postgresql-persistent.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso70-postgresql-persistent.json
@@ -5,108 +5,127 @@
"annotations": {
"description": "Application template for SSO 7.0 PostgreSQL applications with persistent storage",
"iconClass" : "icon-jboss",
- "tags" : "sso,keycloak,postrgresql,java,database,jboss,xpaas",
- "version" : "1.3.2"
+ "tags" : "sso,keycloak,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.0 + PostgreSQL (Persistent)"
},
"name": "sso70-postgresql-persistent"
},
"labels": {
"template": "sso70-postgresql-persistent",
- "xpaas" : "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new persistent SSO service (using PostgreSQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "sso",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/KeycloakDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "sso-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "sso-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate (e.g. jboss)",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate (e.g. mykeystorepass)",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
- "required": false
+ "required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -114,6 +133,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -121,36 +141,42 @@
"required": true
},
{
+ "displayName": "Database Volume Capacity",
"description": "Size of persistent storage for database volume.",
"name": "VOLUME_CAPACITY",
"value": "512Mi",
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "sso-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate (e.g. secret-key)",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate (e.g. password)",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -158,58 +184,76 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "SSO Admin Username",
"description": "SSO Server admin username",
"name": "SSO_ADMIN_USERNAME",
- "value": "admin",
- "required": false
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
},
{
+ "displayName": "SSO Admin Password",
"description": "SSO Server admin password",
"name": "SSO_ADMIN_PASSWORD",
- "value": "admin",
- "required": false
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
},
{
+ "displayName": "SSO Realm",
"description": "Realm to be created in the SSO server (e.g. demo).",
"name": "SSO_REALM",
"value": "",
"required": false
},
{
+ "displayName": "SSO Service Username",
"description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
"name": "SSO_SERVICE_USERNAME",
"value": "",
"required": false
},
{
+ "displayName": "SSO Service Password",
"description": "The password for the SSO service user.",
"name": "SSO_SERVICE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store",
"description": "The name of the truststore file within the secret (e.g. truststore.jks)",
"name": "SSO_TRUSTSTORE",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Password",
"description": "The password for the truststore and certificate (e.g. mykeystorepass)",
"name": "SSO_TRUSTSTORE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Secret",
"description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
"name": "SSO_TRUSTSTORE_SECRET",
"value": "sso-app-secret",
"required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -233,7 +277,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -257,7 +302,8 @@
"application": "${APPLICATION_NAME}"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -349,10 +395,10 @@
"containerNames": [
"${APPLICATION_NAME}"
],
- "from": {
+ "from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "redhat-sso70-openshift:1.3"
+ "name": "redhat-sso70-openshift:1.4"
}
}
},
@@ -624,7 +670,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso70-postgresql.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso70-postgresql.json
index d8402ef72..aa8ebaa8e 100644
--- a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso70-postgresql.json
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso70-postgresql.json
@@ -5,108 +5,127 @@
"annotations": {
"description": "Application template for SSO 7.0 PostgreSQL applications",
"iconClass" : "icon-jboss",
- "tags" : "sso,keycloak,postrgresql,java,database,jboss,xpaas",
- "version" : "1.3.2"
+ "tags" : "sso,keycloak,jboss,xpaas",
+ "version": "1.4.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.0 + PostgreSQL (Ephemeral)"
},
"name": "sso70-postgresql"
},
"labels": {
"template": "sso70-postgresql",
- "xpaas" : "1.3.2"
+ "xpaas": "1.4.0"
},
+ "message": "A new SSO service (using PostgreSQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
"parameters": [
{
+ "displayName": "Application Name",
"description": "The name for the application.",
"name": "APPLICATION_NAME",
"value": "sso",
"required": true
},
{
+ "displayName": "Custom http Route Hostname",
"description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTP",
"value": "",
"required": false
},
{
+ "displayName": "Custom https Route Hostname",
"description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
"name": "HOSTNAME_HTTPS",
"value": "",
"required": false
},
{
+ "displayName": "Database JNDI Name",
"description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
"name": "DB_JNDI",
"value": "java:jboss/datasources/KeycloakDS",
"required": false
},
{
+ "displayName": "Database Name",
"description": "Database name",
"name": "DB_DATABASE",
"value": "root",
"required": true
},
{
+ "displayName": "Service Account Name",
"description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
"name": "SERVICE_ACCOUNT_NAME",
"value": "sso-service-account",
"required": true
},
{
+ "displayName": "Server Keystore Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "HTTPS_SECRET",
"value": "sso-app-secret",
"required": false
},
{
+ "displayName": "Server Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "HTTPS_KEYSTORE",
"value": "keystore.jks",
"required": false
},
{
+ "displayName": "Server Keystore Type",
"description": "The type of the keystore file (JKS or JCEKS)",
"name": "HTTPS_KEYSTORE_TYPE",
"value": "",
"required": false
},
{
+ "displayName": "Server Certificate Name",
"description": "The name associated with the server certificate (e.g. jboss)",
"name": "HTTPS_NAME",
"value": "",
"required": false
},
{
+ "displayName": "Server Keystore Password",
"description": "The password for the keystore and certificate (e.g. mykeystorepass)",
"name": "HTTPS_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "Datasource Minimum Pool Size",
"description": "Sets xa-pool/min-pool-size for the configured datasource.",
"name": "DB_MIN_POOL_SIZE",
- "required": false
+ "required": false
},
{
+ "displayName": "Datasource Maximum Pool Size",
"description": "Sets xa-pool/max-pool-size for the configured datasource.",
"name": "DB_MAX_POOL_SIZE",
"required": false
},
{
+ "displayName": "Datasource Transaction Isolation",
"description": "Sets transaction-isolation for the configured datasource.",
"name": "DB_TX_ISOLATION",
"required": false
},
{
+ "displayName": "PostgreSQL Maximum number of connections",
"description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
"name": "POSTGRESQL_MAX_CONNECTIONS",
"required": false
},
{
+ "displayName": "PostgreSQL Shared Buffers",
"description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
"name": "POSTGRESQL_SHARED_BUFFERS",
"required": false
},
{
+ "displayName": "Database Username",
"description": "Database user name",
"name": "DB_USERNAME",
"from": "user[a-zA-Z0-9]{3}",
@@ -114,6 +133,7 @@
"required": true
},
{
+ "displayName": "Database Password",
"description": "Database user password",
"name": "DB_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -121,30 +141,35 @@
"required": true
},
{
+ "displayName": "JGroups Secret Name",
"description": "The name of the secret containing the keystore file",
"name": "JGROUPS_ENCRYPT_SECRET",
"value": "sso-app-secret",
"required": false
},
{
+ "displayName": "JGroups Keystore Filename",
"description": "The name of the keystore file within the secret",
"name": "JGROUPS_ENCRYPT_KEYSTORE",
"value": "jgroups.jceks",
"required": false
},
{
+ "displayName": "JGroups Certificate Name",
"description": "The name associated with the server certificate (e.g. secret-key)",
"name": "JGROUPS_ENCRYPT_NAME",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Keystore Password",
"description": "The password for the keystore and certificate (e.g. password)",
"name": "JGROUPS_ENCRYPT_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "JGroups Cluster Password",
"description": "JGroups cluster password",
"name": "JGROUPS_CLUSTER_PASSWORD",
"from": "[a-zA-Z0-9]{8}",
@@ -152,58 +177,76 @@
"required": true
},
{
+ "displayName": "ImageStream Namespace",
"description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
"name": "IMAGE_STREAM_NAMESPACE",
"value": "openshift",
"required": true
},
{
+ "displayName": "SSO Admin Username",
"description": "SSO Server admin username",
"name": "SSO_ADMIN_USERNAME",
- "value": "admin",
- "required": false
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
},
{
+ "displayName": "SSO Admin Password",
"description": "SSO Server admin password",
"name": "SSO_ADMIN_PASSWORD",
- "value": "admin",
- "required": false
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
},
{
+ "displayName": "SSO Realm",
"description": "Realm to be created in the SSO server (e.g. demo).",
"name": "SSO_REALM",
"value": "",
"required": false
},
{
+ "displayName": "SSO Service Username",
"description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
"name": "SSO_SERVICE_USERNAME",
"value": "",
"required": false
},
{
+ "displayName": "SSO Service Password",
"description": "The password for the SSO service user.",
"name": "SSO_SERVICE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store",
"description": "The name of the truststore file within the secret (e.g. truststore.jks)",
"name": "SSO_TRUSTSTORE",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Password",
"description": "The password for the truststore and certificate (e.g. mykeystorepass)",
"name": "SSO_TRUSTSTORE_PASSWORD",
"value": "",
"required": false
},
{
+ "displayName": "SSO Trust Store Secret",
"description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
"name": "SSO_TRUSTSTORE_SECRET",
"value": "sso-app-secret",
"required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
}
],
"objects": [
@@ -228,7 +271,8 @@
"component": "server"
},
"annotations": {
- "description": "The web server's http port."
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -253,7 +297,8 @@
"component": "server"
},
"annotations": {
- "description": "The web server's https port."
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
}
}
},
@@ -349,10 +394,10 @@
"containerNames": [
"${APPLICATION_NAME}"
],
- "from": {
+ "from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "redhat-sso70-openshift:1.3"
+ "name": "redhat-sso70-openshift:1.4"
}
}
},
@@ -626,7 +671,7 @@
"from": {
"kind": "ImageStreamTag",
"namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
}
}
},
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso71-https.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso71-https.json
new file mode 100644
index 000000000..bee86d7c4
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso71-https.json
@@ -0,0 +1,544 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for SSO 7.1",
+ "iconClass" : "icon-jboss",
+ "tags" : "sso,keycloak,jboss,xpaas",
+ "version": "1.0.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.1"
+ },
+ "name": "sso71-https"
+ },
+ "labels": {
+ "template": "sso71-https",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new SSO service has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "sso",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "sso-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate (e.g. jboss)",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. mykeystorepass)",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate (e.g. secret-key)",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. password)",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Username",
+ "description": "SSO Server admin username",
+ "name": "SSO_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Password",
+ "description": "SSO Server admin password",
+ "name": "SSO_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Realm",
+ "description": "Realm to be created in the SSO server (e.g. demo).",
+ "name": "SSO_REALM",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Username",
+ "description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Password",
+ "description": "The password for the SSO service user.",
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store",
+ "description": "The name of the truststore file within the secret (e.g. truststore.jks)",
+ "name": "SSO_TRUSTSTORE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Password",
+ "description": "The password for the truststore and certificate (e.g. mykeystorepass)",
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Secret",
+ "description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
+ "name": "SSO_TRUSTSTORE_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port."
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "redhat-sso71-openshift:1.1"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "sso-truststore-volume",
+ "mountPath": "/etc/sso-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "lifecycle": {
+ "preStop": {
+ "exec": {
+ "command": [
+ "/opt/eap/bin/jboss-cli.sh",
+ "-c",
+ ":shutdown(timeout=60)"
+ ]
+ }
+ }
+ },
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "SSO_ADMIN_USERNAME",
+ "value": "${SSO_ADMIN_USERNAME}"
+ },
+ {
+ "name": "SSO_ADMIN_PASSWORD",
+ "value": "${SSO_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "SSO_REALM",
+ "value": "${SSO_REALM}"
+ },
+ {
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "${SSO_SERVICE_USERNAME}"
+ },
+ {
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "${SSO_SERVICE_PASSWORD}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE",
+ "value": "${SSO_TRUSTSTORE}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_DIR",
+ "value": "/etc/sso-secret-volume"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "${SSO_TRUSTSTORE_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ },
+ {
+ "name": "sso-truststore-volume",
+ "secret": {
+ "secretName": "${SSO_TRUSTSTORE_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso71-mysql-persistent.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso71-mysql-persistent.json
new file mode 100644
index 000000000..49b37f348
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso71-mysql-persistent.json
@@ -0,0 +1,799 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for SSO 7.1 MySQL applications with persistent storage",
+ "iconClass" : "icon-jboss",
+ "tags" : "sso,keycloak,jboss,xpaas",
+ "version": "1.0.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.1 + MySQL (Persistent)"
+ },
+ "name": "sso71-mysql-persistent"
+ },
+ "labels": {
+ "template": "sso71-mysql-persistent",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new persistent SSO service (using MySQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "sso",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/KeycloakDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "sso-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate (e.g. jboss)",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. mykeystorepass)",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate (e.g. secret-key)",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. password)",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Username",
+ "description": "SSO Server admin username",
+ "name": "SSO_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Password",
+ "description": "SSO Server admin password",
+ "name": "SSO_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Realm",
+ "description": "Realm to be created in the SSO server (e.g. demo).",
+ "name": "SSO_REALM",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Username",
+ "description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Password",
+ "description": "The password for the SSO service user.",
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store",
+ "description": "The name of the truststore file within the secret (e.g. truststore.jks)",
+ "name": "SSO_TRUSTSTORE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Password",
+ "description": "The password for the truststore and certificate (e.g. mykeystorepass)",
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Secret",
+ "description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
+ "name": "SSO_TRUSTSTORE_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "redhat-sso71-openshift:1.1"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "sso-truststore-volume",
+ "mountPath": "/etc/sso-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "lifecycle": {
+ "preStop": {
+ "exec": {
+ "command": [
+ "/opt/eap/bin/jboss-cli.sh",
+ "-c",
+ ":shutdown(timeout=60)"
+ ]
+ }
+ }
+ },
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "SSO_ADMIN_USERNAME",
+ "value": "${SSO_ADMIN_USERNAME}"
+ },
+ {
+ "name": "SSO_ADMIN_PASSWORD",
+ "value": "${SSO_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "SSO_REALM",
+ "value": "${SSO_REALM}"
+ },
+ {
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "${SSO_SERVICE_USERNAME}"
+ },
+ {
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "${SSO_SERVICE_PASSWORD}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE",
+ "value": "${SSO_TRUSTSTORE}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_DIR",
+ "value": "/etc/sso-secret-volume"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "${SSO_TRUSTSTORE_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ },
+ {
+ "name": "sso-truststore-volume",
+ "secret": {
+ "secretName": "${SSO_TRUSTSTORE_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/mysql/data",
+ "name": "${APPLICATION_NAME}-mysql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-mysql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-mysql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso71-mysql.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso71-mysql.json
new file mode 100644
index 000000000..634a75bab
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso71-mysql.json
@@ -0,0 +1,767 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for SSO 7.1 MySQL applications",
+ "iconClass" : "icon-jboss",
+ "tags" : "sso,keycloak,jboss,xpaas",
+ "version": "1.0.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.1 + MySQL (Ephemeral)"
+ },
+ "name": "sso71-mysql"
+ },
+ "labels": {
+ "template": "sso71-mysql",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new SSO service (using MySQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "sso",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/KeycloakDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "sso-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate (e.g. jboss)",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. mykeystorepass)",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Lower Case Table Names",
+ "description": "Sets how the table names are stored and compared.",
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Maximum number of connections",
+ "description": "The maximum permitted number of simultaneous client connections.",
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Minimum Word Length",
+ "description": "The minimum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL FullText Maximum Word Length",
+ "description": "The maximum length of the word to be included in a FULLTEXT index.",
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "required": false
+ },
+ {
+ "displayName": "MySQL AIO",
+ "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
+ "name": "MYSQL_AIO",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate (e.g. secret-key)",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. password)",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Username",
+ "description": "SSO Server admin username",
+ "name": "SSO_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Password",
+ "description": "SSO Server admin password",
+ "name": "SSO_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Realm",
+ "description": "Realm to be created in the SSO server (e.g. demo).",
+ "name": "SSO_REALM",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Username",
+ "description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Password",
+ "description": "The password for the SSO service user.",
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store",
+ "description": "The name of the truststore file within the secret (e.g. truststore.jks)",
+ "name": "SSO_TRUSTSTORE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Password",
+ "description": "The password for the truststore and certificate (e.g. mykeystorepass)",
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Secret",
+ "description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
+ "name": "SSO_TRUSTSTORE_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "MySQL Image Stream Tag",
+ "description": "The tag to use for the \"mysql\" image stream. Typically, this aligns with the major.minor version of MySQL.",
+ "name": "MYSQL_IMAGE_STREAM_TAG",
+ "value": "5.7",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-mysql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 3306,
+ "targetPort": 3306
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "database"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "redhat-sso71-openshift:1.1"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "sso-truststore-volume",
+ "mountPath": "/etc/sso-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "lifecycle": {
+ "preStop": {
+ "exec": {
+ "command": [
+ "/opt/eap/bin/jboss-cli.sh",
+ "-c",
+ ":shutdown(timeout=60)"
+ ]
+ }
+ }
+ },
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-mysql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "SSO_ADMIN_USERNAME",
+ "value": "${SSO_ADMIN_USERNAME}"
+ },
+ {
+ "name": "SSO_ADMIN_PASSWORD",
+ "value": "${SSO_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "SSO_REALM",
+ "value": "${SSO_REALM}"
+ },
+ {
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "${SSO_SERVICE_USERNAME}"
+ },
+ {
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "${SSO_SERVICE_PASSWORD}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE",
+ "value": "${SSO_TRUSTSTORE}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_DIR",
+ "value": "/etc/sso-secret-volume"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "${SSO_TRUSTSTORE_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ },
+ {
+ "name": "sso-truststore-volume",
+ "secret": {
+ "secretName": "${SSO_TRUSTSTORE_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "database"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-mysql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "mysql:${MYSQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-mysql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-mysql",
+ "application": "${APPLICATION_NAME}",
+ "component": "database"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-mysql",
+ "image": "mysql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 3306,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "MYSQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "MYSQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "MYSQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
+ "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
+ },
+ {
+ "name": "MYSQL_MAX_CONNECTIONS",
+ "value": "${MYSQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "MYSQL_FT_MIN_WORD_LEN",
+ "value": "${MYSQL_FT_MIN_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_FT_MAX_WORD_LEN",
+ "value": "${MYSQL_FT_MAX_WORD_LEN}"
+ },
+ {
+ "name": "MYSQL_AIO",
+ "value": "${MYSQL_AIO}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso71-postgresql-persistent.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso71-postgresql-persistent.json
new file mode 100644
index 000000000..c53bb9d5b
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso71-postgresql-persistent.json
@@ -0,0 +1,773 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for SSO 7.1 PostgreSQL applications with persistent storage",
+ "iconClass" : "icon-jboss",
+ "tags" : "sso,keycloak,jboss,xpaas",
+ "version": "1.0.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.1 + PostgreSQL (Persistent)"
+ },
+ "name": "sso71-postgresql-persistent"
+ },
+ "labels": {
+ "template": "sso71-postgresql-persistent",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new persistent SSO service (using PostgreSQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "sso",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/KeycloakDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "sso-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate (e.g. jboss)",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. mykeystorepass)",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Volume Capacity",
+ "description": "Size of persistent storage for database volume.",
+ "name": "VOLUME_CAPACITY",
+ "value": "512Mi",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate (e.g. secret-key)",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. password)",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Username",
+ "description": "SSO Server admin username",
+ "name": "SSO_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Password",
+ "description": "SSO Server admin password",
+ "name": "SSO_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Realm",
+ "description": "Realm to be created in the SSO server (e.g. demo).",
+ "name": "SSO_REALM",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Username",
+ "description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Password",
+ "description": "The password for the SSO service user.",
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store",
+ "description": "The name of the truststore file within the secret (e.g. truststore.jks)",
+ "name": "SSO_TRUSTSTORE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Password",
+ "description": "The password for the truststore and certificate (e.g. mykeystorepass)",
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Secret",
+ "description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
+ "name": "SSO_TRUSTSTORE_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "redhat-sso71-openshift:1.1"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "sso-truststore-volume",
+ "mountPath": "/etc/sso-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "lifecycle": {
+ "preStop": {
+ "exec": {
+ "command": [
+ "/opt/eap/bin/jboss-cli.sh",
+ "-c",
+ ":shutdown(timeout=60)"
+ ]
+ }
+ }
+ },
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "SSO_ADMIN_USERNAME",
+ "value": "${SSO_ADMIN_USERNAME}"
+ },
+ {
+ "name": "SSO_ADMIN_PASSWORD",
+ "value": "${SSO_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "SSO_REALM",
+ "value": "${SSO_REALM}"
+ },
+ {
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "${SSO_SERVICE_USERNAME}"
+ },
+ {
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "${SSO_SERVICE_PASSWORD}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE",
+ "value": "${SSO_TRUSTSTORE}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_DIR",
+ "value": "/etc/sso-secret-volume"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "${SSO_TRUSTSTORE_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ },
+ {
+ "name": "sso-truststore-volume",
+ "secret": {
+ "secretName": "${SSO_TRUSTSTORE_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "volumeMounts": [
+ {
+ "mountPath": "/var/lib/pgsql/data",
+ "name": "${APPLICATION_NAME}-postgresql-pvol"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql-pvol",
+ "persistentVolumeClaim": {
+ "claimName": "${APPLICATION_NAME}-postgresql-claim"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "apiVersion": "v1",
+ "kind": "PersistentVolumeClaim",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql-claim",
+ "labels": {
+ "application": "${APPLICATION_NAME}"
+ }
+ },
+ "spec": {
+ "accessModes": [
+ "ReadWriteOnce"
+ ],
+ "resources": {
+ "requests": {
+ "storage": "${VOLUME_CAPACITY}"
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso71-postgresql.json b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso71-postgresql.json
new file mode 100644
index 000000000..c1fc41eda
--- /dev/null
+++ b/roles/openshift_examples/files/examples/v3.6/xpaas-templates/sso71-postgresql.json
@@ -0,0 +1,741 @@
+{
+ "kind": "Template",
+ "apiVersion": "v1",
+ "metadata": {
+ "annotations": {
+ "description": "Application template for SSO 7.1 PostgreSQL applications",
+ "iconClass" : "icon-jboss",
+ "tags" : "sso,keycloak,jboss,xpaas",
+ "version": "1.0.0",
+ "openshift.io/display-name": "Red Hat Single Sign-On 7.1 + PostgreSQL (Ephemeral)"
+ },
+ "name": "sso71-postgresql"
+ },
+ "labels": {
+ "template": "sso71-postgresql",
+ "xpaas": "1.4.0"
+ },
+ "message": "A new SSO service (using PostgreSQL) has been created in your project. The admin username/password for accessing the master realm via the SSO console is ${SSO_ADMIN_USERNAME}/${SSO_ADMIN_PASSWORD}. The username/password for accessing the PostgreSQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the \"${SERVICE_ACCOUNT_NAME}\" service account and the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications; \"${SSO_TRUSTSTORE_SECRET}\" containing the ${SSO_TRUSTSTORE} file used for securing SSO requests.",
+ "parameters": [
+ {
+ "displayName": "Application Name",
+ "description": "The name for the application.",
+ "name": "APPLICATION_NAME",
+ "value": "sso",
+ "required": true
+ },
+ {
+ "displayName": "Custom http Route Hostname",
+ "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTP",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Custom https Route Hostname",
+ "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
+ "name": "HOSTNAME_HTTPS",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Database JNDI Name",
+ "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
+ "name": "DB_JNDI",
+ "value": "java:jboss/datasources/KeycloakDS",
+ "required": false
+ },
+ {
+ "displayName": "Database Name",
+ "description": "Database name",
+ "name": "DB_DATABASE",
+ "value": "root",
+ "required": true
+ },
+ {
+ "displayName": "Service Account Name",
+ "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
+ "name": "SERVICE_ACCOUNT_NAME",
+ "value": "sso-service-account",
+ "required": true
+ },
+ {
+ "displayName": "Server Keystore Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "HTTPS_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "HTTPS_KEYSTORE",
+ "value": "keystore.jks",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Type",
+ "description": "The type of the keystore file (JKS or JCEKS)",
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Certificate Name",
+ "description": "The name associated with the server certificate (e.g. jboss)",
+ "name": "HTTPS_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Server Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. mykeystorepass)",
+ "name": "HTTPS_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Minimum Pool Size",
+ "description": "Sets xa-pool/min-pool-size for the configured datasource.",
+ "name": "DB_MIN_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Maximum Pool Size",
+ "description": "Sets xa-pool/max-pool-size for the configured datasource.",
+ "name": "DB_MAX_POOL_SIZE",
+ "required": false
+ },
+ {
+ "displayName": "Datasource Transaction Isolation",
+ "description": "Sets transaction-isolation for the configured datasource.",
+ "name": "DB_TX_ISOLATION",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Maximum number of connections",
+ "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Shared Buffers",
+ "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "required": false
+ },
+ {
+ "displayName": "Database Username",
+ "description": "Database user name",
+ "name": "DB_USERNAME",
+ "from": "user[a-zA-Z0-9]{3}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "Database Password",
+ "description": "Database user password",
+ "name": "DB_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "JGroups Secret Name",
+ "description": "The name of the secret containing the keystore file",
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Filename",
+ "description": "The name of the keystore file within the secret",
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "jgroups.jceks",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Certificate Name",
+ "description": "The name associated with the server certificate (e.g. secret-key)",
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Keystore Password",
+ "description": "The password for the keystore and certificate (e.g. password)",
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "JGroups Cluster Password",
+ "description": "JGroups cluster password",
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "ImageStream Namespace",
+ "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
+ "name": "IMAGE_STREAM_NAMESPACE",
+ "value": "openshift",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Username",
+ "description": "SSO Server admin username",
+ "name": "SSO_ADMIN_USERNAME",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Admin Password",
+ "description": "SSO Server admin password",
+ "name": "SSO_ADMIN_PASSWORD",
+ "from": "[a-zA-Z0-9]{8}",
+ "generate": "expression",
+ "required": true
+ },
+ {
+ "displayName": "SSO Realm",
+ "description": "Realm to be created in the SSO server (e.g. demo).",
+ "name": "SSO_REALM",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Username",
+ "description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Service Password",
+ "description": "The password for the SSO service user.",
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store",
+ "description": "The name of the truststore file within the secret (e.g. truststore.jks)",
+ "name": "SSO_TRUSTSTORE",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Password",
+ "description": "The password for the truststore and certificate (e.g. mykeystorepass)",
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "",
+ "required": false
+ },
+ {
+ "displayName": "SSO Trust Store Secret",
+ "description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
+ "name": "SSO_TRUSTSTORE_SECRET",
+ "value": "sso-app-secret",
+ "required": false
+ },
+ {
+ "displayName": "PostgreSQL Image Stream Tag",
+ "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.",
+ "name": "POSTGRESQL_IMAGE_STREAM_TAG",
+ "value": "9.5",
+ "required": true
+ }
+ ],
+ "objects": [
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8080,
+ "targetPort": 8080
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "The web server's http port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 8443,
+ "targetPort": 8443
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ }
+ },
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "The web server's https port.",
+ "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]"
+ }
+ }
+ },
+ {
+ "kind": "Service",
+ "apiVersion": "v1",
+ "spec": {
+ "ports": [
+ {
+ "port": 5432,
+ "targetPort": 5432
+ }
+ ],
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ }
+ },
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "database"
+ },
+ "annotations": {
+ "description": "The database server's port."
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-http",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "Route for application's http service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTP}",
+ "to": {
+ "name": "${APPLICATION_NAME}"
+ }
+ }
+ },
+ {
+ "kind": "Route",
+ "apiVersion": "v1",
+ "id": "${APPLICATION_NAME}-https",
+ "metadata": {
+ "name": "secure-${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ },
+ "annotations": {
+ "description": "Route for application's https service."
+ }
+ },
+ "spec": {
+ "host": "${HOSTNAME_HTTPS}",
+ "to": {
+ "name": "secure-${APPLICATION_NAME}"
+ },
+ "tls": {
+ "termination": "passthrough"
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "redhat-sso71-openshift:1.1"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}",
+ "application": "${APPLICATION_NAME}",
+ "component": "server"
+ }
+ },
+ "spec": {
+ "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
+ "terminationGracePeriodSeconds": 75,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}",
+ "image": "${APPLICATION_NAME}",
+ "imagePullPolicy": "Always",
+ "volumeMounts": [
+ {
+ "name": "eap-keystore-volume",
+ "mountPath": "/etc/eap-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "mountPath": "/etc/jgroups-encrypt-secret-volume",
+ "readOnly": true
+ },
+ {
+ "name": "sso-truststore-volume",
+ "mountPath": "/etc/sso-secret-volume",
+ "readOnly": true
+ }
+ ],
+ "lifecycle": {
+ "preStop": {
+ "exec": {
+ "command": [
+ "/opt/eap/bin/jboss-cli.sh",
+ "-c",
+ ":shutdown(timeout=60)"
+ ]
+ }
+ }
+ },
+ "livenessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/livenessProbe.sh"
+ ]
+ }
+ },
+ "readinessProbe": {
+ "exec": {
+ "command": [
+ "/bin/bash",
+ "-c",
+ "/opt/eap/bin/readinessProbe.sh"
+ ]
+ }
+ },
+ "ports": [
+ {
+ "name": "jolokia",
+ "containerPort": 8778,
+ "protocol": "TCP"
+ },
+ {
+ "name": "http",
+ "containerPort": 8080,
+ "protocol": "TCP"
+ },
+ {
+ "name": "https",
+ "containerPort": 8443,
+ "protocol": "TCP"
+ },
+ {
+ "name": "ping",
+ "containerPort": 8888,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "DB_SERVICE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_JNDI",
+ "value": "${DB_JNDI}"
+ },
+ {
+ "name": "DB_USERNAME",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "DB_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "DB_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "TX_DATABASE_PREFIX_MAPPING",
+ "value": "${APPLICATION_NAME}-postgresql=DB"
+ },
+ {
+ "name": "DB_MIN_POOL_SIZE",
+ "value": "${DB_MIN_POOL_SIZE}"
+ },
+ {
+ "name": "DB_MAX_POOL_SIZE",
+ "value": "${DB_MAX_POOL_SIZE}"
+ },
+ {
+ "name": "DB_TX_ISOLATION",
+ "value": "${DB_TX_ISOLATION}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_LABELS",
+ "value": "application=${APPLICATION_NAME}"
+ },
+ {
+ "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
+ "valueFrom": {
+ "fieldRef": {
+ "fieldPath": "metadata.namespace"
+ }
+ }
+ },
+ {
+ "name": "HTTPS_KEYSTORE_DIR",
+ "value": "/etc/eap-secret-volume"
+ },
+ {
+ "name": "HTTPS_KEYSTORE",
+ "value": "${HTTPS_KEYSTORE}"
+ },
+ {
+ "name": "HTTPS_KEYSTORE_TYPE",
+ "value": "${HTTPS_KEYSTORE_TYPE}"
+ },
+ {
+ "name": "HTTPS_NAME",
+ "value": "${HTTPS_NAME}"
+ },
+ {
+ "name": "HTTPS_PASSWORD",
+ "value": "${HTTPS_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_SECRET",
+ "value": "${JGROUPS_ENCRYPT_SECRET}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
+ "value": "/etc/jgroups-encrypt-secret-volume"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_KEYSTORE",
+ "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_NAME",
+ "value": "${JGROUPS_ENCRYPT_NAME}"
+ },
+ {
+ "name": "JGROUPS_ENCRYPT_PASSWORD",
+ "value": "${JGROUPS_ENCRYPT_PASSWORD}"
+ },
+ {
+ "name": "JGROUPS_CLUSTER_PASSWORD",
+ "value": "${JGROUPS_CLUSTER_PASSWORD}"
+ },
+ {
+ "name": "SSO_ADMIN_USERNAME",
+ "value": "${SSO_ADMIN_USERNAME}"
+ },
+ {
+ "name": "SSO_ADMIN_PASSWORD",
+ "value": "${SSO_ADMIN_PASSWORD}"
+ },
+ {
+ "name": "SSO_REALM",
+ "value": "${SSO_REALM}"
+ },
+ {
+ "name": "SSO_SERVICE_USERNAME",
+ "value": "${SSO_SERVICE_USERNAME}"
+ },
+ {
+ "name": "SSO_SERVICE_PASSWORD",
+ "value": "${SSO_SERVICE_PASSWORD}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE",
+ "value": "${SSO_TRUSTSTORE}"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_DIR",
+ "value": "/etc/sso-secret-volume"
+ },
+ {
+ "name": "SSO_TRUSTSTORE_PASSWORD",
+ "value": "${SSO_TRUSTSTORE_PASSWORD}"
+ }
+ ]
+ }
+ ],
+ "volumes": [
+ {
+ "name": "eap-keystore-volume",
+ "secret": {
+ "secretName": "${HTTPS_SECRET}"
+ }
+ },
+ {
+ "name": "eap-jgroups-keystore-volume",
+ "secret": {
+ "secretName": "${JGROUPS_ENCRYPT_SECRET}"
+ }
+ },
+ {
+ "name": "sso-truststore-volume",
+ "secret": {
+ "secretName": "${SSO_TRUSTSTORE_SECRET}"
+ }
+ }
+ ]
+ }
+ }
+ }
+ },
+ {
+ "kind": "DeploymentConfig",
+ "apiVersion": "v1",
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "application": "${APPLICATION_NAME}",
+ "component": "database"
+ }
+ },
+ "spec": {
+ "strategy": {
+ "type": "Recreate"
+ },
+ "triggers": [
+ {
+ "type": "ImageChange",
+ "imageChangeParams": {
+ "automatic": true,
+ "containerNames": [
+ "${APPLICATION_NAME}-postgresql"
+ ],
+ "from": {
+ "kind": "ImageStreamTag",
+ "namespace": "${IMAGE_STREAM_NAMESPACE}",
+ "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ }
+ }
+ },
+ {
+ "type": "ConfigChange"
+ }
+ ],
+ "replicas": 1,
+ "selector": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql"
+ },
+ "template": {
+ "metadata": {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "labels": {
+ "deploymentConfig": "${APPLICATION_NAME}-postgresql",
+ "application": "${APPLICATION_NAME}",
+ "component": "database"
+ }
+ },
+ "spec": {
+ "terminationGracePeriodSeconds": 60,
+ "containers": [
+ {
+ "name": "${APPLICATION_NAME}-postgresql",
+ "image": "postgresql",
+ "imagePullPolicy": "Always",
+ "ports": [
+ {
+ "containerPort": 5432,
+ "protocol": "TCP"
+ }
+ ],
+ "env": [
+ {
+ "name": "POSTGRESQL_USER",
+ "value": "${DB_USERNAME}"
+ },
+ {
+ "name": "POSTGRESQL_PASSWORD",
+ "value": "${DB_PASSWORD}"
+ },
+ {
+ "name": "POSTGRESQL_DATABASE",
+ "value": "${DB_DATABASE}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_CONNECTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS",
+ "value": "${POSTGRESQL_MAX_CONNECTIONS}"
+ },
+ {
+ "name": "POSTGRESQL_SHARED_BUFFERS",
+ "value": "${POSTGRESQL_SHARED_BUFFERS}"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
+ }
+ ]
+}
diff --git a/roles/openshift_examples/tasks/main.yml b/roles/openshift_examples/tasks/main.yml
index 551e21e72..1a4562776 100644
--- a/roles/openshift_examples/tasks/main.yml
+++ b/roles/openshift_examples/tasks/main.yml
@@ -53,7 +53,7 @@
# RHEL and Centos image streams are mutually exclusive
- name: Import RHEL streams
command: >
- {{ openshift.common.client_binary }} {{ openshift_examples_import_command }} -n openshift -f {{ item }}
+ {{ openshift.common.client_binary }} {{ openshift_examples_import_command }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig -n openshift -f {{ item }}
when: openshift_examples_load_rhel | bool
with_items:
- "{{ rhel_image_streams }}"
@@ -63,7 +63,7 @@
- name: Import Centos Image streams
command: >
- {{ openshift.common.client_binary }} {{ openshift_examples_import_command }} -n openshift -f {{ centos_image_streams }}
+ {{ openshift.common.client_binary }} {{ openshift_examples_import_command }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig -n openshift -f {{ centos_image_streams }}
when: openshift_examples_load_centos | bool
register: oex_import_centos_streams
failed_when: "'already exists' not in oex_import_centos_streams.stderr and oex_import_centos_streams.rc != 0"
@@ -71,7 +71,7 @@
- name: Import db templates
command: >
- {{ openshift.common.client_binary }} {{ openshift_examples_import_command }} -n openshift -f {{ db_templates_base }}
+ {{ openshift.common.client_binary }} {{ openshift_examples_import_command }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig -n openshift -f {{ db_templates_base }}
when: openshift_examples_load_db_templates | bool
register: oex_import_db_templates
failed_when: "'already exists' not in oex_import_db_templates.stderr and oex_import_db_templates.rc != 0"
@@ -88,7 +88,7 @@
- "{{ quickstarts_base }}/django.json"
- name: Remove defunct quickstart templates from openshift namespace
- command: "{{ openshift.common.client_binary }} -n openshift delete templates/{{ item }}"
+ command: "{{ openshift.common.client_binary }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig -n openshift delete templates/{{ item }}"
with_items:
- nodejs-example
- cakephp-example
@@ -100,7 +100,7 @@
- name: Import quickstart-templates
command: >
- {{ openshift.common.client_binary }} {{ openshift_examples_import_command }} -n openshift -f {{ quickstarts_base }}
+ {{ openshift.common.client_binary }} {{ openshift_examples_import_command }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig -n openshift -f {{ quickstarts_base }}
when: openshift_examples_load_quickstarts | bool
register: oex_import_quickstarts
failed_when: "'already exists' not in oex_import_quickstarts.stderr and oex_import_quickstarts.rc != 0"
@@ -114,7 +114,7 @@
- "{{ xpaas_templates_base }}/sso70-basic.json"
- name: Remove old xPaas templates from openshift namespace
- command: "{{ openshift.common.client_binary }} -n openshift delete templates/{{ item }}"
+ command: "{{ openshift.common.client_binary }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig -n openshift delete templates/{{ item }}"
with_items:
- sso70-basic
register: oex_delete_old_xpaas_templates
@@ -123,7 +123,7 @@
- name: Import xPaas image streams
command: >
- {{ openshift.common.client_binary }} {{ openshift_examples_import_command }} -n openshift -f {{ xpaas_image_streams }}
+ {{ openshift.common.client_binary }} {{ openshift_examples_import_command }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig -n openshift -f {{ xpaas_image_streams }}
when: openshift_examples_load_xpaas | bool
register: oex_import_xpaas_streams
failed_when: "'already exists' not in oex_import_xpaas_streams.stderr and oex_import_xpaas_streams.rc != 0"
@@ -131,7 +131,7 @@
- name: Import xPaas templates
command: >
- {{ openshift.common.client_binary }} {{ openshift_examples_import_command }} -n openshift -f {{ xpaas_templates_base }}
+ {{ openshift.common.client_binary }} {{ openshift_examples_import_command }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig -n openshift -f {{ xpaas_templates_base }}
when: openshift_examples_load_xpaas | bool
register: oex_import_xpaas_templates
failed_when: "'already exists' not in oex_import_xpaas_templates.stderr and oex_import_xpaas_templates.rc != 0"
diff --git a/roles/openshift_excluder/tasks/exclude.yml b/roles/openshift_excluder/tasks/exclude.yml
index 934f1b2d2..1b4818df9 100644
--- a/roles/openshift_excluder/tasks/exclude.yml
+++ b/roles/openshift_excluder/tasks/exclude.yml
@@ -5,7 +5,7 @@
register: docker_excluder_stat
- name: Enable docker excluder
- command: "{{ r_openshift_excluder_service_type }}-docker-excluder exclude"
+ command: "/sbin/{{ r_openshift_excluder_service_type }}-docker-excluder exclude"
when:
- r_openshift_excluder_enable_docker_excluder | bool
- docker_excluder_stat.stat.exists
@@ -16,7 +16,7 @@
register: openshift_excluder_stat
- name: Enable openshift excluder
- command: "{{ r_openshift_excluder_service_type }}-excluder exclude"
+ command: "/sbin/{{ r_openshift_excluder_service_type }}-excluder exclude"
when:
- r_openshift_excluder_enable_openshift_excluder | bool
- openshift_excluder_stat.stat.exists
diff --git a/roles/openshift_excluder/tasks/unexclude.yml b/roles/openshift_excluder/tasks/unexclude.yml
index a5ce8d5c7..a68165bde 100644
--- a/roles/openshift_excluder/tasks/unexclude.yml
+++ b/roles/openshift_excluder/tasks/unexclude.yml
@@ -9,7 +9,7 @@
register: docker_excluder_stat
- name: disable docker excluder
- command: "{{ r_openshift_excluder_service_type }}-docker-excluder unexclude"
+ command: "/sbin/{{ r_openshift_excluder_service_type }}-docker-excluder unexclude"
when:
- unexclude_docker_excluder | default(false) | bool
- docker_excluder_stat.stat.exists
@@ -20,7 +20,7 @@
register: openshift_excluder_stat
- name: disable openshift excluder
- command: "{{ r_openshift_excluder_service_type }}-excluder unexclude"
+ command: "/sbin/{{ r_openshift_excluder_service_type }}-excluder unexclude"
when:
- unexclude_openshift_excluder | default(false) | bool
- openshift_excluder_stat.stat.exists
diff --git a/roles/openshift_facts/defaults/main.yml b/roles/openshift_facts/defaults/main.yml
index 28b388560..cc4dc9365 100644
--- a/roles/openshift_facts/defaults/main.yml
+++ b/roles/openshift_facts/defaults/main.yml
@@ -1,2 +1,2 @@
---
-use_system_containers: false
+openshift_use_system_containers: false
diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py
index cfe092a28..49cc51b48 100755
--- a/roles/openshift_facts/library/openshift_facts.py
+++ b/roles/openshift_facts/library/openshift_facts.py
@@ -537,6 +537,7 @@ def set_node_schedulability(facts):
return facts
+# pylint: disable=too-many-branches
def set_selectors(facts):
""" Set selectors facts if not already present in facts dict
Args:
@@ -570,6 +571,10 @@ def set_selectors(facts):
facts['hosted']['logging'] = {}
if 'selector' not in facts['hosted']['logging'] or facts['hosted']['logging']['selector'] in [None, 'None']:
facts['hosted']['logging']['selector'] = None
+ if 'etcd' not in facts['hosted']:
+ facts['hosted']['etcd'] = {}
+ if 'selector' not in facts['hosted']['etcd'] or facts['hosted']['etcd']['selector'] in [None, 'None']:
+ facts['hosted']['etcd']['selector'] = None
return facts
@@ -907,17 +912,17 @@ def set_version_facts_if_unset(facts):
version_gte_3_1_1_or_1_1_1 = version >= LooseVersion('1.1.1')
version_gte_3_2_or_1_2 = version >= LooseVersion('1.2.0')
version_gte_3_3_or_1_3 = version >= LooseVersion('1.3.0')
- version_gte_3_4_or_1_4 = version >= LooseVersion('1.4.0')
- version_gte_3_5_or_1_5 = version >= LooseVersion('1.5.0')
- version_gte_3_6 = version >= LooseVersion('3.6.0')
+ version_gte_3_4_or_1_4 = version >= LooseVersion('1.4')
+ version_gte_3_5_or_1_5 = version >= LooseVersion('1.5')
+ version_gte_3_6 = version >= LooseVersion('3.6')
else:
version_gte_3_1_or_1_1 = version >= LooseVersion('3.0.2.905')
version_gte_3_1_1_or_1_1_1 = version >= LooseVersion('3.1.1')
version_gte_3_2_or_1_2 = version >= LooseVersion('3.1.1.901')
version_gte_3_3_or_1_3 = version >= LooseVersion('3.3.0')
- version_gte_3_4_or_1_4 = version >= LooseVersion('3.4.0')
- version_gte_3_5_or_1_5 = version >= LooseVersion('3.5.0')
- version_gte_3_6 = version >= LooseVersion('3.6.0')
+ version_gte_3_4_or_1_4 = version >= LooseVersion('3.4')
+ version_gte_3_5_or_1_5 = version >= LooseVersion('3.5')
+ version_gte_3_6 = version >= LooseVersion('3.6')
else:
# 'Latest' version is set to True, 'Next' versions set to False
version_gte_3_1_or_1_1 = True
@@ -1613,14 +1618,7 @@ def sort_unique(alist):
Returns:
list: a sorted de-duped list
"""
-
- alist.sort()
- out = list()
- for i in alist:
- if i not in out:
- out.append(i)
-
- return out
+ return sorted(list(set(alist)))
def safe_get_bool(fact):
@@ -1644,19 +1642,28 @@ def set_proxy_facts(facts):
"""
if 'common' in facts:
common = facts['common']
- if 'http_proxy' in common or 'https_proxy' in common:
+ if 'http_proxy' in common or 'https_proxy' in common or 'no_proxy' in common:
if 'no_proxy' in common and isinstance(common['no_proxy'], string_types):
common['no_proxy'] = common['no_proxy'].split(",")
elif 'no_proxy' not in common:
common['no_proxy'] = []
+
+ # See https://bugzilla.redhat.com/show_bug.cgi?id=1466783
+ # masters behind a proxy need to connect to etcd via IP
+ if 'no_proxy_etcd_host_ips' in common:
+ if isinstance(common['no_proxy_etcd_host_ips'], string_types):
+ common['no_proxy'].extend(common['no_proxy_etcd_host_ips'].split(','))
+
if 'generate_no_proxy_hosts' in common and safe_get_bool(common['generate_no_proxy_hosts']):
if 'no_proxy_internal_hostnames' in common:
common['no_proxy'].extend(common['no_proxy_internal_hostnames'].split(','))
# We always add local dns domain and ourselves no matter what
common['no_proxy'].append('.' + common['dns_domain'])
+ common['no_proxy'].append('.svc')
common['no_proxy'].append(common['hostname'])
common['no_proxy'] = ','.join(sort_unique(common['no_proxy']))
facts['common'] = common
+
return facts
@@ -2156,6 +2163,25 @@ class OpenShiftFacts(object):
create_pvc=False
)
),
+ etcd=dict(
+ storage=dict(
+ kind=None,
+ volume=dict(
+ name='etcd',
+ size='1Gi'
+ ),
+ nfs=dict(
+ directory='/exports',
+ options='*(rw,root_squash)'
+ ),
+ host=None,
+ access=dict(
+ modes=['ReadWriteOnce']
+ ),
+ create_pv=True,
+ create_pvc=False
+ )
+ ),
registry=dict(
storage=dict(
kind=None,
diff --git a/roles/openshift_facts/tasks/main.yml b/roles/openshift_facts/tasks/main.yml
index 50ed3e964..451386bf1 100644
--- a/roles/openshift_facts/tasks/main.yml
+++ b/roles/openshift_facts/tasks/main.yml
@@ -9,10 +9,10 @@
l_is_atomic: "{{ ostree_booted.stat.exists }}"
- set_fact:
l_is_containerized: "{{ (l_is_atomic | bool) or (containerized | default(false) | bool) }}"
- l_is_openvswitch_system_container: "{{ (use_openvswitch_system_container | default(use_system_containers) | bool) }}"
- l_is_node_system_container: "{{ (use_node_system_container | default(use_system_containers) | bool) }}"
- l_is_master_system_container: "{{ (use_master_system_container | default(use_system_containers) | bool) }}"
- l_is_etcd_system_container: "{{ (use_etcd_system_container | default(use_system_containers) | bool) }}"
+ l_is_openvswitch_system_container: "{{ (openshift_use_openvswitch_system_container | default(openshift_use_system_containers) | bool) }}"
+ l_is_node_system_container: "{{ (openshift_use_node_system_container | default(openshift_use_system_containers) | bool) }}"
+ l_is_master_system_container: "{{ (openshift_use_master_system_container | default(openshift_use_system_containers) | bool) }}"
+ l_is_etcd_system_container: "{{ (openshift_use_etcd_system_container | default(openshift_use_system_containers) | bool) }}"
- set_fact:
l_any_system_container: "{{ l_is_etcd_system_container or l_is_openvswitch_system_container or l_is_node_system_container or l_is_master_system_container }}"
- set_fact:
diff --git a/roles/openshift_health_checker/action_plugins/openshift_health_check.py b/roles/openshift_health_checker/action_plugins/openshift_health_check.py
index a62e4331e..581dd7d15 100644
--- a/roles/openshift_health_checker/action_plugins/openshift_health_check.py
+++ b/roles/openshift_health_checker/action_plugins/openshift_health_check.py
@@ -37,15 +37,14 @@ class ActionModule(ActionBase):
return result
try:
- known_checks = self.load_known_checks()
+ known_checks = self.load_known_checks(tmp, task_vars)
+ args = self._task.args
+ resolved_checks = resolve_checks(args.get("checks", []), known_checks.values())
except OpenShiftCheckException as e:
result["failed"] = True
result["msg"] = str(e)
return result
- args = self._task.args
- resolved_checks = resolve_checks(args.get("checks", []), known_checks.values())
-
result["checks"] = check_results = {}
user_disabled_checks = [
@@ -57,13 +56,13 @@ class ActionModule(ActionBase):
display.banner("CHECK [{} : {}]".format(check_name, task_vars["ansible_host"]))
check = known_checks[check_name]
- if not check.is_active(task_vars):
+ if not check.is_active():
r = dict(skipped=True, skipped_reason="Not active for this host")
elif check_name in user_disabled_checks:
r = dict(skipped=True, skipped_reason="Disabled by user request")
else:
try:
- r = check.run(tmp, task_vars)
+ r = check.run()
except OpenShiftCheckException as e:
r = dict(
failed=True,
@@ -79,7 +78,7 @@ class ActionModule(ActionBase):
result["changed"] = any(r.get("changed", False) for r in check_results.values())
return result
- def load_known_checks(self):
+ def load_known_checks(self, tmp, task_vars):
load_checks()
known_checks = {}
@@ -92,7 +91,7 @@ class ActionModule(ActionBase):
check_name,
cls.__module__, cls.__name__,
other_cls.__module__, other_cls.__name__))
- known_checks[check_name] = cls(execute_module=self._execute_module)
+ known_checks[check_name] = cls(execute_module=self._execute_module, tmp=tmp, task_vars=task_vars)
return known_checks
diff --git a/roles/openshift_health_checker/callback_plugins/zz_failure_summary.py b/roles/openshift_health_checker/callback_plugins/zz_failure_summary.py
index 64c29a8d9..d10200719 100644
--- a/roles/openshift_health_checker/callback_plugins/zz_failure_summary.py
+++ b/roles/openshift_health_checker/callback_plugins/zz_failure_summary.py
@@ -1,6 +1,6 @@
-'''
-Ansible callback plugin.
-'''
+"""
+Ansible callback plugin to give a nicely formatted summary of failures.
+"""
# Reason: In several locations below we disable pylint protected-access
# for Ansible objects that do not give us any public way
@@ -16,11 +16,11 @@ from ansible.utils.color import stringc
class CallbackModule(CallbackBase):
- '''
+ """
This callback plugin stores task results and summarizes failures.
The file name is prefixed with `zz_` to make this plugin be loaded last by
Ansible, thus making its output the last thing that users see.
- '''
+ """
CALLBACK_VERSION = 2.0
CALLBACK_TYPE = 'aggregate'
@@ -39,7 +39,8 @@ class CallbackModule(CallbackBase):
def v2_runner_on_failed(self, result, ignore_errors=False):
super(CallbackModule, self).v2_runner_on_failed(result, ignore_errors)
- self.__failures.append(dict(result=result, ignore_errors=ignore_errors))
+ if not ignore_errors:
+ self.__failures.append(dict(result=result, ignore_errors=ignore_errors))
def v2_playbook_on_stats(self, stats):
super(CallbackModule, self).v2_playbook_on_stats(stats)
@@ -47,7 +48,7 @@ class CallbackModule(CallbackBase):
self._print_failure_details(self.__failures)
def _print_failure_details(self, failures):
- '''Print a summary of failed tasks or checks.'''
+ """Print a summary of failed tasks or checks."""
self._display.display(u'\nFailure summary:\n')
width = len(str(len(failures)))
@@ -68,7 +69,9 @@ class CallbackModule(CallbackBase):
playbook_context = None
# re: result attrs see top comment # pylint: disable=protected-access
for failure in failures:
- # get context from check task result since callback plugins cannot access task vars
+ # Get context from check task result since callback plugins cannot access task vars.
+ # NOTE: thus context is not known unless checks run. Failures prior to checks running
+ # don't have playbook_context in the results. But we only use it now when checks fail.
playbook_context = playbook_context or failure['result']._result.get('playbook_context')
failed_checks.update(
name
@@ -80,8 +83,11 @@ class CallbackModule(CallbackBase):
def _print_check_failure_summary(self, failed_checks, context):
checks = ','.join(sorted(failed_checks))
- # NOTE: context is not set if all failures occurred prior to checks task
- summary = (
+ # The purpose of specifying context is to vary the output depending on what the user was
+ # expecting to happen (based on which playbook they ran). The only use currently is to
+ # vary the message depending on whether the user was deliberately running checks or was
+ # trying to install/upgrade and checks are just included. Other use cases may arise.
+ summary = ( # default to explaining what checks are in the first place
'\n'
'The execution of "{playbook}"\n'
'includes checks designed to fail early if the requirements\n'
@@ -93,27 +99,26 @@ class CallbackModule(CallbackBase):
'Some checks may be configurable by variables if your requirements\n'
'are different from the defaults; consult check documentation.\n'
'Variables can be set in the inventory or passed on the\n'
- 'command line using the -e flag to ansible-playbook.\n'
+ 'command line using the -e flag to ansible-playbook.\n\n'
).format(playbook=self._playbook_file, checks=checks)
if context in ['pre-install', 'health']:
- summary = (
+ summary = ( # user was expecting to run checks, less explanation needed
'\n'
'You may choose to configure or disable failing checks by\n'
'setting Ansible variables. To disable those above:\n\n'
' openshift_disable_check={checks}\n\n'
'Consult check documentation for configurable variables.\n'
'Variables can be set in the inventory or passed on the\n'
- 'command line using the -e flag to ansible-playbook.\n'
+ 'command line using the -e flag to ansible-playbook.\n\n'
).format(checks=checks)
- # other expected contexts: install, upgrade
self._display.display(summary)
# re: result attrs see top comment # pylint: disable=protected-access
def _format_failure(failure):
- '''Return a list of pretty-formatted text entries describing a failure, including
+ """Return a list of pretty-formatted text entries describing a failure, including
relevant information about it. Expect that the list of text entries will be joined
- by a newline separator when output to the user.'''
+ by a newline separator when output to the user."""
result = failure['result']
host = result._host.get_name()
play = _get_play(result._task)
@@ -134,7 +139,7 @@ def _format_failure(failure):
def _format_failed_checks(checks):
- '''Return pretty-formatted text describing checks that failed.'''
+ """Return pretty-formatted text describing checks that failed."""
failed_check_msgs = []
for check, body in checks.items():
if body.get('failed', False): # only show the failed checks
@@ -149,7 +154,7 @@ def _format_failed_checks(checks):
# This is inspired by ansible.playbook.base.Base.dump_me.
# re: play/task/block attrs see top comment # pylint: disable=protected-access
def _get_play(obj):
- '''Given a task or block, recursively tries to find its parent play.'''
+ """Given a task or block, recursively try to find its parent play."""
if hasattr(obj, '_play'):
return obj._play
if getattr(obj, '_parent'):
diff --git a/roles/openshift_health_checker/library/aos_version.py b/roles/openshift_health_checker/library/aos_version.py
index 4c205e48c..f9babebb9 100755..100644
--- a/roles/openshift_health_checker/library/aos_version.py
+++ b/roles/openshift_health_checker/library/aos_version.py
@@ -1,5 +1,5 @@
#!/usr/bin/python
-'''
+"""
Ansible module for yum-based systems determining if multiple releases
of an OpenShift package are available, and if the release requested
(if any) is available down to the given precision.
@@ -16,9 +16,13 @@ of release availability already. Without duplicating all that, we would
like the user to have a helpful error message if we detect things will
not work out right. Note that if openshift_release is not specified in
the inventory, the version comparison checks just pass.
-'''
+"""
from ansible.module_utils.basic import AnsibleModule
+# NOTE: because of the dependency on yum (Python 2-only), this module does not
+# work under Python 3. But since we run unit tests against both Python 2 and
+# Python 3, we use six for cross compatibility in this module alone:
+from ansible.module_utils.six import string_types
IMPORT_EXCEPTION = None
try:
@@ -28,7 +32,7 @@ except ImportError as err:
class AosVersionException(Exception):
- '''Base exception class for package version problems'''
+ """Base exception class for package version problems"""
def __init__(self, message, problem_pkgs=None):
Exception.__init__(self, message)
self.problem_pkgs = problem_pkgs
@@ -122,12 +126,15 @@ def _check_precise_version_found(pkgs, expected_pkgs_dict):
for pkg in pkgs:
if pkg.name not in expected_pkgs_dict:
continue
- # does the version match, to the precision requested?
- # and, is it strictly greater, at the precision requested?
- expected_pkg_version = expected_pkgs_dict[pkg.name]["version"]
- match_version = '.'.join(pkg.version.split('.')[:expected_pkg_version.count('.') + 1])
- if match_version == expected_pkg_version:
- pkgs_precise_version_found.add(pkg.name)
+ expected_pkg_versions = expected_pkgs_dict[pkg.name]["version"]
+ if isinstance(expected_pkg_versions, string_types):
+ expected_pkg_versions = [expected_pkg_versions]
+ for expected_pkg_version in expected_pkg_versions:
+ # does the version match, to the precision requested?
+ # and, is it strictly greater, at the precision requested?
+ match_version = '.'.join(pkg.version.split('.')[:expected_pkg_version.count('.') + 1])
+ if match_version == expected_pkg_version:
+ pkgs_precise_version_found.add(pkg.name)
not_found = []
for name, pkg in expected_pkgs_dict.items():
@@ -157,8 +164,13 @@ def _check_higher_version_found(pkgs, expected_pkgs_dict):
for pkg in pkgs:
if pkg.name not in expected_pkg_names:
continue
- expected_pkg_version = expected_pkgs_dict[pkg.name]["version"]
- req_release_arr = [int(segment) for segment in expected_pkg_version.split(".")]
+ expected_pkg_versions = expected_pkgs_dict[pkg.name]["version"]
+ if isinstance(expected_pkg_versions, string_types):
+ expected_pkg_versions = [expected_pkg_versions]
+ # NOTE: the list of versions is assumed to be sorted so that the highest
+ # desirable version is the last.
+ highest_desirable_version = expected_pkg_versions[-1]
+ req_release_arr = [int(segment) for segment in highest_desirable_version.split(".")]
version = [int(segment) for segment in pkg.version.split(".")]
too_high = version[:len(req_release_arr)] > req_release_arr
higher_than_seen = version > higher_version_for_pkg.get(pkg.name, [])
diff --git a/roles/openshift_health_checker/library/check_yum_update.py b/roles/openshift_health_checker/library/check_yum_update.py
index 433795b67..433795b67 100755..100644
--- a/roles/openshift_health_checker/library/check_yum_update.py
+++ b/roles/openshift_health_checker/library/check_yum_update.py
diff --git a/roles/openshift_health_checker/library/docker_info.py b/roles/openshift_health_checker/library/docker_info.py
index 7f712bcff..0d0ddae8b 100644
--- a/roles/openshift_health_checker/library/docker_info.py
+++ b/roles/openshift_health_checker/library/docker_info.py
@@ -1,4 +1,3 @@
-# pylint: disable=missing-docstring
"""
Ansible module for determining information about the docker host.
@@ -13,6 +12,7 @@ from ansible.module_utils.docker_common import AnsibleDockerClient
def main():
+ """Entrypoint for running an Ansible module."""
client = AnsibleDockerClient()
client.module.exit_json(
diff --git a/roles/openshift_health_checker/library/search_journalctl.py b/roles/openshift_health_checker/library/search_journalctl.py
new file mode 100644
index 000000000..3631f71c8
--- /dev/null
+++ b/roles/openshift_health_checker/library/search_journalctl.py
@@ -0,0 +1,150 @@
+#!/usr/bin/python
+"""Interface to journalctl."""
+
+from time import time
+import json
+import re
+import subprocess
+
+from ansible.module_utils.basic import AnsibleModule
+
+
+class InvalidMatcherRegexp(Exception):
+ """Exception class for invalid matcher regexp."""
+ pass
+
+
+class InvalidLogEntry(Exception):
+ """Exception class for invalid / non-json log entries."""
+ pass
+
+
+class LogInputSubprocessError(Exception):
+ """Exception class for errors that occur while executing a subprocess."""
+ pass
+
+
+def main():
+ """Scan a given list of "log_matchers" for journalctl messages containing given patterns.
+ "log_matchers" is a list of dicts consisting of three keys that help fine-tune log searching:
+ 'start_regexp', 'regexp', and 'unit'.
+
+ Sample "log_matchers" list:
+
+ [
+ {
+ 'start_regexp': r'Beginning of systemd unit',
+ 'regexp': r'the specific log message to find',
+ 'unit': 'etcd',
+ }
+ ]
+ """
+ module = AnsibleModule(
+ argument_spec=dict(
+ log_count_limit=dict(type="int", default=500),
+ log_matchers=dict(type="list", required=True),
+ ),
+ )
+
+ timestamp_limit_seconds = time() - 60 * 60 # 1 hour
+
+ log_count_limit = module.params["log_count_limit"]
+ log_matchers = module.params["log_matchers"]
+
+ matched_regexp, errors = get_log_matches(log_matchers, log_count_limit, timestamp_limit_seconds)
+
+ module.exit_json(
+ changed=False,
+ failed=bool(errors),
+ errors=errors,
+ matched=matched_regexp,
+ )
+
+
+def get_log_matches(matchers, log_count_limit, timestamp_limit_seconds):
+ """Return a list of up to log_count_limit matches for each matcher.
+
+ Log entries are only considered if newer than timestamp_limit_seconds.
+ """
+ matched_regexp = []
+ errors = []
+
+ for matcher in matchers:
+ try:
+ log_output = get_log_output(matcher)
+ except LogInputSubprocessError as err:
+ errors.append(str(err))
+ continue
+
+ try:
+ matched = find_matches(log_output, matcher, log_count_limit, timestamp_limit_seconds)
+ if matched:
+ matched_regexp.append(matcher.get("regexp", ""))
+ except InvalidMatcherRegexp as err:
+ errors.append(str(err))
+ except InvalidLogEntry as err:
+ errors.append(str(err))
+
+ return matched_regexp, errors
+
+
+def get_log_output(matcher):
+ """Return an iterator on the logs of a given matcher."""
+ try:
+ cmd_output = subprocess.Popen(list([
+ '/bin/journalctl',
+ '-ru', matcher.get("unit", ""),
+ '--output', 'json',
+ ]), stdout=subprocess.PIPE)
+
+ return iter(cmd_output.stdout.readline, '')
+
+ except subprocess.CalledProcessError as exc:
+ msg = "Could not obtain journalctl logs for the specified systemd unit: {}: {}"
+ raise LogInputSubprocessError(msg.format(matcher.get("unit", "<missing>"), str(exc)))
+ except OSError as exc:
+ raise LogInputSubprocessError(str(exc))
+
+
+def find_matches(log_output, matcher, log_count_limit, timestamp_limit_seconds):
+ """Return log messages matched in iterable log_output by a given matcher.
+
+ Ignore any log_output items older than timestamp_limit_seconds.
+ """
+ try:
+ regexp = re.compile(matcher.get("regexp", ""))
+ start_regexp = re.compile(matcher.get("start_regexp", ""))
+ except re.error as err:
+ msg = "A log matcher object was provided with an invalid regular expression: {}"
+ raise InvalidMatcherRegexp(msg.format(str(err)))
+
+ matched = None
+
+ for log_count, line in enumerate(log_output):
+ if log_count >= log_count_limit:
+ break
+
+ try:
+ obj = json.loads(line)
+
+ # don't need to look past the most recent service restart
+ if start_regexp.match(obj["MESSAGE"]):
+ break
+
+ log_timestamp_seconds = float(obj["__REALTIME_TIMESTAMP"]) / 1000000
+ if log_timestamp_seconds < timestamp_limit_seconds:
+ break
+
+ if regexp.match(obj["MESSAGE"]):
+ matched = line
+ break
+
+ except ValueError:
+ msg = "Log entry for systemd unit {} contained invalid json syntax: {}"
+ raise InvalidLogEntry(msg.format(matcher.get("unit"), line))
+
+ return matched
+
+
+if __name__ == '__main__':
+ main()
diff --git a/roles/openshift_health_checker/openshift_checks/__init__.py b/roles/openshift_health_checker/openshift_checks/__init__.py
index 5c9949ced..40a28cde5 100644
--- a/roles/openshift_health_checker/openshift_checks/__init__.py
+++ b/roles/openshift_health_checker/openshift_checks/__init__.py
@@ -19,15 +19,21 @@ class OpenShiftCheckException(Exception):
@six.add_metaclass(ABCMeta)
class OpenShiftCheck(object):
- """A base class for defining checks for an OpenShift cluster environment."""
+ """
+ A base class for defining checks for an OpenShift cluster environment.
+
+ Expect optional params: method execute_module, dict task_vars, and string tmp.
+ execute_module is expected to have a signature compatible with _execute_module
+ from ansible plugins/action/__init__.py, e.g.:
+ def execute_module(module_name=None, module_args=None, tmp=None, task_vars=None, *args):
+ This is stored so that it can be invoked in subclasses via check.execute_module("name", args)
+ which provides the check's stored task_vars and tmp.
+ """
- def __init__(self, execute_module=None, module_executor=None):
- if execute_module is module_executor is None:
- raise TypeError(
- "__init__() takes either execute_module (recommended) "
- "or module_executor (deprecated), none given")
- self.execute_module = execute_module or module_executor
- self.module_executor = self.execute_module
+ def __init__(self, execute_module=None, task_vars=None, tmp=None):
+ self._execute_module = execute_module
+ self.task_vars = task_vars or {}
+ self.tmp = tmp
@abstractproperty
def name(self):
@@ -43,13 +49,13 @@ class OpenShiftCheck(object):
"""
return []
- @classmethod
- def is_active(cls, task_vars): # pylint: disable=unused-argument
+ @staticmethod
+ def is_active():
"""Returns true if this check applies to the ansible-playbook run."""
return True
@abstractmethod
- def run(self, tmp, task_vars):
+ def run(self):
"""Executes a check, normally implemented as a module."""
return {}
@@ -62,6 +68,43 @@ class OpenShiftCheck(object):
for subclass in subclass.subclasses():
yield subclass
+ def execute_module(self, module_name=None, module_args=None):
+ """Invoke an Ansible module from a check.
+
+ Invoke stored _execute_module, normally copied from the action
+ plugin, with its params and the task_vars and tmp given at
+ check initialization. No positional parameters beyond these
+ are specified. If it's necessary to specify any of the other
+ parameters to _execute_module then that should just be invoked
+ directly (with awareness of changes in method signature per
+ Ansible version).
+
+ So e.g. check.execute_module("foo", dict(arg1=...))
+ Return: result hash from module execution.
+ """
+ if self._execute_module is None:
+ raise NotImplementedError(
+ self.__class__.__name__ +
+ " invoked execute_module without providing the method at initialization."
+ )
+ return self._execute_module(module_name, module_args, self.tmp, self.task_vars)
+
+ def get_var(self, *keys, **kwargs):
+ """Get deeply nested values from task_vars.
+
+ Ansible task_vars structures are Python dicts, often mapping strings to
+ other dicts. This helper makes it easier to get a nested value, raising
+ OpenShiftCheckException when a key is not found or returning a default value
+ provided as a keyword argument.
+ """
+ try:
+ value = reduce(operator.getitem, keys, self.task_vars)
+ except (KeyError, TypeError):
+ if "default" in kwargs:
+ return kwargs["default"]
+ raise OpenShiftCheckException("'{}' is undefined".format(".".join(map(str, keys))))
+ return value
+
LOADER_EXCLUDES = (
"__init__.py",
@@ -86,20 +129,3 @@ def load_checks(path=None, subpkg=""):
modules.append(import_module(__package__ + subpkg + "." + name[:-3]))
return modules
-
-
-def get_var(task_vars, *keys, **kwargs):
- """Helper function to get deeply nested values from task_vars.
-
- Ansible task_vars structures are Python dicts, often mapping strings to
- other dicts. This helper makes it easier to get a nested value, raising
- OpenShiftCheckException when a key is not found or returning a default value
- provided as a keyword argument.
- """
- try:
- value = reduce(operator.getitem, keys, task_vars)
- except (KeyError, TypeError):
- if "default" in kwargs:
- return kwargs["default"]
- raise OpenShiftCheckException("'{}' is undefined".format(".".join(map(str, keys))))
- return value
diff --git a/roles/openshift_health_checker/openshift_checks/disk_availability.py b/roles/openshift_health_checker/openshift_checks/disk_availability.py
index 962148cb8..283461294 100644
--- a/roles/openshift_health_checker/openshift_checks/disk_availability.py
+++ b/roles/openshift_health_checker/openshift_checks/disk_availability.py
@@ -1,9 +1,12 @@
-# pylint: disable=missing-docstring
-from openshift_checks import OpenShiftCheck, OpenShiftCheckException, get_var
-from openshift_checks.mixins import NotContainerizedMixin
+"""Check that there is enough disk space in predefined paths."""
+import os.path
+import tempfile
-class DiskAvailability(NotContainerizedMixin, OpenShiftCheck):
+from openshift_checks import OpenShiftCheck, OpenShiftCheckException
+
+
+class DiskAvailability(OpenShiftCheck):
"""Check that recommended disk space is available before a first-time install."""
name = "disk_availability"
@@ -12,56 +15,100 @@ class DiskAvailability(NotContainerizedMixin, OpenShiftCheck):
# Values taken from the official installation documentation:
# https://docs.openshift.org/latest/install_config/install/prerequisites.html#system-requirements
recommended_disk_space_bytes = {
- "masters": 40 * 10**9,
- "nodes": 15 * 10**9,
- "etcd": 20 * 10**9,
+ '/var': {
+ 'masters': 40 * 10**9,
+ 'nodes': 15 * 10**9,
+ 'etcd': 20 * 10**9,
+ },
+ # Used to copy client binaries into,
+ # see roles/openshift_cli/library/openshift_container_binary_sync.py.
+ '/usr/local/bin': {
+ 'masters': 1 * 10**9,
+ 'nodes': 1 * 10**9,
+ 'etcd': 1 * 10**9,
+ },
+ # Used as temporary storage in several cases.
+ tempfile.gettempdir(): {
+ 'masters': 1 * 10**9,
+ 'nodes': 1 * 10**9,
+ 'etcd': 1 * 10**9,
+ },
}
- @classmethod
- def is_active(cls, task_vars):
+ def is_active(self):
"""Skip hosts that do not have recommended disk space requirements."""
- group_names = get_var(task_vars, "group_names", default=[])
- has_disk_space_recommendation = bool(set(group_names).intersection(cls.recommended_disk_space_bytes))
- return super(DiskAvailability, cls).is_active(task_vars) and has_disk_space_recommendation
-
- def run(self, tmp, task_vars):
- group_names = get_var(task_vars, "group_names")
- ansible_mounts = get_var(task_vars, "ansible_mounts")
- free_bytes = self.openshift_available_disk(ansible_mounts)
-
- recommended_min = max(self.recommended_disk_space_bytes.get(name, 0) for name in group_names)
- configured_min = int(get_var(task_vars, "openshift_check_min_host_disk_gb", default=0)) * 10**9
- min_free_bytes = configured_min or recommended_min
-
- if free_bytes < min_free_bytes:
- return {
- 'failed': True,
- 'msg': (
- 'Available disk space ({:.1f} GB) for the volume containing '
- '"/var" is below minimum recommended space ({:.1f} GB)'
- ).format(float(free_bytes) / 10**9, float(min_free_bytes) / 10**9)
+ group_names = self.get_var("group_names", default=[])
+ active_groups = set()
+ for recommendation in self.recommended_disk_space_bytes.values():
+ active_groups.update(recommendation.keys())
+ has_disk_space_recommendation = bool(active_groups.intersection(group_names))
+ return super(DiskAvailability, self).is_active() and has_disk_space_recommendation
+
+ def run(self):
+ group_names = self.get_var("group_names")
+ ansible_mounts = self.get_var("ansible_mounts")
+ ansible_mounts = {mount['mount']: mount for mount in ansible_mounts}
+
+ user_config = self.get_var("openshift_check_min_host_disk_gb", default={})
+ try:
+ # For backwards-compatibility, if openshift_check_min_host_disk_gb
+ # is a number, then it overrides the required config for '/var'.
+ number = float(user_config)
+ user_config = {
+ '/var': {
+ 'masters': number,
+ 'nodes': number,
+ 'etcd': number,
+ },
}
+ except TypeError:
+ # If it is not a number, then it should be a nested dict.
+ pass
+
+ # TODO: as suggested in
+ # https://github.com/openshift/openshift-ansible/pull/4436#discussion_r122180021,
+ # maybe we could support checking disk availability in paths that are
+ # not part of the official recommendation but present in the user
+ # configuration.
+ for path, recommendation in self.recommended_disk_space_bytes.items():
+ free_bytes = self.free_bytes(path, ansible_mounts)
+ recommended_bytes = max(recommendation.get(name, 0) for name in group_names)
+
+ config = user_config.get(path, {})
+ # NOTE: the user config is in GB, but we compare bytes, thus the
+ # conversion.
+ config_bytes = max(config.get(name, 0) for name in group_names) * 10**9
+ recommended_bytes = config_bytes or recommended_bytes
+
+ if free_bytes < recommended_bytes:
+ free_gb = float(free_bytes) / 10**9
+ recommended_gb = float(recommended_bytes) / 10**9
+ return {
+ 'failed': True,
+ 'msg': (
+ 'Available disk space in "{}" ({:.1f} GB) '
+ 'is below minimum recommended ({:.1f} GB)'
+ ).format(path, free_gb, recommended_gb)
+ }
return {}
@staticmethod
- def openshift_available_disk(ansible_mounts):
- """Determine the available disk space for an OpenShift installation.
-
- ansible_mounts should be a list of dicts like the 'setup' Ansible module
- returns.
- """
- # priority list in descending order
- supported_mnt_paths = ["/var", "/"]
- available_mnts = {mnt.get("mount"): mnt for mnt in ansible_mounts}
+ def free_bytes(path, ansible_mounts):
+ """Return the size available in path based on ansible_mounts."""
+ mount_point = path
+ # arbitry value to prevent an infinite loop, in the unlike case that '/'
+ # is not in ansible_mounts.
+ max_depth = 32
+ while mount_point not in ansible_mounts and max_depth > 0:
+ mount_point = os.path.dirname(mount_point)
+ max_depth -= 1
try:
- for path in supported_mnt_paths:
- if path in available_mnts:
- return available_mnts[path]["size_available"]
+ free_bytes = ansible_mounts[mount_point]['size_available']
except KeyError:
- pass
+ known_mounts = ', '.join('"{}"'.format(mount) for mount in sorted(ansible_mounts)) or 'none'
+ msg = 'Unable to determine disk availability for "{}". Known mount points: {}.'
+ raise OpenShiftCheckException(msg.format(path, known_mounts))
- paths = ''.join(sorted(available_mnts)) or 'none'
- msg = "Unable to determine available disk space. Paths mounted: {}.".format(paths)
- raise OpenShiftCheckException(msg)
+ return free_bytes
diff --git a/roles/openshift_health_checker/openshift_checks/docker_image_availability.py b/roles/openshift_health_checker/openshift_checks/docker_image_availability.py
index 60aacf715..77180223e 100644
--- a/roles/openshift_health_checker/openshift_checks/docker_image_availability.py
+++ b/roles/openshift_health_checker/openshift_checks/docker_image_availability.py
@@ -1,6 +1,6 @@
"""Check that required Docker images are available."""
-from openshift_checks import OpenShiftCheck, get_var
+from openshift_checks import OpenShiftCheck
from openshift_checks.mixins import DockerHostMixin
@@ -22,25 +22,26 @@ DEPLOYMENT_IMAGE_INFO = {
class DockerImageAvailability(DockerHostMixin, OpenShiftCheck):
"""Check that required Docker images are available.
- This check attempts to ensure that required docker images are
- either present locally, or able to be pulled down from available
- registries defined in a host machine.
+ Determine docker images that an install would require and check that they
+ are either present in the host's docker index, or available for the host to pull
+ with known registries as defined in our inventory file (or defaults).
"""
name = "docker_image_availability"
tags = ["preflight"]
- dependencies = ["skopeo", "python-docker-py"]
+ # we use python-docker-py to check local docker for images, and skopeo
+ # to look for images available remotely without waiting to pull them.
+ dependencies = ["python-docker-py", "skopeo"]
- @classmethod
- def is_active(cls, task_vars):
+ def is_active(self):
"""Skip hosts with unsupported deployment types."""
- deployment_type = get_var(task_vars, "openshift_deployment_type")
+ deployment_type = self.get_var("openshift_deployment_type")
has_valid_deployment_type = deployment_type in DEPLOYMENT_IMAGE_INFO
- return super(DockerImageAvailability, cls).is_active(task_vars) and has_valid_deployment_type
+ return super(DockerImageAvailability, self).is_active() and has_valid_deployment_type
- def run(self, tmp, task_vars):
- msg, failed, changed = self.ensure_dependencies(task_vars)
+ def run(self):
+ msg, failed, changed = self.ensure_dependencies()
if failed:
return {
"failed": True,
@@ -48,18 +49,18 @@ class DockerImageAvailability(DockerHostMixin, OpenShiftCheck):
"msg": "Some dependencies are required in order to check Docker image availability.\n" + msg
}
- required_images = self.required_images(task_vars)
- missing_images = set(required_images) - set(self.local_images(required_images, task_vars))
+ required_images = self.required_images()
+ missing_images = set(required_images) - set(self.local_images(required_images))
# exit early if all images were found locally
if not missing_images:
return {"changed": changed}
- registries = self.known_docker_registries(task_vars)
+ registries = self.known_docker_registries()
if not registries:
return {"failed": True, "msg": "Unable to retrieve any docker registries.", "changed": changed}
- available_images = self.available_images(missing_images, registries, task_vars)
+ available_images = self.available_images(missing_images, registries)
unavailable_images = set(missing_images) - set(available_images)
if unavailable_images:
@@ -74,8 +75,7 @@ class DockerImageAvailability(DockerHostMixin, OpenShiftCheck):
return {"changed": changed}
- @staticmethod
- def required_images(task_vars):
+ def required_images(self):
"""
Determine which images we expect to need for this host.
Returns: a set of required images like 'openshift/origin:v3.6'
@@ -92,16 +92,17 @@ class DockerImageAvailability(DockerHostMixin, OpenShiftCheck):
Registry is not included in constructed images. It may be in oreg_url or etcd image.
"""
required = set()
- deployment_type = get_var(task_vars, "openshift_deployment_type")
- host_groups = get_var(task_vars, "group_names")
- image_tag = get_var(task_vars, "openshift_image_tag")
+ deployment_type = self.get_var("openshift_deployment_type")
+ host_groups = self.get_var("group_names")
+ # containerized etcd may not have openshift_image_tag, see bz 1466622
+ image_tag = self.get_var("openshift_image_tag", default="latest")
image_info = DEPLOYMENT_IMAGE_INFO[deployment_type]
if not image_info:
return required
# template for images that run on top of OpenShift
image_url = "{}/{}-{}:{}".format(image_info["namespace"], image_info["name"], "${component}", "${version}")
- image_url = get_var(task_vars, "oreg_url", default="") or image_url
+ image_url = self.get_var("oreg_url", default="") or image_url
if 'nodes' in host_groups:
for suffix in NODE_IMAGE_SUFFIXES:
required.add(image_url.replace("${component}", suffix).replace("${version}", image_tag))
@@ -111,7 +112,7 @@ class DockerImageAvailability(DockerHostMixin, OpenShiftCheck):
required.add(image_info["registry_console_image"])
# images for containerized components
- if get_var(task_vars, "openshift", "common", "is_containerized"):
+ if self.get_var("openshift", "common", "is_containerized"):
components = set()
if 'nodes' in host_groups:
components.update(["node", "openvswitch"])
@@ -124,28 +125,27 @@ class DockerImageAvailability(DockerHostMixin, OpenShiftCheck):
return required
- def local_images(self, images, task_vars):
+ def local_images(self, images):
"""Filter a list of images and return those available locally."""
return [
image for image in images
- if self.is_image_local(image, task_vars)
+ if self.is_image_local(image)
]
- def is_image_local(self, image, task_vars):
+ def is_image_local(self, image):
"""Check if image is already in local docker index."""
- result = self.execute_module("docker_image_facts", {"name": image}, task_vars=task_vars)
+ result = self.execute_module("docker_image_facts", {"name": image})
if result.get("failed", False):
return False
return bool(result.get("images", []))
- @staticmethod
- def known_docker_registries(task_vars):
+ def known_docker_registries(self):
"""Build a list of docker registries available according to inventory vars."""
- docker_facts = get_var(task_vars, "openshift", "docker")
+ docker_facts = self.get_var("openshift", "docker")
regs = set(docker_facts["additional_registries"])
- deployment_type = get_var(task_vars, "openshift_deployment_type")
+ deployment_type = self.get_var("openshift_deployment_type")
if deployment_type == "origin":
regs.update(["docker.io"])
elif "enterprise" in deployment_type:
@@ -153,24 +153,25 @@ class DockerImageAvailability(DockerHostMixin, OpenShiftCheck):
return list(regs)
- def available_images(self, images, registries, task_vars):
- """Inspect existing images using Skopeo and return all images successfully inspected."""
+ def available_images(self, images, default_registries):
+ """Search remotely for images. Returns: list of images found."""
return [
image for image in images
- if self.is_available_skopeo_image(image, registries, task_vars)
+ if self.is_available_skopeo_image(image, default_registries)
]
- def is_available_skopeo_image(self, image, registries, task_vars):
+ def is_available_skopeo_image(self, image, default_registries):
"""Use Skopeo to determine if required image exists in known registry(s)."""
+ registries = default_registries
- # if image does already includes a registry, just use that
+ # if image already includes a registry, only use that
if image.count("/") > 1:
registry, image = image.split("/", 1)
registries = [registry]
for registry in registries:
- args = {"_raw_params": "skopeo inspect docker://{}/{}".format(registry, image)}
- result = self.execute_module("command", args, task_vars=task_vars)
+ args = {"_raw_params": "skopeo inspect --tls-verify=false docker://{}/{}".format(registry, image)}
+ result = self.execute_module("command", args)
if result.get("rc", 0) == 0 and not result.get("failed"):
return True
diff --git a/roles/openshift_health_checker/openshift_checks/docker_storage.py b/roles/openshift_health_checker/openshift_checks/docker_storage.py
index 2bd615457..dea15a56e 100644
--- a/roles/openshift_health_checker/openshift_checks/docker_storage.py
+++ b/roles/openshift_health_checker/openshift_checks/docker_storage.py
@@ -1,7 +1,8 @@
"""Check Docker storage driver and usage."""
import json
+import os.path
import re
-from openshift_checks import OpenShiftCheck, OpenShiftCheckException, get_var
+from openshift_checks import OpenShiftCheck, OpenShiftCheckException
from openshift_checks.mixins import DockerHostMixin
@@ -17,15 +18,32 @@ class DockerStorage(DockerHostMixin, OpenShiftCheck):
tags = ["pre-install", "health", "preflight"]
dependencies = ["python-docker-py"]
- storage_drivers = ["devicemapper", "overlay2"]
+ storage_drivers = ["devicemapper", "overlay", "overlay2"]
max_thinpool_data_usage_percent = 90.0
max_thinpool_meta_usage_percent = 90.0
+ max_overlay_usage_percent = 90.0
- # pylint: disable=too-many-return-statements
- # Reason: permanent stylistic exception;
- # it is clearer to return on failures and there are just many ways to fail here.
- def run(self, tmp, task_vars):
- msg, failed, changed = self.ensure_dependencies(task_vars)
+ # TODO(lmeyer): mention these in the output when check fails
+ configuration_variables = [
+ (
+ "max_thinpool_data_usage_percent",
+ "For 'devicemapper' storage driver, usage threshold percentage for data. "
+ "Format: float. Default: {:.1f}".format(max_thinpool_data_usage_percent),
+ ),
+ (
+ "max_thinpool_meta_usage_percent",
+ "For 'devicemapper' storage driver, usage threshold percentage for metadata. "
+ "Format: float. Default: {:.1f}".format(max_thinpool_meta_usage_percent),
+ ),
+ (
+ "max_overlay_usage_percent",
+ "For 'overlay' or 'overlay2' storage driver, usage threshold percentage. "
+ "Format: float. Default: {:.1f}".format(max_overlay_usage_percent),
+ ),
+ ]
+
+ def run(self):
+ msg, failed, changed = self.ensure_dependencies()
if failed:
return {
"failed": True,
@@ -34,17 +52,17 @@ class DockerStorage(DockerHostMixin, OpenShiftCheck):
}
# attempt to get the docker info hash from the API
- info = self.execute_module("docker_info", {}, task_vars=task_vars)
- if info.get("failed"):
+ docker_info = self.execute_module("docker_info", {})
+ if docker_info.get("failed"):
return {"failed": True, "changed": changed,
"msg": "Failed to query Docker API. Is docker running on this host?"}
- if not info.get("info"): # this would be very strange
+ if not docker_info.get("info"): # this would be very strange
return {"failed": True, "changed": changed,
- "msg": "Docker API query missing info:\n{}".format(json.dumps(info))}
- info = info["info"]
+ "msg": "Docker API query missing info:\n{}".format(json.dumps(docker_info))}
+ docker_info = docker_info["info"]
# check if the storage driver we saw is valid
- driver = info.get("Driver", "[NONE]")
+ driver = docker_info.get("Driver", "[NONE]")
if driver not in self.storage_drivers:
msg = (
"Detected unsupported Docker storage driver '{driver}'.\n"
@@ -53,26 +71,34 @@ class DockerStorage(DockerHostMixin, OpenShiftCheck):
return {"failed": True, "changed": changed, "msg": msg}
# driver status info is a list of tuples; convert to dict and validate based on driver
- driver_status = {item[0]: item[1] for item in info.get("DriverStatus", [])}
+ driver_status = {item[0]: item[1] for item in docker_info.get("DriverStatus", [])}
+
+ result = {}
+
if driver == "devicemapper":
- if driver_status.get("Data loop file"):
- msg = (
- "Use of loopback devices with the Docker devicemapper storage driver\n"
- "(the default storage configuration) is unsupported in production.\n"
- "Please use docker-storage-setup to configure a backing storage volume.\n"
- "See http://red.ht/2rNperO for further information."
- )
- return {"failed": True, "changed": changed, "msg": msg}
- result = self._check_dm_usage(driver_status, task_vars)
- result['changed'] = result.get('changed', False) or changed
- return result
+ result = self.check_devicemapper_support(driver_status)
- # TODO(lmeyer): determine how to check usage for overlay2
+ if driver in ['overlay', 'overlay2']:
+ result = self.check_overlay_support(docker_info, driver_status)
- return {"changed": changed}
+ result['changed'] = result.get('changed', False) or changed
+ return result
- def _check_dm_usage(self, driver_status, task_vars):
- """
+ def check_devicemapper_support(self, driver_status):
+ """Check if dm storage driver is supported as configured. Return: result dict."""
+ if driver_status.get("Data loop file"):
+ msg = (
+ "Use of loopback devices with the Docker devicemapper storage driver\n"
+ "(the default storage configuration) is unsupported in production.\n"
+ "Please use docker-storage-setup to configure a backing storage volume.\n"
+ "See http://red.ht/2rNperO for further information."
+ )
+ return {"failed": True, "msg": msg}
+ result = self.check_dm_usage(driver_status)
+ return result
+
+ def check_dm_usage(self, driver_status):
+ """Check usage thresholds for Docker dm storage driver. Return: result dict.
Backing assumptions: We expect devicemapper to be backed by an auto-expanding thin pool
implemented as an LV in an LVM2 VG. This is how docker-storage-setup currently configures
devicemapper storage. The LV is "thin" because it does not use all available storage
@@ -83,7 +109,7 @@ class DockerStorage(DockerHostMixin, OpenShiftCheck):
could run out of space first; so we check both.
"""
vals = dict(
- vg_free=self._get_vg_free(driver_status.get("Pool Name"), task_vars),
+ vg_free=self.get_vg_free(driver_status.get("Pool Name")),
data_used=driver_status.get("Data Space Used"),
data_total=driver_status.get("Data Space Total"),
metadata_used=driver_status.get("Metadata Space Used"),
@@ -93,7 +119,7 @@ class DockerStorage(DockerHostMixin, OpenShiftCheck):
# convert all human-readable strings to bytes
for key, value in vals.copy().items():
try:
- vals[key + "_bytes"] = self._convert_to_bytes(value)
+ vals[key + "_bytes"] = self.convert_to_bytes(value)
except ValueError as err: # unlikely to hit this from API info, but just to be safe
return {
"failed": True,
@@ -104,7 +130,7 @@ class DockerStorage(DockerHostMixin, OpenShiftCheck):
# determine the threshold percentages which usage should not exceed
for name, default in [("data", self.max_thinpool_data_usage_percent),
("metadata", self.max_thinpool_meta_usage_percent)]:
- percent = get_var(task_vars, "max_thinpool_" + name + "_usage_percent", default=default)
+ percent = self.get_var("max_thinpool_" + name + "_usage_percent", default=default)
try:
vals[name + "_threshold"] = float(percent)
except ValueError:
@@ -131,10 +157,12 @@ class DockerStorage(DockerHostMixin, OpenShiftCheck):
vals["msg"] = "\n".join(messages or ["Thinpool usage is within thresholds."])
return vals
- def _get_vg_free(self, pool, task_vars):
- # Determine which VG to examine according to the pool name, the only indicator currently
- # available from the Docker API driver info. We assume a name that looks like
- # "vg--name-docker--pool"; vg and lv names with inner hyphens doubled, joined by a hyphen.
+ def get_vg_free(self, pool):
+ """Determine which VG to examine according to the pool name. Return: size vgs reports.
+ Pool name is the only indicator currently available from the Docker API driver info.
+ We assume a name that looks like "vg--name-docker--pool";
+ vg and lv names with inner hyphens doubled, joined by a hyphen.
+ """
match = re.match(r'((?:[^-]|--)+)-(?!-)', pool) # matches up to the first single hyphen
if not match: # unlikely, but... be clear if we assumed wrong
raise OpenShiftCheckException(
@@ -143,10 +171,10 @@ class DockerStorage(DockerHostMixin, OpenShiftCheck):
"so the available storage in the VG cannot be determined.".format(pool)
)
vg_name = match.groups()[0].replace("--", "-")
- vgs_cmd = "/sbin/vgs --noheadings -o vg_free --select vg_name=" + vg_name
+ vgs_cmd = "/sbin/vgs --noheadings -o vg_free --units g --select vg_name=" + vg_name
# should return free space like " 12.00g" if the VG exists; empty if it does not
- ret = self.execute_module("command", {"_raw_params": vgs_cmd}, task_vars=task_vars)
+ ret = self.execute_module("command", {"_raw_params": vgs_cmd})
if ret.get("failed") or ret.get("rc", 0) != 0:
raise OpenShiftCheckException(
"Is LVM installed? Failed to run /sbin/vgs "
@@ -163,7 +191,8 @@ class DockerStorage(DockerHostMixin, OpenShiftCheck):
return size
@staticmethod
- def _convert_to_bytes(string):
+ def convert_to_bytes(string):
+ """Convert string like "10.3 G" to bytes (binary units assumed). Return: float bytes."""
units = dict(
b=1,
k=1024,
@@ -183,3 +212,87 @@ class DockerStorage(DockerHostMixin, OpenShiftCheck):
raise ValueError("Cannot convert to a byte size: " + string)
return float(number) * multiplier
+
+ def check_overlay_support(self, docker_info, driver_status):
+ """Check if overlay storage driver is supported for this host. Return: result dict."""
+ # check for xfs as backing store
+ backing_fs = driver_status.get("Backing Filesystem", "[NONE]")
+ if backing_fs != "xfs":
+ msg = (
+ "Docker storage drivers 'overlay' and 'overlay2' are only supported with\n"
+ "'xfs' as the backing storage, but this host's storage is type '{fs}'."
+ ).format(fs=backing_fs)
+ return {"failed": True, "msg": msg}
+
+ # check support for OS and kernel version
+ o_s = docker_info.get("OperatingSystem", "[NONE]")
+ if "Red Hat Enterprise Linux" in o_s or "CentOS" in o_s:
+ # keep it simple, only check enterprise kernel versions; assume everyone else is good
+ kernel = docker_info.get("KernelVersion", "[NONE]")
+ kernel_arr = [int(num) for num in re.findall(r'\d+', kernel)]
+ if kernel_arr < [3, 10, 0, 514]: # rhel < 7.3
+ msg = (
+ "Docker storage drivers 'overlay' and 'overlay2' are only supported beginning with\n"
+ "kernel version 3.10.0-514; but Docker reports kernel version {version}."
+ ).format(version=kernel)
+ return {"failed": True, "msg": msg}
+ # NOTE: we could check for --selinux-enabled here but docker won't even start with
+ # that option until it's supported in the kernel so we don't need to.
+
+ return self.check_overlay_usage(docker_info)
+
+ def check_overlay_usage(self, docker_info):
+ """Check disk usage on OverlayFS backing store volume. Return: result dict."""
+ path = docker_info.get("DockerRootDir", "/var/lib/docker") + "/" + docker_info["Driver"]
+
+ threshold = self.get_var("max_overlay_usage_percent", default=self.max_overlay_usage_percent)
+ try:
+ threshold = float(threshold)
+ except ValueError:
+ return {
+ "failed": True,
+ "msg": "Specified 'max_overlay_usage_percent' is not a percentage: {}".format(threshold),
+ }
+
+ mount = self.find_ansible_mount(path, self.get_var("ansible_mounts"))
+ try:
+ free_bytes = mount['size_available']
+ total_bytes = mount['size_total']
+ usage = 100.0 * (total_bytes - free_bytes) / total_bytes
+ except (KeyError, ZeroDivisionError):
+ return {
+ "failed": True,
+ "msg": "The ansible_mount found for path {} is invalid.\n"
+ "This is likely to be an Ansible bug. The record was:\n"
+ "{}".format(path, json.dumps(mount, indent=2)),
+ }
+
+ if usage > threshold:
+ return {
+ "failed": True,
+ "msg": (
+ "For Docker OverlayFS mount point {path},\n"
+ "usage percentage {pct:.1f} is higher than threshold {thresh:.1f}."
+ ).format(path=mount["mount"], pct=usage, thresh=threshold)
+ }
+
+ return {}
+
+ # TODO(lmeyer): migrate to base class
+ @staticmethod
+ def find_ansible_mount(path, ansible_mounts):
+ """Return the mount point for path from ansible_mounts."""
+
+ mount_for_path = {mount['mount']: mount for mount in ansible_mounts}
+ mount_point = path
+ while mount_point not in mount_for_path:
+ if mount_point in ["/", ""]: # "/" not in ansible_mounts???
+ break
+ mount_point = os.path.dirname(mount_point)
+
+ try:
+ return mount_for_path[mount_point]
+ except KeyError:
+ known_mounts = ', '.join('"{}"'.format(mount) for mount in sorted(mount_for_path)) or 'none'
+ msg = 'Unable to determine mount point for path "{}". Known mount points: {}.'
+ raise OpenShiftCheckException(msg.format(path, known_mounts))
diff --git a/roles/openshift_health_checker/openshift_checks/etcd_imagedata_size.py b/roles/openshift_health_checker/openshift_checks/etcd_imagedata_size.py
index c04a69765..28c38504d 100644
--- a/roles/openshift_health_checker/openshift_checks/etcd_imagedata_size.py
+++ b/roles/openshift_health_checker/openshift_checks/etcd_imagedata_size.py
@@ -2,7 +2,7 @@
Ansible module for determining if the size of OpenShift image data exceeds a specified limit in an etcd cluster.
"""
-from openshift_checks import OpenShiftCheck, OpenShiftCheckException, get_var
+from openshift_checks import OpenShiftCheck, OpenShiftCheckException
class EtcdImageDataSize(OpenShiftCheck):
@@ -11,24 +11,25 @@ class EtcdImageDataSize(OpenShiftCheck):
name = "etcd_imagedata_size"
tags = ["etcd"]
- def run(self, tmp, task_vars):
- etcd_mountpath = self._get_etcd_mountpath(get_var(task_vars, "ansible_mounts"))
+ def run(self):
+ etcd_mountpath = self._get_etcd_mountpath(self.get_var("ansible_mounts"))
etcd_avail_diskspace = etcd_mountpath["size_available"]
etcd_total_diskspace = etcd_mountpath["size_total"]
- etcd_imagedata_size_limit = get_var(task_vars,
- "etcd_max_image_data_size_bytes",
- default=int(0.5 * float(etcd_total_diskspace - etcd_avail_diskspace)))
+ etcd_imagedata_size_limit = self.get_var(
+ "etcd_max_image_data_size_bytes",
+ default=int(0.5 * float(etcd_total_diskspace - etcd_avail_diskspace))
+ )
- etcd_is_ssl = get_var(task_vars, "openshift", "master", "etcd_use_ssl", default=False)
- etcd_port = get_var(task_vars, "openshift", "master", "etcd_port", default=2379)
- etcd_hosts = get_var(task_vars, "openshift", "master", "etcd_hosts")
+ etcd_is_ssl = self.get_var("openshift", "master", "etcd_use_ssl", default=False)
+ etcd_port = self.get_var("openshift", "master", "etcd_port", default=2379)
+ etcd_hosts = self.get_var("openshift", "master", "etcd_hosts")
- config_base = get_var(task_vars, "openshift", "common", "config_base")
+ config_base = self.get_var("openshift", "common", "config_base")
- cert = task_vars.get("etcd_client_cert", config_base + "/master/master.etcd-client.crt")
- key = task_vars.get("etcd_client_key", config_base + "/master/master.etcd-client.key")
- ca_cert = task_vars.get("etcd_client_ca_cert", config_base + "/master/master.etcd-ca.crt")
+ cert = self.get_var("etcd_client_cert", default=config_base + "/master/master.etcd-client.crt")
+ key = self.get_var("etcd_client_key", default=config_base + "/master/master.etcd-client.key")
+ ca_cert = self.get_var("etcd_client_ca_cert", default=config_base + "/master/master.etcd-ca.crt")
for etcd_host in list(etcd_hosts):
args = {
@@ -46,7 +47,7 @@ class EtcdImageDataSize(OpenShiftCheck):
},
}
- etcdkeysize = self.module_executor("etcdkeysize", args, task_vars)
+ etcdkeysize = self.execute_module("etcdkeysize", args)
if etcdkeysize.get("rc", 0) != 0 or etcdkeysize.get("failed"):
msg = 'Failed to retrieve stats for etcd host "{host}": {reason}'
diff --git a/roles/openshift_health_checker/openshift_checks/etcd_traffic.py b/roles/openshift_health_checker/openshift_checks/etcd_traffic.py
new file mode 100644
index 000000000..cc1b14d8a
--- /dev/null
+++ b/roles/openshift_health_checker/openshift_checks/etcd_traffic.py
@@ -0,0 +1,44 @@
+"""Check that scans journalctl for messages caused as a symptom of increased etcd traffic."""
+
+from openshift_checks import OpenShiftCheck
+
+
+class EtcdTraffic(OpenShiftCheck):
+ """Check if host is being affected by an increase in etcd traffic."""
+
+ name = "etcd_traffic"
+ tags = ["health", "etcd"]
+
+ def is_active(self):
+ """Skip hosts that do not have etcd in their group names."""
+ group_names = self.get_var("group_names", default=[])
+ valid_group_names = "etcd" in group_names
+
+ version = self.get_var("openshift", "common", "short_version")
+ valid_version = version in ("3.4", "3.5", "1.4", "1.5")
+
+ return super(EtcdTraffic, self).is_active() and valid_group_names and valid_version
+
+ def run(self):
+ is_containerized = self.get_var("openshift", "common", "is_containerized")
+ unit = "etcd_container" if is_containerized else "etcd"
+
+ log_matchers = [{
+ "start_regexp": r"Starting Etcd Server",
+ "regexp": r"etcd: sync duration of [^,]+, expected less than 1s",
+ "unit": unit
+ }]
+
+ match = self.execute_module("search_journalctl", {"log_matchers": log_matchers})
+
+ if match.get("matched"):
+ msg = ("Higher than normal etcd traffic detected.\n"
+ "OpenShift 3.4 introduced an increase in etcd traffic.\n"
+ "Upgrading to OpenShift 3.6 is recommended in order to fix this issue.\n"
+ "Please refer to https://access.redhat.com/solutions/2916381 for more information.")
+ return {"failed": True, "msg": msg}
+
+ if match.get("failed"):
+ return {"failed": True, "msg": "\n".join(match.get("errors"))}
+
+ return {}
diff --git a/roles/openshift_health_checker/openshift_checks/etcd_volume.py b/roles/openshift_health_checker/openshift_checks/etcd_volume.py
index 7452c9cc1..da7d0364a 100644
--- a/roles/openshift_health_checker/openshift_checks/etcd_volume.py
+++ b/roles/openshift_health_checker/openshift_checks/etcd_volume.py
@@ -1,6 +1,6 @@
"""A health check for OpenShift clusters."""
-from openshift_checks import OpenShiftCheck, OpenShiftCheckException, get_var
+from openshift_checks import OpenShiftCheck, OpenShiftCheckException
class EtcdVolume(OpenShiftCheck):
@@ -14,21 +14,18 @@ class EtcdVolume(OpenShiftCheck):
# Where to find ectd data, higher priority first.
supported_mount_paths = ["/var/lib/etcd", "/var/lib", "/var", "/"]
- @classmethod
- def is_active(cls, task_vars):
- etcd_hosts = get_var(task_vars, "groups", "etcd", default=[]) or get_var(task_vars, "groups", "masters",
- default=[]) or []
- is_etcd_host = get_var(task_vars, "ansible_ssh_host") in etcd_hosts
- return super(EtcdVolume, cls).is_active(task_vars) and is_etcd_host
+ def is_active(self):
+ etcd_hosts = self.get_var("groups", "etcd", default=[]) or self.get_var("groups", "masters", default=[]) or []
+ is_etcd_host = self.get_var("ansible_ssh_host") in etcd_hosts
+ return super(EtcdVolume, self).is_active() and is_etcd_host
- def run(self, tmp, task_vars):
- mount_info = self._etcd_mount_info(task_vars)
+ def run(self):
+ mount_info = self._etcd_mount_info()
available = mount_info["size_available"]
total = mount_info["size_total"]
used = total - available
- threshold = get_var(
- task_vars,
+ threshold = self.get_var(
"etcd_device_usage_threshold_percent",
default=self.default_threshold_percent
)
@@ -45,8 +42,8 @@ class EtcdVolume(OpenShiftCheck):
return {"changed": False}
- def _etcd_mount_info(self, task_vars):
- ansible_mounts = get_var(task_vars, "ansible_mounts")
+ def _etcd_mount_info(self):
+ ansible_mounts = self.get_var("ansible_mounts")
mounts = {mnt.get("mount"): mnt for mnt in ansible_mounts}
for path in self.supported_mount_paths:
diff --git a/roles/openshift_health_checker/openshift_checks/logging/curator.py b/roles/openshift_health_checker/openshift_checks/logging/curator.py
index c9fc59896..f82ae64d7 100644
--- a/roles/openshift_health_checker/openshift_checks/logging/curator.py
+++ b/roles/openshift_health_checker/openshift_checks/logging/curator.py
@@ -1,28 +1,21 @@
-"""
-Module for performing checks on an Curator logging deployment
-"""
+"""Check for an aggregated logging Curator deployment"""
-from openshift_checks import get_var
from openshift_checks.logging.logging import LoggingCheck
class Curator(LoggingCheck):
- """Module that checks an integrated logging Curator deployment"""
+ """Check for an aggregated logging Curator deployment"""
name = "curator"
tags = ["health", "logging"]
logging_namespace = None
- def run(self, tmp, task_vars):
- """Check various things and gather errors. Returns: result as hash"""
-
- self.logging_namespace = get_var(task_vars, "openshift_logging_namespace", default="logging")
+ def run(self):
+ self.logging_namespace = self.get_var("openshift_logging_namespace", default="logging")
curator_pods, error = super(Curator, self).get_pods_for_component(
- self.module_executor,
self.logging_namespace,
"curator",
- task_vars
)
if error:
return {"failed": True, "changed": False, "msg": error}
diff --git a/roles/openshift_health_checker/openshift_checks/logging/elasticsearch.py b/roles/openshift_health_checker/openshift_checks/logging/elasticsearch.py
index 01cb35b81..1e478c04d 100644
--- a/roles/openshift_health_checker/openshift_checks/logging/elasticsearch.py
+++ b/roles/openshift_health_checker/openshift_checks/logging/elasticsearch.py
@@ -1,35 +1,30 @@
-"""
-Module for performing checks on an Elasticsearch logging deployment
-"""
+"""Check for an aggregated logging Elasticsearch deployment"""
import json
import re
-from openshift_checks import get_var
from openshift_checks.logging.logging import LoggingCheck
class Elasticsearch(LoggingCheck):
- """Module that checks an integrated logging Elasticsearch deployment"""
+ """Check for an aggregated logging Elasticsearch deployment"""
name = "elasticsearch"
tags = ["health", "logging"]
logging_namespace = None
- def run(self, tmp, task_vars):
+ def run(self):
"""Check various things and gather errors. Returns: result as hash"""
- self.logging_namespace = get_var(task_vars, "openshift_logging_namespace", default="logging")
+ self.logging_namespace = self.get_var("openshift_logging_namespace", default="logging")
es_pods, error = super(Elasticsearch, self).get_pods_for_component(
- self.execute_module,
self.logging_namespace,
"es",
- task_vars,
)
if error:
return {"failed": True, "changed": False, "msg": error}
- check_error = self.check_elasticsearch(es_pods, task_vars)
+ check_error = self.check_elasticsearch(es_pods)
if check_error:
msg = ("The following Elasticsearch deployment issue was found:"
@@ -41,7 +36,7 @@ class Elasticsearch(LoggingCheck):
return {"failed": False, "changed": False, "msg": 'No problems found with Elasticsearch deployment.'}
def _not_running_elasticsearch_pods(self, es_pods):
- """Returns: list of running pods, list of errors about non-running pods"""
+ """Returns: list of pods that are not running, list of errors about non-running pods"""
not_running = super(Elasticsearch, self).not_running_pods(es_pods)
if not_running:
return not_running, [(
@@ -54,7 +49,7 @@ class Elasticsearch(LoggingCheck):
))]
return not_running, []
- def check_elasticsearch(self, es_pods, task_vars):
+ def check_elasticsearch(self, es_pods):
"""Various checks for elasticsearch. Returns: error string"""
not_running_pods, error_msgs = self._not_running_elasticsearch_pods(es_pods)
running_pods = [pod for pod in es_pods if pod not in not_running_pods]
@@ -65,10 +60,10 @@ class Elasticsearch(LoggingCheck):
}
if not pods_by_name:
return 'No logging Elasticsearch pods were found. Is logging deployed?'
- error_msgs += self._check_elasticsearch_masters(pods_by_name, task_vars)
- error_msgs += self._check_elasticsearch_node_list(pods_by_name, task_vars)
- error_msgs += self._check_es_cluster_health(pods_by_name, task_vars)
- error_msgs += self._check_elasticsearch_diskspace(pods_by_name, task_vars)
+ error_msgs += self._check_elasticsearch_masters(pods_by_name)
+ error_msgs += self._check_elasticsearch_node_list(pods_by_name)
+ error_msgs += self._check_es_cluster_health(pods_by_name)
+ error_msgs += self._check_elasticsearch_diskspace(pods_by_name)
return '\n'.join(error_msgs)
@staticmethod
@@ -76,14 +71,14 @@ class Elasticsearch(LoggingCheck):
base = "exec {name} -- curl -s --cert {base}cert --key {base}key --cacert {base}ca -XGET '{url}'"
return base.format(base="/etc/elasticsearch/secret/admin-", name=pod_name, url=url)
- def _check_elasticsearch_masters(self, pods_by_name, task_vars):
+ def _check_elasticsearch_masters(self, pods_by_name):
"""Check that Elasticsearch masters are sane. Returns: list of error strings"""
es_master_names = set()
error_msgs = []
for pod_name in pods_by_name.keys():
# Compare what each ES node reports as master and compare for split brain
get_master_cmd = self._build_es_curl_cmd(pod_name, "https://localhost:9200/_cat/master")
- master_name_str = self._exec_oc(get_master_cmd, [], task_vars)
+ master_name_str = self._exec_oc(get_master_cmd, [])
master_names = (master_name_str or '').split(' ')
if len(master_names) > 1:
es_master_names.add(master_names[1])
@@ -108,7 +103,7 @@ class Elasticsearch(LoggingCheck):
return error_msgs
- def _check_elasticsearch_node_list(self, pods_by_name, task_vars):
+ def _check_elasticsearch_node_list(self, pods_by_name):
"""Check that reported ES masters are accounted for by pods. Returns: list of error strings"""
if not pods_by_name:
@@ -116,7 +111,7 @@ class Elasticsearch(LoggingCheck):
# get ES cluster nodes
node_cmd = self._build_es_curl_cmd(list(pods_by_name.keys())[0], 'https://localhost:9200/_nodes')
- cluster_node_data = self._exec_oc(node_cmd, [], task_vars)
+ cluster_node_data = self._exec_oc(node_cmd, [])
try:
cluster_nodes = json.loads(cluster_node_data)['nodes']
except (ValueError, KeyError):
@@ -138,12 +133,12 @@ class Elasticsearch(LoggingCheck):
return error_msgs
- def _check_es_cluster_health(self, pods_by_name, task_vars):
+ def _check_es_cluster_health(self, pods_by_name):
"""Exec into the elasticsearch pods and check the cluster health. Returns: list of errors"""
error_msgs = []
for pod_name in pods_by_name.keys():
cluster_health_cmd = self._build_es_curl_cmd(pod_name, 'https://localhost:9200/_cluster/health?pretty=true')
- cluster_health_data = self._exec_oc(cluster_health_cmd, [], task_vars)
+ cluster_health_data = self._exec_oc(cluster_health_cmd, [])
try:
health_res = json.loads(cluster_health_data)
if not health_res or not health_res.get('status'):
@@ -162,7 +157,7 @@ class Elasticsearch(LoggingCheck):
return error_msgs
- def _check_elasticsearch_diskspace(self, pods_by_name, task_vars):
+ def _check_elasticsearch_diskspace(self, pods_by_name):
"""
Exec into an ES pod and query the diskspace on the persistent volume.
Returns: list of errors
@@ -170,7 +165,7 @@ class Elasticsearch(LoggingCheck):
error_msgs = []
for pod_name in pods_by_name.keys():
df_cmd = 'exec {} -- df --output=ipcent,pcent /elasticsearch/persistent'.format(pod_name)
- disk_output = self._exec_oc(df_cmd, [], task_vars)
+ disk_output = self._exec_oc(df_cmd, [])
lines = disk_output.splitlines()
# expecting one header looking like 'IUse% Use%' and one body line
body_re = r'\s*(\d+)%?\s+(\d+)%?\s*$'
@@ -182,7 +177,7 @@ class Elasticsearch(LoggingCheck):
continue
inode_pct, disk_pct = re.match(body_re, lines[1]).groups()
- inode_pct_thresh = get_var(task_vars, 'openshift_check_efk_es_inode_pct', default='90')
+ inode_pct_thresh = self.get_var('openshift_check_efk_es_inode_pct', default='90')
if int(inode_pct) >= int(inode_pct_thresh):
error_msgs.append(
'Inode percent usage on the storage volume for logging ES pod "{pod}"\n'
@@ -193,7 +188,7 @@ class Elasticsearch(LoggingCheck):
limit=str(inode_pct_thresh),
param='openshift_check_efk_es_inode_pct',
))
- disk_pct_thresh = get_var(task_vars, 'openshift_check_efk_es_storage_pct', default='80')
+ disk_pct_thresh = self.get_var('openshift_check_efk_es_storage_pct', default='80')
if int(disk_pct) >= int(disk_pct_thresh):
error_msgs.append(
'Disk percent usage on the storage volume for logging ES pod "{pod}"\n'
@@ -207,11 +202,9 @@ class Elasticsearch(LoggingCheck):
return error_msgs
- def _exec_oc(self, cmd_str, extra_args, task_vars):
+ def _exec_oc(self, cmd_str, extra_args):
return super(Elasticsearch, self).exec_oc(
- self.execute_module,
self.logging_namespace,
cmd_str,
extra_args,
- task_vars,
)
diff --git a/roles/openshift_health_checker/openshift_checks/logging/fluentd.py b/roles/openshift_health_checker/openshift_checks/logging/fluentd.py
index 627567293..063e707a9 100644
--- a/roles/openshift_health_checker/openshift_checks/logging/fluentd.py
+++ b/roles/openshift_health_checker/openshift_checks/logging/fluentd.py
@@ -1,33 +1,29 @@
-"""
-Module for performing checks on an Fluentd logging deployment
-"""
+"""Check for an aggregated logging Fluentd deployment"""
import json
-from openshift_checks import get_var
from openshift_checks.logging.logging import LoggingCheck
class Fluentd(LoggingCheck):
- """Module that checks an integrated logging Fluentd deployment"""
+ """Check for an aggregated logging Fluentd deployment"""
+
name = "fluentd"
tags = ["health", "logging"]
logging_namespace = None
- def run(self, tmp, task_vars):
+ def run(self):
"""Check various things and gather errors. Returns: result as hash"""
- self.logging_namespace = get_var(task_vars, "openshift_logging_namespace", default="logging")
+ self.logging_namespace = self.get_var("openshift_logging_namespace", default="logging")
fluentd_pods, error = super(Fluentd, self).get_pods_for_component(
- self.execute_module,
self.logging_namespace,
"fluentd",
- task_vars,
)
if error:
return {"failed": True, "changed": False, "msg": error}
- check_error = self.check_fluentd(fluentd_pods, task_vars)
+ check_error = self.check_fluentd(fluentd_pods)
if check_error:
msg = ("The following Fluentd deployment issue was found:"
@@ -53,10 +49,9 @@ class Fluentd(LoggingCheck):
).format(label=node_selector)
return fluentd_nodes, None
- @staticmethod
- def _check_node_labeling(nodes_by_name, fluentd_nodes, node_selector, task_vars):
+ def _check_node_labeling(self, nodes_by_name, fluentd_nodes, node_selector):
"""Note if nodes are not labeled as expected. Returns: error string"""
- intended_nodes = get_var(task_vars, 'openshift_logging_fluentd_hosts', default=['--all'])
+ intended_nodes = self.get_var('openshift_logging_fluentd_hosts', default=['--all'])
if not intended_nodes or '--all' in intended_nodes:
intended_nodes = nodes_by_name.keys()
nodes_missing_labels = set(intended_nodes) - set(fluentd_nodes.keys())
@@ -114,13 +109,15 @@ class Fluentd(LoggingCheck):
))
return None
- def check_fluentd(self, pods, task_vars):
+ def check_fluentd(self, pods):
"""Verify fluentd is running everywhere. Returns: error string"""
- node_selector = get_var(task_vars, 'openshift_logging_fluentd_nodeselector',
- default='logging-infra-fluentd=true')
+ node_selector = self.get_var(
+ 'openshift_logging_fluentd_nodeselector',
+ default='logging-infra-fluentd=true'
+ )
- nodes_by_name, error = self.get_nodes_by_name(task_vars)
+ nodes_by_name, error = self.get_nodes_by_name()
if error:
return error
@@ -129,7 +126,7 @@ class Fluentd(LoggingCheck):
return error
error_msgs = []
- error = self._check_node_labeling(nodes_by_name, fluentd_nodes, node_selector, task_vars)
+ error = self._check_node_labeling(nodes_by_name, fluentd_nodes, node_selector)
if error:
error_msgs.append(error)
error = self._check_nodes_have_fluentd(pods, fluentd_nodes)
@@ -148,9 +145,9 @@ class Fluentd(LoggingCheck):
return '\n'.join(error_msgs)
- def get_nodes_by_name(self, task_vars):
+ def get_nodes_by_name(self):
"""Retrieve all the node definitions. Returns: dict(name: node), error string"""
- nodes_json = self._exec_oc("get nodes -o json", [], task_vars)
+ nodes_json = self._exec_oc("get nodes -o json", [])
try:
nodes = json.loads(nodes_json)
except ValueError: # no valid json - should not happen
@@ -162,9 +159,9 @@ class Fluentd(LoggingCheck):
for node in nodes['items']
}, None
- def _exec_oc(self, cmd_str, extra_args, task_vars):
- return super(Fluentd, self).exec_oc(self.execute_module,
- self.logging_namespace,
- cmd_str,
- extra_args,
- task_vars)
+ def _exec_oc(self, cmd_str, extra_args):
+ return super(Fluentd, self).exec_oc(
+ self.logging_namespace,
+ cmd_str,
+ extra_args,
+ )
diff --git a/roles/openshift_health_checker/openshift_checks/logging/kibana.py b/roles/openshift_health_checker/openshift_checks/logging/kibana.py
index 442f407b1..60f94e106 100644
--- a/roles/openshift_health_checker/openshift_checks/logging/kibana.py
+++ b/roles/openshift_health_checker/openshift_checks/logging/kibana.py
@@ -12,7 +12,6 @@ except ImportError:
from urllib.error import HTTPError, URLError
import urllib.request as urllib2
-from openshift_checks import get_var
from openshift_checks.logging.logging import LoggingCheck
@@ -24,22 +23,20 @@ class Kibana(LoggingCheck):
logging_namespace = None
- def run(self, tmp, task_vars):
+ def run(self):
"""Check various things and gather errors. Returns: result as hash"""
- self.logging_namespace = get_var(task_vars, "openshift_logging_namespace", default="logging")
+ self.logging_namespace = self.get_var("openshift_logging_namespace", default="logging")
kibana_pods, error = super(Kibana, self).get_pods_for_component(
- self.execute_module,
self.logging_namespace,
"kibana",
- task_vars,
)
if error:
return {"failed": True, "changed": False, "msg": error}
check_error = self.check_kibana(kibana_pods)
if not check_error:
- check_error = self._check_kibana_route(task_vars)
+ check_error = self._check_kibana_route()
if check_error:
msg = ("The following Kibana deployment issue was found:"
@@ -50,7 +47,7 @@ class Kibana(LoggingCheck):
# TODO(lmeyer): run it all again for the ops cluster
return {"failed": False, "changed": False, "msg": 'No problems found with Kibana deployment.'}
- def _verify_url_internal(self, url, task_vars):
+ def _verify_url_internal(self, url):
"""
Try to reach a URL from the host.
Returns: success (bool), reason (for failure)
@@ -62,7 +59,7 @@ class Kibana(LoggingCheck):
# TODO(lmeyer): give users option to validate certs
status_code=302,
)
- result = self.execute_module('uri', args, task_vars)
+ result = self.execute_module('uri', args)
if result.get('failed'):
return result['msg']
return None
@@ -114,14 +111,14 @@ class Kibana(LoggingCheck):
return None
- def _get_kibana_url(self, task_vars):
+ def _get_kibana_url(self):
"""
Get kibana route or report error.
Returns: url (or empty), reason for failure
"""
# Get logging url
- get_route = self._exec_oc("get route logging-kibana -o json", [], task_vars)
+ get_route = self._exec_oc("get route logging-kibana -o json", [])
if not get_route:
return None, 'no_route_exists'
@@ -139,7 +136,7 @@ class Kibana(LoggingCheck):
return 'https://{}/'.format(host), None
- def _check_kibana_route(self, task_vars):
+ def _check_kibana_route(self):
"""
Check to see if kibana route is up and working.
Returns: error string
@@ -160,12 +157,12 @@ class Kibana(LoggingCheck):
),
)
- kibana_url, error = self._get_kibana_url(task_vars)
+ kibana_url, error = self._get_kibana_url()
if not kibana_url:
return known_errors.get(error, error)
# first, check that kibana is reachable from the master.
- error = self._verify_url_internal(kibana_url, task_vars)
+ error = self._verify_url_internal(kibana_url)
if error:
if 'urlopen error [Errno 111] Connection refused' in error:
error = (
@@ -190,7 +187,7 @@ class Kibana(LoggingCheck):
# in production we would like the kibana route to work from outside the
# cluster too; but that may not be the case, so allow disabling just this part.
- if not get_var(task_vars, "openshift_check_efk_kibana_external", default=True):
+ if not self.get_var("openshift_check_efk_kibana_external", default=True):
return None
error = self._verify_url_external(kibana_url)
if error:
@@ -221,9 +218,9 @@ class Kibana(LoggingCheck):
return error
return None
- def _exec_oc(self, cmd_str, extra_args, task_vars):
- return super(Kibana, self).exec_oc(self.execute_module,
- self.logging_namespace,
- cmd_str,
- extra_args,
- task_vars)
+ def _exec_oc(self, cmd_str, extra_args):
+ return super(Kibana, self).exec_oc(
+ self.logging_namespace,
+ cmd_str,
+ extra_args,
+ )
diff --git a/roles/openshift_health_checker/openshift_checks/logging/logging.py b/roles/openshift_health_checker/openshift_checks/logging/logging.py
index 05b4d300c..a48e1c728 100644
--- a/roles/openshift_health_checker/openshift_checks/logging/logging.py
+++ b/roles/openshift_health_checker/openshift_checks/logging/logging.py
@@ -5,39 +5,36 @@ Util functions for performing checks on an Elasticsearch, Fluentd, and Kibana st
import json
import os
-from openshift_checks import OpenShiftCheck, OpenShiftCheckException, get_var
+from openshift_checks import OpenShiftCheck, OpenShiftCheckException
class LoggingCheck(OpenShiftCheck):
- """Base class for logging component checks"""
+ """Base class for OpenShift aggregated logging component checks"""
name = "logging"
+ logging_namespace = "logging"
- @classmethod
- def is_active(cls, task_vars):
- return super(LoggingCheck, cls).is_active(task_vars) and cls.is_first_master(task_vars)
+ def is_active(self):
+ logging_deployed = self.get_var("openshift_hosted_logging_deploy", default=False)
+ return logging_deployed and super(LoggingCheck, self).is_active() and self.is_first_master()
- @staticmethod
- def is_first_master(task_vars):
- """Run only on first master and only when logging is configured. Returns: bool"""
- logging_deployed = get_var(task_vars, "openshift_hosted_logging_deploy", default=True)
+ def is_first_master(self):
+ """Determine if running on first master. Returns: bool"""
# Note: It would be nice to use membership in oo_first_master group, however for now it
# seems best to avoid requiring that setup and just check this is the first master.
- hostname = get_var(task_vars, "ansible_ssh_host") or [None]
- masters = get_var(task_vars, "groups", "masters", default=None) or [None]
- return logging_deployed and masters[0] == hostname
+ hostname = self.get_var("ansible_ssh_host") or [None]
+ masters = self.get_var("groups", "masters", default=None) or [None]
+ return masters[0] == hostname
- def run(self, tmp, task_vars):
+ def run(self):
pass
- def get_pods_for_component(self, execute_module, namespace, logging_component, task_vars):
+ def get_pods_for_component(self, namespace, logging_component):
"""Get all pods for a given component. Returns: list of pods for component, error string"""
pod_output = self.exec_oc(
- execute_module,
namespace,
"get pods -l component={} -o json".format(logging_component),
[],
- task_vars
)
try:
pods = json.loads(pod_output)
@@ -45,7 +42,7 @@ class LoggingCheck(OpenShiftCheck):
raise ValueError()
except ValueError:
# successful run but non-parsing data generally means there were no pods in the namespace
- return None, 'There are no pods in the {} namespace. Is logging deployed?'.format(namespace)
+ return None, 'No pods were found for the "{}" logging component.'.format(logging_component)
return pods['items'], None
@@ -54,23 +51,22 @@ class LoggingCheck(OpenShiftCheck):
"""Returns: list of pods not in a ready and running state"""
return [
pod for pod in pods
- if any(
+ if not pod.get("status", {}).get("containerStatuses") or any(
container['ready'] is False
for container in pod['status']['containerStatuses']
) or not any(
condition['type'] == 'Ready' and condition['status'] == 'True'
- for condition in pod['status']['conditions']
+ for condition in pod['status'].get('conditions', [])
)
]
- @staticmethod
- def exec_oc(execute_module=None, namespace="logging", cmd_str="", extra_args=None, task_vars=None):
+ def exec_oc(self, namespace="logging", cmd_str="", extra_args=None):
"""
Execute an 'oc' command in the remote host.
Returns: output of command and namespace,
or raises OpenShiftCheckException on error
"""
- config_base = get_var(task_vars, "openshift", "common", "config_base")
+ config_base = self.get_var("openshift", "common", "config_base")
args = {
"namespace": namespace,
"config_file": os.path.join(config_base, "master", "admin.kubeconfig"),
@@ -78,7 +74,7 @@ class LoggingCheck(OpenShiftCheck):
"extra_args": list(extra_args) if extra_args else [],
}
- result = execute_module("ocutil", args, task_vars)
+ result = self.execute_module("ocutil", args)
if result.get("failed"):
msg = (
'Unexpected error using `oc` to validate the logging stack components.\n'
diff --git a/roles/openshift_health_checker/openshift_checks/logging/logging_index_time.py b/roles/openshift_health_checker/openshift_checks/logging/logging_index_time.py
new file mode 100644
index 000000000..b24e88e05
--- /dev/null
+++ b/roles/openshift_health_checker/openshift_checks/logging/logging_index_time.py
@@ -0,0 +1,130 @@
+"""
+Check for ensuring logs from pods can be queried in a reasonable amount of time.
+"""
+
+import json
+import time
+
+from uuid import uuid4
+
+from openshift_checks import OpenShiftCheckException
+from openshift_checks.logging.logging import LoggingCheck
+
+
+ES_CMD_TIMEOUT_SECONDS = 30
+
+
+class LoggingIndexTime(LoggingCheck):
+ """Check that pod logs are aggregated and indexed in ElasticSearch within a reasonable amount of time."""
+ name = "logging_index_time"
+ tags = ["health", "logging"]
+
+ logging_namespace = "logging"
+
+ def run(self):
+ """Add log entry by making unique request to Kibana. Check for unique entry in the ElasticSearch pod logs."""
+ try:
+ log_index_timeout = int(
+ self.get_var("openshift_check_logging_index_timeout_seconds", default=ES_CMD_TIMEOUT_SECONDS)
+ )
+ except ValueError:
+ return {
+ "failed": True,
+ "msg": ('Invalid value provided for "openshift_check_logging_index_timeout_seconds". '
+ 'Value must be an integer representing an amount in seconds.'),
+ }
+
+ running_component_pods = dict()
+
+ # get all component pods
+ self.logging_namespace = self.get_var("openshift_logging_namespace", default=self.logging_namespace)
+ for component, name in (['kibana', 'Kibana'], ['es', 'Elasticsearch']):
+ pods, error = self.get_pods_for_component(self.logging_namespace, component)
+
+ if error:
+ msg = 'Unable to retrieve pods for the {} logging component: {}'
+ return {"failed": True, "changed": False, "msg": msg.format(name, error)}
+
+ running_pods = self.running_pods(pods)
+
+ if not running_pods:
+ msg = ('No {} pods in the "Running" state were found.'
+ 'At least one pod is required in order to perform this check.')
+ return {"failed": True, "changed": False, "msg": msg.format(name)}
+
+ running_component_pods[component] = running_pods
+
+ uuid = self.curl_kibana_with_uuid(running_component_pods["kibana"][0])
+ self.wait_until_cmd_or_err(running_component_pods["es"][0], uuid, log_index_timeout)
+ return {}
+
+ def wait_until_cmd_or_err(self, es_pod, uuid, timeout_secs):
+ """Retry an Elasticsearch query every second until query success, or a defined
+ length of time has passed."""
+ deadline = time.time() + timeout_secs
+ interval = 1
+ while not self.query_es_from_es(es_pod, uuid):
+ if time.time() + interval > deadline:
+ msg = "expecting match in Elasticsearch for message with uuid {}, but no matches were found after {}s."
+ raise OpenShiftCheckException(msg.format(uuid, timeout_secs))
+ time.sleep(interval)
+
+ def curl_kibana_with_uuid(self, kibana_pod):
+ """curl Kibana with a unique uuid."""
+ uuid = self.generate_uuid()
+ pod_name = kibana_pod["metadata"]["name"]
+ exec_cmd = "exec {pod_name} -c kibana -- curl --max-time 30 -s http://localhost:5601/{uuid}"
+ exec_cmd = exec_cmd.format(pod_name=pod_name, uuid=uuid)
+
+ error_str = self.exec_oc(self.logging_namespace, exec_cmd, [])
+
+ try:
+ error_code = json.loads(error_str)["statusCode"]
+ except KeyError:
+ msg = ('invalid response returned from Kibana request (Missing "statusCode" key):\n'
+ 'Command: {}\nResponse: {}').format(exec_cmd, error_str)
+ raise OpenShiftCheckException(msg)
+ except ValueError:
+ msg = ('invalid response returned from Kibana request (Non-JSON output):\n'
+ 'Command: {}\nResponse: {}').format(exec_cmd, error_str)
+ raise OpenShiftCheckException(msg)
+
+ if error_code != 404:
+ msg = 'invalid error code returned from Kibana request. Expecting error code "404", but got "{}" instead.'
+ raise OpenShiftCheckException(msg.format(error_code))
+
+ return uuid
+
+ def query_es_from_es(self, es_pod, uuid):
+ """curl the Elasticsearch pod and look for a unique uuid in its logs."""
+ pod_name = es_pod["metadata"]["name"]
+ exec_cmd = (
+ "exec {pod_name} -- curl --max-time 30 -s -f "
+ "--cacert /etc/elasticsearch/secret/admin-ca "
+ "--cert /etc/elasticsearch/secret/admin-cert "
+ "--key /etc/elasticsearch/secret/admin-key "
+ "https://logging-es:9200/project.{namespace}*/_count?q=message:{uuid}"
+ )
+ exec_cmd = exec_cmd.format(pod_name=pod_name, namespace=self.logging_namespace, uuid=uuid)
+ result = self.exec_oc(self.logging_namespace, exec_cmd, [])
+
+ try:
+ count = json.loads(result)["count"]
+ except KeyError:
+ msg = 'invalid response from Elasticsearch query:\n"{}"\nMissing "count" key:\n{}'
+ raise OpenShiftCheckException(msg.format(exec_cmd, result))
+ except ValueError:
+ msg = 'invalid response from Elasticsearch query:\n"{}"\nNon-JSON output:\n{}'
+ raise OpenShiftCheckException(msg.format(exec_cmd, result))
+
+ return count
+
+ @staticmethod
+ def running_pods(pods):
+ """Filter pods that are running."""
+ return [pod for pod in pods if pod['status']['phase'] == 'Running']
+
+ @staticmethod
+ def generate_uuid():
+ """Wrap uuid generator. Allows for testing with expected values."""
+ return str(uuid4())
diff --git a/roles/openshift_health_checker/openshift_checks/memory_availability.py b/roles/openshift_health_checker/openshift_checks/memory_availability.py
index f4e31065f..765ba072d 100644
--- a/roles/openshift_health_checker/openshift_checks/memory_availability.py
+++ b/roles/openshift_health_checker/openshift_checks/memory_availability.py
@@ -1,5 +1,5 @@
-# pylint: disable=missing-docstring
-from openshift_checks import OpenShiftCheck, get_var
+"""Check that recommended memory is available."""
+from openshift_checks import OpenShiftCheck
MIB = 2**20
GIB = 2**30
@@ -21,19 +21,18 @@ class MemoryAvailability(OpenShiftCheck):
# https://access.redhat.com/solutions/3006511 physical RAM is partly reserved from memtotal
memtotal_adjustment = 1 * GIB
- @classmethod
- def is_active(cls, task_vars):
+ def is_active(self):
"""Skip hosts that do not have recommended memory requirements."""
- group_names = get_var(task_vars, "group_names", default=[])
- has_memory_recommendation = bool(set(group_names).intersection(cls.recommended_memory_bytes))
- return super(MemoryAvailability, cls).is_active(task_vars) and has_memory_recommendation
+ group_names = self.get_var("group_names", default=[])
+ has_memory_recommendation = bool(set(group_names).intersection(self.recommended_memory_bytes))
+ return super(MemoryAvailability, self).is_active() and has_memory_recommendation
- def run(self, tmp, task_vars):
- group_names = get_var(task_vars, "group_names")
- total_memory_bytes = get_var(task_vars, "ansible_memtotal_mb") * MIB
+ def run(self):
+ group_names = self.get_var("group_names")
+ total_memory_bytes = self.get_var("ansible_memtotal_mb") * MIB
recommended_min = max(self.recommended_memory_bytes.get(name, 0) for name in group_names)
- configured_min = float(get_var(task_vars, "openshift_check_min_host_memory_gb", default=0)) * GIB
+ configured_min = float(self.get_var("openshift_check_min_host_memory_gb", default=0)) * GIB
min_memory_bytes = configured_min or recommended_min
if total_memory_bytes + self.memtotal_adjustment < min_memory_bytes:
diff --git a/roles/openshift_health_checker/openshift_checks/mixins.py b/roles/openshift_health_checker/openshift_checks/mixins.py
index 2cb2e21aa..3b2c64e6a 100644
--- a/roles/openshift_health_checker/openshift_checks/mixins.py
+++ b/roles/openshift_health_checker/openshift_checks/mixins.py
@@ -2,19 +2,16 @@
Mixin classes meant to be used with subclasses of OpenShiftCheck.
"""
-from openshift_checks import get_var
-
class NotContainerizedMixin(object):
"""Mixin for checks that are only active when not in containerized mode."""
# permanent # pylint: disable=too-few-public-methods
# Reason: The mixin is not intended to stand on its own as a class.
- @classmethod
- def is_active(cls, task_vars):
+ def is_active(self):
"""Only run on non-containerized hosts."""
- is_containerized = get_var(task_vars, "openshift", "common", "is_containerized")
- return super(NotContainerizedMixin, cls).is_active(task_vars) and not is_containerized
+ is_containerized = self.get_var("openshift", "common", "is_containerized")
+ return super(NotContainerizedMixin, self).is_active() and not is_containerized
class DockerHostMixin(object):
@@ -22,28 +19,26 @@ class DockerHostMixin(object):
dependencies = []
- @classmethod
- def is_active(cls, task_vars):
+ def is_active(self):
"""Only run on hosts that depend on Docker."""
- is_containerized = get_var(task_vars, "openshift", "common", "is_containerized")
- is_node = "nodes" in get_var(task_vars, "group_names", default=[])
- return super(DockerHostMixin, cls).is_active(task_vars) and (is_containerized or is_node)
+ is_containerized = self.get_var("openshift", "common", "is_containerized")
+ is_node = "nodes" in self.get_var("group_names", default=[])
+ return super(DockerHostMixin, self).is_active() and (is_containerized or is_node)
- def ensure_dependencies(self, task_vars):
+ def ensure_dependencies(self):
"""
Ensure that docker-related packages exist, but not on atomic hosts
(which would not be able to install but should already have them).
Returns: msg, failed, changed
"""
- if get_var(task_vars, "openshift", "common", "is_atomic"):
+ if self.get_var("openshift", "common", "is_atomic"):
return "", False, False
# NOTE: we would use the "package" module but it's actually an action plugin
# and it's not clear how to invoke one of those. This is about the same anyway:
result = self.execute_module(
- get_var(task_vars, "ansible_pkg_mgr", default="yum"),
+ self.get_var("ansible_pkg_mgr", default="yum"),
{"name": self.dependencies, "state": "present"},
- task_vars=task_vars,
)
msg = result.get("msg", "")
if result.get("failed"):
diff --git a/roles/openshift_health_checker/openshift_checks/ovs_version.py b/roles/openshift_health_checker/openshift_checks/ovs_version.py
index 2dd045f1f..cd6ebd493 100644
--- a/roles/openshift_health_checker/openshift_checks/ovs_version.py
+++ b/roles/openshift_health_checker/openshift_checks/ovs_version.py
@@ -3,7 +3,7 @@ Ansible module for determining if an installed version of Open vSwitch is incomp
currently installed version of OpenShift.
"""
-from openshift_checks import OpenShiftCheck, OpenShiftCheckException, get_var
+from openshift_checks import OpenShiftCheck, OpenShiftCheckException
from openshift_checks.mixins import NotContainerizedMixin
@@ -27,27 +27,26 @@ class OvsVersion(NotContainerizedMixin, OpenShiftCheck):
"1": "3",
}
- @classmethod
- def is_active(cls, task_vars):
+ def is_active(self):
"""Skip hosts that do not have package requirements."""
- group_names = get_var(task_vars, "group_names", default=[])
+ group_names = self.get_var("group_names", default=[])
master_or_node = 'masters' in group_names or 'nodes' in group_names
- return super(OvsVersion, cls).is_active(task_vars) and master_or_node
+ return super(OvsVersion, self).is_active() and master_or_node
- def run(self, tmp, task_vars):
+ def run(self):
args = {
"package_list": [
{
"name": "openvswitch",
- "version": self.get_required_ovs_version(task_vars),
+ "version": self.get_required_ovs_version(),
},
],
}
- return self.execute_module("rpm_version", args, task_vars=task_vars)
+ return self.execute_module("rpm_version", args)
- def get_required_ovs_version(self, task_vars):
+ def get_required_ovs_version(self):
"""Return the correct Open vSwitch version for the current OpenShift version"""
- openshift_version = self._get_openshift_version(task_vars)
+ openshift_version = self._get_openshift_version()
if float(openshift_version) < 3.5:
return self.openshift_to_ovs_version["3.4"]
@@ -59,8 +58,8 @@ class OvsVersion(NotContainerizedMixin, OpenShiftCheck):
msg = "There is no recommended version of Open vSwitch for the current version of OpenShift: {}"
raise OpenShiftCheckException(msg.format(openshift_version))
- def _get_openshift_version(self, task_vars):
- openshift_version = get_var(task_vars, "openshift_image_tag")
+ def _get_openshift_version(self):
+ openshift_version = self.get_var("openshift_image_tag")
if openshift_version and openshift_version[0] == 'v':
openshift_version = openshift_version[1:]
diff --git a/roles/openshift_health_checker/openshift_checks/package_availability.py b/roles/openshift_health_checker/openshift_checks/package_availability.py
index e87567fe6..a86180b00 100644
--- a/roles/openshift_health_checker/openshift_checks/package_availability.py
+++ b/roles/openshift_health_checker/openshift_checks/package_availability.py
@@ -1,5 +1,6 @@
-# pylint: disable=missing-docstring
-from openshift_checks import OpenShiftCheck, get_var
+"""Check that required RPM packages are available."""
+
+from openshift_checks import OpenShiftCheck
from openshift_checks.mixins import NotContainerizedMixin
@@ -9,13 +10,13 @@ class PackageAvailability(NotContainerizedMixin, OpenShiftCheck):
name = "package_availability"
tags = ["preflight"]
- @classmethod
- def is_active(cls, task_vars):
- return super(PackageAvailability, cls).is_active(task_vars) and task_vars["ansible_pkg_mgr"] == "yum"
+ def is_active(self):
+ """Run only when yum is the package manager as the code is specific to it."""
+ return super(PackageAvailability, self).is_active() and self.get_var("ansible_pkg_mgr") == "yum"
- def run(self, tmp, task_vars):
- rpm_prefix = get_var(task_vars, "openshift", "common", "service_type")
- group_names = get_var(task_vars, "group_names", default=[])
+ def run(self):
+ rpm_prefix = self.get_var("openshift", "common", "service_type")
+ group_names = self.get_var("group_names", default=[])
packages = set()
@@ -25,10 +26,11 @@ class PackageAvailability(NotContainerizedMixin, OpenShiftCheck):
packages.update(self.node_packages(rpm_prefix))
args = {"packages": sorted(set(packages))}
- return self.execute_module("check_yum_update", args, tmp=tmp, task_vars=task_vars)
+ return self.execute_module("check_yum_update", args)
@staticmethod
def master_packages(rpm_prefix):
+ """Return a list of RPMs that we expect a master install to have available."""
return [
"{rpm_prefix}".format(rpm_prefix=rpm_prefix),
"{rpm_prefix}-clients".format(rpm_prefix=rpm_prefix),
@@ -36,7 +38,7 @@ class PackageAvailability(NotContainerizedMixin, OpenShiftCheck):
"bash-completion",
"cockpit-bridge",
"cockpit-docker",
- "cockpit-shell",
+ "cockpit-system",
"cockpit-ws",
"etcd",
"httpd-tools",
@@ -44,6 +46,7 @@ class PackageAvailability(NotContainerizedMixin, OpenShiftCheck):
@staticmethod
def node_packages(rpm_prefix):
+ """Return a list of RPMs that we expect a node install to have available."""
return [
"{rpm_prefix}".format(rpm_prefix=rpm_prefix),
"{rpm_prefix}-node".format(rpm_prefix=rpm_prefix),
diff --git a/roles/openshift_health_checker/openshift_checks/package_update.py b/roles/openshift_health_checker/openshift_checks/package_update.py
index f432380c6..1e9aecbe0 100644
--- a/roles/openshift_health_checker/openshift_checks/package_update.py
+++ b/roles/openshift_health_checker/openshift_checks/package_update.py
@@ -1,14 +1,14 @@
-# pylint: disable=missing-docstring
+"""Check that a yum update would not run into conflicts with available packages."""
from openshift_checks import OpenShiftCheck
from openshift_checks.mixins import NotContainerizedMixin
class PackageUpdate(NotContainerizedMixin, OpenShiftCheck):
- """Check that there are no conflicts in RPM packages."""
+ """Check that a yum update would not run into conflicts with available packages."""
name = "package_update"
tags = ["preflight"]
- def run(self, tmp, task_vars):
+ def run(self):
args = {"packages": []}
- return self.execute_module("check_yum_update", args, tmp=tmp, task_vars=task_vars)
+ return self.execute_module("check_yum_update", args)
diff --git a/roles/openshift_health_checker/openshift_checks/package_version.py b/roles/openshift_health_checker/openshift_checks/package_version.py
index 6a76bb93d..020786804 100644
--- a/roles/openshift_health_checker/openshift_checks/package_version.py
+++ b/roles/openshift_health_checker/openshift_checks/package_version.py
@@ -1,5 +1,5 @@
-# pylint: disable=missing-docstring
-from openshift_checks import OpenShiftCheck, OpenShiftCheckException, get_var
+"""Check that available RPM packages match the required versions."""
+from openshift_checks import OpenShiftCheck, OpenShiftCheckException
from openshift_checks.mixins import NotContainerizedMixin
@@ -10,8 +10,8 @@ class PackageVersion(NotContainerizedMixin, OpenShiftCheck):
tags = ["preflight"]
openshift_to_ovs_version = {
- "3.6": "2.6",
- "3.5": "2.6",
+ "3.6": ["2.6", "2.7"],
+ "3.5": ["2.6", "2.7"],
"3.4": "2.4",
}
@@ -28,29 +28,28 @@ class PackageVersion(NotContainerizedMixin, OpenShiftCheck):
"1": "3",
}
- @classmethod
- def is_active(cls, task_vars):
+ def is_active(self):
"""Skip hosts that do not have package requirements."""
- group_names = get_var(task_vars, "group_names", default=[])
+ group_names = self.get_var("group_names", default=[])
master_or_node = 'masters' in group_names or 'nodes' in group_names
- return super(PackageVersion, cls).is_active(task_vars) and master_or_node
+ return super(PackageVersion, self).is_active() and master_or_node
- def run(self, tmp, task_vars):
- rpm_prefix = get_var(task_vars, "openshift", "common", "service_type")
- openshift_release = get_var(task_vars, "openshift_release", default='')
- deployment_type = get_var(task_vars, "openshift_deployment_type")
+ def run(self):
+ rpm_prefix = self.get_var("openshift", "common", "service_type")
+ openshift_release = self.get_var("openshift_release", default='')
+ deployment_type = self.get_var("openshift_deployment_type")
check_multi_minor_release = deployment_type in ['openshift-enterprise']
args = {
"package_list": [
{
"name": "openvswitch",
- "version": self.get_required_ovs_version(task_vars),
+ "version": self.get_required_ovs_version(),
"check_multi": False,
},
{
"name": "docker",
- "version": self.get_required_docker_version(task_vars),
+ "version": self.get_required_docker_version(),
"check_multi": False,
},
{
@@ -71,13 +70,13 @@ class PackageVersion(NotContainerizedMixin, OpenShiftCheck):
],
}
- return self.execute_module("aos_version", args, tmp=tmp, task_vars=task_vars)
+ return self.execute_module("aos_version", args)
- def get_required_ovs_version(self, task_vars):
+ def get_required_ovs_version(self):
"""Return the correct Open vSwitch version for the current OpenShift version.
If the current OpenShift version is >= 3.5, ensure Open vSwitch version 2.6,
Else ensure Open vSwitch version 2.4"""
- openshift_version = self.get_openshift_version(task_vars)
+ openshift_version = self.get_openshift_version()
if float(openshift_version) < 3.5:
return self.openshift_to_ovs_version["3.4"]
@@ -89,12 +88,12 @@ class PackageVersion(NotContainerizedMixin, OpenShiftCheck):
msg = "There is no recommended version of Open vSwitch for the current version of OpenShift: {}"
raise OpenShiftCheckException(msg.format(openshift_version))
- def get_required_docker_version(self, task_vars):
+ def get_required_docker_version(self):
"""Return the correct Docker version for the current OpenShift version.
If the OpenShift version is 3.1, ensure Docker version 1.8.
If the OpenShift version is 3.2 or 3.3, ensure Docker version 1.10.
If the current OpenShift version is >= 3.4, ensure Docker version 1.12."""
- openshift_version = self.get_openshift_version(task_vars)
+ openshift_version = self.get_openshift_version()
if float(openshift_version) >= 3.4:
return self.openshift_to_docker_version["3.4"]
@@ -106,14 +105,16 @@ class PackageVersion(NotContainerizedMixin, OpenShiftCheck):
msg = "There is no recommended version of Docker for the current version of OpenShift: {}"
raise OpenShiftCheckException(msg.format(openshift_version))
- def get_openshift_version(self, task_vars):
- openshift_version = get_var(task_vars, "openshift_image_tag")
+ def get_openshift_version(self):
+ """Return received image tag as a normalized X.Y minor version string."""
+ openshift_version = self.get_var("openshift_image_tag")
if openshift_version and openshift_version[0] == 'v':
openshift_version = openshift_version[1:]
return self.parse_version(openshift_version)
def parse_version(self, version):
+ """Return a normalized X.Y minor version string."""
components = version.split(".")
if not components or len(components) < 2:
msg = "An invalid version of OpenShift was found for this host: {}"
diff --git a/roles/openshift_health_checker/test/action_plugin_test.py b/roles/openshift_health_checker/test/action_plugin_test.py
index 6ebf0ebb2..2d068be3d 100644
--- a/roles/openshift_health_checker/test/action_plugin_test.py
+++ b/roles/openshift_health_checker/test/action_plugin_test.py
@@ -15,14 +15,13 @@ def fake_check(name='fake_check', tags=None, is_active=True, run_return=None, ru
name = _name
tags = _tags or []
- def __init__(self, execute_module=None):
+ def __init__(self, execute_module=None, task_vars=None, tmp=None):
pass
- @classmethod
- def is_active(cls, task_vars):
+ def is_active(self):
return is_active
- def run(self, tmp, task_vars):
+ def run(self):
if run_exception is not None:
raise run_exception
return run_return
@@ -59,7 +58,7 @@ def failed(result, msg_has=None):
if msg_has is not None:
assert 'msg' in result
for term in msg_has:
- assert term in result['msg']
+ assert term.lower() in result['msg'].lower()
return result.get('failed', False)
@@ -124,7 +123,7 @@ def test_action_plugin_skip_disabled_checks(plugin, task_vars, monkeypatch):
def test_action_plugin_run_check_ok(plugin, task_vars, monkeypatch):
check_return_value = {'ok': 'test'}
check_class = fake_check(run_return=check_return_value)
- monkeypatch.setattr(plugin, 'load_known_checks', lambda: {'fake_check': check_class()})
+ monkeypatch.setattr(plugin, 'load_known_checks', lambda tmp, task_vars: {'fake_check': check_class()})
monkeypatch.setattr('openshift_health_check.resolve_checks', lambda *args: ['fake_check'])
result = plugin.run(tmp=None, task_vars=task_vars)
@@ -138,7 +137,7 @@ def test_action_plugin_run_check_ok(plugin, task_vars, monkeypatch):
def test_action_plugin_run_check_changed(plugin, task_vars, monkeypatch):
check_return_value = {'ok': 'test', 'changed': True}
check_class = fake_check(run_return=check_return_value)
- monkeypatch.setattr(plugin, 'load_known_checks', lambda: {'fake_check': check_class()})
+ monkeypatch.setattr(plugin, 'load_known_checks', lambda tmp, task_vars: {'fake_check': check_class()})
monkeypatch.setattr('openshift_health_check.resolve_checks', lambda *args: ['fake_check'])
result = plugin.run(tmp=None, task_vars=task_vars)
@@ -152,7 +151,7 @@ def test_action_plugin_run_check_changed(plugin, task_vars, monkeypatch):
def test_action_plugin_run_check_fail(plugin, task_vars, monkeypatch):
check_return_value = {'failed': True}
check_class = fake_check(run_return=check_return_value)
- monkeypatch.setattr(plugin, 'load_known_checks', lambda: {'fake_check': check_class()})
+ monkeypatch.setattr(plugin, 'load_known_checks', lambda tmp, task_vars: {'fake_check': check_class()})
monkeypatch.setattr('openshift_health_check.resolve_checks', lambda *args: ['fake_check'])
result = plugin.run(tmp=None, task_vars=task_vars)
@@ -167,7 +166,7 @@ def test_action_plugin_run_check_exception(plugin, task_vars, monkeypatch):
exception_msg = 'fake check has an exception'
run_exception = OpenShiftCheckException(exception_msg)
check_class = fake_check(run_exception=run_exception)
- monkeypatch.setattr(plugin, 'load_known_checks', lambda: {'fake_check': check_class()})
+ monkeypatch.setattr(plugin, 'load_known_checks', lambda tmp, task_vars: {'fake_check': check_class()})
monkeypatch.setattr('openshift_health_check.resolve_checks', lambda *args: ['fake_check'])
result = plugin.run(tmp=None, task_vars=task_vars)
@@ -178,6 +177,16 @@ def test_action_plugin_run_check_exception(plugin, task_vars, monkeypatch):
assert not skipped(result)
+def test_action_plugin_resolve_checks_exception(plugin, task_vars, monkeypatch):
+ monkeypatch.setattr(plugin, 'load_known_checks', lambda tmp, task_vars: {})
+
+ result = plugin.run(tmp=None, task_vars=task_vars)
+
+ assert failed(result, msg_has=['unknown', 'name'])
+ assert not changed(result)
+ assert not skipped(result)
+
+
@pytest.mark.parametrize('names,all_checks,expected', [
([], [], set()),
(
diff --git a/roles/openshift_health_checker/test/aos_version_test.py b/roles/openshift_health_checker/test/aos_version_test.py
index 697805dd2..4100f6c70 100644
--- a/roles/openshift_health_checker/test/aos_version_test.py
+++ b/roles/openshift_health_checker/test/aos_version_test.py
@@ -18,7 +18,43 @@ expected_pkgs = {
}
-@pytest.mark.parametrize('pkgs, expect_not_found', [
+@pytest.mark.parametrize('pkgs,expected_pkgs_dict', [
+ (
+ # all found
+ [Package('spam', '3.2.1'), Package('eggs', '3.2.1')],
+ expected_pkgs,
+ ),
+ (
+ # found with more specific version
+ [Package('spam', '3.2.1'), Package('eggs', '3.2.1.5')],
+ expected_pkgs,
+ ),
+ (
+ [Package('ovs', '2.6'), Package('ovs', '2.4')],
+ {
+ "ovs": {
+ "name": "ovs",
+ "version": ["2.6", "2.7"],
+ "check_multi": False,
+ }
+ },
+ ),
+ (
+ [Package('ovs', '2.7')],
+ {
+ "ovs": {
+ "name": "ovs",
+ "version": ["2.6", "2.7"],
+ "check_multi": False,
+ }
+ },
+ ),
+])
+def test_check_precise_version_found(pkgs, expected_pkgs_dict):
+ aos_version._check_precise_version_found(pkgs, expected_pkgs_dict)
+
+
+@pytest.mark.parametrize('pkgs,expect_not_found', [
(
[],
{
@@ -55,14 +91,6 @@ expected_pkgs = {
}, # not the right version
),
(
- [Package('spam', '3.2.1'), Package('eggs', '3.2.1')],
- {}, # all found
- ),
- (
- [Package('spam', '3.2.1'), Package('eggs', '3.2.1.5')],
- {}, # found with more specific version
- ),
- (
[Package('eggs', '1.2.3'), Package('eggs', '3.2.1.5')],
{
"spam": {
@@ -73,64 +101,86 @@ expected_pkgs = {
}, # eggs found with multiple versions
),
])
-def test_check_pkgs_for_precise_version(pkgs, expect_not_found):
- if expect_not_found:
- with pytest.raises(aos_version.PreciseVersionNotFound) as e:
- aos_version._check_precise_version_found(pkgs, expected_pkgs)
-
- assert list(expect_not_found.values()) == e.value.problem_pkgs
- else:
+def test_check_precise_version_found_fail(pkgs, expect_not_found):
+ with pytest.raises(aos_version.PreciseVersionNotFound) as e:
aos_version._check_precise_version_found(pkgs, expected_pkgs)
+ assert list(expect_not_found.values()) == e.value.problem_pkgs
-@pytest.mark.parametrize('pkgs, expect_higher', [
+@pytest.mark.parametrize('pkgs,expected_pkgs_dict', [
(
[],
- [],
+ expected_pkgs,
),
(
+ # more precise but not strictly higher
[Package('spam', '3.2.1.9')],
- [], # more precise but not strictly higher
+ expected_pkgs,
),
(
+ [Package('ovs', '2.7')],
+ {
+ "ovs": {
+ "name": "ovs",
+ "version": ["2.6", "2.7"],
+ "check_multi": False,
+ }
+ },
+ ),
+])
+def test_check_higher_version_found(pkgs, expected_pkgs_dict):
+ aos_version._check_higher_version_found(pkgs, expected_pkgs_dict)
+
+
+@pytest.mark.parametrize('pkgs,expected_pkgs_dict,expect_higher', [
+ (
[Package('spam', '3.3')],
+ expected_pkgs,
['spam-3.3'], # lower precision, but higher
),
(
[Package('spam', '3.2.1'), Package('eggs', '3.3.2')],
+ expected_pkgs,
['eggs-3.3.2'], # one too high
),
(
[Package('eggs', '1.2.3'), Package('eggs', '3.2.1.5'), Package('eggs', '3.4')],
+ expected_pkgs,
['eggs-3.4'], # multiple versions, one is higher
),
(
[Package('eggs', '3.2.1'), Package('eggs', '3.4'), Package('eggs', '3.3')],
+ expected_pkgs,
['eggs-3.4'], # multiple versions, two are higher
),
+ (
+ [Package('ovs', '2.8')],
+ {
+ "ovs": {
+ "name": "ovs",
+ "version": ["2.6", "2.7"],
+ "check_multi": False,
+ }
+ },
+ ['ovs-2.8'],
+ ),
])
-def test_check_pkgs_for_greater_version(pkgs, expect_higher):
- if expect_higher:
- with pytest.raises(aos_version.FoundHigherVersion) as e:
- aos_version._check_higher_version_found(pkgs, expected_pkgs)
- assert set(expect_higher) == set(e.value.problem_pkgs)
- else:
- aos_version._check_higher_version_found(pkgs, expected_pkgs)
+def test_check_higher_version_found_fail(pkgs, expected_pkgs_dict, expect_higher):
+ with pytest.raises(aos_version.FoundHigherVersion) as e:
+ aos_version._check_higher_version_found(pkgs, expected_pkgs_dict)
+ assert set(expect_higher) == set(e.value.problem_pkgs)
-@pytest.mark.parametrize('pkgs, expect_to_flag_pkgs', [
- (
- [],
- [],
- ),
- (
- [Package('spam', '3.2.1')],
- [],
- ),
- (
- [Package('spam', '3.2.1'), Package('eggs', '3.2.2')],
- [],
- ),
+@pytest.mark.parametrize('pkgs', [
+ [],
+ [Package('spam', '3.2.1')],
+ [Package('spam', '3.2.1'), Package('eggs', '3.2.2')],
+])
+def test_check_multi_minor_release(pkgs):
+ aos_version._check_multi_minor_release(pkgs, expected_pkgs)
+
+
+@pytest.mark.parametrize('pkgs,expect_to_flag_pkgs', [
(
[Package('spam', '3.2.1'), Package('spam', '3.3.2')],
['spam'],
@@ -140,10 +190,7 @@ def test_check_pkgs_for_greater_version(pkgs, expect_higher):
['eggs'],
),
])
-def test_check_pkgs_for_multi_release(pkgs, expect_to_flag_pkgs):
- if expect_to_flag_pkgs:
- with pytest.raises(aos_version.FoundMultiRelease) as e:
- aos_version._check_multi_minor_release(pkgs, expected_pkgs)
- assert set(expect_to_flag_pkgs) == set(e.value.problem_pkgs)
- else:
+def test_check_multi_minor_release_fail(pkgs, expect_to_flag_pkgs):
+ with pytest.raises(aos_version.FoundMultiRelease) as e:
aos_version._check_multi_minor_release(pkgs, expected_pkgs)
+ assert set(expect_to_flag_pkgs) == set(e.value.problem_pkgs)
diff --git a/roles/openshift_health_checker/test/disk_availability_test.py b/roles/openshift_health_checker/test/disk_availability_test.py
index b353fa610..e98d02c58 100644
--- a/roles/openshift_health_checker/test/disk_availability_test.py
+++ b/roles/openshift_health_checker/test/disk_availability_test.py
@@ -3,24 +3,21 @@ import pytest
from openshift_checks.disk_availability import DiskAvailability, OpenShiftCheckException
-@pytest.mark.parametrize('group_names,is_containerized,is_active', [
- (['masters'], False, True),
- # ensure check is skipped on containerized installs
- (['masters'], True, False),
- (['nodes'], False, True),
- (['etcd'], False, True),
- (['masters', 'nodes'], False, True),
- (['masters', 'etcd'], False, True),
- ([], False, False),
- (['lb'], False, False),
- (['nfs'], False, False),
+@pytest.mark.parametrize('group_names,is_active', [
+ (['masters'], True),
+ (['nodes'], True),
+ (['etcd'], True),
+ (['masters', 'nodes'], True),
+ (['masters', 'etcd'], True),
+ ([], False),
+ (['lb'], False),
+ (['nfs'], False),
])
-def test_is_active(group_names, is_containerized, is_active):
+def test_is_active(group_names, is_active):
task_vars = dict(
group_names=group_names,
- openshift=dict(common=dict(is_containerized=is_containerized)),
)
- assert DiskAvailability.is_active(task_vars=task_vars) == is_active
+ assert DiskAvailability(None, task_vars).is_active() == is_active
@pytest.mark.parametrize('ansible_mounts,extra_words', [
@@ -33,12 +30,11 @@ def test_cannot_determine_available_disk(ansible_mounts, extra_words):
group_names=['masters'],
ansible_mounts=ansible_mounts,
)
- check = DiskAvailability(execute_module=fake_execute_module)
with pytest.raises(OpenShiftCheckException) as excinfo:
- check.run(tmp=None, task_vars=task_vars)
+ DiskAvailability(fake_execute_module, task_vars).run()
- for word in 'determine available disk'.split() + extra_words:
+ for word in 'determine disk availability'.split() + extra_words:
assert word in str(excinfo.value)
@@ -81,7 +77,7 @@ def test_cannot_determine_available_disk(ansible_mounts, extra_words):
[{
# not enough space on / ...
'mount': '/',
- 'size_available': 0,
+ 'size_available': 2 * 10**9,
}, {
# ... but enough on /var
'mount': '/var',
@@ -96,8 +92,7 @@ def test_succeeds_with_recommended_disk_space(group_names, configured_min, ansib
ansible_mounts=ansible_mounts,
)
- check = DiskAvailability(execute_module=fake_execute_module)
- result = check.run(tmp=None, task_vars=task_vars)
+ result = DiskAvailability(fake_execute_module, task_vars).run()
assert not result.get('failed', False)
@@ -171,8 +166,7 @@ def test_fails_with_insufficient_disk_space(group_names, configured_min, ansible
ansible_mounts=ansible_mounts,
)
- check = DiskAvailability(execute_module=fake_execute_module)
- result = check.run(tmp=None, task_vars=task_vars)
+ result = DiskAvailability(fake_execute_module, task_vars).run()
assert result['failed']
for word in 'below recommended'.split() + extra_words:
diff --git a/roles/openshift_health_checker/test/docker_image_availability_test.py b/roles/openshift_health_checker/test/docker_image_availability_test.py
index 0a7c0f8d3..8d0a53df9 100644
--- a/roles/openshift_health_checker/test/docker_image_availability_test.py
+++ b/roles/openshift_health_checker/test/docker_image_availability_test.py
@@ -21,7 +21,7 @@ def test_is_active(deployment_type, is_containerized, group_names, expect_active
openshift_deployment_type=deployment_type,
group_names=group_names,
)
- assert DockerImageAvailability.is_active(task_vars=task_vars) == expect_active
+ assert DockerImageAvailability(None, task_vars).is_active() == expect_active
@pytest.mark.parametrize("is_containerized,is_atomic", [
@@ -31,7 +31,7 @@ def test_is_active(deployment_type, is_containerized, group_names, expect_active
(False, True),
])
def test_all_images_available_locally(is_containerized, is_atomic):
- def execute_module(module_name, module_args, task_vars):
+ def execute_module(module_name, module_args, *_):
if module_name == "yum":
return {"changed": True}
@@ -42,7 +42,7 @@ def test_all_images_available_locally(is_containerized, is_atomic):
'images': [module_args['name']],
}
- result = DockerImageAvailability(execute_module=execute_module).run(tmp=None, task_vars=dict(
+ result = DockerImageAvailability(execute_module, task_vars=dict(
openshift=dict(
common=dict(
service_type='origin',
@@ -54,7 +54,7 @@ def test_all_images_available_locally(is_containerized, is_atomic):
openshift_deployment_type='origin',
openshift_image_tag='3.4',
group_names=['nodes', 'masters'],
- ))
+ )).run()
assert not result.get('failed', False)
@@ -64,12 +64,12 @@ def test_all_images_available_locally(is_containerized, is_atomic):
True,
])
def test_all_images_available_remotely(available_locally):
- def execute_module(module_name, module_args, task_vars):
+ def execute_module(module_name, *_):
if module_name == 'docker_image_facts':
return {'images': [], 'failed': available_locally}
return {'changed': False}
- result = DockerImageAvailability(execute_module=execute_module).run(tmp=None, task_vars=dict(
+ result = DockerImageAvailability(execute_module, task_vars=dict(
openshift=dict(
common=dict(
service_type='origin',
@@ -81,13 +81,13 @@ def test_all_images_available_remotely(available_locally):
openshift_deployment_type='origin',
openshift_image_tag='v3.4',
group_names=['nodes', 'masters'],
- ))
+ )).run()
assert not result.get('failed', False)
def test_all_images_unavailable():
- def execute_module(module_name=None, module_args=None, tmp=None, task_vars=None):
+ def execute_module(module_name=None, *_):
if module_name == "command":
return {
'failed': True,
@@ -97,8 +97,7 @@ def test_all_images_unavailable():
'changed': False,
}
- check = DockerImageAvailability(execute_module=execute_module)
- actual = check.run(tmp=None, task_vars=dict(
+ actual = DockerImageAvailability(execute_module, task_vars=dict(
openshift=dict(
common=dict(
service_type='origin',
@@ -110,7 +109,7 @@ def test_all_images_unavailable():
openshift_deployment_type="openshift-enterprise",
openshift_image_tag='latest',
group_names=['nodes', 'masters'],
- ))
+ )).run()
assert actual['failed']
assert "required Docker images are not available" in actual['msg']
@@ -127,7 +126,7 @@ def test_all_images_unavailable():
),
])
def test_skopeo_update_failure(message, extra_words):
- def execute_module(module_name=None, module_args=None, tmp=None, task_vars=None):
+ def execute_module(module_name=None, *_):
if module_name == "yum":
return {
"failed": True,
@@ -137,7 +136,7 @@ def test_skopeo_update_failure(message, extra_words):
return {'changed': False}
- actual = DockerImageAvailability(execute_module=execute_module).run(tmp=None, task_vars=dict(
+ actual = DockerImageAvailability(execute_module, task_vars=dict(
openshift=dict(
common=dict(
service_type='origin',
@@ -149,7 +148,7 @@ def test_skopeo_update_failure(message, extra_words):
openshift_deployment_type="openshift-enterprise",
openshift_image_tag='',
group_names=['nodes', 'masters'],
- ))
+ )).run()
assert actual["failed"]
for word in extra_words:
@@ -162,12 +161,12 @@ def test_skopeo_update_failure(message, extra_words):
("openshift-enterprise", []),
])
def test_registry_availability(deployment_type, registries):
- def execute_module(module_name=None, module_args=None, tmp=None, task_vars=None):
+ def execute_module(module_name=None, *_):
return {
'changed': False,
}
- actual = DockerImageAvailability(execute_module=execute_module).run(tmp=None, task_vars=dict(
+ actual = DockerImageAvailability(execute_module, task_vars=dict(
openshift=dict(
common=dict(
service_type='origin',
@@ -179,7 +178,7 @@ def test_registry_availability(deployment_type, registries):
openshift_deployment_type=deployment_type,
openshift_image_tag='',
group_names=['nodes', 'masters'],
- ))
+ )).run()
assert not actual.get("failed", False)
@@ -258,4 +257,18 @@ def test_required_images(deployment_type, is_containerized, groups, oreg_url, ex
openshift_image_tag='vtest',
)
- assert expected == DockerImageAvailability("DUMMY").required_images(task_vars)
+ assert expected == DockerImageAvailability("DUMMY", task_vars).required_images()
+
+
+def test_containerized_etcd():
+ task_vars = dict(
+ openshift=dict(
+ common=dict(
+ is_containerized=True,
+ ),
+ ),
+ openshift_deployment_type="origin",
+ group_names=['etcd'],
+ )
+ expected = set(['registry.access.redhat.com/rhel7/etcd'])
+ assert expected == DockerImageAvailability("DUMMY", task_vars).required_images()
diff --git a/roles/openshift_health_checker/test/docker_storage_test.py b/roles/openshift_health_checker/test/docker_storage_test.py
index 876614b1d..e0dccc062 100644
--- a/roles/openshift_health_checker/test/docker_storage_test.py
+++ b/roles/openshift_health_checker/test/docker_storage_test.py
@@ -4,12 +4,6 @@ from openshift_checks import OpenShiftCheckException
from openshift_checks.docker_storage import DockerStorage
-def dummy_check(execute_module=None):
- def dummy_exec(self, status, task_vars):
- raise Exception("dummy executor called")
- return DockerStorage(execute_module=execute_module or dummy_exec)
-
-
@pytest.mark.parametrize('is_containerized, group_names, is_active', [
(False, ["masters", "etcd"], False),
(False, ["masters", "nodes"], True),
@@ -20,10 +14,11 @@ def test_is_active(is_containerized, group_names, is_active):
openshift=dict(common=dict(is_containerized=is_containerized)),
group_names=group_names,
)
- assert DockerStorage.is_active(task_vars=task_vars) == is_active
+ assert DockerStorage(None, task_vars).is_active() == is_active
-non_atomic_task_vars = {"openshift": {"common": {"is_atomic": False}}}
+def non_atomic_task_vars():
+ return {"openshift": {"common": {"is_atomic": False}}}
@pytest.mark.parametrize('docker_info, failed, expect_msg', [
@@ -56,7 +51,7 @@ non_atomic_task_vars = {"openshift": {"common": {"is_atomic": False}}}
(
dict(info={
"Driver": "overlay2",
- "DriverStatus": []
+ "DriverStatus": [("Backing Filesystem", "xfs")],
}),
False,
[],
@@ -64,9 +59,30 @@ non_atomic_task_vars = {"openshift": {"common": {"is_atomic": False}}}
(
dict(info={
"Driver": "overlay",
+ "DriverStatus": [("Backing Filesystem", "btrfs")],
}),
True,
- ["unsupported Docker storage driver"],
+ ["storage is type 'btrfs'", "only supported with\n'xfs'"],
+ ),
+ (
+ dict(info={
+ "Driver": "overlay2",
+ "DriverStatus": [("Backing Filesystem", "xfs")],
+ "OperatingSystem": "Red Hat Enterprise Linux Server release 7.2 (Maipo)",
+ "KernelVersion": "3.10.0-327.22.2.el7.x86_64",
+ }),
+ True,
+ ["Docker reports kernel version 3.10.0-327"],
+ ),
+ (
+ dict(info={
+ "Driver": "overlay",
+ "DriverStatus": [("Backing Filesystem", "xfs")],
+ "OperatingSystem": "CentOS",
+ "KernelVersion": "3.10.0-514",
+ }),
+ False,
+ [],
),
(
dict(info={
@@ -77,16 +93,17 @@ non_atomic_task_vars = {"openshift": {"common": {"is_atomic": False}}}
),
])
def test_check_storage_driver(docker_info, failed, expect_msg):
- def execute_module(module_name, module_args, tmp=None, task_vars=None):
+ def execute_module(module_name, *_):
if module_name == "yum":
return {}
if module_name != "docker_info":
raise ValueError("not expecting module " + module_name)
return docker_info
- check = dummy_check(execute_module=execute_module)
- check._check_dm_usage = lambda status, task_vars: dict() # stub out for this test
- result = check.run(tmp=None, task_vars=non_atomic_task_vars)
+ check = DockerStorage(execute_module, non_atomic_task_vars())
+ check.check_dm_usage = lambda status: dict() # stub out for this test
+ check.check_overlay_usage = lambda info: dict() # stub out for this test
+ result = check.run()
if failed:
assert result["failed"]
@@ -145,9 +162,9 @@ not_enough_space = {
),
])
def test_dm_usage(task_vars, driver_status, vg_free, success, expect_msg):
- check = dummy_check()
- check._get_vg_free = lambda pool, task_vars: vg_free
- result = check._check_dm_usage(driver_status, task_vars)
+ check = DockerStorage(None, task_vars)
+ check.get_vg_free = lambda pool: vg_free
+ result = check.check_dm_usage(driver_status)
result_success = not result.get("failed")
assert result_success is success
@@ -187,18 +204,18 @@ def test_dm_usage(task_vars, driver_status, vg_free, success, expect_msg):
)
])
def test_vg_free(pool, command_returns, raises, returns):
- def execute_module(module_name, module_args, tmp=None, task_vars=None):
+ def execute_module(module_name, *_):
if module_name != "command":
raise ValueError("not expecting module " + module_name)
return command_returns
- check = dummy_check(execute_module=execute_module)
+ check = DockerStorage(execute_module)
if raises:
with pytest.raises(OpenShiftCheckException) as err:
- check._get_vg_free(pool, {})
+ check.get_vg_free(pool)
assert raises in str(err.value)
else:
- ret = check._get_vg_free(pool, {})
+ ret = check.get_vg_free(pool)
assert ret == returns
@@ -209,7 +226,7 @@ def test_vg_free(pool, command_returns, raises, returns):
("12g", 12.0 * 1024**3),
])
def test_convert_to_bytes(string, expect_bytes):
- got = DockerStorage._convert_to_bytes(string)
+ got = DockerStorage.convert_to_bytes(string)
assert got == expect_bytes
@@ -219,6 +236,70 @@ def test_convert_to_bytes(string, expect_bytes):
])
def test_convert_to_bytes_error(string):
with pytest.raises(ValueError) as err:
- DockerStorage._convert_to_bytes(string)
+ DockerStorage.convert_to_bytes(string)
assert "Cannot convert" in str(err.value)
assert string in str(err.value)
+
+
+ansible_mounts_enough = [{
+ 'mount': '/var/lib/docker',
+ 'size_available': 50 * 10**9,
+ 'size_total': 50 * 10**9,
+}]
+ansible_mounts_not_enough = [{
+ 'mount': '/var/lib/docker',
+ 'size_available': 0,
+ 'size_total': 50 * 10**9,
+}]
+ansible_mounts_missing_fields = [dict(mount='/var/lib/docker')]
+ansible_mounts_zero_size = [{
+ 'mount': '/var/lib/docker',
+ 'size_available': 0,
+ 'size_total': 0,
+}]
+
+
+@pytest.mark.parametrize('ansible_mounts, threshold, expect_fail, expect_msg', [
+ (
+ ansible_mounts_enough,
+ None,
+ False,
+ [],
+ ),
+ (
+ ansible_mounts_not_enough,
+ None,
+ True,
+ ["usage percentage", "higher than threshold"],
+ ),
+ (
+ ansible_mounts_not_enough,
+ "bogus percent",
+ True,
+ ["is not a percentage"],
+ ),
+ (
+ ansible_mounts_missing_fields,
+ None,
+ True,
+ ["Ansible bug"],
+ ),
+ (
+ ansible_mounts_zero_size,
+ None,
+ True,
+ ["Ansible bug"],
+ ),
+])
+def test_overlay_usage(ansible_mounts, threshold, expect_fail, expect_msg):
+ task_vars = non_atomic_task_vars()
+ task_vars["ansible_mounts"] = ansible_mounts
+ if threshold is not None:
+ task_vars["max_overlay_usage_percent"] = threshold
+ check = DockerStorage(None, task_vars)
+ docker_info = dict(DockerRootDir="/var/lib/docker", Driver="overlay")
+ result = check.check_overlay_usage(docker_info)
+
+ assert expect_fail == bool(result.get("failed"))
+ for msg in expect_msg:
+ assert msg in result["msg"]
diff --git a/roles/openshift_health_checker/test/elasticsearch_test.py b/roles/openshift_health_checker/test/elasticsearch_test.py
index b9d375d8c..9edfc17c7 100644
--- a/roles/openshift_health_checker/test/elasticsearch_test.py
+++ b/roles/openshift_health_checker/test/elasticsearch_test.py
@@ -6,9 +6,9 @@ from openshift_checks.logging.elasticsearch import Elasticsearch
task_vars_config_base = dict(openshift=dict(common=dict(config_base='/etc/origin')))
-def canned_elasticsearch(exec_oc=None):
+def canned_elasticsearch(task_vars=None, exec_oc=None):
"""Create an Elasticsearch check object with canned exec_oc method"""
- check = Elasticsearch("dummy") # fails if a module is actually invoked
+ check = Elasticsearch("dummy", task_vars or {}) # fails if a module is actually invoked
if exec_oc:
check._exec_oc = exec_oc
return check
@@ -50,10 +50,10 @@ split_es_pod = {
def test_check_elasticsearch():
- assert 'No logging Elasticsearch pods' in canned_elasticsearch().check_elasticsearch([], {})
+ assert 'No logging Elasticsearch pods' in canned_elasticsearch().check_elasticsearch([])
# canned oc responses to match so all the checks pass
- def _exec_oc(cmd, args, task_vars):
+ def _exec_oc(cmd, args):
if '_cat/master' in cmd:
return 'name logging-es'
elif '/_nodes' in cmd:
@@ -65,7 +65,7 @@ def test_check_elasticsearch():
else:
raise Exception(cmd)
- assert not canned_elasticsearch(_exec_oc).check_elasticsearch([plain_es_pod], {})
+ assert not canned_elasticsearch({}, _exec_oc).check_elasticsearch([plain_es_pod])
def pods_by_name(pods):
@@ -88,9 +88,9 @@ def pods_by_name(pods):
])
def test_check_elasticsearch_masters(pods, expect_error):
test_pods = list(pods)
- check = canned_elasticsearch(lambda cmd, args, task_vars: test_pods.pop(0)['_test_master_name_str'])
+ check = canned_elasticsearch(task_vars_config_base, lambda cmd, args: test_pods.pop(0)['_test_master_name_str'])
- errors = check._check_elasticsearch_masters(pods_by_name(pods), task_vars_config_base)
+ errors = check._check_elasticsearch_masters(pods_by_name(pods))
assert_error(''.join(errors), expect_error)
@@ -124,9 +124,9 @@ es_node_list = {
),
])
def test_check_elasticsearch_node_list(pods, node_list, expect_error):
- check = canned_elasticsearch(lambda cmd, args, task_vars: json.dumps(node_list))
+ check = canned_elasticsearch(task_vars_config_base, lambda cmd, args: json.dumps(node_list))
- errors = check._check_elasticsearch_node_list(pods_by_name(pods), task_vars_config_base)
+ errors = check._check_elasticsearch_node_list(pods_by_name(pods))
assert_error(''.join(errors), expect_error)
@@ -149,9 +149,9 @@ def test_check_elasticsearch_node_list(pods, node_list, expect_error):
])
def test_check_elasticsearch_cluster_health(pods, health_data, expect_error):
test_health_data = list(health_data)
- check = canned_elasticsearch(lambda cmd, args, task_vars: json.dumps(test_health_data.pop(0)))
+ check = canned_elasticsearch(task_vars_config_base, lambda cmd, args: json.dumps(test_health_data.pop(0)))
- errors = check._check_es_cluster_health(pods_by_name(pods), task_vars_config_base)
+ errors = check._check_es_cluster_health(pods_by_name(pods))
assert_error(''.join(errors), expect_error)
@@ -174,7 +174,7 @@ def test_check_elasticsearch_cluster_health(pods, health_data, expect_error):
),
])
def test_check_elasticsearch_diskspace(disk_data, expect_error):
- check = canned_elasticsearch(lambda cmd, args, task_vars: disk_data)
+ check = canned_elasticsearch(task_vars_config_base, lambda cmd, args: disk_data)
- errors = check._check_elasticsearch_diskspace(pods_by_name([plain_es_pod]), task_vars_config_base)
+ errors = check._check_elasticsearch_diskspace(pods_by_name([plain_es_pod]))
assert_error(''.join(errors), expect_error)
diff --git a/roles/openshift_health_checker/test/etcd_imagedata_size_test.py b/roles/openshift_health_checker/test/etcd_imagedata_size_test.py
index df9d52d41..e3d6706fa 100644
--- a/roles/openshift_health_checker/test/etcd_imagedata_size_test.py
+++ b/roles/openshift_health_checker/test/etcd_imagedata_size_test.py
@@ -51,10 +51,10 @@ def test_cannot_determine_available_mountpath(ansible_mounts, extra_words):
task_vars = dict(
ansible_mounts=ansible_mounts,
)
- check = EtcdImageDataSize(execute_module=fake_execute_module)
+ check = EtcdImageDataSize(fake_execute_module, task_vars)
with pytest.raises(OpenShiftCheckException) as excinfo:
- check.run(tmp=None, task_vars=task_vars)
+ check.run()
for word in 'determine valid etcd mountpath'.split() + extra_words:
assert word in str(excinfo.value)
@@ -111,14 +111,14 @@ def test_cannot_determine_available_mountpath(ansible_mounts, extra_words):
)
])
def test_check_etcd_key_size_calculates_correct_limit(ansible_mounts, tree, size_limit, should_fail, extra_words):
- def execute_module(module_name, args, tmp=None, task_vars=None):
+ def execute_module(module_name, module_args, *_):
if module_name != "etcdkeysize":
return {
"changed": False,
}
client = fake_etcd_client(tree)
- s, limit_exceeded = check_etcd_key_size(client, tree["key"], args["size_limit_bytes"])
+ s, limit_exceeded = check_etcd_key_size(client, tree["key"], module_args["size_limit_bytes"])
return {"size_limit_exceeded": limit_exceeded}
@@ -133,7 +133,7 @@ def test_check_etcd_key_size_calculates_correct_limit(ansible_mounts, tree, size
if size_limit is None:
task_vars.pop("etcd_max_image_data_size_bytes")
- check = EtcdImageDataSize(execute_module=execute_module).run(tmp=None, task_vars=task_vars)
+ check = EtcdImageDataSize(execute_module, task_vars).run()
if should_fail:
assert check["failed"]
@@ -267,14 +267,14 @@ def test_check_etcd_key_size_calculates_correct_limit(ansible_mounts, tree, size
),
])
def test_etcd_key_size_check_calculates_correct_size(ansible_mounts, tree, root_path, expected_size, extra_words):
- def execute_module(module_name, args, tmp=None, task_vars=None):
+ def execute_module(module_name, module_args, *_):
if module_name != "etcdkeysize":
return {
"changed": False,
}
client = fake_etcd_client(tree)
- size, limit_exceeded = check_etcd_key_size(client, root_path, args["size_limit_bytes"])
+ size, limit_exceeded = check_etcd_key_size(client, root_path, module_args["size_limit_bytes"])
assert size == expected_size
return {
@@ -289,12 +289,12 @@ def test_etcd_key_size_check_calculates_correct_size(ansible_mounts, tree, root_
)
)
- check = EtcdImageDataSize(execute_module=execute_module).run(tmp=None, task_vars=task_vars)
+ check = EtcdImageDataSize(execute_module, task_vars).run()
assert not check.get("failed", False)
def test_etcdkeysize_module_failure():
- def execute_module(module_name, tmp=None, task_vars=None):
+ def execute_module(module_name, *_):
if module_name != "etcdkeysize":
return {
"changed": False,
@@ -317,7 +317,7 @@ def test_etcdkeysize_module_failure():
)
)
- check = EtcdImageDataSize(execute_module=execute_module).run(tmp=None, task_vars=task_vars)
+ check = EtcdImageDataSize(execute_module, task_vars).run()
assert check["failed"]
for word in "Failed to retrieve stats":
diff --git a/roles/openshift_health_checker/test/etcd_traffic_test.py b/roles/openshift_health_checker/test/etcd_traffic_test.py
new file mode 100644
index 000000000..f4316c423
--- /dev/null
+++ b/roles/openshift_health_checker/test/etcd_traffic_test.py
@@ -0,0 +1,74 @@
+import pytest
+
+from openshift_checks.etcd_traffic import EtcdTraffic
+
+
+@pytest.mark.parametrize('group_names,version,is_active', [
+ (['masters'], "3.5", False),
+ (['masters'], "3.6", False),
+ (['nodes'], "3.4", False),
+ (['etcd'], "3.4", True),
+ (['etcd'], "3.5", True),
+ (['etcd'], "3.1", False),
+ (['masters', 'nodes'], "3.5", False),
+ (['masters', 'etcd'], "3.5", True),
+ ([], "3.4", False),
+])
+def test_is_active(group_names, version, is_active):
+ task_vars = dict(
+ group_names=group_names,
+ openshift=dict(
+ common=dict(short_version=version),
+ ),
+ )
+ assert EtcdTraffic(task_vars=task_vars).is_active() == is_active
+
+
+@pytest.mark.parametrize('group_names,matched,failed,extra_words', [
+ (["masters"], True, True, ["Higher than normal", "traffic"]),
+ (["masters", "etcd"], False, False, []),
+ (["etcd"], False, False, []),
+])
+def test_log_matches_high_traffic_msg(group_names, matched, failed, extra_words):
+ def execute_module(module_name, *_):
+ return {
+ "matched": matched,
+ "failed": failed,
+ }
+
+ task_vars = dict(
+ group_names=group_names,
+ openshift=dict(
+ common=dict(service_type="origin", is_containerized=False),
+ )
+ )
+
+ result = EtcdTraffic(execute_module, task_vars).run()
+
+ for word in extra_words:
+ assert word in result.get("msg", "")
+
+ assert result.get("failed", False) == failed
+
+
+@pytest.mark.parametrize('is_containerized,expected_unit_value', [
+ (False, "etcd"),
+ (True, "etcd_container"),
+])
+def test_systemd_unit_matches_deployment_type(is_containerized, expected_unit_value):
+ task_vars = dict(
+ openshift=dict(
+ common=dict(is_containerized=is_containerized),
+ )
+ )
+
+ def execute_module(module_name, args, *_):
+ assert module_name == "search_journalctl"
+ matchers = args["log_matchers"]
+
+ for matcher in matchers:
+ assert matcher["unit"] == expected_unit_value
+
+ return {"failed": False}
+
+ EtcdTraffic(execute_module, task_vars).run()
diff --git a/roles/openshift_health_checker/test/etcd_volume_test.py b/roles/openshift_health_checker/test/etcd_volume_test.py
index 917045526..0b255136e 100644
--- a/roles/openshift_health_checker/test/etcd_volume_test.py
+++ b/roles/openshift_health_checker/test/etcd_volume_test.py
@@ -11,10 +11,9 @@ def test_cannot_determine_available_disk(ansible_mounts, extra_words):
task_vars = dict(
ansible_mounts=ansible_mounts,
)
- check = EtcdVolume(execute_module=fake_execute_module)
with pytest.raises(OpenShiftCheckException) as excinfo:
- check.run(tmp=None, task_vars=task_vars)
+ EtcdVolume(fake_execute_module, task_vars).run()
for word in 'Unable to find etcd storage mount point'.split() + extra_words:
assert word in str(excinfo.value)
@@ -76,8 +75,7 @@ def test_succeeds_with_recommended_disk_space(size_limit, ansible_mounts):
if task_vars["etcd_device_usage_threshold_percent"] is None:
task_vars.pop("etcd_device_usage_threshold_percent")
- check = EtcdVolume(execute_module=fake_execute_module)
- result = check.run(tmp=None, task_vars=task_vars)
+ result = EtcdVolume(fake_execute_module, task_vars).run()
assert not result.get('failed', False)
@@ -137,8 +135,7 @@ def test_fails_with_insufficient_disk_space(size_limit_percent, ansible_mounts,
if task_vars["etcd_device_usage_threshold_percent"] is None:
task_vars.pop("etcd_device_usage_threshold_percent")
- check = EtcdVolume(execute_module=fake_execute_module)
- result = check.run(tmp=None, task_vars=task_vars)
+ result = EtcdVolume(fake_execute_module, task_vars).run()
assert result['failed']
for word in extra_words:
diff --git a/roles/openshift_health_checker/test/fluentd_test.py b/roles/openshift_health_checker/test/fluentd_test.py
index d151c0b19..9cee57868 100644
--- a/roles/openshift_health_checker/test/fluentd_test.py
+++ b/roles/openshift_health_checker/test/fluentd_test.py
@@ -103,7 +103,7 @@ fluentd_node3_unlabeled = {
),
])
def test_get_fluentd_pods(pods, nodes, expect_error):
- check = canned_fluentd(lambda cmd, args, task_vars: json.dumps(dict(items=nodes)))
+ check = canned_fluentd(exec_oc=lambda cmd, args: json.dumps(dict(items=nodes)))
- error = check.check_fluentd(pods, {})
+ error = check.check_fluentd(pods)
assert_error(error, expect_error)
diff --git a/roles/openshift_health_checker/test/kibana_test.py b/roles/openshift_health_checker/test/kibana_test.py
index 19140a1b6..3a880d300 100644
--- a/roles/openshift_health_checker/test/kibana_test.py
+++ b/roles/openshift_health_checker/test/kibana_test.py
@@ -13,7 +13,7 @@ from openshift_checks.logging.kibana import Kibana
def canned_kibana(exec_oc=None):
"""Create a Kibana check object with canned exec_oc method"""
- check = Kibana("dummy") # fails if a module is actually invoked
+ check = Kibana() # fails if a module is actually invoked
if exec_oc:
check._exec_oc = exec_oc
return check
@@ -137,9 +137,9 @@ def test_check_kibana(pods, expect_error):
),
])
def test_get_kibana_url(route, expect_url, expect_error):
- check = canned_kibana(lambda cmd, args, task_vars: json.dumps(route) if route else "")
+ check = canned_kibana(exec_oc=lambda cmd, args: json.dumps(route) if route else "")
- url, error = check._get_kibana_url({})
+ url, error = check._get_kibana_url()
if expect_url:
assert url == expect_url
else:
@@ -169,10 +169,10 @@ def test_get_kibana_url(route, expect_url, expect_error):
),
])
def test_verify_url_internal_failure(exec_result, expect):
- check = Kibana(execute_module=lambda module_name, args, task_vars: dict(failed=True, msg=exec_result))
- check._get_kibana_url = lambda task_vars: ('url', None)
+ check = Kibana(execute_module=lambda *_: dict(failed=True, msg=exec_result))
+ check._get_kibana_url = lambda: ('url', None)
- error = check._check_kibana_route({})
+ error = check._check_kibana_route()
assert_error(error, expect)
@@ -211,8 +211,8 @@ def test_verify_url_external_failure(lib_result, expect, monkeypatch):
monkeypatch.setattr(urllib2, 'urlopen', urlopen)
check = canned_kibana()
- check._get_kibana_url = lambda task_vars: ('url', None)
- check._verify_url_internal = lambda url, task_vars: None
+ check._get_kibana_url = lambda: ('url', None)
+ check._verify_url_internal = lambda url: None
- error = check._check_kibana_route({})
+ error = check._check_kibana_route()
assert_error(error, expect)
diff --git a/roles/openshift_health_checker/test/logging_check_test.py b/roles/openshift_health_checker/test/logging_check_test.py
index b6db34fe3..6f1697ee6 100644
--- a/roles/openshift_health_checker/test/logging_check_test.py
+++ b/roles/openshift_health_checker/test/logging_check_test.py
@@ -11,7 +11,7 @@ logging_namespace = "logging"
def canned_loggingcheck(exec_oc=None):
"""Create a LoggingCheck object with canned exec_oc method"""
- check = LoggingCheck("dummy") # fails if a module is actually invoked
+ check = LoggingCheck() # fails if a module is actually invoked
check.logging_namespace = 'logging'
if exec_oc:
check.exec_oc = exec_oc
@@ -50,6 +50,16 @@ plain_kibana_pod = {
}
}
+plain_kibana_pod_no_containerstatus = {
+ "metadata": {
+ "labels": {"component": "kibana", "deploymentconfig": "logging-kibana"},
+ "name": "logging-kibana-1",
+ },
+ "status": {
+ "conditions": [{"status": "True", "type": "Ready"}],
+ }
+}
+
fluentd_pod_node1 = {
"metadata": {
"labels": {"component": "fluentd", "deploymentconfig": "logging-fluentd"},
@@ -80,15 +90,15 @@ plain_curator_pod = {
("Permission denied", "Unexpected error using `oc`"),
])
def test_oc_failure(problem, expect):
- def execute_module(module_name, args, task_vars):
+ def execute_module(module_name, *_):
if module_name == "ocutil":
return dict(failed=True, result=problem)
return dict(changed=False)
- check = LoggingCheck({})
+ check = LoggingCheck(execute_module, task_vars_config_base)
with pytest.raises(OpenShiftCheckException) as excinfo:
- check.exec_oc(execute_module, logging_namespace, 'get foo', [], task_vars=task_vars_config_base)
+ check.exec_oc(logging_namespace, 'get foo', [])
assert expect in str(excinfo)
@@ -111,14 +121,14 @@ def test_is_active(groups, logging_deployed, is_active):
openshift_hosted_logging_deploy=logging_deployed,
)
- assert LoggingCheck.is_active(task_vars=task_vars) == is_active
+ assert LoggingCheck(None, task_vars).is_active() == is_active
@pytest.mark.parametrize('pod_output, expect_pods, expect_error', [
(
'No resources found.',
None,
- 'There are no pods in the logging namespace',
+ 'No pods were found for the "es"',
),
(
json.dumps({'items': [plain_kibana_pod, plain_es_pod, plain_curator_pod, fluentd_pod_node1]}),
@@ -127,11 +137,29 @@ def test_is_active(groups, logging_deployed, is_active):
),
])
def test_get_pods_for_component(pod_output, expect_pods, expect_error):
- check = canned_loggingcheck(lambda exec_module, namespace, cmd, args, task_vars: pod_output)
+ check = canned_loggingcheck(lambda namespace, cmd, args: pod_output)
pods, error = check.get_pods_for_component(
- lambda name, args, task_vars: {},
logging_namespace,
"es",
- {}
)
assert_error(error, expect_error)
+
+
+@pytest.mark.parametrize('name, pods, expected_pods', [
+ (
+ 'test single pod found, scheduled, but no containerStatuses field',
+ [plain_kibana_pod_no_containerstatus],
+ [plain_kibana_pod_no_containerstatus],
+ ),
+ (
+ 'set of pods has at least one pod with containerStatuses (scheduled); should still fail',
+ [plain_kibana_pod_no_containerstatus, plain_kibana_pod],
+ [plain_kibana_pod_no_containerstatus],
+ ),
+
+], ids=lambda argvals: argvals[0])
+def test_get_not_running_pods_no_container_status(name, pods, expected_pods):
+ check = canned_loggingcheck(lambda exec_module, namespace, cmd, args, task_vars: '')
+ result = check.not_running_pods(pods)
+
+ assert result == expected_pods
diff --git a/roles/openshift_health_checker/test/logging_index_time_test.py b/roles/openshift_health_checker/test/logging_index_time_test.py
new file mode 100644
index 000000000..178d7cd84
--- /dev/null
+++ b/roles/openshift_health_checker/test/logging_index_time_test.py
@@ -0,0 +1,170 @@
+import json
+
+import pytest
+
+from openshift_checks.logging.logging_index_time import LoggingIndexTime, OpenShiftCheckException
+
+
+SAMPLE_UUID = "unique-test-uuid"
+
+
+def canned_loggingindextime(exec_oc=None):
+ """Create a check object with a canned exec_oc method"""
+ check = LoggingIndexTime() # fails if a module is actually invoked
+ if exec_oc:
+ check.exec_oc = exec_oc
+ return check
+
+
+plain_running_elasticsearch_pod = {
+ "metadata": {
+ "labels": {"component": "es", "deploymentconfig": "logging-es-data-master"},
+ "name": "logging-es-data-master-1",
+ },
+ "status": {
+ "containerStatuses": [{"ready": True}, {"ready": True}],
+ "phase": "Running",
+ }
+}
+plain_running_kibana_pod = {
+ "metadata": {
+ "labels": {"component": "kibana", "deploymentconfig": "logging-kibana"},
+ "name": "logging-kibana-1",
+ },
+ "status": {
+ "containerStatuses": [{"ready": True}, {"ready": True}],
+ "phase": "Running",
+ }
+}
+not_running_kibana_pod = {
+ "metadata": {
+ "labels": {"component": "kibana", "deploymentconfig": "logging-kibana"},
+ "name": "logging-kibana-2",
+ },
+ "status": {
+ "containerStatuses": [{"ready": True}, {"ready": False}],
+ "conditions": [{"status": "True", "type": "Ready"}],
+ "phase": "pending",
+ }
+}
+
+
+@pytest.mark.parametrize('pods, expect_pods', [
+ (
+ [not_running_kibana_pod],
+ [],
+ ),
+ (
+ [plain_running_kibana_pod],
+ [plain_running_kibana_pod],
+ ),
+ (
+ [],
+ [],
+ )
+])
+def test_check_running_pods(pods, expect_pods):
+ check = canned_loggingindextime()
+ pods = check.running_pods(pods)
+ assert pods == expect_pods
+
+
+@pytest.mark.parametrize('name, json_response, uuid, timeout, extra_words', [
+ (
+ 'valid count in response',
+ {
+ "count": 1,
+ },
+ SAMPLE_UUID,
+ 0.001,
+ [],
+ ),
+], ids=lambda argval: argval[0])
+def test_wait_until_cmd_or_err_succeeds(name, json_response, uuid, timeout, extra_words):
+ check = canned_loggingindextime(lambda *_: json.dumps(json_response))
+ check.wait_until_cmd_or_err(plain_running_elasticsearch_pod, uuid, timeout)
+
+
+@pytest.mark.parametrize('name, json_response, uuid, timeout, extra_words', [
+ (
+ 'invalid json response',
+ {
+ "invalid_field": 1,
+ },
+ SAMPLE_UUID,
+ 0.001,
+ ["invalid response", "Elasticsearch"],
+ ),
+ (
+ 'empty response',
+ {},
+ SAMPLE_UUID,
+ 0.001,
+ ["invalid response", "Elasticsearch"],
+ ),
+ (
+ 'valid response but invalid match count',
+ {
+ "count": 0,
+ },
+ SAMPLE_UUID,
+ 0.005,
+ ["expecting match", SAMPLE_UUID, "0.005s"],
+ )
+], ids=lambda argval: argval[0])
+def test_wait_until_cmd_or_err(name, json_response, uuid, timeout, extra_words):
+ check = canned_loggingindextime(lambda *_: json.dumps(json_response))
+ with pytest.raises(OpenShiftCheckException) as error:
+ check.wait_until_cmd_or_err(plain_running_elasticsearch_pod, uuid, timeout)
+
+ for word in extra_words:
+ assert word in str(error)
+
+
+@pytest.mark.parametrize('name, json_response, uuid, extra_words', [
+ (
+ 'correct response code, found unique id is returned',
+ {
+ "statusCode": 404,
+ },
+ "sample unique id",
+ ["sample unique id"],
+ ),
+], ids=lambda argval: argval[0])
+def test_curl_kibana_with_uuid(name, json_response, uuid, extra_words):
+ check = canned_loggingindextime(lambda *_: json.dumps(json_response))
+ check.generate_uuid = lambda: uuid
+
+ result = check.curl_kibana_with_uuid(plain_running_kibana_pod)
+
+ for word in extra_words:
+ assert word in result
+
+
+@pytest.mark.parametrize('name, json_response, uuid, extra_words', [
+ (
+ 'invalid json response',
+ {
+ "invalid_field": "invalid",
+ },
+ SAMPLE_UUID,
+ ["invalid response returned", 'Missing "statusCode" key'],
+ ),
+ (
+ 'wrong error code in response',
+ {
+ "statusCode": 500,
+ },
+ SAMPLE_UUID,
+ ["Expecting error code", "500"],
+ ),
+], ids=lambda argval: argval[0])
+def test_failed_curl_kibana_with_uuid(name, json_response, uuid, extra_words):
+ check = canned_loggingindextime(lambda *_: json.dumps(json_response))
+ check.generate_uuid = lambda: uuid
+
+ with pytest.raises(OpenShiftCheckException) as error:
+ check.curl_kibana_with_uuid(plain_running_kibana_pod)
+
+ for word in extra_words:
+ assert word in str(error)
diff --git a/roles/openshift_health_checker/test/memory_availability_test.py b/roles/openshift_health_checker/test/memory_availability_test.py
index 4fbaea0a9..aee2f0416 100644
--- a/roles/openshift_health_checker/test/memory_availability_test.py
+++ b/roles/openshift_health_checker/test/memory_availability_test.py
@@ -17,7 +17,7 @@ def test_is_active(group_names, is_active):
task_vars = dict(
group_names=group_names,
)
- assert MemoryAvailability.is_active(task_vars=task_vars) == is_active
+ assert MemoryAvailability(None, task_vars).is_active() == is_active
@pytest.mark.parametrize('group_names,configured_min,ansible_memtotal_mb', [
@@ -59,8 +59,7 @@ def test_succeeds_with_recommended_memory(group_names, configured_min, ansible_m
ansible_memtotal_mb=ansible_memtotal_mb,
)
- check = MemoryAvailability(execute_module=fake_execute_module)
- result = check.run(tmp=None, task_vars=task_vars)
+ result = MemoryAvailability(fake_execute_module, task_vars).run()
assert not result.get('failed', False)
@@ -117,8 +116,7 @@ def test_fails_with_insufficient_memory(group_names, configured_min, ansible_mem
ansible_memtotal_mb=ansible_memtotal_mb,
)
- check = MemoryAvailability(execute_module=fake_execute_module)
- result = check.run(tmp=None, task_vars=task_vars)
+ result = MemoryAvailability(fake_execute_module, task_vars).run()
assert result.get('failed', False)
for word in 'below recommended'.split() + extra_words:
diff --git a/roles/openshift_health_checker/test/mixins_test.py b/roles/openshift_health_checker/test/mixins_test.py
index 2d83e207d..b1a41ca3c 100644
--- a/roles/openshift_health_checker/test/mixins_test.py
+++ b/roles/openshift_health_checker/test/mixins_test.py
@@ -14,10 +14,10 @@ class NotContainerizedCheck(NotContainerizedMixin, OpenShiftCheck):
(dict(openshift=dict(common=dict(is_containerized=True))), False),
])
def test_is_active(task_vars, expected):
- assert NotContainerizedCheck.is_active(task_vars) == expected
+ assert NotContainerizedCheck(None, task_vars).is_active() == expected
def test_is_active_missing_task_vars():
with pytest.raises(OpenShiftCheckException) as excinfo:
- NotContainerizedCheck.is_active(task_vars={})
+ NotContainerizedCheck().is_active()
assert 'is_containerized' in str(excinfo.value)
diff --git a/roles/openshift_health_checker/test/openshift_check_test.py b/roles/openshift_health_checker/test/openshift_check_test.py
index e3153979c..43aa875f4 100644
--- a/roles/openshift_health_checker/test/openshift_check_test.py
+++ b/roles/openshift_health_checker/test/openshift_check_test.py
@@ -1,7 +1,7 @@
import pytest
from openshift_checks import OpenShiftCheck, OpenShiftCheckException
-from openshift_checks import load_checks, get_var
+from openshift_checks import load_checks
# Fixtures
@@ -28,34 +28,23 @@ def test_OpenShiftCheck_init():
name = "test_check"
run = NotImplemented
- # initialization requires at least one argument (apart from self)
- with pytest.raises(TypeError) as excinfo:
- TestCheck()
+ # execute_module required at init if it will be used
+ with pytest.raises(RuntimeError) as excinfo:
+ TestCheck().execute_module("foo")
assert 'execute_module' in str(excinfo.value)
- assert 'module_executor' in str(excinfo.value)
execute_module = object()
# initialize with positional argument
check = TestCheck(execute_module)
- # new recommended name
- assert check.execute_module == execute_module
- # deprecated attribute name
- assert check.module_executor == execute_module
+ assert check._execute_module == execute_module
- # initialize with keyword argument, recommended name
+ # initialize with keyword argument
check = TestCheck(execute_module=execute_module)
- # new recommended name
- assert check.execute_module == execute_module
- # deprecated attribute name
- assert check.module_executor == execute_module
+ assert check._execute_module == execute_module
- # initialize with keyword argument, deprecated name
- check = TestCheck(module_executor=execute_module)
- # new recommended name
- assert check.execute_module == execute_module
- # deprecated attribute name
- assert check.module_executor == execute_module
+ assert check.task_vars == {}
+ assert check.tmp is None
def test_subclasses():
@@ -81,19 +70,27 @@ def test_load_checks():
assert modules
+def dummy_check(task_vars):
+ class TestCheck(OpenShiftCheck):
+ name = "dummy"
+ run = NotImplemented
+
+ return TestCheck(task_vars=task_vars)
+
+
@pytest.mark.parametrize("keys,expected", [
(("foo",), 42),
(("bar", "baz"), "openshift"),
])
def test_get_var_ok(task_vars, keys, expected):
- assert get_var(task_vars, *keys) == expected
+ assert dummy_check(task_vars).get_var(*keys) == expected
def test_get_var_error(task_vars, missing_keys):
with pytest.raises(OpenShiftCheckException):
- get_var(task_vars, *missing_keys)
+ dummy_check(task_vars).get_var(*missing_keys)
def test_get_var_default(task_vars, missing_keys):
default = object()
- assert get_var(task_vars, *missing_keys, default=default) == default
+ assert dummy_check(task_vars).get_var(*missing_keys, default=default) == default
diff --git a/roles/openshift_health_checker/test/ovs_version_test.py b/roles/openshift_health_checker/test/ovs_version_test.py
index 6494e1c06..b6acef5a6 100644
--- a/roles/openshift_health_checker/test/ovs_version_test.py
+++ b/roles/openshift_health_checker/test/ovs_version_test.py
@@ -4,7 +4,7 @@ from openshift_checks.ovs_version import OvsVersion, OpenShiftCheckException
def test_openshift_version_not_supported():
- def execute_module(module_name=None, module_args=None, tmp=None, task_vars=None):
+ def execute_module(*_):
return {}
openshift_release = '111.7.0'
@@ -16,15 +16,14 @@ def test_openshift_version_not_supported():
openshift_deployment_type='origin',
)
- check = OvsVersion(execute_module=execute_module)
with pytest.raises(OpenShiftCheckException) as excinfo:
- check.run(tmp=None, task_vars=task_vars)
+ OvsVersion(execute_module, task_vars).run()
assert "no recommended version of Open vSwitch" in str(excinfo.value)
def test_invalid_openshift_release_format():
- def execute_module(module_name=None, module_args=None, tmp=None, task_vars=None):
+ def execute_module(*_):
return {}
task_vars = dict(
@@ -33,9 +32,8 @@ def test_invalid_openshift_release_format():
openshift_deployment_type='origin',
)
- check = OvsVersion(execute_module=execute_module)
with pytest.raises(OpenShiftCheckException) as excinfo:
- check.run(tmp=None, task_vars=task_vars)
+ OvsVersion(execute_module, task_vars).run()
assert "invalid version" in str(excinfo.value)
@@ -54,7 +52,7 @@ def test_ovs_package_version(openshift_release, expected_ovs_version):
)
return_value = object()
- def execute_module(module_name=None, module_args=None, tmp=None, task_vars=None):
+ def execute_module(module_name=None, module_args=None, *_):
assert module_name == 'rpm_version'
assert "package_list" in module_args
@@ -64,8 +62,7 @@ def test_ovs_package_version(openshift_release, expected_ovs_version):
return return_value
- check = OvsVersion(execute_module=execute_module)
- result = check.run(tmp=None, task_vars=task_vars)
+ result = OvsVersion(execute_module, task_vars).run()
assert result is return_value
@@ -86,4 +83,4 @@ def test_ovs_version_skip_when_not_master_nor_node(group_names, is_containerized
group_names=group_names,
openshift=dict(common=dict(is_containerized=is_containerized)),
)
- assert OvsVersion.is_active(task_vars=task_vars) == is_active
+ assert OvsVersion(None, task_vars).is_active() == is_active
diff --git a/roles/openshift_health_checker/test/package_availability_test.py b/roles/openshift_health_checker/test/package_availability_test.py
index f7e916a46..1fe648b75 100644
--- a/roles/openshift_health_checker/test/package_availability_test.py
+++ b/roles/openshift_health_checker/test/package_availability_test.py
@@ -14,7 +14,7 @@ def test_is_active(pkg_mgr, is_containerized, is_active):
ansible_pkg_mgr=pkg_mgr,
openshift=dict(common=dict(is_containerized=is_containerized)),
)
- assert PackageAvailability.is_active(task_vars=task_vars) == is_active
+ assert PackageAvailability(None, task_vars).is_active() == is_active
@pytest.mark.parametrize('task_vars,must_have_packages,must_not_have_packages', [
@@ -51,13 +51,12 @@ def test_is_active(pkg_mgr, is_containerized, is_active):
def test_package_availability(task_vars, must_have_packages, must_not_have_packages):
return_value = object()
- def execute_module(module_name=None, module_args=None, tmp=None, task_vars=None):
+ def execute_module(module_name=None, module_args=None, *_):
assert module_name == 'check_yum_update'
assert 'packages' in module_args
assert set(module_args['packages']).issuperset(must_have_packages)
assert not set(module_args['packages']).intersection(must_not_have_packages)
return return_value
- check = PackageAvailability(execute_module=execute_module)
- result = check.run(tmp=None, task_vars=task_vars)
+ result = PackageAvailability(execute_module, task_vars).run()
assert result is return_value
diff --git a/roles/openshift_health_checker/test/package_update_test.py b/roles/openshift_health_checker/test/package_update_test.py
index 5e000cff5..06489b0d7 100644
--- a/roles/openshift_health_checker/test/package_update_test.py
+++ b/roles/openshift_health_checker/test/package_update_test.py
@@ -4,13 +4,12 @@ from openshift_checks.package_update import PackageUpdate
def test_package_update():
return_value = object()
- def execute_module(module_name=None, module_args=None, tmp=None, task_vars=None):
+ def execute_module(module_name=None, module_args=None, *_):
assert module_name == 'check_yum_update'
assert 'packages' in module_args
# empty list of packages means "generic check if 'yum update' will work"
assert module_args['packages'] == []
return return_value
- check = PackageUpdate(execute_module=execute_module)
- result = check.run(tmp=None, task_vars=None)
+ result = PackageUpdate(execute_module).run()
assert result is return_value
diff --git a/roles/openshift_health_checker/test/package_version_test.py b/roles/openshift_health_checker/test/package_version_test.py
index 91eace512..1ddb9cecb 100644
--- a/roles/openshift_health_checker/test/package_version_test.py
+++ b/roles/openshift_health_checker/test/package_version_test.py
@@ -8,7 +8,7 @@ from openshift_checks.package_version import PackageVersion, OpenShiftCheckExcep
('0.0.0', ["no recommended version of Docker"]),
])
def test_openshift_version_not_supported(openshift_release, extra_words):
- def execute_module(module_name=None, module_args=None, tmp=None, task_vars=None):
+ def execute_module(*_):
return {}
task_vars = dict(
@@ -18,16 +18,16 @@ def test_openshift_version_not_supported(openshift_release, extra_words):
openshift_deployment_type='origin',
)
- check = PackageVersion(execute_module=execute_module)
+ check = PackageVersion(execute_module, task_vars)
with pytest.raises(OpenShiftCheckException) as excinfo:
- check.run(tmp=None, task_vars=task_vars)
+ check.run()
for word in extra_words:
assert word in str(excinfo.value)
def test_invalid_openshift_release_format():
- def execute_module(module_name=None, module_args=None, tmp=None, task_vars=None):
+ def execute_module(*_):
return {}
task_vars = dict(
@@ -36,9 +36,9 @@ def test_invalid_openshift_release_format():
openshift_deployment_type='origin',
)
- check = PackageVersion(execute_module=execute_module)
+ check = PackageVersion(execute_module, task_vars)
with pytest.raises(OpenShiftCheckException) as excinfo:
- check.run(tmp=None, task_vars=task_vars)
+ check.run()
assert "invalid version" in str(excinfo.value)
@@ -57,7 +57,7 @@ def test_package_version(openshift_release):
)
return_value = object()
- def execute_module(module_name=None, module_args=None, tmp=None, task_vars=None):
+ def execute_module(module_name=None, module_args=None, tmp=None, task_vars=None, *_):
assert module_name == 'aos_version'
assert "package_list" in module_args
@@ -67,38 +67,8 @@ def test_package_version(openshift_release):
return return_value
- check = PackageVersion(execute_module=execute_module)
- result = check.run(tmp=None, task_vars=task_vars)
- assert result is return_value
-
-
-@pytest.mark.parametrize('deployment_type,openshift_release,expected_ovs_version', [
- ("openshift-enterprise", "3.5", "2.6"),
- ("origin", "3.6", "2.6"),
- ("openshift-enterprise", "3.4", "2.4"),
- ("origin", "3.3", "2.4"),
-])
-def test_ovs_package_version(deployment_type, openshift_release, expected_ovs_version):
- task_vars = dict(
- openshift=dict(common=dict(service_type='origin')),
- openshift_release=openshift_release,
- openshift_image_tag='v' + openshift_release,
- openshift_deployment_type=deployment_type,
- )
- return_value = object()
-
- def execute_module(module_name=None, module_args=None, tmp=None, task_vars=None):
- assert module_name == 'aos_version'
- assert "package_list" in module_args
-
- for pkg in module_args["package_list"]:
- if pkg["name"] == "openvswitch":
- assert pkg["version"] == expected_ovs_version
-
- return return_value
-
- check = PackageVersion(execute_module=execute_module)
- result = check.run(tmp=None, task_vars=task_vars)
+ check = PackageVersion(execute_module, task_vars)
+ result = check.run()
assert result is return_value
@@ -119,7 +89,7 @@ def test_docker_package_version(deployment_type, openshift_release, expected_doc
)
return_value = object()
- def execute_module(module_name=None, module_args=None, tmp=None, task_vars=None):
+ def execute_module(module_name=None, module_args=None, *_):
assert module_name == 'aos_version'
assert "package_list" in module_args
@@ -129,8 +99,8 @@ def test_docker_package_version(deployment_type, openshift_release, expected_doc
return return_value
- check = PackageVersion(execute_module=execute_module)
- result = check.run(tmp=None, task_vars=task_vars)
+ check = PackageVersion(execute_module, task_vars)
+ result = check.run()
assert result is return_value
@@ -151,4 +121,4 @@ def test_package_version_skip_when_not_master_nor_node(group_names, is_container
group_names=group_names,
openshift=dict(common=dict(is_containerized=is_containerized)),
)
- assert PackageVersion.is_active(task_vars=task_vars) == is_active
+ assert PackageVersion(None, task_vars).is_active() == is_active
diff --git a/roles/openshift_health_checker/test/search_journalctl_test.py b/roles/openshift_health_checker/test/search_journalctl_test.py
new file mode 100644
index 000000000..724928aa1
--- /dev/null
+++ b/roles/openshift_health_checker/test/search_journalctl_test.py
@@ -0,0 +1,157 @@
+import pytest
+import search_journalctl
+
+
+def canned_search_journalctl(get_log_output=None):
+ """Create a search_journalctl object with canned get_log_output method"""
+ module = search_journalctl
+ if get_log_output:
+ module.get_log_output = get_log_output
+ return module
+
+
+DEFAULT_TIMESTAMP = 1496341364
+
+
+def get_timestamp(modifier=0):
+ return DEFAULT_TIMESTAMP + modifier
+
+
+def get_timestamp_microseconds(modifier=0):
+ return get_timestamp(modifier) * 1000000
+
+
+def create_test_log_object(stamp, msg):
+ return '{{"__REALTIME_TIMESTAMP": "{}", "MESSAGE": "{}"}}'.format(stamp, msg)
+
+
+@pytest.mark.parametrize('name,matchers,log_input,expected_matches,expected_errors', [
+ (
+ 'test with valid params',
+ [
+ {
+ "start_regexp": r"Sample Logs Beginning",
+ "regexp": r"test log message",
+ "unit": "test",
+ },
+ ],
+ [
+ create_test_log_object(get_timestamp_microseconds(), "test log message"),
+ create_test_log_object(get_timestamp_microseconds(), "Sample Logs Beginning"),
+ ],
+ ["test log message"],
+ [],
+ ),
+ (
+ 'test with invalid json in log input',
+ [
+ {
+ "start_regexp": r"Sample Logs Beginning",
+ "regexp": r"test log message",
+ "unit": "test-unit",
+ },
+ ],
+ [
+ '{__REALTIME_TIMESTAMP: ' + str(get_timestamp_microseconds()) + ', "MESSAGE": "test log message"}',
+ ],
+ [],
+ [
+ ["invalid json", "test-unit", "test log message"],
+ ],
+ ),
+ (
+ 'test with invalid regexp',
+ [
+ {
+ "start_regexp": r"Sample Logs Beginning",
+ "regexp": r"test [ log message",
+ "unit": "test",
+ },
+ ],
+ [
+ create_test_log_object(get_timestamp_microseconds(), "test log message"),
+ create_test_log_object(get_timestamp_microseconds(), "sample log message"),
+ create_test_log_object(get_timestamp_microseconds(), "fake log message"),
+ create_test_log_object(get_timestamp_microseconds(), "dummy log message"),
+ create_test_log_object(get_timestamp_microseconds(), "Sample Logs Beginning"),
+ ],
+ [],
+ [
+ ["invalid regular expression"],
+ ],
+ ),
+], ids=lambda argval: argval[0])
+def test_get_log_matches(name, matchers, log_input, expected_matches, expected_errors):
+ def get_log_output(matcher):
+ return log_input
+
+ module = canned_search_journalctl(get_log_output)
+ matched_regexp, errors = module.get_log_matches(matchers, 500, 60 * 60)
+
+ assert set(matched_regexp) == set(expected_matches)
+ assert len(expected_errors) == len(errors)
+
+ for idx, partial_err_set in enumerate(expected_errors):
+ for partial_err_msg in partial_err_set:
+ assert partial_err_msg in errors[idx]
+
+
+@pytest.mark.parametrize('name,matcher,log_count_lim,stamp_lim_seconds,log_input,expected_match', [
+ (
+ 'test with matching log message, but out of bounds of log_count_lim',
+ {
+ "start_regexp": r"Sample Logs Beginning",
+ "regexp": r"dummy log message",
+ "unit": "test",
+ },
+ 3,
+ get_timestamp(-100 * 60 * 60),
+ [
+ create_test_log_object(get_timestamp_microseconds(), "test log message"),
+ create_test_log_object(get_timestamp_microseconds(), "sample log message"),
+ create_test_log_object(get_timestamp_microseconds(), "fake log message"),
+ create_test_log_object(get_timestamp_microseconds(), "dummy log message"),
+ create_test_log_object(get_timestamp_microseconds(), "Sample Logs Beginning"),
+ ],
+ None,
+ ),
+ (
+ 'test with matching log message, but with timestamp too old',
+ {
+ "start_regexp": r"Sample Logs Beginning",
+ "regexp": r"dummy log message",
+ "unit": "test",
+ },
+ 100,
+ get_timestamp(-10),
+ [
+ create_test_log_object(get_timestamp_microseconds(), "test log message"),
+ create_test_log_object(get_timestamp_microseconds(), "sample log message"),
+ create_test_log_object(get_timestamp_microseconds(), "fake log message"),
+ create_test_log_object(get_timestamp_microseconds(-1000), "dummy log message"),
+ create_test_log_object(get_timestamp_microseconds(-1000), "Sample Logs Beginning"),
+ ],
+ None,
+ ),
+ (
+ 'test with matching log message, and timestamp within time limit',
+ {
+ "start_regexp": r"Sample Logs Beginning",
+ "regexp": r"dummy log message",
+ "unit": "test",
+ },
+ 100,
+ get_timestamp(-1010),
+ [
+ create_test_log_object(get_timestamp_microseconds(), "test log message"),
+ create_test_log_object(get_timestamp_microseconds(), "sample log message"),
+ create_test_log_object(get_timestamp_microseconds(), "fake log message"),
+ create_test_log_object(get_timestamp_microseconds(-1000), "dummy log message"),
+ create_test_log_object(get_timestamp_microseconds(-1000), "Sample Logs Beginning"),
+ ],
+ create_test_log_object(get_timestamp_microseconds(-1000), "dummy log message"),
+ ),
+], ids=lambda argval: argval[0])
+def test_find_matches_skips_logs(name, matcher, log_count_lim, stamp_lim_seconds, log_input, expected_match):
+ match = search_journalctl.find_matches(log_input, matcher, log_count_lim, stamp_lim_seconds)
+ assert match == expected_match
diff --git a/roles/openshift_hosted/defaults/main.yml b/roles/openshift_hosted/defaults/main.yml
index 089054e2f..0391e5602 100644
--- a/roles/openshift_hosted/defaults/main.yml
+++ b/roles/openshift_hosted/defaults/main.yml
@@ -29,7 +29,7 @@ openshift_hosted_routers:
openshift_hosted_router_certificate: {}
openshift_hosted_registry_cert_expire_days: 730
-openshift_hosted_router_create_certificate: False
+openshift_hosted_router_create_certificate: True
os_firewall_allow:
- service: Docker Registry Port
diff --git a/roles/openshift_hosted/tasks/registry/registry.yml b/roles/openshift_hosted/tasks/registry/registry.yml
index d895e9a68..b946ec8ca 100644
--- a/roles/openshift_hosted/tasks/registry/registry.yml
+++ b/roles/openshift_hosted/tasks/registry/registry.yml
@@ -56,6 +56,11 @@
openshift_hosted_registry_force:
- False
+- name: Update registry environment variables when pushing via dns
+ set_fact:
+ openshift_hosted_registry_env_vars: "{{ openshift_hosted_registry_env_vars | combine({'OPENSHIFT_DEFAULT_REGISTRY':'docker-registry.default.svc:5000'}) }}"
+ when: openshift_push_via_dns | default(false) | bool
+
- name: Create the registry service account
oc_serviceaccount:
name: "{{ openshift_hosted_registry_serviceaccount }}"
@@ -135,7 +140,7 @@
- name: Determine the latest version of the OpenShift registry deployment
command: |
- oc get deploymentconfig {{ openshift_hosted_registry_name }} \
+ {{ openshift.common.client_binary }} get deploymentconfig {{ openshift_hosted_registry_name }} \
--namespace {{ openshift_hosted_registry_namespace }} \
--config {{ openshift.common.config_base }}/master/admin.kubeconfig \
-o jsonpath='{ .status.latestVersion }'
@@ -143,7 +148,7 @@
- name: Sanity-check that the OpenShift registry rolled out correctly
command: |
- oc get replicationcontroller {{ openshift_hosted_registry_name }}-{{ openshift_hosted_registry_latest_version.stdout }} \
+ {{ openshift.common.client_binary }} get replicationcontroller {{ openshift_hosted_registry_name }}-{{ openshift_hosted_registry_latest_version.stdout }} \
--namespace {{ openshift_hosted_registry_namespace }} \
--config {{ openshift.common.config_base }}/master/admin.kubeconfig \
-o jsonpath='{ .metadata.annotations.openshift\.io/deployment\.phase }'
diff --git a/roles/openshift_hosted/tasks/registry/storage/glusterfs.yml b/roles/openshift_hosted/tasks/registry/storage/glusterfs.yml
index e6bb196b8..c2954fde1 100644
--- a/roles/openshift_hosted/tasks/registry/storage/glusterfs.yml
+++ b/roles/openshift_hosted/tasks/registry/storage/glusterfs.yml
@@ -35,7 +35,7 @@
mount:
state: mounted
fstype: glusterfs
- src: "{{ groups.oo_glusterfs_to_config[0] }}:/{{ openshift.hosted.registry.storage.glusterfs.path }}"
+ src: "{% if 'glusterfs_registry' in groups %}{% set node = groups.glusterfs_registry[0] %}{% else %}{% set node = groups.glusterfs[0] %}{% endif %}{% if 'glusterfs_hostname' in hostvars[node] %}{{ hostvars[node].glusterfs_hostname }}{% elif 'openshift' in hostvars[node] %}{{ hostvars[node].openshift.node.nodename }}{% else %}{{ node }}{% endif %}:/{{ openshift.hosted.registry.storage.glusterfs.path }}"
name: "{{ mktemp.stdout }}"
- name: Set registry volume permissions
diff --git a/roles/openshift_hosted/tasks/router/router.yml b/roles/openshift_hosted/tasks/router/router.yml
index 160ae2f5e..dd485a64a 100644
--- a/roles/openshift_hosted/tasks/router/router.yml
+++ b/roles/openshift_hosted/tasks/router/router.yml
@@ -23,8 +23,8 @@
signer_key: "{{ openshift_master_config_dir }}/ca.key"
signer_serial: "{{ openshift_master_config_dir }}/ca.serial.txt"
hostnames:
- - "{{ openshift_master_default_subdomain }}"
- - "*.{{ openshift_master_default_subdomain }}"
+ - "{{ openshift_master_default_subdomain | default('router.default.svc.cluster.local') }}"
+ - "*.{{ openshift_master_default_subdomain | default('router.default.svc.cluster.local') }}"
cert: "{{ ('/etc/origin/master/' ~ (item.certificate.certfile | basename)) if 'certfile' in item.certificate else ((openshift_master_config_dir) ~ '/openshift-router.crt') }}"
key: "{{ ('/etc/origin/master/' ~ (item.certificate.keyfile | basename)) if 'keyfile' in item.certificate else ((openshift_master_config_dir) ~ '/openshift-router.key') }}"
with_items: "{{ openshift_hosted_routers }}"
@@ -37,7 +37,7 @@
cafile: "{{ openshift_master_config_dir ~ '/ca.crt' }}"
# End Block
- when: openshift_hosted_router_create_certificate | bool
+ when: ( openshift_hosted_router_create_certificate | bool ) and openshift_hosted_router_certificate == {}
- name: Get the certificate contents for router
copy:
@@ -92,7 +92,7 @@
- name: Ensure OpenShift router correctly rolls out (best-effort today)
command: |
- oc rollout status deploymentconfig {{ item.name }} \
+ {{ openshift.common.client_binary }} rollout status deploymentconfig {{ item.name }} \
--namespace {{ item.namespace | default('default') }} \
--config {{ openshift.common.config_base }}/master/admin.kubeconfig
async: 600
@@ -102,7 +102,7 @@
- name: Determine the latest version of the OpenShift router deployment
command: |
- oc get deploymentconfig {{ item.name }} \
+ {{ openshift.common.client_binary }} get deploymentconfig {{ item.name }} \
--namespace {{ item.namespace }} \
--config {{ openshift.common.config_base }}/master/admin.kubeconfig \
-o jsonpath='{ .status.latestVersion }'
@@ -111,7 +111,7 @@
- name: Poll for OpenShift router deployment success
command: |
- oc get replicationcontroller {{ item.0.name }}-{{ item.1.stdout }} \
+ {{ openshift.common.client_binary }} get replicationcontroller {{ item.0.name }}-{{ item.1.stdout }} \
--namespace {{ item.0.namespace }} \
--config {{ openshift.common.config_base }}/master/admin.kubeconfig \
-o jsonpath='{ .metadata.annotations.openshift\.io/deployment\.phase }'
diff --git a/roles/openshift_hosted/templates/registry_config.j2 b/roles/openshift_hosted/templates/registry_config.j2
index dc8a9f089..fc9272679 100644
--- a/roles/openshift_hosted/templates/registry_config.j2
+++ b/roles/openshift_hosted/templates/registry_config.j2
@@ -21,7 +21,10 @@ storage:
regionendpoint: {{ openshift_hosted_registry_storage_s3_regionendpoint }}
{% endif %}
bucket: {{ openshift_hosted_registry_storage_s3_bucket }}
- encrypt: false
+ encrypt: {{ openshift_hosted_registry_storage_s3_encrypt | default(false) }}
+{% if openshift_hosted_registry_storage_s3_kmskeyid is defined %}
+ keyid: {{ openshift_hosted_registry_storage_s3_kmskeyid }}
+{% endif %}
secure: true
v4auth: true
rootdirectory: {{ openshift_hosted_registry_storage_s3_rootdirectory | default('/registry') }}
diff --git a/roles/openshift_hosted_logging/README.md b/roles/openshift_hosted_logging/README.md
index 12ffe777d..680303853 100644
--- a/roles/openshift_hosted_logging/README.md
+++ b/roles/openshift_hosted_logging/README.md
@@ -22,7 +22,7 @@
- openshift_hosted_logging_kibana_nodeselector: Specify the nodeSelector that Kibana should be use (label=value)
- openshift_hosted_logging_curator_nodeselector: Specify the nodeSelector that Curator should be use (label=value)
- openshift_hosted_logging_enable_ops_cluster: If "true", configure a second ES cluster and Kibana for ops logs.
-- openshift_hosted_logging_use_journal: If this is unset or empty, logging will try to figure out from docker which log driver it is using (json-file or journald). You can set this param to "true" or "false" to force logging to use journal or not (but make sure you are sure which one docker is using).
+- openshift_hosted_logging_use_journal: *DEPRECATED - DO NOT USE*
- openshift_hosted_logging_journal_source: By default, if this param is unset or empty, logging will use `/var/log/journal` if it exists, or `/run/log/journal` if not. You can use this param to force logging to use a different location.
- openshift_hosted_logging_journal_read_from_head: Set to `true` to have fluentd read from the beginning of the journal, to get historical log data. Default is `false`. *WARNING* Using `true` may take several minutes or even hours, depending on the size of the journal, until any new records show up in Elasticsearch, and will cause fluentd to consume a lot of CPU and RAM resources.
diff --git a/roles/openshift_hosted_logging/vars/main.yaml b/roles/openshift_hosted_logging/vars/main.yaml
index 33320e9c8..4b350b244 100644
--- a/roles/openshift_hosted_logging/vars/main.yaml
+++ b/roles/openshift_hosted_logging/vars/main.yaml
@@ -26,8 +26,7 @@ kb_ops_ns_cmap_param: "{{ '--from-literal kibana-ops-nodeselector=' ~ openshift_
cr_ns_cmap_param: "{{ '--from-literal curator-nodeselector=' ~ openshift_hosted_logging_curator_nodeselector | quote if openshift_hosted_logging_curator_nodeselector | default(none) is not none else '' }}"
cr_ops_ns_cmap_param: "{{ '--from-literal curator-ops-nodeselector=' ~ openshift_hosted_logging_curator_ops_nodeselector | quote if openshift_hosted_logging_curator_ops_nodeselector | default(none) is not none else '' }}"
ops_cmap_param: "{{ '--from-literal enable-ops-cluster=' ~ openshift_hosted_logging_enable_ops_cluster | string | lower | quote if openshift_hosted_logging_enable_ops_cluster | default(none) is not none else '' }}"
-use_journal_cmap_param: "{{ '--from-literal use-journal=' ~ openshift_hosted_logging_use_journal | string | lower | quote if openshift_hosted_logging_use_journal | default(none) is not none else '' }}"
journal_source_cmap_param: "{{ '--from-literal journal-source=' ~ openshift_hosted_logging_journal_source | quote if openshift_hosted_logging_journal_source | default(none) is not none else '' }}"
journal_read_from_head_cmap_param: "{{ '--from-literal journal-read-from-head=' ~ openshift_hosted_logging_journal_read_from_head | string | lower | quote if openshift_hosted_logging_journal_read_from_head | default(none) is not none else '' }}"
ips_cmap_param: "{{ '--from-literal image-pull-secret=' ~ openshift_hosted_logging_image_pull_secret | quote if openshift_hosted_logging_image_pull_secret | default(none) is not none else '' }}"
-deployer_cmap_params: "{{ kh_cmap_param }} {{ kh_ops_cmap_param }} {{ pmu_cmap_param }} {{ es_cs_cmap_param }} {{ es_ir_cmap_param }} {{ es_pvcs_cmap_param }} {{ es_pvcp_cmap_param }} {{ es_pvcd_cmap_param }} {{ es_ops_cs_cmap_param }} {{ es_ops_ir_cmap_param }} {{ es_ops_pvcs_cmap_param }} {{ es_ops_pvcp_cmap_param }} {{ es_ops_pvcd_cmap_param }} {{ es_sg_cmap_param }} {{ es_ns_cmap_param }} {{ es_ops_ns_cmap_param }} {{ fd_ns_cmap_param }} {{ kb_ns_cmap_param }} {{ kb_ops_ns_cmap_param }} {{ cr_ns_cmap_param }} {{ cr_ops_ns_cmap_param }} {{ ops_cmap_param }} {{ use_journal_cmap_param }} {{ journal_source_cmap_param }} {{ journal_read_from_head_cmap_param }} {{ ips_cmap_param }}"
+deployer_cmap_params: "{{ kh_cmap_param }} {{ kh_ops_cmap_param }} {{ pmu_cmap_param }} {{ es_cs_cmap_param }} {{ es_ir_cmap_param }} {{ es_pvcs_cmap_param }} {{ es_pvcp_cmap_param }} {{ es_pvcd_cmap_param }} {{ es_ops_cs_cmap_param }} {{ es_ops_ir_cmap_param }} {{ es_ops_pvcs_cmap_param }} {{ es_ops_pvcp_cmap_param }} {{ es_ops_pvcd_cmap_param }} {{ es_sg_cmap_param }} {{ es_ns_cmap_param }} {{ es_ops_ns_cmap_param }} {{ fd_ns_cmap_param }} {{ kb_ns_cmap_param }} {{ kb_ops_ns_cmap_param }} {{ cr_ns_cmap_param }} {{ cr_ops_ns_cmap_param }} {{ ops_cmap_param }} {{ journal_source_cmap_param }} {{ journal_read_from_head_cmap_param }} {{ ips_cmap_param }}"
diff --git a/roles/openshift_loadbalancer/README.md b/roles/openshift_loadbalancer/README.md
index bea4c509b..330895f20 100644
--- a/roles/openshift_loadbalancer/README.md
+++ b/roles/openshift_loadbalancer/README.md
@@ -25,6 +25,7 @@ From this role:
| openshift_loadbalancer_default_maxconn | 20000 | Maximum per-process number of concurrent connections. |
| openshift_loadbalancer_frontends | none | List of frontends. See example below. |
| openshift_loadbalancer_backends | none | List of backends. See example below. |
+| openshift_image_tag | none | Image tag for containerized haproxy image. |
Dependencies
------------
@@ -64,6 +65,7 @@ Example Playbook
- name: master3
address: "192.168.122.223:8443"
opts: check
+ openshift_image_tag: v3.6.153
```
License
diff --git a/roles/openshift_logging/README.md b/roles/openshift_logging/README.md
index dd0f22d4b..d2ef7cc71 100644
--- a/roles/openshift_logging/README.md
+++ b/roles/openshift_logging/README.md
@@ -52,7 +52,7 @@ When both `openshift_logging_install_logging` and `openshift_logging_upgrade_log
- `openshift_logging_fluentd_cpu_limit`: The CPU limit for Fluentd pods. Defaults to '100m'.
- `openshift_logging_fluentd_memory_limit`: The memory limit for Fluentd pods. Defaults to '512Mi'.
- `openshift_logging_fluentd_es_copy`: Whether or not to use the ES_COPY feature for Fluentd (DEPRECATED). Defaults to 'False'.
-- `openshift_logging_fluentd_use_journal`: NOTE: Fluentd will attempt to detect whether or not Docker is using the journald log driver when using the default of empty.
+- `openshift_logging_fluentd_use_journal`: *DEPRECATED - DO NOT USE* Fluentd will automatically detect whether or not Docker is using the journald log driver.
- `openshift_logging_fluentd_journal_read_from_head`: If empty, Fluentd will use its internal default, which is false.
- `openshift_logging_fluentd_hosts`: List of nodes that should be labeled for Fluentd to be deployed to. Defaults to ['--all'].
- `openshift_logging_fluentd_buffer_queue_limit`: Buffer queue limit for Fluentd. Defaults to 1024.
diff --git a/roles/openshift_logging/defaults/main.yml b/roles/openshift_logging/defaults/main.yml
index 66d880d23..1c243f934 100644
--- a/roles/openshift_logging/defaults/main.yml
+++ b/roles/openshift_logging/defaults/main.yml
@@ -72,7 +72,6 @@ openshift_logging_fluentd_nodeselector: "{{ openshift_hosted_logging_fluentd_nod
openshift_logging_fluentd_cpu_limit: 100m
openshift_logging_fluentd_memory_limit: 512Mi
openshift_logging_fluentd_es_copy: false
-openshift_logging_fluentd_use_journal: "{{ openshift_hosted_logging_use_journal if openshift_hosted_logging_use_journal is defined else (docker_log_driver == 'journald') | ternary(True, False) if docker_log_driver is defined else (openshift.docker.log_driver == 'journald') | ternary(True, False) if openshift.docker.log_driver is defined else openshift.docker.options | search('--log-driver=journald') if openshift.docker.options is defined else default(omit) }}"
openshift_logging_fluentd_journal_source: "{{ openshift_hosted_logging_journal_source | default('') }}"
openshift_logging_fluentd_journal_read_from_head: "{{ openshift_hosted_logging_journal_read_from_head | default('') }}"
openshift_logging_fluentd_hosts: ['--all']
@@ -89,7 +88,7 @@ openshift_logging_es_cpu_limit: null
# the logging appenders for the root loggers to write ES logs. Valid values: 'file', 'console'
openshift_logging_es_log_appenders: ['file']
openshift_logging_es_memory_limit: "{{ openshift_hosted_logging_elasticsearch_instance_ram | default('8Gi') }}"
-openshift_logging_es_pv_selector: "{{ openshift_hosted_logging_storage_labels | default(null) }}"
+openshift_logging_es_pv_selector: "{{ openshift_hosted_logging_storage_labels | default('') }}"
openshift_logging_es_pvc_dynamic: "{{ openshift_hosted_logging_elasticsearch_pvc_dynamic | default(False) }}"
openshift_logging_es_pvc_size: "{{ openshift_hosted_logging_elasticsearch_pvc_size | default('') }}"
openshift_logging_es_pvc_prefix: "{{ openshift_hosted_logging_elasticsearch_pvc_prefix | default('logging-es') }}"
@@ -128,7 +127,7 @@ openshift_logging_es_ops_client_key: /etc/fluent/keys/key
openshift_logging_es_ops_cluster_size: "{{ openshift_hosted_logging_elasticsearch_ops_cluster_size | default(1) }}"
openshift_logging_es_ops_cpu_limit: null
openshift_logging_es_ops_memory_limit: "{{ openshift_hosted_logging_elasticsearch_ops_instance_ram | default('8Gi') }}"
-openshift_logging_es_ops_pv_selector: "{{ openshift_hosted_loggingops_storage_labels | default(null) }}"
+openshift_logging_es_ops_pv_selector: "{{ openshift_hosted_loggingops_storage_labels | default('') }}"
openshift_logging_es_ops_pvc_dynamic: "{{ openshift_hosted_logging_elasticsearch_ops_pvc_dynamic | default(False) }}"
openshift_logging_es_ops_pvc_size: "{{ openshift_hosted_logging_elasticsearch_ops_pvc_size | default('') }}"
openshift_logging_es_ops_pvc_prefix: "{{ openshift_hosted_logging_elasticsearch_ops_pvc_prefix | default('logging-es-ops') }}"
diff --git a/roles/openshift_logging/tasks/install_logging.yaml b/roles/openshift_logging/tasks/install_logging.yaml
index 66dc0e096..464e8594f 100644
--- a/roles/openshift_logging/tasks/install_logging.yaml
+++ b/roles/openshift_logging/tasks/install_logging.yaml
@@ -60,16 +60,20 @@
- set_fact: openshift_logging_es_pvc_prefix="logging-es"
when: openshift_logging_es_pvc_prefix == ""
+- set_fact:
+ elasticsearch_storage_type: "{{ openshift_logging_elasticsearch_storage_type | default('pvc' if ( openshift_logging_es_pvc_dynamic | bool or openshift_hosted_logging_storage_kind | default('') == 'nfs' or openshift_logging_es_pvc_size | length > 0) else 'emptydir') }}"
+
# We don't allow scaling down of ES nodes currently
- include_role:
name: openshift_logging_elasticsearch
vars:
generated_certs_dir: "{{openshift.common.config_base}}/logging"
+ openshift_logging_elasticsearch_namespace: "{{ openshift_logging_namespace }}"
openshift_logging_elasticsearch_deployment_name: "{{ item.0 }}"
openshift_logging_elasticsearch_pvc_name: "{{ openshift_logging_es_pvc_prefix ~ '-' ~ item.2 if item.1 is none else item.1 }}"
openshift_logging_elasticsearch_replica_count: "{{ openshift_logging_es_cluster_size | int }}"
- openshift_logging_elasticsearch_storage_type: "{{ 'pvc' if ( openshift_logging_es_pvc_dynamic | bool or openshift_hosted_logging_storage_kind | default('') == 'nfs') else 'emptydir' }}"
+ openshift_logging_elasticsearch_storage_type: "{{ elasticsearch_storage_type }}"
openshift_logging_elasticsearch_pvc_size: "{{ openshift_logging_es_pvc_size }}"
openshift_logging_elasticsearch_pvc_dynamic: "{{ openshift_logging_es_pvc_dynamic }}"
openshift_logging_elasticsearch_pvc_pv_selector: "{{ openshift_logging_es_pv_selector }}"
@@ -86,10 +90,11 @@
name: openshift_logging_elasticsearch
vars:
generated_certs_dir: "{{openshift.common.config_base}}/logging"
+ openshift_logging_elasticsearch_namespace: "{{ openshift_logging_namespace }}"
openshift_logging_elasticsearch_pvc_name: "{{ openshift_logging_es_pvc_prefix }}-{{ item | int + openshift_logging_facts.elasticsearch.deploymentconfigs | count - 1 }}"
openshift_logging_elasticsearch_replica_count: "{{ openshift_logging_es_cluster_size | int }}"
- openshift_logging_elasticsearch_storage_type: "{{ 'pvc' if ( openshift_logging_es_pvc_dynamic | bool or openshift_hosted_logging_storage_kind | default('') == 'nfs') else 'emptydir' }}"
+ openshift_logging_elasticsearch_storage_type: "{{ elasticsearch_storage_type }}"
openshift_logging_elasticsearch_pvc_size: "{{ openshift_logging_es_pvc_size }}"
openshift_logging_elasticsearch_pvc_dynamic: "{{ openshift_logging_es_pvc_dynamic }}"
openshift_logging_elasticsearch_pvc_pv_selector: "{{ openshift_logging_es_pv_selector }}"
@@ -105,20 +110,28 @@
- set_fact: es_ops_indices=[]
when: openshift_logging_facts.elasticsearch_ops.deploymentconfigs.keys() | count == 0
+- set_fact: openshift_logging_es_ops_pvc_prefix="logging-es-ops"
+ when: openshift_logging_es_ops_pvc_prefix == ""
+
+- set_fact:
+ elasticsearch_storage_type: "{{ openshift_logging_elasticsearch_storage_type | default('pvc' if ( openshift_logging_es_ops_pvc_dynamic | bool or openshift_hosted_logging_storage_kind | default('') == 'nfs' or openshift_logging_es_ops_pvc_size | length > 0) else 'emptydir') }}"
+ when:
+ - openshift_logging_use_ops | bool
- include_role:
name: openshift_logging_elasticsearch
vars:
generated_certs_dir: "{{openshift.common.config_base}}/logging"
+ openshift_logging_elasticsearch_namespace: "{{ openshift_logging_namespace }}"
openshift_logging_elasticsearch_deployment_name: "{{ item.0 }}"
- openshift_logging_elasticsearch_pvc_name: "{{ openshift_logging_es_pvc_prefix ~ '-' ~ item.2 if item.1 is none else item.1 }}"
+ openshift_logging_elasticsearch_pvc_name: "{{ openshift_logging_es_ops_pvc_prefix ~ '-' ~ item.2 if item.1 is none else item.1 }}"
openshift_logging_elasticsearch_ops_deployment: true
openshift_logging_elasticsearch_replica_count: "{{ openshift_logging_es_ops_cluster_size | int }}"
- openshift_logging_elasticsearch_storage_type: "{{ 'pvc' if ( openshift_logging_es_pvc_dynamic | bool or openshift_hosted_logging_storage_kind | default('') == 'nfs') else 'emptydir' }}"
- openshift_logging_elasticsearch_pvc_size: "{{ openshift_logging_es_pvc_size }}"
- openshift_logging_elasticsearch_pvc_dynamic: "{{ openshift_logging_es_pvc_dynamic }}"
- openshift_logging_elasticsearch_pvc_pv_selector: "{{ openshift_logging_es_pv_selector }}"
+ openshift_logging_elasticsearch_storage_type: "{{ elasticsearch_storage_type }}"
+ openshift_logging_elasticsearch_pvc_size: "{{ openshift_logging_es_ops_pvc_size }}"
+ openshift_logging_elasticsearch_pvc_dynamic: "{{ openshift_logging_es_ops_pvc_dynamic }}"
+ openshift_logging_elasticsearch_pvc_pv_selector: "{{ openshift_logging_es_ops_pv_selector }}"
openshift_logging_es_key: "{{ openshift_logging_es_ops_key }}"
openshift_logging_es_cert: "{{ openshift_logging_es_ops_cert }}"
openshift_logging_es_ca_ext: "{{ openshift_logging_es_ops_ca_ext }}"
@@ -139,14 +152,15 @@
name: openshift_logging_elasticsearch
vars:
generated_certs_dir: "{{openshift.common.config_base}}/logging"
- openshift_logging_elasticsearch_pvc_name: "{{ openshift_logging_es_pvc_prefix }}-{{ item | int + openshift_logging_facts.elasticsearch_ops.deploymentconfigs | count - 1 }}"
+ openshift_logging_elasticsearch_namespace: "{{ openshift_logging_namespace }}"
+ openshift_logging_elasticsearch_pvc_name: "{{ openshift_logging_es_ops_pvc_prefix }}-{{ item | int + openshift_logging_facts.elasticsearch_ops.deploymentconfigs | count - 1 }}"
openshift_logging_elasticsearch_ops_deployment: true
openshift_logging_elasticsearch_replica_count: "{{ openshift_logging_es_ops_cluster_size | int }}"
- openshift_logging_elasticsearch_storage_type: "{{ 'pvc' if ( openshift_logging_es_pvc_dynamic | bool or openshift_hosted_logging_storage_kind | default('') == 'nfs') else 'emptydir' }}"
- openshift_logging_elasticsearch_pvc_size: "{{ openshift_logging_es_pvc_size }}"
- openshift_logging_elasticsearch_pvc_dynamic: "{{ openshift_logging_es_pvc_dynamic }}"
- openshift_logging_elasticsearch_pvc_pv_selector: "{{ openshift_logging_es_pv_selector }}"
+ openshift_logging_elasticsearch_storage_type: "{{ elasticsearch_storage_type }}"
+ openshift_logging_elasticsearch_pvc_size: "{{ openshift_logging_es_ops_pvc_size }}"
+ openshift_logging_elasticsearch_pvc_dynamic: "{{ openshift_logging_es_ops_pvc_dynamic }}"
+ openshift_logging_elasticsearch_pvc_pv_selector: "{{ openshift_logging_es_ops_pv_selector }}"
openshift_logging_es_key: "{{ openshift_logging_es_ops_key }}"
openshift_logging_es_cert: "{{ openshift_logging_es_ops_cert }}"
openshift_logging_es_ca_ext: "{{ openshift_logging_es_ops_ca_ext }}"
@@ -255,7 +269,6 @@
vars:
generated_certs_dir: "{{openshift.common.config_base}}/logging"
openshift_logging_fluentd_ops_host: "{{ ( openshift_logging_use_ops | bool ) | ternary('logging-es-ops', 'logging-es') }}"
- openshift_logging_fluentd_use_journal: "{{ openshift.docker.options | search('journald') }}"
openshift_logging_fluentd_image_prefix: "{{ openshift_logging_image_prefix }}"
openshift_logging_fluentd_image_version: "{{ openshift_logging_image_version }}"
openshift_logging_fluentd_image_pull_secret: "{{ openshift_logging_image_pull_secret }}"
diff --git a/roles/openshift_logging_curator/tasks/main.yaml b/roles/openshift_logging_curator/tasks/main.yaml
index ae7e48caa..3113fb3c9 100644
--- a/roles/openshift_logging_curator/tasks/main.yaml
+++ b/roles/openshift_logging_curator/tasks/main.yaml
@@ -91,7 +91,7 @@
es_port: "{{ openshift_logging_curator_es_port }}"
curator_cpu_limit: "{{ openshift_logging_curator_cpu_limit }}"
curator_memory_limit: "{{ openshift_logging_curator_memory_limit }}"
- replicas: "{{ openshift_logging_curator_replicas | default (1) }}"
+ curator_replicas: "{{ openshift_logging_curator_replicas | default (1) }}"
curator_node_selector: "{{openshift_logging_curator_nodeselector | default({})}}"
check_mode: no
changed_when: no
diff --git a/roles/openshift_logging_curator/templates/curator.j2 b/roles/openshift_logging_curator/templates/curator.j2
index 1bf9b9de2..6431f86d9 100644
--- a/roles/openshift_logging_curator/templates/curator.j2
+++ b/roles/openshift_logging_curator/templates/curator.j2
@@ -7,7 +7,7 @@ metadata:
component: "{{component}}"
logging-infra: "{{logging_component}}"
spec:
- replicas: {{replicas|default(1)}}
+ replicas: {{curator_replicas|default(1)}}
selector:
provider: openshift
component: "{{component}}"
diff --git a/roles/openshift_logging_elasticsearch/tasks/main.yaml b/roles/openshift_logging_elasticsearch/tasks/main.yaml
index 684dbe0a0..0548e3c40 100644
--- a/roles/openshift_logging_elasticsearch/tasks/main.yaml
+++ b/roles/openshift_logging_elasticsearch/tasks/main.yaml
@@ -173,9 +173,8 @@
selector:
component: "{{ es_component }}"
provider: openshift
- # pending #4091
- #labels:
- #- logging-infra: 'support'
+ labels:
+ logging-infra: 'support'
ports:
- port: 9300
@@ -187,14 +186,15 @@
selector:
component: "{{ es_component }}"
provider: openshift
- # pending #4091
- #labels:
- #- logging-infra: 'support'
+ labels:
+ logging-infra: 'support'
ports:
- port: 9200
targetPort: "restapi"
-- name: Creating ES storage template
+# storageclasses are used by default but if static then disable
+# storageclasses with the storageClassName set to "" in pvc.j2
+- name: Creating ES storage template - static
template:
src: pvc.j2
dest: "{{ tempdir }}/templates/logging-es-pvc.yml"
@@ -203,11 +203,13 @@
size: "{{ openshift_logging_elasticsearch_pvc_size }}"
access_modes: "{{ openshift_logging_elasticsearch_pvc_access_modes | list }}"
pv_selector: "{{ openshift_logging_elasticsearch_pvc_pv_selector }}"
+ storage_class_name: "{{ openshift_logging_elasticsearch_pvc_storage_class_name | default('', true) }}"
when:
- openshift_logging_elasticsearch_storage_type == "pvc"
- - not openshift_logging_elasticsearch_pvc_dynamic
+ - not openshift_logging_elasticsearch_pvc_dynamic | bool
-- name: Creating ES storage template
+# Storageclasses are used by default if configured
+- name: Creating ES storage template - dynamic
template:
src: pvc.j2
dest: "{{ tempdir }}/templates/logging-es-pvc.yml"
@@ -216,11 +218,9 @@
size: "{{ openshift_logging_elasticsearch_pvc_size }}"
access_modes: "{{ openshift_logging_elasticsearch_pvc_access_modes | list }}"
pv_selector: "{{ openshift_logging_elasticsearch_pvc_pv_selector }}"
- annotations:
- volume.beta.kubernetes.io/storage-class: "dynamic"
when:
- openshift_logging_elasticsearch_storage_type == "pvc"
- - openshift_logging_elasticsearch_pvc_dynamic
+ - openshift_logging_elasticsearch_pvc_dynamic | bool
- name: Set ES storage
oc_obj:
@@ -257,7 +257,7 @@
es_memory_limit: "{{ openshift_logging_elasticsearch_memory_limit }}"
es_node_selector: "{{ openshift_logging_elasticsearch_nodeselector | default({}) }}"
deploy_type: "{{ openshift_logging_elasticsearch_deployment_type }}"
- replicas: 1
+ es_replicas: 1
- name: Set ES dc
oc_obj:
diff --git a/roles/openshift_logging_elasticsearch/templates/elasticsearch.yml.j2 b/roles/openshift_logging_elasticsearch/templates/elasticsearch.yml.j2
index 58c325c8a..141967c33 100644
--- a/roles/openshift_logging_elasticsearch/templates/elasticsearch.yml.j2
+++ b/roles/openshift_logging_elasticsearch/templates/elasticsearch.yml.j2
@@ -14,8 +14,10 @@ index:
flush_threshold_period: 5m
node:
+ name: ${DC_NAME}
master: ${IS_MASTER}
data: ${HAS_DATA}
+ max_local_storage_nodes: 1
network:
host: 0.0.0.0
@@ -60,7 +62,7 @@ path:
searchguard:
authcz.admin_dn:
- CN=system.admin,OU=OpenShift,O=Logging
- config_index_name: ".searchguard.${HOSTNAME}"
+ config_index_name: ".searchguard.${DC_NAME}"
ssl:
transport:
enabled: true
diff --git a/roles/openshift_logging_elasticsearch/templates/es.j2 b/roles/openshift_logging_elasticsearch/templates/es.j2
index bd2289f0d..cbe6b89f2 100644
--- a/roles/openshift_logging_elasticsearch/templates/es.j2
+++ b/roles/openshift_logging_elasticsearch/templates/es.j2
@@ -8,7 +8,7 @@ metadata:
deployment: "{{deploy_name}}"
logging-infra: "{{logging_component}}"
spec:
- replicas: {{replicas|default(1)}}
+ replicas: {{es_replicas|default(1)}}
selector:
provider: openshift
component: "{{component}}"
@@ -58,6 +58,9 @@ spec:
name: "cluster"
env:
-
+ name: "DC_NAME"
+ value: "{{deploy_name}}"
+ -
name: "NAMESPACE"
valueFrom:
fieldRef:
@@ -75,6 +78,9 @@ spec:
name: "INSTANCE_RAM"
value: "{{openshift_logging_elasticsearch_memory_limit}}"
-
+ name: "HEAP_DUMP_LOCATION"
+ value: "/elasticsearch/persistent/heapdump.hprof"
+ -
name: "NODE_QUORUM"
value: "{{es_node_quorum | int}}"
-
@@ -84,9 +90,6 @@ spec:
name: "RECOVER_AFTER_TIME"
value: "{{openshift_logging_elasticsearch_recover_after_time}}"
-
- name: "READINESS_PROBE_TIMEOUT"
- value: "30"
- -
name: "IS_MASTER"
value: "{% if deploy_type in ['data-master', 'master'] %}true{% else %}false{% endif %}"
@@ -103,13 +106,6 @@ spec:
readOnly: true
- name: elasticsearch-storage
mountPath: /elasticsearch/persistent
- readinessProbe:
- exec:
- command:
- - "/usr/share/elasticsearch/probe/readiness.sh"
- initialDelaySeconds: 10
- timeoutSeconds: 30
- periodSeconds: 5
volumes:
- name: elasticsearch
secret:
diff --git a/roles/openshift_logging_elasticsearch/templates/pvc.j2 b/roles/openshift_logging_elasticsearch/templates/pvc.j2
index f19a3a750..063f9c5ae 100644
--- a/roles/openshift_logging_elasticsearch/templates/pvc.j2
+++ b/roles/openshift_logging_elasticsearch/templates/pvc.j2
@@ -25,3 +25,6 @@ spec:
resources:
requests:
storage: {{size}}
+{% if storage_class_name is defined %}
+ storageClassName: {{ storage_class_name }}
+{% endif %}
diff --git a/roles/openshift_logging_fluentd/defaults/main.yml b/roles/openshift_logging_fluentd/defaults/main.yml
index 228196d74..ce7cfc433 100644
--- a/roles/openshift_logging_fluentd/defaults/main.yml
+++ b/roles/openshift_logging_fluentd/defaults/main.yml
@@ -28,7 +28,6 @@ openshift_logging_fluentd_ops_host: "{{ openshift_logging_fluentd_app_host }}"
openshift_logging_fluentd_ops_port: "{{ openshift_logging_fluentd_app_port }}"
### Used by "hosted" and "secure-aggregator" deployments
-#openshift_logging_fluentd_use_journal: "{{ openshift_hosted_logging_use_journal }}"
openshift_logging_fluentd_journal_source: "{{ openshift_hosted_logging_journal_source | default('') }}"
openshift_logging_fluentd_journal_read_from_head: "{{ openshift_hosted_logging_journal_read_from_head | default('') }}"
@@ -49,6 +48,7 @@ openshift_logging_fluentd_aggregating_strict: "no"
openshift_logging_fluentd_aggregating_cert_path: none
openshift_logging_fluentd_aggregating_key_path: none
openshift_logging_fluentd_aggregating_passphrase: none
+openshift_logging_use_mux_client: False
### Deprecating in 3.6
openshift_logging_fluentd_es_copy: false
diff --git a/roles/openshift_logging_fluentd/tasks/main.yaml b/roles/openshift_logging_fluentd/tasks/main.yaml
index 8194223e8..55de2ae8d 100644
--- a/roles/openshift_logging_fluentd/tasks/main.yaml
+++ b/roles/openshift_logging_fluentd/tasks/main.yaml
@@ -15,19 +15,15 @@
msg: Invalid deployment type, one of ['hosted', 'secure-aggregator', 'secure-host'] allowed
when: not openshift_logging_fluentd_deployment_type in __allowed_fluentd_types
-- include: determine_version.yaml
+- debug:
+ msg: openshift_logging_fluentd_use_journal is deprecated. Fluentd will automatically detect which logging driver is being used.
+ when: openshift_logging_fluentd_use_journal is defined
-- set_fact:
- openshift_logging_fluentd_use_journal: "{{ openshift_hosted_logging_use_journal }}"
- when:
- - openshift_hosted_logging_use_journal is defined
- - openshift_logging_fluentd_use_journal is not defined
+- debug:
+ msg: openshift_hosted_logging_use_journal is deprecated. Fluentd will automatically detect which logging driver is being used.
+ when: openshift_hosted_logging_use_journal is defined
-- set_fact:
- openshift_logging_fluentd_use_journal: "{{ __fluentd_use_journal }}"
- when:
- - openshift_hosted_logging_use_journal is not defined
- - openshift_logging_fluentd_use_journal is not defined
+- include: determine_version.yaml
# allow passing in a tempdir
- name: Create temp directory for doing work in
@@ -100,7 +96,7 @@
- copy:
src: secure-forward.conf
dest: "{{ tempdir }}/secure-forward.conf"
- when: fluentd_securefoward_contents is undefined
+ when: fluentd_secureforward_contents is undefined
changed_when: no
diff --git a/roles/openshift_logging_fluentd/templates/fluentd.j2 b/roles/openshift_logging_fluentd/templates/fluentd.j2
index a5695ee26..970e5c2a5 100644
--- a/roles/openshift_logging_fluentd/templates/fluentd.j2
+++ b/roles/openshift_logging_fluentd/templates/fluentd.j2
@@ -62,6 +62,11 @@ spec:
- name: dockerdaemoncfg
mountPath: /etc/docker
readOnly: true
+{% if openshift_logging_use_mux_client | bool %}
+ - name: muxcerts
+ mountPath: /etc/fluent/muxkeys
+ readOnly: true
+{% endif %}
env:
- name: "K8S_HOST_URL"
value: "{{ openshift_logging_fluentd_master_url }}"
@@ -87,8 +92,6 @@ spec:
value: "{{ openshift_logging_fluentd_ops_ca }}"
- name: "ES_COPY"
value: "false"
- - name: "USE_JOURNAL"
- value: "{{ openshift_logging_fluentd_use_journal | lower }}"
- name: "JOURNAL_SOURCE"
value: "{{ openshift_logging_fluentd_journal_source | default('') }}"
- name: "JOURNAL_READ_FROM_HEAD"
@@ -98,9 +101,17 @@ spec:
- name: "BUFFER_SIZE_LIMIT"
value: "{{ openshift_logging_fluentd_buffer_size_limit }}"
- name: "FLUENTD_CPU_LIMIT"
- value: "{{ openshift_logging_fluentd_cpu_limit }}"
+ valueFrom:
+ resourceFieldRef:
+ containerName: "{{ daemonset_container_name }}"
+ resource: limits.cpu
- name: "FLUENTD_MEMORY_LIMIT"
- value: "{{ openshift_logging_fluentd_memory_limit }}"
+ valueFrom:
+ resourceFieldRef:
+ containerName: "{{ daemonset_container_name }}"
+ resource: limits.memory
+ - name: "USE_MUX_CLIENT"
+ value: "{{ openshift_logging_use_mux_client | default('false') | lower }}"
volumes:
- name: runlogjournal
hostPath:
@@ -129,3 +140,8 @@ spec:
- name: dockerdaemoncfg
hostPath:
path: /etc/docker
+{% if openshift_logging_use_mux_client | bool %}
+ - name: muxcerts
+ secret:
+ secretName: logging-mux
+{% endif %}
diff --git a/roles/openshift_logging_fluentd/vars/main.yml b/roles/openshift_logging_fluentd/vars/main.yml
index f601b738e..ad3fb0bdd 100644
--- a/roles/openshift_logging_fluentd/vars/main.yml
+++ b/roles/openshift_logging_fluentd/vars/main.yml
@@ -2,4 +2,3 @@
__latest_fluentd_version: "3_5"
__allowed_fluentd_versions: ["3_5", "3_6"]
__allowed_fluentd_types: ["hosted", "secure-aggregator", "secure-host"]
-__fluentd_use_journal: "{{ (docker_log_driver == 'journald') | ternary(True, False) if docker_log_driver is defined else (openshift.docker.log_driver == 'journald') | ternary(True, False) if openshift.docker.log_driver is defined else openshift.docker.options | search('--log-driver=journald') if openshift.docker.options is defined else default(omit) }}"
diff --git a/roles/openshift_logging_kibana/defaults/main.yml b/roles/openshift_logging_kibana/defaults/main.yml
index 23337bcd2..b2556fd71 100644
--- a/roles/openshift_logging_kibana/defaults/main.yml
+++ b/roles/openshift_logging_kibana/defaults/main.yml
@@ -11,7 +11,7 @@ openshift_logging_kibana_nodeselector: ""
openshift_logging_kibana_cpu_limit: null
openshift_logging_kibana_memory_limit: 736Mi
-openshift_logging_kibana_hostname: "kibana.router.default.svc.cluster.local"
+openshift_logging_kibana_hostname: "{{ openshift_hosted_logging_hostname | default('kibana.' ~ (openshift_master_default_subdomain | default('router.default.svc.cluster.local', true))) }}"
openshift_logging_kibana_es_host: "logging-es"
openshift_logging_kibana_es_port: 9200
diff --git a/roles/openshift_logging_kibana/tasks/main.yaml b/roles/openshift_logging_kibana/tasks/main.yaml
index bae55ffaa..62bc26e37 100644
--- a/roles/openshift_logging_kibana/tasks/main.yaml
+++ b/roles/openshift_logging_kibana/tasks/main.yaml
@@ -89,9 +89,8 @@
selector:
component: "{{ kibana_component }}"
provider: openshift
- # pending #4091
- #labels:
- #- logging-infra: 'support'
+ labels:
+ logging-infra: 'support'
ports:
- port: 443
targetPort: "oaproxy"
@@ -234,7 +233,7 @@
kibana_memory_limit: "{{ openshift_logging_kibana_memory_limit }}"
kibana_proxy_cpu_limit: "{{ openshift_logging_kibana_proxy_cpu_limit }}"
kibana_proxy_memory_limit: "{{ openshift_logging_kibana_proxy_memory_limit }}"
- replicas: "{{ openshift_logging_kibana_replicas | default (1) }}"
+ kibana_replicas: "{{ openshift_logging_kibana_replicas | default (1) }}"
kibana_node_selector: "{{ openshift_logging_kibana_nodeselector | default({}) }}"
- name: Set Kibana DC
diff --git a/roles/openshift_logging_kibana/templates/kibana.j2 b/roles/openshift_logging_kibana/templates/kibana.j2
index f8043812b..512d99d06 100644
--- a/roles/openshift_logging_kibana/templates/kibana.j2
+++ b/roles/openshift_logging_kibana/templates/kibana.j2
@@ -7,7 +7,7 @@ metadata:
component: "{{ component }}"
logging-infra: "{{ logging_component }}"
spec:
- replicas: {{ replicas | default(1) }}
+ replicas: {{ kibana_replicas | default(1) }}
selector:
provider: openshift
component: "{{ component }}"
diff --git a/roles/openshift_logging_mux/defaults/main.yml b/roles/openshift_logging_mux/defaults/main.yml
index 77e47d38c..797a27c1b 100644
--- a/roles/openshift_logging_mux/defaults/main.yml
+++ b/roles/openshift_logging_mux/defaults/main.yml
@@ -24,7 +24,6 @@ openshift_logging_mux_ops_host: "{{ openshift_logging_mux_app_host }}"
openshift_logging_mux_ops_port: "{{ openshift_logging_mux_app_port }}"
### Used by "hosted" and "secure-aggregator" deployments
-openshift_logging_mux_use_journal: "{{ openshift_hosted_logging_use_journal | default('') }}"
openshift_logging_mux_journal_source: "{{ openshift_hosted_logging_journal_source | default('') }}"
openshift_logging_mux_journal_read_from_head: "{{ openshift_hosted_logging_journal_read_from_head | default('') }}"
diff --git a/roles/openshift_logging_mux/tasks/main.yaml b/roles/openshift_logging_mux/tasks/main.yaml
index 54af40070..02815806a 100644
--- a/roles/openshift_logging_mux/tasks/main.yaml
+++ b/roles/openshift_logging_mux/tasks/main.yaml
@@ -172,7 +172,7 @@
ops_port: "{{ openshift_logging_mux_ops_port }}"
mux_cpu_limit: "{{ openshift_logging_mux_cpu_limit }}"
mux_memory_limit: "{{ openshift_logging_mux_memory_limit }}"
- replicas: "{{ openshift_logging_mux_replicas | default(1) }}"
+ mux_replicas: "{{ openshift_logging_mux_replicas | default(1) }}"
mux_node_selector: "{{ openshift_logging_mux_nodeselector | default({}) }}"
check_mode: no
changed_when: no
diff --git a/roles/openshift_logging_mux/templates/mux.j2 b/roles/openshift_logging_mux/templates/mux.j2
index 243698c6a..2b3b64bb8 100644
--- a/roles/openshift_logging_mux/templates/mux.j2
+++ b/roles/openshift_logging_mux/templates/mux.j2
@@ -7,7 +7,7 @@ metadata:
component: "{{component}}"
logging-infra: "{{logging_component}}"
spec:
- replicas: {{replicas|default(1)}}
+ replicas: {{mux_replicas|default(1)}}
selector:
provider: openshift
component: "{{component}}"
@@ -89,8 +89,6 @@ spec:
value: "{{openshift_logging_mux_ops_client_key}}"
- name: "OPS_CA"
value: "{{openshift_logging_mux_ops_ca}}"
- - name: "USE_JOURNAL"
- value: "false"
- name: "JOURNAL_SOURCE"
value: "{{openshift_logging_mux_journal_source | default('')}}"
- name: "JOURNAL_READ_FROM_HEAD"
@@ -102,15 +100,21 @@ spec:
- name: USE_MUX
value: "true"
- name: MUX_ALLOW_EXTERNAL
- value: "{{ openshift_logging_mux_allow_external | default('false') }}"
+ value: "{{ openshift_logging_mux_allow_external | default('false') | lower }}"
- name: "BUFFER_QUEUE_LIMIT"
value: "{{ openshift_logging_mux_buffer_queue_limit }}"
- name: "BUFFER_SIZE_LIMIT"
value: "{{ openshift_logging_mux_buffer_size_limit }}"
- name: "MUX_CPU_LIMIT"
- value: "{{ openshift_logging_mux_cpu_limit }}"
+ valueFrom:
+ resourceFieldRef:
+ containerName: "mux"
+ resource: limits.cpu
- name: "MUX_MEMORY_LIMIT"
- value: "{{ openshift_logging_mux_memory_limit }}"
+ valueFrom:
+ resourceFieldRef:
+ containerName: "mux"
+ resource: limits.memory
volumes:
- name: config
configMap:
diff --git a/roles/openshift_master/README.md b/roles/openshift_master/README.md
index e5362105c..fbf69c270 100644
--- a/roles/openshift_master/README.md
+++ b/roles/openshift_master/README.md
@@ -15,18 +15,19 @@ Role Variables
From this role:
-| Name | Default value | |
-|-------------------------------------|-----------------------|-------------------------------------------------------------------------------|
-| openshift_master_debug_level | openshift_debug_level | Verbosity of the debug logs for master |
-| openshift_node_ips | [] | List of the openshift node ip addresses to pre-register when master starts up |
-| oreg_url | UNDEF | Default docker registry to use |
-| oreg_url_master | UNDEF | Default docker registry to use, specifically on the master |
-| openshift_master_api_port | UNDEF | |
-| openshift_master_console_port | UNDEF | |
-| openshift_master_api_url | UNDEF | |
-| openshift_master_console_url | UNDEF | |
-| openshift_master_public_api_url | UNDEF | |
-| openshift_master_public_console_url | UNDEF | |
+| Name | Default value | |
+|---------------------------------------------------|-----------------------|-------------------------------------------------------------------------------|
+| openshift_master_debug_level | openshift_debug_level | Verbosity of the debug logs for master |
+| openshift_node_ips | [] | List of the openshift node ip addresses to pre-register when master starts up |
+| oreg_url | UNDEF | Default docker registry to use |
+| oreg_url_master | UNDEF | Default docker registry to use, specifically on the master |
+| openshift_master_api_port | UNDEF | |
+| openshift_master_console_port | UNDEF | |
+| openshift_master_api_url | UNDEF | |
+| openshift_master_console_url | UNDEF | |
+| openshift_master_public_api_url | UNDEF | |
+| openshift_master_public_console_url | UNDEF | |
+| openshift_master_saconfig_limit_secret_references | false | |
From openshift_common:
diff --git a/roles/openshift_master/defaults/main.yml b/roles/openshift_master/defaults/main.yml
index 14a1daf6c..2d3ce5bcd 100644
--- a/roles/openshift_master/defaults/main.yml
+++ b/roles/openshift_master/defaults/main.yml
@@ -1,4 +1,4 @@
---
openshift_node_ips: []
-# TODO: update setting these values based on the facts
-#openshift_version: "{{ openshift_pkg_version | default(openshift_image_tag | default(openshift.docker.openshift_image_tag | default(''))) }}"
+r_openshift_master_clean_install: false
+r_openshift_master_etcd3_storage: false
diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml
index aed5598c0..0c4ee319c 100644
--- a/roles/openshift_master/tasks/main.yml
+++ b/roles/openshift_master/tasks/main.yml
@@ -128,6 +128,24 @@
when: openshift.master.request_header_ca is defined and item.kind == 'RequestHeaderIdentityProvider' and item.clientCA | default('') != ''
with_items: "{{ openshift.master.identity_providers }}"
+# This is an ugly hack to verify settings are in a file without modifying them with lineinfile.
+# The template file will stomp any other settings made.
+- block:
+ - name: check whether our docker-registry setting exists in the env file
+ command: "awk '/^OPENSHIFT_DEFAULT_REGISTRY=docker-registry.default.svc:5000/' /etc/sysconfig/{{ openshift.common.service_type }}-master"
+ ignore_errors: true
+ changed_when: false
+ register: already_set
+
+ - set_fact:
+ openshift_push_via_dns: "{{ (openshift_use_dnsmasq | default(true) and openshift.common.version_gte_3_6) or (already_set.stdout | match('OPENSHIFT_DEFAULT_REGISTRY=docker-registry.default.svc:5000')) }}"
+
+- name: Set fact of all etcd host IPs
+ openshift_facts:
+ role: common
+ local_facts:
+ no_proxy_etcd_host_ips: "{{ openshift_no_proxy_etcd_host_ips }}"
+
- name: Install the systemd units
include: systemd_units.yml
@@ -188,6 +206,10 @@
delay: 60
notify: Verify API Server
+- name: Dump logs from master service if it failed
+ command: journalctl --no-pager -n 100 -u {{ openshift.common.service_type }}-master
+ when: start_result | failed
+
- name: Stop and disable non-HA master when running HA
systemd:
name: "{{ openshift.common.service_type }}-master"
@@ -221,6 +243,10 @@
retries: 1
delay: 60
+- name: Dump logs from master-api if it failed
+ command: journalctl --no-pager -n 100 -u {{ openshift.common.service_type }}-master-api
+ when: start_result | failed
+
- set_fact:
master_api_service_status_changed: "{{ start_result | changed }}"
when: openshift_master_ha | bool and openshift.master.cluster_method == 'native' and inventory_hostname == openshift_master_hosts[0]
@@ -240,6 +266,10 @@
retries: 1
delay: 60
+- name: Dump logs from master-api if it failed
+ command: journalctl --no-pager -n 100 -u {{ openshift.common.service_type }}-master-api
+ when: start_result | failed
+
- set_fact:
master_api_service_status_changed: "{{ start_result | changed }}"
when: openshift_master_ha | bool and openshift.master.cluster_method == 'native' and inventory_hostname != openshift_master_hosts[0]
@@ -276,6 +306,10 @@
retries: 1
delay: 60
+- name: Dump logs from master-controllers if it failed
+ command: journalctl --no-pager -n 100 -u {{ openshift.common.service_type }}-master-controllers
+ when: start_result | failed
+
- name: Wait for master controller service to start on first master
pause:
seconds: 15
@@ -292,6 +326,10 @@
retries: 1
delay: 60
+- name: Dump logs from master-controllers if it failed
+ command: journalctl --no-pager -n 100 -u {{ openshift.common.service_type }}-master-controllers
+ when: start_result | failed
+
- set_fact:
master_controllers_service_status_changed: "{{ start_result | changed }}"
when: openshift_master_ha | bool and openshift.master.cluster_method == 'native'
diff --git a/roles/openshift_master/templates/atomic-openshift-master.j2 b/roles/openshift_master/templates/atomic-openshift-master.j2
index 6e2439fd9..850fae0e4 100644
--- a/roles/openshift_master/templates/atomic-openshift-master.j2
+++ b/roles/openshift_master/templates/atomic-openshift-master.j2
@@ -1,5 +1,8 @@
OPTIONS=--loglevel={{ openshift.master.debug_level | default(2) }}
CONFIG_FILE={{ openshift_master_config_file }}
+{% if openshift_push_via_dns | default(false) %}
+OPENSHIFT_DEFAULT_REGISTRY=docker-registry.default.svc:5000
+{% endif %}
{% if openshift.common.is_containerized | bool %}
IMAGE_VERSION={{ openshift_image_tag }}
{% endif %}
diff --git a/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-api.service.j2 b/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-api.service.j2
index 897ee7285..e8f7c47b0 100644
--- a/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-api.service.j2
+++ b/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-api.service.j2
@@ -12,7 +12,7 @@ Requires={{ openshift.docker.service_name }}.service
EnvironmentFile=/etc/sysconfig/{{ openshift.common.service_type }}-master-api
Environment=GOTRACEBACK=crash
ExecStartPre=-/usr/bin/docker rm -f {{ openshift.common.service_type}}-master-api
-ExecStart=/usr/bin/docker run --rm --privileged --net=host --name {{ openshift.common.service_type }}-master-api --env-file=/etc/sysconfig/{{ openshift.common.service_type }}-master-api -v {{ openshift.common.data_dir }}:{{ openshift.common.data_dir }} -v /var/log:/var/log -v /var/run/docker.sock:/var/run/docker.sock -v {{ openshift.common.config_base }}:{{ openshift.common.config_base }} {% if openshift_cloudprovider_kind | default('') != '' -%} -v {{ openshift.common.config_base }}/cloudprovider:{{ openshift.common.config_base}}/cloudprovider {% endif -%} {{ openshift.master.master_image }}:${IMAGE_VERSION} start master api --config=${CONFIG_FILE} $OPTIONS
+ExecStart=/usr/bin/docker run --rm --privileged --net=host --name {{ openshift.common.service_type }}-master-api --env-file=/etc/sysconfig/{{ openshift.common.service_type }}-master-api -v {{ openshift.common.data_dir }}:{{ openshift.common.data_dir }} -v /var/log:/var/log -v /var/run/docker.sock:/var/run/docker.sock -v {{ openshift.common.config_base }}:{{ openshift.common.config_base }} {% if openshift_cloudprovider_kind | default('') != '' -%} -v {{ openshift.common.config_base }}/cloudprovider:{{ openshift.common.config_base}}/cloudprovider {% endif -%} -v /etc/pki:/etc/pki:ro {{ openshift.master.master_image }}:${IMAGE_VERSION} start master api --config=${CONFIG_FILE} $OPTIONS
ExecStartPost=/usr/bin/sleep 10
ExecStop=/usr/bin/docker stop {{ openshift.common.service_type }}-master-api
LimitNOFILE=131072
diff --git a/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-controllers.service.j2 b/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-controllers.service.j2
index 451f3436a..69db62f16 100644
--- a/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-controllers.service.j2
+++ b/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-controllers.service.j2
@@ -11,7 +11,7 @@ PartOf={{ openshift.docker.service_name }}.service
EnvironmentFile=/etc/sysconfig/{{ openshift.common.service_type }}-master-controllers
Environment=GOTRACEBACK=crash
ExecStartPre=-/usr/bin/docker rm -f {{ openshift.common.service_type}}-master-controllers
-ExecStart=/usr/bin/docker run --rm --privileged --net=host --name {{ openshift.common.service_type }}-master-controllers --env-file=/etc/sysconfig/{{ openshift.common.service_type }}-master-controllers -v {{ openshift.common.data_dir }}:{{ openshift.common.data_dir }} -v /var/run/docker.sock:/var/run/docker.sock -v {{ openshift.common.config_base }}:{{ openshift.common.config_base }} {% if openshift_cloudprovider_kind | default('') != '' -%} -v {{ openshift.common.config_base }}/cloudprovider:{{ openshift.common.config_base}}/cloudprovider {% endif -%} {{ openshift.master.master_image }}:${IMAGE_VERSION} start master controllers --config=${CONFIG_FILE} $OPTIONS
+ExecStart=/usr/bin/docker run --rm --privileged --net=host --name {{ openshift.common.service_type }}-master-controllers --env-file=/etc/sysconfig/{{ openshift.common.service_type }}-master-controllers -v {{ openshift.common.data_dir }}:{{ openshift.common.data_dir }} -v /var/run/docker.sock:/var/run/docker.sock -v {{ openshift.common.config_base }}:{{ openshift.common.config_base }} {% if openshift_cloudprovider_kind | default('') != '' -%} -v {{ openshift.common.config_base }}/cloudprovider:{{ openshift.common.config_base}}/cloudprovider {% endif -%} -v /etc/pki:/etc/pki:ro {{ openshift.master.master_image }}:${IMAGE_VERSION} start master controllers --config=${CONFIG_FILE} $OPTIONS
ExecStartPost=/usr/bin/sleep 10
ExecStop=/usr/bin/docker stop {{ openshift.common.service_type }}-master-controllers
LimitNOFILE=131072
diff --git a/roles/openshift_master/templates/master.yaml.v1.j2 b/roles/openshift_master/templates/master.yaml.v1.j2
index 1935d9592..af3ebc6d2 100644
--- a/roles/openshift_master/templates/master.yaml.v1.j2
+++ b/roles/openshift_master/templates/master.yaml.v1.j2
@@ -139,6 +139,12 @@ kubernetesMasterConfig:
- v1
{% endif %}
apiServerArguments: {{ openshift.master.api_server_args | default(None) | to_padded_yaml( level=2 ) }}
+{% if r_openshift_master_etcd3_storage or ( r_openshift_master_clean_install and openshift.common.version_gte_3_6 ) %}
+ storage-backend:
+ - etcd3
+ storage-media-type:
+ - application/vnd.kubernetes.protobuf
+{% endif %}
controllerArguments: {{ openshift.master.controller_args | default(None) | to_padded_yaml( level=2 ) }}
masterCount: {{ openshift.master.master_count if openshift.master.cluster_method | default(None) == 'native' else 1 }}
masterIP: {{ openshift.common.ip }}
@@ -229,7 +235,7 @@ projectConfig:
routingConfig:
subdomain: "{{ openshift_master_default_subdomain | default("") }}"
serviceAccountConfig:
- limitSecretReferences: false
+ limitSecretReferences: {{ openshift_master_saconfig_limitsecretreferences | default(false) }}
managedNames:
- default
- builder
diff --git a/roles/openshift_master/templates/master_docker/master.docker.service.j2 b/roles/openshift_master/templates/master_docker/master.docker.service.j2
index 7f40cb042..31c1dfc33 100644
--- a/roles/openshift_master/templates/master_docker/master.docker.service.j2
+++ b/roles/openshift_master/templates/master_docker/master.docker.service.j2
@@ -8,7 +8,7 @@ Wants=etcd_container.service
[Service]
EnvironmentFile=/etc/sysconfig/{{ openshift.common.service_type }}-master
ExecStartPre=-/usr/bin/docker rm -f {{ openshift.common.service_type }}-master
-ExecStart=/usr/bin/docker run --rm --privileged --net=host --name {{ openshift.common.service_type }}-master --env-file=/etc/sysconfig/{{ openshift.common.service_type }}-master -v {{ openshift.common.data_dir }}:{{ openshift.common.data_dir }} -v /var/log:/var/log -v /var/run/docker.sock:/var/run/docker.sock -v {{ openshift.common.config_base }}:{{ openshift.common.config_base }} {% if openshift_cloudprovider_kind | default('') != '' -%} -v {{ openshift.common.config_base }}/cloudprovider:{{ openshift.common.config_base}}/cloudprovider {% endif -%} {{ openshift.master.master_image }}:${IMAGE_VERSION} start master --config=${CONFIG_FILE} $OPTIONS
+ExecStart=/usr/bin/docker run --rm --privileged --net=host --name {{ openshift.common.service_type }}-master --env-file=/etc/sysconfig/{{ openshift.common.service_type }}-master -v {{ openshift.common.data_dir }}:{{ openshift.common.data_dir }} -v /var/log:/var/log -v /var/run/docker.sock:/var/run/docker.sock -v {{ openshift.common.config_base }}:{{ openshift.common.config_base }} {% if openshift_cloudprovider_kind | default('') != '' -%} -v {{ openshift.common.config_base }}/cloudprovider:{{ openshift.common.config_base}}/cloudprovider {% endif -%} -v /etc/pki:/etc/pki:ro {{ openshift.master.master_image }}:${IMAGE_VERSION} start master --config=${CONFIG_FILE} $OPTIONS
ExecStartPost=/usr/bin/sleep 10
ExecStop=/usr/bin/docker stop {{ openshift.common.service_type }}-master
Restart=always
diff --git a/roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.j2 b/roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.j2
index c484d23cc..c05a27559 100644
--- a/roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.j2
+++ b/roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.j2
@@ -1,5 +1,8 @@
OPTIONS=--loglevel={{ openshift.master.debug_level }} --listen={{ 'https' if openshift.master.api_use_ssl else 'http' }}://{{ openshift.master.bind_addr }}:{{ openshift.master.api_port }} --master={{ openshift.master.loopback_api_url }}
CONFIG_FILE={{ openshift_master_config_file }}
+{% if openshift_push_via_dns | default(false) %}
+OPENSHIFT_DEFAULT_REGISTRY=docker-registry.default.svc:5000
+{% endif %}
{% if openshift.common.is_containerized | bool %}
IMAGE_VERSION={{ openshift_image_tag }}
{% endif %}
diff --git a/roles/openshift_master/templates/native-cluster/atomic-openshift-master-controllers.j2 b/roles/openshift_master/templates/native-cluster/atomic-openshift-master-controllers.j2
index e0adbbf52..a153fb33d 100644
--- a/roles/openshift_master/templates/native-cluster/atomic-openshift-master-controllers.j2
+++ b/roles/openshift_master/templates/native-cluster/atomic-openshift-master-controllers.j2
@@ -1,5 +1,8 @@
OPTIONS=--loglevel={{ openshift.master.debug_level }} --listen={{ 'https' if openshift.master.api_use_ssl else 'http' }}://{{ openshift.master.bind_addr }}:{{ openshift.master.controllers_port }}
CONFIG_FILE={{ openshift_master_config_file }}
+{% if openshift_push_via_dns | default(false) %}
+OPENSHIFT_DEFAULT_REGISTRY=docker-registry.default.svc:5000
+{% endif %}
{% if openshift.common.is_containerized | bool %}
IMAGE_VERSION={{ openshift_image_tag }}
{% endif %}
diff --git a/roles/openshift_master_certificates/tasks/main.yml b/roles/openshift_master_certificates/tasks/main.yml
index 62413536b..d9ffb1b6f 100644
--- a/roles/openshift_master_certificates/tasks/main.yml
+++ b/roles/openshift_master_certificates/tasks/main.yml
@@ -74,10 +74,10 @@
- name: Generate the loopback master client config
command: >
{{ hostvars[openshift_ca_host].openshift.common.client_binary }} adm create-api-client-config
+ --certificate-authority={{ openshift_ca_cert }}
{% for named_ca_certificate in openshift.master.named_certificates | default([]) | oo_collect('cafile') %}
--certificate-authority {{ named_ca_certificate }}
{% endfor %}
- --certificate-authority={{ openshift_ca_cert }}
--client-dir={{ openshift_generated_configs_dir }}/master-{{ hostvars[item].openshift.common.hostname }}
--groups=system:masters,system:openshift-master
--master={{ hostvars[item].openshift.master.loopback_api_url }}
diff --git a/roles/openshift_metrics/defaults/main.yaml b/roles/openshift_metrics/defaults/main.yaml
index ba50566e9..c34936930 100644
--- a/roles/openshift_metrics/defaults/main.yaml
+++ b/roles/openshift_metrics/defaults/main.yaml
@@ -16,7 +16,7 @@ openshift_metrics_hawkular_nodeselector: ""
openshift_metrics_cassandra_replicas: 1
openshift_metrics_cassandra_storage_type: "{{ openshift_hosted_metrics_storage_kind | default('emptydir') }}"
openshift_metrics_cassandra_pvc_size: "{{ openshift_hosted_metrics_storage_volume_size | default('10Gi') }}"
-openshift_metrics_cassandra_pv_selector: "{{ openshift_hosted_metrics_storage_labels | default(null) }}"
+openshift_metrics_cassandra_pv_selector: "{{ openshift_hosted_metrics_storage_labels | default('') }}"
openshift_metrics_cassandra_limits_memory: 2G
openshift_metrics_cassandra_limits_cpu: null
openshift_metrics_cassandra_requests_memory: 1G
diff --git a/roles/openshift_metrics/tasks/generate_hawkular_certificates.yaml b/roles/openshift_metrics/tasks/generate_hawkular_certificates.yaml
index 7b81b3c10..31129a6ac 100644
--- a/roles/openshift_metrics/tasks/generate_hawkular_certificates.yaml
+++ b/roles/openshift_metrics/tasks/generate_hawkular_certificates.yaml
@@ -17,14 +17,16 @@
local_action: copy dest="{{ local_tmp.stdout }}/{{ item }}.pwd" content="{{ 15 | oo_random_word }}"
with_items:
- hawkular-metrics
+ become: false
- local_action: slurp src="{{ local_tmp.stdout }}/hawkular-metrics.pwd"
register: hawkular_metrics_pwd
no_log: true
+ become: false
- name: generate htpasswd file for hawkular metrics
local_action: htpasswd path="{{ local_tmp.stdout }}/hawkular-metrics.htpasswd" name=hawkular password="{{ hawkular_metrics_pwd.content | b64decode }}"
- no_log: true
+ become: false
- name: copy local generated passwords to target
copy:
diff --git a/roles/openshift_metrics/tasks/generate_rolebindings.yaml b/roles/openshift_metrics/tasks/generate_rolebindings.yaml
index e050c8eb2..1304ab8b5 100644
--- a/roles/openshift_metrics/tasks/generate_rolebindings.yaml
+++ b/roles/openshift_metrics/tasks/generate_rolebindings.yaml
@@ -13,3 +13,27 @@
- kind: ServiceAccount
name: hawkular
changed_when: no
+
+- name: generate hawkular-metrics cluster role binding for the hawkular service account
+ template:
+ src: rolebinding.j2
+ dest: "{{ mktemp.stdout }}/templates/hawkular-cluster-rolebinding.yaml"
+ vars:
+ cluster: True
+ obj_name: hawkular-namespace-watcher
+ labels:
+ metrics-infra: hawkular
+ roleRef:
+ kind: ClusterRole
+ name: hawkular-metrics
+ subjects:
+ - kind: ServiceAccount
+ name: hawkular
+ namespace: "{{openshift_metrics_project}}"
+ changed_when: no
+
+- name: generate the hawkular cluster role
+ template:
+ src: hawkular_metrics_role.j2
+ dest: "{{ mktemp.stdout }}/templates/hawkular-cluster-role.yaml"
+ changed_when: no
diff --git a/roles/openshift_metrics/tasks/install_cassandra.yaml b/roles/openshift_metrics/tasks/install_cassandra.yaml
index 62b7f52cb..7928a0346 100644
--- a/roles/openshift_metrics/tasks/install_cassandra.yaml
+++ b/roles/openshift_metrics/tasks/install_cassandra.yaml
@@ -36,6 +36,7 @@
access_modes: "{{ openshift_metrics_cassandra_pvc_access | list }}"
size: "{{ openshift_metrics_cassandra_pvc_size }}"
pv_selector: "{{ openshift_metrics_cassandra_pv_selector }}"
+ storage_class_name: "{{ openshift_metrics_cassanda_pvc_storage_class_name | default('', true) }}"
with_sequence: count={{ openshift_metrics_cassandra_replicas }}
when:
- openshift_metrics_cassandra_storage_type != 'emptydir'
@@ -50,8 +51,6 @@
obj_name: "{{ openshift_metrics_cassandra_pvc_prefix }}-{{ item }}"
labels:
metrics-infra: hawkular-cassandra
- annotations:
- volume.beta.kubernetes.io/storage-class: dynamic
access_modes: "{{ openshift_metrics_cassandra_pvc_access | list }}"
size: "{{ openshift_metrics_cassandra_pvc_size }}"
pv_selector: "{{ openshift_metrics_cassandra_pv_selector }}"
diff --git a/roles/openshift_metrics/tasks/install_hosa.yaml b/roles/openshift_metrics/tasks/install_hosa.yaml
index cc533a68b..7c9bc26d0 100644
--- a/roles/openshift_metrics/tasks/install_hosa.yaml
+++ b/roles/openshift_metrics/tasks/install_hosa.yaml
@@ -28,7 +28,7 @@
- name: Generate role binding for the hawkular-openshift-agent service account
template:
src: rolebinding.j2
- dest: "{{ mktemp.stdout }}/templates/metrics-hawkular-agent-rolebinding.yaml"
+ dest: "{{ mktemp.stdout }}/templates/metrics-hawkular-openshift-agent-rolebinding.yaml"
vars:
cluster: True
obj_name: hawkular-openshift-agent-rb
diff --git a/roles/openshift_metrics/tasks/install_support.yaml b/roles/openshift_metrics/tasks/install_support.yaml
index 5cefb273d..584e3be05 100644
--- a/roles/openshift_metrics/tasks/install_support.yaml
+++ b/roles/openshift_metrics/tasks/install_support.yaml
@@ -4,6 +4,7 @@
register: htpasswd_check
failed_when: no
changed_when: no
+ become: false
- fail: msg="'htpasswd' is unavailable. Please install httpd-tools on the control node"
when: htpasswd_check.rc == 1
@@ -13,6 +14,7 @@
register: keytool_check
failed_when: no
changed_when: no
+ become: false
- fail: msg="'keytool' is unavailable. Please install java-1.8.0-openjdk-headless on the control node"
when: keytool_check.rc == 1
diff --git a/roles/openshift_metrics/tasks/main.yaml b/roles/openshift_metrics/tasks/main.yaml
index 0b5f23c24..eaabdd20f 100644
--- a/roles/openshift_metrics/tasks/main.yaml
+++ b/roles/openshift_metrics/tasks/main.yaml
@@ -1,6 +1,7 @@
---
- local_action: shell python -c 'import passlib' 2>/dev/null || echo not installed
register: passlib_result
+ become: false
- name: Check that python-passlib is available on the control host
assert:
@@ -52,3 +53,4 @@
tags: metrics_cleanup
changed_when: False
check_mode: no
+ become: false
diff --git a/roles/openshift_metrics/tasks/uninstall_metrics.yaml b/roles/openshift_metrics/tasks/uninstall_metrics.yaml
index 9a5d52eb6..403b1252c 100644
--- a/roles/openshift_metrics/tasks/uninstall_metrics.yaml
+++ b/roles/openshift_metrics/tasks/uninstall_metrics.yaml
@@ -6,7 +6,7 @@
command: >
{{ openshift.common.client_binary }} -n {{ openshift_metrics_project }} --config={{ mktemp.stdout }}/admin.kubeconfig
delete --ignore-not-found --selector=metrics-infra
- all,sa,secrets,templates,routes,pvc,rolebindings,clusterrolebindings
+ all,sa,secrets,templates,routes,pvc,rolebindings,clusterrolebindings,clusterrole
register: delete_metrics
changed_when: delete_metrics.stdout != 'No resources found'
@@ -16,4 +16,5 @@
delete --ignore-not-found
rolebinding/hawkular-view
clusterrolebinding/heapster-cluster-reader
+ clusterrolebinding/hawkular-metrics
changed_when: delete_metrics.stdout != 'No resources found'
diff --git a/roles/openshift_metrics/templates/hawkular_metrics_role.j2 b/roles/openshift_metrics/templates/hawkular_metrics_role.j2
new file mode 100644
index 000000000..6c9dbf5d6
--- /dev/null
+++ b/roles/openshift_metrics/templates/hawkular_metrics_role.j2
@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: ClusterRole
+metadata:
+ name: hawkular-metrics
+ labels:
+ metrics-infra: hawkular-metrics
+rules:
+- apiGroups:
+ - ""
+ resources:
+ - namespaces
+ verbs:
+ - list
+ - get
+ - watch
diff --git a/roles/openshift_metrics/templates/pvc.j2 b/roles/openshift_metrics/templates/pvc.j2
index 0b801b33f..b4e6a1503 100644
--- a/roles/openshift_metrics/templates/pvc.j2
+++ b/roles/openshift_metrics/templates/pvc.j2
@@ -32,3 +32,6 @@ spec:
resources:
requests:
storage: {{size}}
+{% if storage_class_name is defined %}
+ storageClassName: {{ storage_class_name }}
+{% endif %}
diff --git a/roles/openshift_metrics/templates/route.j2 b/roles/openshift_metrics/templates/route.j2
index 08ca87288..423ab54a3 100644
--- a/roles/openshift_metrics/templates/route.j2
+++ b/roles/openshift_metrics/templates/route.j2
@@ -17,7 +17,7 @@ spec:
tls:
termination: {{ tls.termination }}
{% if tls.ca_certificate is defined and tls.ca_certificate | length > 0 %}
- CACertificate: |
+ caCertificate: |
{{ tls.ca_certificate|indent(6, true) }}
{% endif %}
{% if tls.key is defined and tls.key | length > 0 %}
diff --git a/roles/openshift_named_certificates/filter_plugins/openshift_named_certificates.py b/roles/openshift_named_certificates/filter_plugins/openshift_named_certificates.py
new file mode 100644
index 000000000..6ed6d404c
--- /dev/null
+++ b/roles/openshift_named_certificates/filter_plugins/openshift_named_certificates.py
@@ -0,0 +1,21 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+'''
+Custom filters for use with openshift named certificates
+'''
+
+
+class FilterModule(object):
+ ''' Custom ansible filters for use with openshift named certificates'''
+
+ @staticmethod
+ def oo_named_certificates_list(named_certificates):
+ ''' Returns named certificates list with correct fields for the master
+ config file.'''
+ return [{'certFile': named_certificate['certfile'],
+ 'keyFile': named_certificate['keyfile'],
+ 'names': named_certificate['names']} for named_certificate in named_certificates]
+
+ def filters(self):
+ ''' returns a mapping of filters to methods '''
+ return {"oo_named_certificates_list": self.oo_named_certificates_list}
diff --git a/roles/openshift_node/defaults/main.yml b/roles/openshift_node/defaults/main.yml
index 5904ca9bc..47073ee0f 100644
--- a/roles/openshift_node/defaults/main.yml
+++ b/roles/openshift_node/defaults/main.yml
@@ -8,7 +8,7 @@ os_firewall_allow:
port: 443/tcp
- service: OpenShift OVS sdn
port: 4789/udp
- when: openshift.common.use_openshift_sdn | bool
+ when: openshift.common.use_openshift_sdn | default(true) | bool
- service: Calico BGP Port
port: 179/tcp
when: openshift.common.use_calico | bool
diff --git a/roles/openshift_node/handlers/main.yml b/roles/openshift_node/handlers/main.yml
index a6bd12d4e..f2c45a4bd 100644
--- a/roles/openshift_node/handlers/main.yml
+++ b/roles/openshift_node/handlers/main.yml
@@ -3,10 +3,15 @@
systemd:
name: openvswitch
state: restarted
- when: (not skip_node_svc_handlers | default(False) | bool) and not (ovs_service_status_changed | default(false) | bool) and openshift.common.use_openshift_sdn | bool
+ when: (not skip_node_svc_handlers | default(False) | bool) and not (ovs_service_status_changed | default(false) | bool) and openshift.common.use_openshift_sdn | default(true) | bool
+ register: l_openshift_node_stop_openvswitch_result
+ until: not l_openshift_node_stop_openvswitch_result | failed
+ retries: 3
+ delay: 30
notify:
- restart openvswitch pause
+
- name: restart openvswitch pause
pause: seconds=15
when: (not skip_node_svc_handlers | default(False) | bool) and openshift.common.is_containerized | bool
@@ -15,7 +20,13 @@
systemd:
name: "{{ openshift.common.service_type }}-node"
state: restarted
- when: (not skip_node_svc_handlers | default(False) | bool) and not (node_service_status_changed | default(false) | bool)
+ register: l_openshift_node_restart_node_result
+ until: not l_openshift_node_restart_node_result | failed
+ retries: 3
+ delay: 30
+ when:
+ - (not skip_node_svc_handlers | default(False) | bool)
+ - not (node_service_status_changed | default(false) | bool)
- name: reload sysctl.conf
command: /sbin/sysctl -p
diff --git a/roles/openshift_node/meta/main.yml b/roles/openshift_node/meta/main.yml
index 3b7e8126a..e19d82ddc 100644
--- a/roles/openshift_node/meta/main.yml
+++ b/roles/openshift_node/meta/main.yml
@@ -30,7 +30,7 @@ dependencies:
os_firewall_allow:
- service: OpenShift OVS sdn
port: 4789/udp
- when: openshift.common.use_openshift_sdn | bool
+ when: openshift.common.use_openshift_sdn | default(true) | bool
- role: os_firewall
os_firewall_allow:
- service: Calico BGP Port
diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml
index 573051504..8b4931e7c 100644
--- a/roles/openshift_node/tasks/main.yml
+++ b/roles/openshift_node/tasks/main.yml
@@ -90,7 +90,9 @@
package:
name: "{{ openshift.common.service_type }}-sdn-ovs{{ openshift_pkg_version | oo_image_tag_to_rpm_version(include_dash=True) }}"
state: present
- when: openshift.common.use_openshift_sdn and not openshift.common.is_containerized | bool
+ when:
+ - openshift.common.use_openshift_sdn | default(true) | bool
+ - not openshift.common.is_containerized | bool
- name: Install conntrack-tools package
package:
@@ -118,8 +120,14 @@
name: openvswitch.service
enabled: yes
state: started
- when: openshift.common.is_containerized | bool and openshift.common.use_openshift_sdn | bool
+ daemon_reload: yes
+ when:
+ - openshift.common.is_containerized | bool
+ - openshift.common.use_openshift_sdn | default(true) | bool
register: ovs_start_result
+ until: not ovs_start_result | failed
+ retries: 3
+ delay: 30
- set_fact:
ovs_service_status_changed: "{{ ovs_start_result | changed }}"
@@ -212,15 +220,27 @@
state: started
when: openshift.common.is_containerized | bool
+
- name: Start and enable node
systemd:
name: "{{ openshift.common.service_type }}-node"
enabled: yes
state: started
+ daemon_reload: yes
register: node_start_result
until: not node_start_result | failed
retries: 1
delay: 30
+ ignore_errors: true
+
+- name: Dump logs from node service if it failed
+ command: journalctl --no-pager -n 100 -u {{ openshift.common.service_type }}-node
+ when: node_start_result | failed
+
+- name: Abort if node failed to start
+ fail:
+ msg: Node failed to start please inspect the logs and try again
+ when: node_start_result | failed
- set_fact:
node_service_status_changed: "{{ node_start_result | changed }}"
diff --git a/roles/openshift_node/tasks/openvswitch_system_container.yml b/roles/openshift_node/tasks/openvswitch_system_container.yml
index 8cfa5a026..c8d653880 100644
--- a/roles/openshift_node/tasks/openvswitch_system_container.yml
+++ b/roles/openshift_node/tasks/openvswitch_system_container.yml
@@ -10,3 +10,5 @@
name: openvswitch
image: "{{ openshift.common.system_images_registry }}/{{ openshift.node.ovs_system_image }}:{{ openshift_image_tag }}"
state: latest
+ values:
+ - "DOCKER_SERVICE={{ openshift.docker.service_name }}.service"
diff --git a/roles/openshift_node/tasks/storage_plugins/glusterfs.yml b/roles/openshift_node/tasks/storage_plugins/glusterfs.yml
index 7d8c42ee2..1b8a7ad50 100644
--- a/roles/openshift_node/tasks/storage_plugins/glusterfs.yml
+++ b/roles/openshift_node/tasks/storage_plugins/glusterfs.yml
@@ -3,30 +3,52 @@
package: name=glusterfs-fuse state=present
when: not openshift.common.is_atomic | bool
-- name: Check for existence of virt_use_fusefs seboolean
- command: getsebool virt_use_fusefs
- register: virt_use_fusefs_output
- when: ansible_selinux and ansible_selinux.status == "enabled"
+- name: Check for existence of fusefs sebooleans
+ command: getsebool {{ item }}
+ register: fusefs_getsebool_status
+ when:
+ - ansible_selinux
+ - ansible_selinux.status == "enabled"
failed_when: false
changed_when: false
+ with_items:
+ - virt_use_fusefs
+ - virt_sandbox_use_fusefs
- name: Set seboolean to allow gluster storage plugin access from containers
seboolean:
- name: virt_use_fusefs
+ name: "{{ item.item }}"
state: yes
persistent: yes
- when: ansible_selinux and ansible_selinux.status == "enabled" and virt_use_fusefs_output.rc == 0
+ when:
+ - ansible_selinux
+ - ansible_selinux.status == "enabled"
+ - item.rc == 0
+ # We need to detect whether or not the boolean is an alias, since `seboolean`
+ # will error if it is an alias. We do this by inspecting stdout for the boolean name,
+ # since getsebool prints the resolved name. (At some point Ansible's seboolean module
+ # should learn to deal with aliases)
+ - item.item in item.stdout # Boolean does not have an alias.
+ - ansible_python_version | version_compare('3', '<')
+ with_items: "{{ fusefs_getsebool_status.results }}"
-- name: Check for existence of virt_sandbox_use_fusefs seboolean
- command: getsebool virt_sandbox_use_fusefs
- register: virt_sandbox_use_fusefs_output
- when: ansible_selinux and ansible_selinux.status == "enabled"
- failed_when: false
- changed_when: false
-
-- name: Set seboolean to allow gluster storage plugin access from containers(sandbox)
- seboolean:
- name: virt_sandbox_use_fusefs
- state: yes
- persistent: yes
- when: ansible_selinux and ansible_selinux.status == "enabled" and virt_sandbox_use_fusefs_output.rc == 0
+# Workaround for https://github.com/openshift/openshift-ansible/issues/4438
+# Use command module rather than seboolean module to set GlusterFS booleans.
+# TODO: Remove this task and the ansible_python_version comparison in
+# the previous task when the problem has been addressed in current
+# ansible release.
+- name: Set seboolean to allow gluster storage plugin access from containers (python 3)
+ command: >
+ setsebool -P {{ item.item }} on
+ when:
+ - ansible_selinux
+ - ansible_selinux.status == "enabled"
+ - item.rc == 0
+ # We need to detect whether or not the boolean is an alias, since `seboolean`
+ # will error if it is an alias. We do this by inspecting stdout for the boolean name,
+ # since getsebool prints the resolved name. (At some point Ansible's seboolean module
+ # should learn to deal with aliases)
+ - item.item in item.stdout # Boolean does not have an alias.
+ - ('--> off' in item.stdout) # Boolean is currently off.
+ - ansible_python_version | version_compare('3', '>=')
+ with_items: "{{ fusefs_getsebool_status.results }}"
diff --git a/roles/openshift_node/tasks/storage_plugins/nfs.yml b/roles/openshift_node/tasks/storage_plugins/nfs.yml
index d40ae66cb..7e1035893 100644
--- a/roles/openshift_node/tasks/storage_plugins/nfs.yml
+++ b/roles/openshift_node/tasks/storage_plugins/nfs.yml
@@ -3,24 +3,52 @@
package: name=nfs-utils state=present
when: not openshift.common.is_atomic | bool
-- name: Check for existence of seboolean
+- name: Check for existence of nfs sebooleans
command: getsebool {{ item }}
- register: getsebool_status
- when: ansible_selinux and ansible_selinux.status == "enabled"
+ register: nfs_getsebool_status
+ when:
+ - ansible_selinux
+ - ansible_selinux.status == "enabled"
failed_when: false
changed_when: false
with_items:
- - virt_use_nfs
- - virt_sandbox_use_nfs
+ - virt_use_nfs
+ - virt_sandbox_use_nfs
- name: Set seboolean to allow nfs storage plugin access from containers
seboolean:
name: "{{ item.item }}"
state: yes
persistent: yes
+ when:
+ - ansible_selinux
+ - ansible_selinux.status == "enabled"
+ - item.rc == 0
# We need to detect whether or not the boolean is an alias, since `seboolean`
# will error if it is an alias. We do this by inspecting stdout for the boolean name,
# since getsebool prints the resolved name. (At some point Ansible's seboolean module
# should learn to deal with aliases)
- when: ansible_selinux and ansible_selinux.status == "enabled" and item.rc == 0 and item.stdout.find(item.item) != -1
- with_items: "{{ getsebool_status.results }}"
+ - item.item in item.stdout # Boolean does not have an alias.
+ - ansible_python_version | version_compare('3', '<')
+ with_items: "{{ nfs_getsebool_status.results }}"
+
+# Workaround for https://github.com/openshift/openshift-ansible/issues/4438
+# Use command module rather than seboolean module to set NFS booleans.
+# TODO: Remove this task and the ansible_python_version comparison in
+# the previous task when the problem has been addressed in current
+# ansible release.
+- name: Set seboolean to allow nfs storage plugin access from containers (python 3)
+ command: >
+ setsebool -P {{ item.item }} on
+ when:
+ - ansible_selinux
+ - ansible_selinux.status == "enabled"
+ - item.rc == 0
+ # We need to detect whether or not the boolean is an alias, since `seboolean`
+ # will error if it is an alias. We do this by inspecting stdout for the boolean name,
+ # since getsebool prints the resolved name. (At some point Ansible's seboolean module
+ # should learn to deal with aliases)
+ - item.item in item.stdout # Boolean does not have an alias.
+ - ('--> off' in item.stdout) # Boolean is currently off.
+ - ansible_python_version | version_compare('3', '>=')
+ with_items: "{{ nfs_getsebool_status.results }}"
diff --git a/roles/openshift_node/tasks/systemd_units.yml b/roles/openshift_node/tasks/systemd_units.yml
index e3ce5df3d..2ccc28461 100644
--- a/roles/openshift_node/tasks/systemd_units.yml
+++ b/roles/openshift_node/tasks/systemd_units.yml
@@ -34,7 +34,7 @@
- name: Install Node service file
template:
dest: "/etc/systemd/system/{{ openshift.common.service_type }}-node.service"
- src: "{{ openshift.common.service_type }}-node.service.j2"
+ src: "node.service.j2"
register: install_node_result
when: not openshift.common.is_containerized | bool
notify:
diff --git a/roles/openshift_node/templates/atomic-openshift-node.service.j2 b/roles/openshift_node/templates/atomic-openshift-node.service.j2
deleted file mode 100644
index 80232094a..000000000
--- a/roles/openshift_node/templates/atomic-openshift-node.service.j2
+++ /dev/null
@@ -1,22 +0,0 @@
-[Unit]
-Description=Atomic OpenShift Node
-After={{ openshift.docker.service_name }}.service
-After=openvswitch.service
-Wants={{ openshift.docker.service_name }}.service
-Documentation=https://github.com/openshift/origin
-
-[Service]
-Type=notify
-EnvironmentFile=/etc/sysconfig/atomic-openshift-node
-Environment=GOTRACEBACK=crash
-ExecStart=/usr/bin/openshift start node --config=${CONFIG_FILE} $OPTIONS
-LimitNOFILE=65536
-LimitCORE=infinity
-WorkingDirectory=/var/lib/origin/
-SyslogIdentifier=atomic-openshift-node
-Restart=always
-RestartSec=5s
-OOMScoreAdjust=-999
-
-[Install]
-WantedBy=multi-user.target
diff --git a/roles/openshift_node/templates/node.service.j2 b/roles/openshift_node/templates/node.service.j2
new file mode 100644
index 000000000..e12a52c15
--- /dev/null
+++ b/roles/openshift_node/templates/node.service.j2
@@ -0,0 +1,31 @@
+[Unit]
+Description=OpenShift Node
+After={{ openshift.docker.service_name }}.service
+Wants=openvswitch.service
+After=ovsdb-server.service
+After=ovs-vswitchd.service
+Wants={{ openshift.docker.service_name }}.service
+Documentation=https://github.com/openshift/origin
+Requires=dnsmasq.service
+After=dnsmasq.service
+
+[Service]
+Type=notify
+EnvironmentFile=/etc/sysconfig/{{ openshift.common.service_type }}-node
+Environment=GOTRACEBACK=crash
+ExecStartPre=/usr/bin/cp /etc/origin/node/node-dnsmasq.conf /etc/dnsmasq.d/
+ExecStartPre=/usr/bin/dbus-send --system --dest=uk.org.thekelleys.dnsmasq /uk/org/thekelleys/dnsmasq uk.org.thekelleys.SetDomainServers array:string:/in-addr.arpa/127.0.0.1,/{{ openshift.common.dns_domain }}/127.0.0.1
+ExecStopPost=/usr/bin/rm /etc/dnsmasq.d/node-dnsmasq.conf
+ExecStopPost=/usr/bin/dbus-send --system --dest=uk.org.thekelleys.dnsmasq /uk/org/thekelleys/dnsmasq uk.org.thekelleys.SetDomainServers array:string:
+ExecStart=/usr/bin/openshift start node --config=${CONFIG_FILE} $OPTIONS
+LimitNOFILE=65536
+LimitCORE=infinity
+WorkingDirectory=/var/lib/origin/
+SyslogIdentifier={{ openshift.common.service_type }}-node
+Restart=always
+RestartSec=5s
+TimeoutStartSec=300
+OOMScoreAdjust=-999
+
+[Install]
+WantedBy=multi-user.target
diff --git a/roles/openshift_node/templates/node.yaml.v1.j2 b/roles/openshift_node/templates/node.yaml.v1.j2
index f2f929232..351c8c9f6 100644
--- a/roles/openshift_node/templates/node.yaml.v1.j2
+++ b/roles/openshift_node/templates/node.yaml.v1.j2
@@ -1,5 +1,9 @@
allowDisabledDocker: false
apiVersion: v1
+{% if openshift.common.version_gte_3_6 %}
+dnsBindAddress: 127.0.0.1:53
+dnsRecursiveResolvConf: /etc/origin/node/resolv.conf
+{% endif %}
dnsDomain: {{ openshift.common.dns_domain }}
{% if 'dns_ip' in openshift.node %}
dnsIP: {{ openshift.node.dns_ip }}
diff --git a/roles/openshift_node/templates/openshift.docker.node.service b/roles/openshift_node/templates/openshift.docker.node.service
index d89b64b06..639b6f6c8 100644
--- a/roles/openshift_node/templates/openshift.docker.node.service
+++ b/roles/openshift_node/templates/openshift.docker.node.service
@@ -12,14 +12,20 @@ After=ovs-vswitchd.service
Wants={{ openshift.common.service_type }}-master.service
Requires={{ openshift.common.service_type }}-node-dep.service
After={{ openshift.common.service_type }}-node-dep.service
+Requires=dnsmasq.service
+After=dnsmasq.service
[Service]
EnvironmentFile=/etc/sysconfig/{{ openshift.common.service_type }}-node
EnvironmentFile=/etc/sysconfig/{{ openshift.common.service_type }}-node-dep
ExecStartPre=-/usr/bin/docker rm -f {{ openshift.common.service_type }}-node
-ExecStart=/usr/bin/docker run --name {{ openshift.common.service_type }}-node --rm --privileged --net=host --pid=host --env-file=/etc/sysconfig/{{ openshift.common.service_type }}-node -v /:/rootfs:ro,rslave -e CONFIG_FILE=${CONFIG_FILE} -e OPTIONS=${OPTIONS} -e HOST=/rootfs -e HOST_ETC=/host-etc -v {{ openshift.common.data_dir }}:{{ openshift.common.data_dir }}{{ ':rslave' if openshift.docker.gte_1_10 | default(False) | bool else '' }} -v {{ openshift.common.config_base }}/node:{{ openshift.common.config_base }}/node {% if openshift_cloudprovider_kind | default('') != '' -%} -v {{ openshift.common.config_base }}/cloudprovider:{{ openshift.common.config_base}}/cloudprovider {% endif -%} -v /etc/localtime:/etc/localtime:ro -v /etc/machine-id:/etc/machine-id:ro -v /run:/run -v /sys:/sys:rw -v /sys/fs/cgroup:/sys/fs/cgroup:rw -v /usr/bin/docker:/usr/bin/docker:ro -v /var/lib/docker:/var/lib/docker -v /lib/modules:/lib/modules -v /etc/origin/openvswitch:/etc/openvswitch -v /etc/origin/sdn:/etc/openshift-sdn -v /var/lib/cni:/var/lib/cni -v /etc/systemd/system:/host-etc/systemd/system -v /var/log:/var/log -v /dev:/dev $DOCKER_ADDTL_BIND_MOUNTS {{ openshift.node.node_image }}:${IMAGE_VERSION}
+ExecStartPre=/usr/bin/cp /etc/origin/node/node-dnsmasq.conf /etc/dnsmasq.d/
+ExecStartPre=/usr/bin/dbus-send --system --dest=uk.org.thekelleys.dnsmasq /uk/org/thekelleys/dnsmasq uk.org.thekelleys.SetDomainServers array:string:/in-addr.arpa/127.0.0.1,/{{ openshift.common.dns_domain }}/127.0.0.1
+ExecStart=/usr/bin/docker run --name {{ openshift.common.service_type }}-node --rm --privileged --net=host --pid=host --env-file=/etc/sysconfig/{{ openshift.common.service_type }}-node -v /:/rootfs:ro,rslave -e CONFIG_FILE=${CONFIG_FILE} -e OPTIONS=${OPTIONS} -e HOST=/rootfs -e HOST_ETC=/host-etc -v {{ openshift.common.data_dir }}:{{ openshift.common.data_dir }}{{ ':rslave' if openshift.docker.gte_1_10 | default(False) | bool else '' }} -v {{ openshift.common.config_base }}/node:{{ openshift.common.config_base }}/node {% if openshift_cloudprovider_kind | default('') != '' -%} -v {{ openshift.common.config_base }}/cloudprovider:{{ openshift.common.config_base}}/cloudprovider {% endif -%} -v /etc/localtime:/etc/localtime:ro -v /etc/machine-id:/etc/machine-id:ro -v /run:/run -v /sys:/sys:rw -v /sys/fs/cgroup:/sys/fs/cgroup:rw -v /usr/bin/docker:/usr/bin/docker:ro -v /var/lib/docker:/var/lib/docker -v /lib/modules:/lib/modules -v /etc/origin/openvswitch:/etc/openvswitch -v /etc/origin/sdn:/etc/openshift-sdn -v /var/lib/cni:/var/lib/cni -v /etc/systemd/system:/host-etc/systemd/system -v /var/log:/var/log -v /dev:/dev $DOCKER_ADDTL_BIND_MOUNTS -v /etc/pki:/etc/pki:ro {{ openshift.node.node_image }}:${IMAGE_VERSION}
ExecStartPost=/usr/bin/sleep 10
ExecStop=/usr/bin/docker stop {{ openshift.common.service_type }}-node
+ExecStopPost=/usr/bin/rm /etc/dnsmasq.d/node-dnsmasq.conf
+ExecStopPost=/usr/bin/dbus-send --system --dest=uk.org.thekelleys.dnsmasq /uk/org/thekelleys/dnsmasq uk.org.thekelleys.SetDomainServers array:string:
SyslogIdentifier={{ openshift.common.service_type }}-node
Restart=always
RestartSec=5s
diff --git a/roles/openshift_node/templates/origin-node.service.j2 b/roles/openshift_node/templates/origin-node.service.j2
deleted file mode 100644
index 8047301e6..000000000
--- a/roles/openshift_node/templates/origin-node.service.j2
+++ /dev/null
@@ -1,21 +0,0 @@
-[Unit]
-Description=Origin Node
-After={{ openshift.docker.service_name }}.service
-Wants={{ openshift.docker.service_name }}.service
-Documentation=https://github.com/openshift/origin
-
-[Service]
-Type=notify
-EnvironmentFile=/etc/sysconfig/origin-node
-Environment=GOTRACEBACK=crash
-ExecStart=/usr/bin/openshift start node --config=${CONFIG_FILE} $OPTIONS
-LimitNOFILE=65536
-LimitCORE=infinity
-WorkingDirectory=/var/lib/origin/
-SyslogIdentifier=origin-node
-Restart=always
-RestartSec=5s
-OOMScoreAdjust=-999
-
-[Install]
-WantedBy=multi-user.target
diff --git a/roles/openshift_node_certificates/handlers/main.yml b/roles/openshift_node_certificates/handlers/main.yml
index 502f80434..4abe8bcaf 100644
--- a/roles/openshift_node_certificates/handlers/main.yml
+++ b/roles/openshift_node_certificates/handlers/main.yml
@@ -9,3 +9,7 @@
name: "{{ openshift.docker.service_name }}"
state: restarted
when: not openshift_certificates_redeploy | default(false) | bool
+ register: l_docker_restart_docker_in_cert_result
+ until: not l_docker_restart_docker_in_cert_result | failed
+ retries: 3
+ delay: 30
diff --git a/roles/openshift_node_dnsmasq/defaults/main.yml b/roles/openshift_node_dnsmasq/defaults/main.yml
new file mode 100644
index 000000000..ed97d539c
--- /dev/null
+++ b/roles/openshift_node_dnsmasq/defaults/main.yml
@@ -0,0 +1 @@
+---
diff --git a/roles/openshift_node_dnsmasq/files/networkmanager/99-origin-dns.sh b/roles/openshift_node_dnsmasq/files/networkmanager/99-origin-dns.sh
index 24798d3d2..4aab8f2e9 100755
--- a/roles/openshift_node_dnsmasq/files/networkmanager/99-origin-dns.sh
+++ b/roles/openshift_node_dnsmasq/files/networkmanager/99-origin-dns.sh
@@ -37,6 +37,8 @@ if [[ $2 =~ ^(up|dhcp4-change|dhcp6-change)$ ]]; then
UPSTREAM_DNS_TMP_SORTED=`mktemp`
CURRENT_UPSTREAM_DNS_SORTED=`mktemp`
NEW_RESOLV_CONF=`mktemp`
+ NEW_NODE_RESOLV_CONF=`mktemp`
+
######################################################################
# couldn't find an existing method to determine if the interface owns the
@@ -45,25 +47,29 @@ if [[ $2 =~ ^(up|dhcp4-change|dhcp6-change)$ ]]; then
def_route_int=$(/sbin/ip route get to ${def_route} | awk '{print $3}')
def_route_ip=$(/sbin/ip route get to ${def_route} | awk '{print $5}')
if [[ ${DEVICE_IFACE} == ${def_route_int} && \
- -n "${IP4_NAMESERVERS}" ]]; then
+ -n "${IP4_NAMESERVERS}" && \
+ "${IP4_NAMESERVERS}" != "${def_route_ip}" ]]; then
if [ ! -f /etc/dnsmasq.d/origin-dns.conf ]; then
cat << EOF > /etc/dnsmasq.d/origin-dns.conf
no-resolv
domain-needed
server=/cluster.local/172.30.0.1
server=/30.172.in-addr.arpa/172.30.0.1
+enable-dbus
EOF
# New config file, must restart
NEEDS_RESTART=1
fi
######################################################################
- # Generate a new origin dns config file
+ # Write out default nameservers for /etc/dnsmasq.d/origin-upstream-dns.conf
+ # and /etc/origin/node/resolv.conf in their respective formats
for ns in ${IP4_NAMESERVERS}; do
if [[ ! -z $ns ]]; then
- echo "server=${ns}"
+ echo "server=${ns}" >> $UPSTREAM_DNS_TMP
+ echo "nameserver ${ns}" >> $NEW_NODE_RESOLV_CONF
fi
- done > $UPSTREAM_DNS_TMP
+ done
# Sort it in case DNS servers arrived in a different order
sort $UPSTREAM_DNS_TMP > $UPSTREAM_DNS_TMP_SORTED
@@ -72,7 +78,6 @@ EOF
# Compare to the current config file (sorted)
NEW_DNS_SUM=`md5sum ${UPSTREAM_DNS_TMP_SORTED} | awk '{print $1}'`
CURRENT_DNS_SUM=`md5sum ${CURRENT_UPSTREAM_DNS_SORTED} | awk '{print $1}'`
-
if [ "${NEW_DNS_SUM}" != "${CURRENT_DNS_SUM}" ]; then
# DNS has changed, copy the temp file to the proper location (-Z
# sets default selinux context) and set the restart flag
@@ -80,6 +85,13 @@ EOF
NEEDS_RESTART=1
fi
+ # compare /etc/origin/node/resolv.conf checksum and replace it if different
+ NEW_NODE_RESOLV_CONF_MD5=`md5sum ${NEW_NODE_RESOLV_CONF}`
+ OLD_NODE_RESOLV_CONF_MD5=`md5sum /etc/origin/node/resolv.conf`
+ if [ "${NEW_NODE_RESOLV_CONF_MD5}" != "${OLD_NODE_RESOLV_CONF_MD5}" ]; then
+ cp -Z $NEW_NODE_RESOLV_CONF /etc/origin/node/resolv.conf
+ fi
+
if ! `systemctl -q is-active dnsmasq.service`; then
NEEDS_RESTART=1
fi
@@ -89,13 +101,17 @@ EOF
systemctl restart dnsmasq
fi
- # Only if dnsmasq is running properly make it our only nameserver
+ # Only if dnsmasq is running properly make it our only nameserver and place
+ # a watermark on /etc/resolv.conf
if `systemctl -q is-active dnsmasq.service`; then
- sed -e '/^nameserver.*$/d' /etc/resolv.conf > ${NEW_RESOLV_CONF}
- echo "nameserver "${def_route_ip}"" >> ${NEW_RESOLV_CONF}
- if ! grep -q '99-origin-dns.sh' ${NEW_RESOLV_CONF}; then
+ if ! grep -q '99-origin-dns.sh' /etc/resolv.conf; then
echo "# nameserver updated by /etc/NetworkManager/dispatcher.d/99-origin-dns.sh" >> ${NEW_RESOLV_CONF}
fi
+ sed -e '/^nameserver.*$/d' /etc/resolv.conf >> ${NEW_RESOLV_CONF}
+ echo "nameserver "${def_route_ip}"" >> ${NEW_RESOLV_CONF}
+ if ! grep -q 'search.*cluster.local' ${NEW_RESOLV_CONF}; then
+ sed -i '/^search/ s/$/ cluster.local/' ${NEW_RESOLV_CONF}
+ fi
cp -Z ${NEW_RESOLV_CONF} /etc/resolv.conf
fi
fi
diff --git a/roles/openshift_node_dnsmasq/tasks/main.yml b/roles/openshift_node_dnsmasq/tasks/main.yml
index 3311f7006..d0221a94b 100644
--- a/roles/openshift_node_dnsmasq/tasks/main.yml
+++ b/roles/openshift_node_dnsmasq/tasks/main.yml
@@ -14,6 +14,17 @@
package: name=dnsmasq state=installed
when: not openshift.common.is_atomic | bool
+# this file is copied to /etc/dnsmasq.d/ when the node starts and is removed
+# when the node stops. A dbus-message is sent to dnsmasq to add the same entries
+# so that dnsmasq doesn't need to be restarted. Once we can use dnsmasq 2.77 or
+# newer we can use --server-file option to update the servers dynamically and
+# reload them by sending dnsmasq a SIGHUP. We write the file in case someone else
+# triggers a restart of dnsmasq but not a node restart.
+- name: Install node-dnsmasq.conf
+ template:
+ src: node-dnsmasq.conf.j2
+ dest: /etc/origin/node/node-dnsmasq.conf
+
- name: Install dnsmasq configuration
template:
src: origin-dns.conf.j2
diff --git a/roles/openshift_node_dnsmasq/templates/node-dnsmasq.conf.j2 b/roles/openshift_node_dnsmasq/templates/node-dnsmasq.conf.j2
new file mode 100644
index 000000000..3caa3bd4a
--- /dev/null
+++ b/roles/openshift_node_dnsmasq/templates/node-dnsmasq.conf.j2
@@ -0,0 +1,2 @@
+server=/in-addr.arpa/127.0.0.1
+server=/{{ openshift.common.dns_domain }}/127.0.0.1
diff --git a/roles/openshift_node_dnsmasq/templates/origin-dns.conf.j2 b/roles/openshift_node_dnsmasq/templates/origin-dns.conf.j2
index 8bae9aaac..779b4d2f5 100644
--- a/roles/openshift_node_dnsmasq/templates/origin-dns.conf.j2
+++ b/roles/openshift_node_dnsmasq/templates/origin-dns.conf.j2
@@ -1,5 +1,7 @@
no-resolv
domain-needed
-server=/{{ openshift.common.dns_domain }}/{{ openshift.common.kube_svc_ip }}
no-negcache
max-cache-ttl=1
+enable-dbus
+bind-interfaces
+listen-address={{ ansible_default_ipv4.address }}
diff --git a/roles/openshift_node_upgrade/README.md b/roles/openshift_node_upgrade/README.md
index 66bce38ec..4e6229bfb 100644
--- a/roles/openshift_node_upgrade/README.md
+++ b/roles/openshift_node_upgrade/README.md
@@ -84,10 +84,16 @@ Including an example of how to use your role (for instance, with variables passe
command: >
{{ hostvars[groups.oo_first_master.0].openshift.common.admin_binary }} drain {{ openshift.node.nodename | lower }} --force --delete-local-data --ignore-daemonsets
delegate_to: "{{ groups.oo_first_master.0 }}"
+ register: l_docker_upgrade_drain_result
+ until: not l_docker_upgrade_drain_result | failed
+ retries: 60
+ delay: 60
+
roles:
- openshift_facts
- docker
+ - openshift_node_dnsmasq
- openshift_node_upgrade
post_tasks:
diff --git a/roles/openshift_node_upgrade/defaults/main.yml b/roles/openshift_node_upgrade/defaults/main.yml
new file mode 100644
index 000000000..ed97d539c
--- /dev/null
+++ b/roles/openshift_node_upgrade/defaults/main.yml
@@ -0,0 +1 @@
+---
diff --git a/roles/openshift_node_upgrade/handlers/main.yml b/roles/openshift_node_upgrade/handlers/main.yml
index cb51416d4..f26f5d573 100644
--- a/roles/openshift_node_upgrade/handlers/main.yml
+++ b/roles/openshift_node_upgrade/handlers/main.yml
@@ -1,7 +1,16 @@
---
- name: restart openvswitch
- systemd: name=openvswitch state=restarted
- when: (not skip_node_svc_handlers | default(False) | bool) and not (ovs_service_status_changed | default(false) | bool) and openshift.common.use_openshift_sdn | bool
+ systemd:
+ name: openvswitch
+ state: restarted
+ when:
+ - not skip_node_svc_handlers | default(False) | bool
+ - not (ovs_service_status_changed | default(false) | bool)
+ - openshift.common.use_openshift_sdn | default(true) | bool
+ register: l_openshift_node_upgrade_stop_openvswitch_result
+ until: not l_openshift_node_upgrade_stop_openvswitch_result | failed
+ retries: 3
+ delay: 30
notify:
- restart openvswitch pause
@@ -10,5 +19,13 @@
when: (not skip_node_svc_handlers | default(False) | bool) and openshift.common.is_containerized | bool
- name: restart node
- systemd: name={{ openshift.common.service_type }}-node state=restarted
- when: (not skip_node_svc_handlers | default(False) | bool) and not (node_service_status_changed | default(false) | bool)
+ systemd:
+ name: "{{ openshift.common.service_type }}-node"
+ state: restarted
+ register: l_openshift_node_upgrade_restart_node_result
+ until: not l_openshift_node_upgrade_restart_node_result | failed
+ retries: 3
+ delay: 30
+ when:
+ - (not skip_node_svc_handlers | default(False) | bool)
+ - not (node_service_status_changed | default(false) | bool)
diff --git a/roles/openshift_node_upgrade/tasks/docker/upgrade.yml b/roles/openshift_node_upgrade/tasks/docker/upgrade.yml
index 416cf605a..ebe87d6fd 100644
--- a/roles/openshift_node_upgrade/tasks/docker/upgrade.yml
+++ b/roles/openshift_node_upgrade/tasks/docker/upgrade.yml
@@ -26,7 +26,13 @@
- debug: var=docker_image_count.stdout
when: docker_upgrade_nuke_images is defined and docker_upgrade_nuke_images | bool
-- service: name=docker state=stopped
+- service:
+ name: docker
+ state: stopped
+ register: l_openshift_node_upgrade_docker_stop_result
+ until: not l_openshift_node_upgrade_docker_stop_result | failed
+ retries: 3
+ delay: 30
- name: Upgrade Docker
package: name=docker{{ '-' + docker_version }} state=present
diff --git a/roles/openshift_node_upgrade/tasks/main.yml b/roles/openshift_node_upgrade/tasks/main.yml
index d44839d69..f984a04b2 100644
--- a/roles/openshift_node_upgrade/tasks/main.yml
+++ b/roles/openshift_node_upgrade/tasks/main.yml
@@ -31,6 +31,22 @@
failed_when: false
when: openshift.common.is_containerized | bool
+- name: Pre-pull node image
+ command: >
+ docker pull {{ openshift.node.node_image }}:{{ openshift_image_tag }}
+ register: pull_result
+ changed_when: "'Downloaded newer image' in pull_result.stdout"
+ when: openshift.common.is_containerized | bool
+
+- name: Pre-pull openvswitch image
+ command: >
+ docker pull {{ openshift.node.ovs_image }}:{{ openshift_image_tag }}
+ register: pull_result
+ changed_when: "'Downloaded newer image' in pull_result.stdout"
+ when:
+ - openshift.common.is_containerized | bool
+ - openshift.common.use_openshift_sdn | default(true) | bool
+
- include: docker/upgrade.yml
vars:
# We will restart Docker ourselves after everything is ready:
@@ -133,6 +149,17 @@
- ansible_selinux is defined
- ansible_selinux.status == 'enabled'
+- name: Apply 3.6 dns config changes
+ yedit:
+ src: /etc/origin/node/node-config.yaml
+ key: "{{ item.key }}"
+ value: "{{ item.value }}"
+ with_items:
+ - key: "dnsBindAddress"
+ value: "127.0.0.1:53"
+ - key: "dnsRecursiveResolvConf"
+ value: "/etc/origin/node/resolv.conf"
+
# Restart all services
- include: restart.yml
@@ -147,3 +174,6 @@
# Give the node two minutes to come back online.
retries: 24
delay: 5
+
+- include_role:
+ name: openshift_node_dnsmasq
diff --git a/roles/openshift_node_upgrade/tasks/restart.yml b/roles/openshift_node_upgrade/tasks/restart.yml
index 508eb9358..f228b6e08 100644
--- a/roles/openshift_node_upgrade/tasks/restart.yml
+++ b/roles/openshift_node_upgrade/tasks/restart.yml
@@ -16,7 +16,11 @@
- name: Restart docker
service:
name: "{{ openshift.docker.service_name }}"
- state: restarted
+ state: started
+ register: docker_start_result
+ until: not docker_start_result | failed
+ retries: 3
+ delay: 30
- name: Update docker facts
openshift_facts:
@@ -39,4 +43,5 @@
state: started
delay: 10
port: "{{ openshift.master.api_port }}"
+ timeout: 600
when: inventory_hostname in groups.oo_masters_to_config
diff --git a/roles/openshift_node_upgrade/tasks/rpm_upgrade.yml b/roles/openshift_node_upgrade/tasks/rpm_upgrade.yml
index 06a2d16ba..a998acf21 100644
--- a/roles/openshift_node_upgrade/tasks/rpm_upgrade.yml
+++ b/roles/openshift_node_upgrade/tasks/rpm_upgrade.yml
@@ -16,7 +16,7 @@
- name: Install Node service file
template:
dest: "/etc/systemd/system/{{ openshift.common.service_type }}-node.service"
- src: "{{ openshift.common.service_type }}-node.service.j2"
+ src: "node.service.j2"
register: l_node_unit
# NOTE: This is needed to make sure we are using the correct set
diff --git a/roles/openshift_node_upgrade/tasks/systemd_units.yml b/roles/openshift_node_upgrade/tasks/systemd_units.yml
index 862cd19c4..e8f017445 100644
--- a/roles/openshift_node_upgrade/tasks/systemd_units.yml
+++ b/roles/openshift_node_upgrade/tasks/systemd_units.yml
@@ -18,21 +18,6 @@
# This file is included both in the openshift_master role and in the upgrade
# playbooks.
-
-- name: Pre-pull node image
- command: >
- docker pull {{ openshift.node.node_image }}:{{ openshift_image_tag }}
- register: pull_result
- changed_when: "'Downloaded newer image' in pull_result.stdout"
- when: openshift.common.is_containerized | bool
-
-- name: Pre-pull openvswitch image
- command: >
- docker pull {{ openshift.node.ovs_image }}:{{ openshift_image_tag }}
- register: pull_result
- changed_when: "'Downloaded newer image' in pull_result.stdout"
- when: openshift.common.is_containerized | bool and openshift.common.use_openshift_sdn | bool
-
- name: Install Node dependencies docker service file
template:
dest: "/etc/systemd/system/{{ openshift.common.service_type }}-node-dep.service"
diff --git a/roles/openshift_node_upgrade/templates/atomic-openshift-node.service.j2 b/roles/openshift_node_upgrade/templates/atomic-openshift-node.service.j2
deleted file mode 120000
index 6041fb13a..000000000
--- a/roles/openshift_node_upgrade/templates/atomic-openshift-node.service.j2
+++ /dev/null
@@ -1 +0,0 @@
-../../openshift_node/templates/atomic-openshift-node.service.j2 \ No newline at end of file
diff --git a/roles/openshift_node_upgrade/templates/node.service.j2 b/roles/openshift_node_upgrade/templates/node.service.j2
new file mode 100644
index 000000000..e12a52c15
--- /dev/null
+++ b/roles/openshift_node_upgrade/templates/node.service.j2
@@ -0,0 +1,31 @@
+[Unit]
+Description=OpenShift Node
+After={{ openshift.docker.service_name }}.service
+Wants=openvswitch.service
+After=ovsdb-server.service
+After=ovs-vswitchd.service
+Wants={{ openshift.docker.service_name }}.service
+Documentation=https://github.com/openshift/origin
+Requires=dnsmasq.service
+After=dnsmasq.service
+
+[Service]
+Type=notify
+EnvironmentFile=/etc/sysconfig/{{ openshift.common.service_type }}-node
+Environment=GOTRACEBACK=crash
+ExecStartPre=/usr/bin/cp /etc/origin/node/node-dnsmasq.conf /etc/dnsmasq.d/
+ExecStartPre=/usr/bin/dbus-send --system --dest=uk.org.thekelleys.dnsmasq /uk/org/thekelleys/dnsmasq uk.org.thekelleys.SetDomainServers array:string:/in-addr.arpa/127.0.0.1,/{{ openshift.common.dns_domain }}/127.0.0.1
+ExecStopPost=/usr/bin/rm /etc/dnsmasq.d/node-dnsmasq.conf
+ExecStopPost=/usr/bin/dbus-send --system --dest=uk.org.thekelleys.dnsmasq /uk/org/thekelleys/dnsmasq uk.org.thekelleys.SetDomainServers array:string:
+ExecStart=/usr/bin/openshift start node --config=${CONFIG_FILE} $OPTIONS
+LimitNOFILE=65536
+LimitCORE=infinity
+WorkingDirectory=/var/lib/origin/
+SyslogIdentifier={{ openshift.common.service_type }}-node
+Restart=always
+RestartSec=5s
+TimeoutStartSec=300
+OOMScoreAdjust=-999
+
+[Install]
+WantedBy=multi-user.target
diff --git a/roles/openshift_node_upgrade/templates/openshift.docker.node.service b/roles/openshift_node_upgrade/templates/openshift.docker.node.service
index 2a099301a..639b6f6c8 100644
--- a/roles/openshift_node_upgrade/templates/openshift.docker.node.service
+++ b/roles/openshift_node_upgrade/templates/openshift.docker.node.service
@@ -6,18 +6,26 @@ PartOf={{ openshift.docker.service_name }}.service
Requires={{ openshift.docker.service_name }}.service
{% if openshift.common.use_openshift_sdn %}
Wants=openvswitch.service
+After=ovsdb-server.service
+After=ovs-vswitchd.service
{% endif %}
Wants={{ openshift.common.service_type }}-master.service
Requires={{ openshift.common.service_type }}-node-dep.service
After={{ openshift.common.service_type }}-node-dep.service
+Requires=dnsmasq.service
+After=dnsmasq.service
[Service]
EnvironmentFile=/etc/sysconfig/{{ openshift.common.service_type }}-node
EnvironmentFile=/etc/sysconfig/{{ openshift.common.service_type }}-node-dep
ExecStartPre=-/usr/bin/docker rm -f {{ openshift.common.service_type }}-node
-ExecStart=/usr/bin/docker run --name {{ openshift.common.service_type }}-node --rm --privileged --net=host --pid=host --env-file=/etc/sysconfig/{{ openshift.common.service_type }}-node -v /:/rootfs:ro,rslave -e CONFIG_FILE=${CONFIG_FILE} -e OPTIONS=${OPTIONS} -e HOST=/rootfs -e HOST_ETC=/host-etc -v {{ openshift.common.data_dir }}:{{ openshift.common.data_dir }}{{ ':rslave' if openshift.docker.gte_1_10 | default(False) | bool else '' }} -v {{ openshift.common.config_base }}/node:{{ openshift.common.config_base }}/node {% if openshift_cloudprovider_kind | default('') != '' -%} -v {{ openshift.common.config_base }}/cloudprovider:{{ openshift.common.config_base}}/cloudprovider {% endif -%} -v /etc/localtime:/etc/localtime:ro -v /etc/machine-id:/etc/machine-id:ro -v /run:/run -v /sys:/sys:rw -v /sys/fs/cgroup:/sys/fs/cgroup:rw -v /usr/bin/docker:/usr/bin/docker:ro -v /var/lib/docker:/var/lib/docker -v /lib/modules:/lib/modules -v /etc/origin/openvswitch:/etc/openvswitch -v /etc/origin/sdn:/etc/openshift-sdn -v /var/lib/cni:/var/lib/cni -v /etc/systemd/system:/host-etc/systemd/system -v /var/log:/var/log -v /dev:/dev $DOCKER_ADDTL_BIND_MOUNTS {{ openshift.node.node_image }}:${IMAGE_VERSION}
+ExecStartPre=/usr/bin/cp /etc/origin/node/node-dnsmasq.conf /etc/dnsmasq.d/
+ExecStartPre=/usr/bin/dbus-send --system --dest=uk.org.thekelleys.dnsmasq /uk/org/thekelleys/dnsmasq uk.org.thekelleys.SetDomainServers array:string:/in-addr.arpa/127.0.0.1,/{{ openshift.common.dns_domain }}/127.0.0.1
+ExecStart=/usr/bin/docker run --name {{ openshift.common.service_type }}-node --rm --privileged --net=host --pid=host --env-file=/etc/sysconfig/{{ openshift.common.service_type }}-node -v /:/rootfs:ro,rslave -e CONFIG_FILE=${CONFIG_FILE} -e OPTIONS=${OPTIONS} -e HOST=/rootfs -e HOST_ETC=/host-etc -v {{ openshift.common.data_dir }}:{{ openshift.common.data_dir }}{{ ':rslave' if openshift.docker.gte_1_10 | default(False) | bool else '' }} -v {{ openshift.common.config_base }}/node:{{ openshift.common.config_base }}/node {% if openshift_cloudprovider_kind | default('') != '' -%} -v {{ openshift.common.config_base }}/cloudprovider:{{ openshift.common.config_base}}/cloudprovider {% endif -%} -v /etc/localtime:/etc/localtime:ro -v /etc/machine-id:/etc/machine-id:ro -v /run:/run -v /sys:/sys:rw -v /sys/fs/cgroup:/sys/fs/cgroup:rw -v /usr/bin/docker:/usr/bin/docker:ro -v /var/lib/docker:/var/lib/docker -v /lib/modules:/lib/modules -v /etc/origin/openvswitch:/etc/openvswitch -v /etc/origin/sdn:/etc/openshift-sdn -v /var/lib/cni:/var/lib/cni -v /etc/systemd/system:/host-etc/systemd/system -v /var/log:/var/log -v /dev:/dev $DOCKER_ADDTL_BIND_MOUNTS -v /etc/pki:/etc/pki:ro {{ openshift.node.node_image }}:${IMAGE_VERSION}
ExecStartPost=/usr/bin/sleep 10
ExecStop=/usr/bin/docker stop {{ openshift.common.service_type }}-node
+ExecStopPost=/usr/bin/rm /etc/dnsmasq.d/node-dnsmasq.conf
+ExecStopPost=/usr/bin/dbus-send --system --dest=uk.org.thekelleys.dnsmasq /uk/org/thekelleys/dnsmasq uk.org.thekelleys.SetDomainServers array:string:
SyslogIdentifier={{ openshift.common.service_type }}-node
Restart=always
RestartSec=5s
diff --git a/roles/openshift_node_upgrade/templates/origin-node.service.j2 b/roles/openshift_node_upgrade/templates/origin-node.service.j2
deleted file mode 120000
index 79c45a303..000000000
--- a/roles/openshift_node_upgrade/templates/origin-node.service.j2
+++ /dev/null
@@ -1 +0,0 @@
-../../openshift_node/templates/origin-node.service.j2 \ No newline at end of file
diff --git a/roles/openshift_repos/defaults/main.yaml b/roles/openshift_repos/defaults/main.yaml
index 7c5a14cd7..44f34ea7b 100644
--- a/roles/openshift_repos/defaults/main.yaml
+++ b/roles/openshift_repos/defaults/main.yaml
@@ -1,2 +1,3 @@
---
openshift_additional_repos: {}
+openshift_repos_enable_testing: false
diff --git a/roles/openshift_repos/tasks/main.yaml b/roles/openshift_repos/tasks/main.yaml
index 8f8550e2d..7458db87e 100644
--- a/roles/openshift_repos/tasks/main.yaml
+++ b/roles/openshift_repos/tasks/main.yaml
@@ -33,7 +33,7 @@
# "centos-release-openshift-origin" package which configures the repository.
# This task matches the file names provided by the package so that they are
# not installed twice in different files and remains idempotent.
- - name: Configure origin gpg keys if needed
+ - name: Configure origin repositories and gpg keys if needed
copy:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
@@ -49,6 +49,10 @@
- openshift_deployment_type == 'origin'
- openshift_enable_origin_repo | default(true) | bool
+ - name: Enable centos-openshift-origin-testing repository
+ command: yum-config-manager --enable centos-openshift-origin-testing
+ when: openshift_repos_enable_testing | bool
+
- name: Ensure clean repo cache in the event repos have been changed manually
debug:
msg: "First run of openshift_repos"
diff --git a/roles/openshift_sanitize_inventory/tasks/main.yml b/roles/openshift_sanitize_inventory/tasks/main.yml
index f15dc16d1..59ce505d3 100644
--- a/roles/openshift_sanitize_inventory/tasks/main.yml
+++ b/roles/openshift_sanitize_inventory/tasks/main.yml
@@ -46,3 +46,7 @@
msg: |-
openshift_release is "{{ openshift_release }}" which is not a valid version string.
Please set it to a version string like "3.4".
+
+- include: unsupported.yml
+ when:
+ - not openshift_enable_unsupported_configurations | default(false) | bool
diff --git a/roles/openshift_sanitize_inventory/tasks/unsupported.yml b/roles/openshift_sanitize_inventory/tasks/unsupported.yml
new file mode 100644
index 000000000..24e44ea85
--- /dev/null
+++ b/roles/openshift_sanitize_inventory/tasks/unsupported.yml
@@ -0,0 +1,12 @@
+---
+# This task list checks for unsupported configurations. Values here should yield
+# a partially functioning cluster but would not be supported for production use.
+
+- name: Ensure that openshift_use_dnsmasq is true
+ when:
+ - not openshift_use_dnsmasq | default(true) | bool
+ fail:
+ msg: |-
+ Starting in 3.6 openshift_use_dnsmasq must be true or critical features
+ will not function. This also means that NetworkManager must be installed
+ enabled and responsible for management of the primary interface.
diff --git a/roles/openshift_service_catalog/defaults/main.yml b/roles/openshift_service_catalog/defaults/main.yml
new file mode 100644
index 000000000..01ee2544d
--- /dev/null
+++ b/roles/openshift_service_catalog/defaults/main.yml
@@ -0,0 +1,3 @@
+---
+openshift_service_catalog_remove: false
+openshift_service_catalog_nodeselector: {"openshift-infra": "apiserver"}
diff --git a/roles/openshift_service_catalog/files/kubeservicecatalog_roles_bindings.yml b/roles/openshift_service_catalog/files/kubeservicecatalog_roles_bindings.yml
new file mode 100644
index 000000000..71e21a269
--- /dev/null
+++ b/roles/openshift_service_catalog/files/kubeservicecatalog_roles_bindings.yml
@@ -0,0 +1,199 @@
+apiVersion: v1
+kind: Template
+metadata:
+ name: service-catalog
+objects:
+
+- kind: ClusterRole
+ apiVersion: v1
+ metadata:
+ name: servicecatalog-serviceclass-viewer
+ rules:
+ - apiGroups:
+ - servicecatalog.k8s.io
+ resources:
+ - serviceclasses
+ verbs:
+ - list
+ - watch
+ - get
+
+- kind: ClusterRoleBinding
+ apiVersion: v1
+ metadata:
+ name: servicecatalog-serviceclass-viewer-binding
+ roleRef:
+ name: servicecatalog-serviceclass-viewer
+ groupNames:
+ - system:authenticated
+
+- kind: ServiceAccount
+ apiVersion: v1
+ metadata:
+ name: service-catalog-controller
+
+- kind: ServiceAccount
+ apiVersion: v1
+ metadata:
+ name: service-catalog-apiserver
+
+- kind: ClusterRole
+ apiVersion: v1
+ metadata:
+ name: sar-creator
+ rules:
+ - apiGroups:
+ - ""
+ resources:
+ - subjectaccessreviews.authorization.k8s.io
+ verbs:
+ - create
+
+- kind: ClusterRoleBinding
+ apiVersion: v1
+ metadata:
+ name: service-catalog-sar-creator-binding
+ roleRef:
+ name: sar-creator
+ userNames:
+ - system:serviceaccount:kube-service-catalog:service-catalog-apiserver
+
+- kind: ClusterRole
+ apiVersion: v1
+ metadata:
+ name: namespace-viewer
+ rules:
+ - apiGroups:
+ - ""
+ resources:
+ - namespaces
+ verbs:
+ - list
+ - watch
+ - get
+
+- kind: ClusterRoleBinding
+ apiVersion: v1
+ metadata:
+ name: service-catalog-namespace-viewer-binding
+ roleRef:
+ name: namespace-viewer
+ userNames:
+ - system:serviceaccount:kube-service-catalog:service-catalog-apiserver
+
+- kind: ClusterRoleBinding
+ apiVersion: v1
+ metadata:
+ name: service-catalog-controller-namespace-viewer-binding
+ roleRef:
+ name: namespace-viewer
+ userNames:
+ - system:serviceaccount:kube-service-catalog:service-catalog-controller
+
+- kind: ClusterRole
+ apiVersion: v1
+ metadata:
+ name: service-catalog-controller
+ rules:
+ - apiGroups:
+ - ""
+ resources:
+ - secrets
+ verbs:
+ - create
+ - update
+ - delete
+ - get
+ - list
+ - watch
+ - apiGroups:
+ - servicecatalog.k8s.io
+ resources:
+ - brokers/status
+ - instances/status
+ - bindings/status
+ verbs:
+ - update
+ - apiGroups:
+ - servicecatalog.k8s.io
+ resources:
+ - brokers
+ - instances
+ - bindings
+ verbs:
+ - list
+ - watch
+ - apiGroups:
+ - ""
+ resources:
+ - events
+ verbs:
+ - patch
+ - create
+ - apiGroups:
+ - servicecatalog.k8s.io
+ resources:
+ - serviceclasses
+ verbs:
+ - create
+ - delete
+ - update
+ - patch
+ - get
+ - list
+ - watch
+ - apiGroups:
+ - settings.k8s.io
+ resources:
+ - podpresets
+ verbs:
+ - create
+ - update
+ - delete
+ - get
+ - list
+ - watch
+
+- kind: ClusterRoleBinding
+ apiVersion: v1
+ metadata:
+ name: service-catalog-controller-binding
+ roleRef:
+ name: service-catalog-controller
+ userNames:
+ - system:serviceaccount:kube-service-catalog:service-catalog-controller
+
+- kind: Role
+ apiVersion: v1
+ metadata:
+ name: endpoint-accessor
+ rules:
+ - apiGroups:
+ - ""
+ resources:
+ - endpoints
+ verbs:
+ - list
+ - watch
+ - get
+ - create
+ - update
+
+- kind: RoleBinding
+ apiVersion: v1
+ metadata:
+ name: endpoint-accessor-binding
+ roleRef:
+ name: endpoint-accessor
+ namespace: kube-service-catalog
+ userNames:
+ - system:serviceaccount:kube-service-catalog:service-catalog-controller
+
+- kind: ClusterRoleBinding
+ apiVersion: v1
+ metadata:
+ name: system:auth-delegator-binding
+ roleRef:
+ name: system:auth-delegator
+ userNames:
+ - system:serviceaccount:kube-service-catalog:service-catalog-apiserver
diff --git a/roles/openshift_service_catalog/files/kubesystem_roles_bindings.yml b/roles/openshift_service_catalog/files/kubesystem_roles_bindings.yml
new file mode 100644
index 000000000..f6ee0955d
--- /dev/null
+++ b/roles/openshift_service_catalog/files/kubesystem_roles_bindings.yml
@@ -0,0 +1,38 @@
+apiVersion: v1
+kind: Template
+metadata:
+ name: kube-system-service-catalog
+objects:
+
+- kind: Role
+ apiVersion: v1
+ metadata:
+ name: extension-apiserver-authentication-reader
+ namespace: ${KUBE_SYSTEM_NAMESPACE}
+ rules:
+ - apiGroups:
+ - ""
+ resourceNames:
+ - extension-apiserver-authentication
+ resources:
+ - configmaps
+ verbs:
+ - get
+
+- kind: RoleBinding
+ apiVersion: v1
+ metadata:
+ name: extension-apiserver-authentication-reader-binding
+ namespace: ${KUBE_SYSTEM_NAMESPACE}
+ roleRef:
+ name: extension-apiserver-authentication-reader
+ namespace: kube-system
+ userNames:
+ - system:serviceaccount:kube-service-catalog:service-catalog-apiserver
+
+parameters:
+- description: Do not change this value.
+ displayName: Name of the kube-system namespace
+ name: KUBE_SYSTEM_NAMESPACE
+ required: true
+ value: kube-system
diff --git a/roles/openshift_service_catalog/files/openshift-ansible-catalog-console.js b/roles/openshift_service_catalog/files/openshift-ansible-catalog-console.js
new file mode 100644
index 000000000..1f25cc39f
--- /dev/null
+++ b/roles/openshift_service_catalog/files/openshift-ansible-catalog-console.js
@@ -0,0 +1,2 @@
+window.OPENSHIFT_CONSTANTS.ENABLE_TECH_PREVIEW_FEATURE.service_catalog_landing_page = true;
+window.OPENSHIFT_CONSTANTS.ENABLE_TECH_PREVIEW_FEATURE.pod_presets = true;
diff --git a/roles/openshift_service_catalog/meta/main.yml b/roles/openshift_service_catalog/meta/main.yml
new file mode 100644
index 000000000..1e6b837cd
--- /dev/null
+++ b/roles/openshift_service_catalog/meta/main.yml
@@ -0,0 +1,17 @@
+---
+galaxy_info:
+ author: OpenShift Red Hat
+ description: OpenShift Service Catalog
+ company: Red Hat, Inc.
+ license: Apache License, Version 2.0
+ min_ansible_version: 2.2
+ platforms:
+ - name: EL
+ versions:
+ - 7
+ categories:
+ - cloud
+dependencies:
+- role: lib_openshift
+- role: openshift_facts
+- role: lib_utils
diff --git a/roles/openshift_service_catalog/tasks/generate_certs.yml b/roles/openshift_service_catalog/tasks/generate_certs.yml
new file mode 100644
index 000000000..cc897b032
--- /dev/null
+++ b/roles/openshift_service_catalog/tasks/generate_certs.yml
@@ -0,0 +1,70 @@
+---
+- name: Create service catalog cert directory
+ file:
+ path: "{{ openshift.common.config_base }}/service-catalog"
+ state: directory
+ mode: 0755
+ changed_when: False
+ check_mode: no
+
+- set_fact:
+ generated_certs_dir: "{{ openshift.common.config_base }}/service-catalog"
+
+- name: Generate signing cert
+ command: >
+ {{ openshift.common.client_binary }} adm --config=/etc/origin/master/admin.kubeconfig ca create-signer-cert
+ --key={{ generated_certs_dir }}/ca.key --cert={{ generated_certs_dir }}/ca.crt
+ --serial={{ generated_certs_dir }}/apiserver.serial.txt --name=service-catalog-signer
+
+- name: Generating server keys
+ oc_adm_ca_server_cert:
+ cert: "{{ generated_certs_dir }}/apiserver.crt"
+ key: "{{ generated_certs_dir }}/apiserver.key"
+ hostnames: "apiserver.kube-service-catalog.svc,apiserver.kube-service-catalog.svc.cluster.local,apiserver.kube-service-catalog"
+ signer_cert: "{{ generated_certs_dir }}/ca.crt"
+ signer_key: "{{ generated_certs_dir }}/ca.key"
+ signer_serial: "{{ generated_certs_dir }}/apiserver.serial.txt"
+
+- name: Create apiserver-ssl secret
+ oc_secret:
+ state: present
+ name: apiserver-ssl
+ namespace: kube-service-catalog
+ files:
+ - name: tls.crt
+ path: "{{ generated_certs_dir }}/apiserver.crt"
+ - name: tls.key
+ path: "{{ generated_certs_dir }}/apiserver.key"
+
+- slurp:
+ src: "{{ generated_certs_dir }}/ca.crt"
+ register: apiserver_ca
+
+- shell: >
+ oc get apiservices.apiregistration.k8s.io/v1alpha1.servicecatalog.k8s.io -n kube-service-catalog || echo "not found"
+ register: get_apiservices
+ changed_when: no
+
+- name: Create api service
+ oc_obj:
+ state: present
+ name: v1alpha1.servicecatalog.k8s.io
+ kind: apiservices.apiregistration.k8s.io
+ namespace: "kube-service-catalog"
+ content:
+ path: /tmp/apisvcout
+ data:
+ apiVersion: apiregistration.k8s.io/v1beta1
+ kind: APIService
+ metadata:
+ name: v1alpha1.servicecatalog.k8s.io
+ spec:
+ group: servicecatalog.k8s.io
+ version: v1alpha1
+ service:
+ namespace: "kube-service-catalog"
+ name: apiserver
+ caBundle: "{{ apiserver_ca.content }}"
+ groupPriorityMinimum: 20
+ versionPriority: 10
+ when: "'not found' in get_apiservices.stdout"
diff --git a/roles/openshift_service_catalog/tasks/install.yml b/roles/openshift_service_catalog/tasks/install.yml
new file mode 100644
index 000000000..686857d94
--- /dev/null
+++ b/roles/openshift_service_catalog/tasks/install.yml
@@ -0,0 +1,239 @@
+---
+# do any asserts here
+
+- name: Create temp directory for doing work in
+ command: mktemp -d /tmp/openshift-service-catalog-ansible-XXXXXX
+ register: mktemp
+ changed_when: False
+
+- include: wire_aggregator.yml
+
+- name: Set default image variables based on deployment_type
+ include_vars: "{{ item }}"
+ with_first_found:
+ - "{{ openshift_deployment_type | default(deployment_type) }}.yml"
+ - "default_images.yml"
+
+- name: Set service_catalog image facts
+ set_fact:
+ openshift_service_catalog_image_prefix: "{{ openshift_service_catalog_image_prefix | default(__openshift_service_catalog_image_prefix) }}"
+ openshift_service_catalog_image_version: "{{ openshift_service_catalog_image_version | default(__openshift_service_catalog_image_version) }}"
+
+- name: Set Service Catalog namespace
+ oc_project:
+ state: present
+ name: "kube-service-catalog"
+ node_selector: ""
+
+- name: Make kube-service-catalog project network global
+ command: >
+ oc adm pod-network make-projects-global kube-service-catalog
+ when: os_sdn_network_plugin_name | default('') == 'redhat/openshift-ovs-multitenant'
+
+- include: generate_certs.yml
+
+- copy:
+ src: kubeservicecatalog_roles_bindings.yml
+ dest: "{{ mktemp.stdout }}/kubeservicecatalog_roles_bindings.yml"
+
+- oc_obj:
+ name: service-catalog
+ kind: template
+ namespace: "kube-service-catalog"
+ files:
+ - "{{ mktemp.stdout }}/kubeservicecatalog_roles_bindings.yml"
+ delete_after: yes
+
+- oc_process:
+ create: True
+ template_name: service-catalog
+ namespace: "kube-service-catalog"
+
+- copy:
+ src: kubesystem_roles_bindings.yml
+ dest: "{{ mktemp.stdout }}/kubesystem_roles_bindings.yml"
+
+- oc_obj:
+ name: kube-system-service-catalog
+ kind: template
+ namespace: kube-system
+ files:
+ - "{{ mktemp.stdout }}/kubesystem_roles_bindings.yml"
+ delete_after: yes
+
+- oc_process:
+ create: True
+ template_name: kube-system-service-catalog
+ namespace: kube-system
+
+- oc_obj:
+ name: edit
+ kind: clusterrole
+ state: list
+ register: edit_yaml
+
+# only do this if we don't already have the updated role info
+- name: Generate apply template for clusterrole/edit
+ template:
+ src: sc_role_patching.j2
+ dest: "{{ mktemp.stdout }}/edit_sc_patch.yml"
+ vars:
+ original_content: "{{ edit_yaml.results.results[0] | to_yaml }}"
+ when:
+ - not edit_yaml.results.results[0] | oo_contains_rule(['servicecatalog.k8s.io'], ['instances', 'bindings'], ['create', 'update', 'delete', 'get', 'list', 'watch']) or not edit_yaml.results.results[0] | oo_contains_rule(['settings.k8s.io'], ['podpresets'], ['create', 'update', 'delete', 'get', 'list', 'watch'])
+
+# only do this if we don't already have the updated role info
+- name: update edit role for service catalog and pod preset access
+ command: >
+ oc replace -f {{ mktemp.stdout }}/edit_sc_patch.yml
+ when:
+ - not edit_yaml.results.results[0] | oo_contains_rule(['servicecatalog.k8s.io'], ['instances', 'bindings'], ['create', 'update', 'delete', 'get', 'list', 'watch']) or not edit_yaml.results.results[0] | oo_contains_rule(['settings.k8s.io'], ['podpresets'], ['create', 'update', 'delete', 'get', 'list', 'watch'])
+
+- oc_obj:
+ name: admin
+ kind: clusterrole
+ state: list
+ register: admin_yaml
+
+# only do this if we don't already have the updated role info
+- name: Generate apply template for clusterrole/admin
+ template:
+ src: sc_role_patching.j2
+ dest: "{{ mktemp.stdout }}/admin_sc_patch.yml"
+ vars:
+ original_content: "{{ admin_yaml.results.results[0] | to_yaml }}"
+ when:
+ - not admin_yaml.results.results[0] | oo_contains_rule(['servicecatalog.k8s.io'], ['instances', 'bindings'], ['create', 'update', 'delete', 'get', 'list', 'watch']) or not admin_yaml.results.results[0] | oo_contains_rule(['settings.k8s.io'], ['podpresets'], ['create', 'update', 'delete', 'get', 'list', 'watch'])
+
+# only do this if we don't already have the updated role info
+- name: update admin role for service catalog and pod preset access
+ command: >
+ oc replace -f {{ mktemp.stdout }}/admin_sc_patch.yml
+ when:
+ - not admin_yaml.results.results[0] | oo_contains_rule(['servicecatalog.k8s.io'], ['instances', 'bindings'], ['create', 'update', 'delete', 'get', 'list', 'watch']) or not admin_yaml.results.results[0] | oo_contains_rule(['settings.k8s.io'], ['podpresets'], ['create', 'update', 'delete', 'get', 'list', 'watch'])
+
+- shell: >
+ oc get policybindings/kube-system:default -n kube-system || echo "not found"
+ register: get_kube_system
+ changed_when: no
+
+- command: >
+ oc create policybinding kube-system -n kube-system
+ when: "'not found' in get_kube_system.stdout"
+
+- oc_adm_policy_user:
+ namespace: kube-service-catalog
+ resource_kind: scc
+ resource_name: hostmount-anyuid
+ state: present
+ user: "system:serviceaccount:kube-service-catalog:service-catalog-apiserver"
+
+- name: Set SA cluster-role
+ oc_adm_policy_user:
+ state: present
+ namespace: "kube-service-catalog"
+ resource_kind: cluster-role
+ resource_name: admin
+ user: "system:serviceaccount:kube-service-catalog:default"
+
+- name: Checking for master.etcd-ca.crt
+ stat:
+ path: /etc/origin/master/master.etcd-ca.crt
+ register: etcd_ca_crt
+ check_mode: no
+
+## api server
+- template:
+ src: api_server.j2
+ dest: "{{ mktemp.stdout }}/service_catalog_api_server.yml"
+ vars:
+ image: ""
+ namespace: ""
+ cpu_limit: none
+ memory_limit: none
+ cpu_requests: none
+ memory_request: none
+ cors_allowed_origin: localhost
+ etcd_servers: "{{ openshift.master.etcd_urls | join(',') }}"
+ etcd_cafile: "{{ '/etc/origin/master/master.etcd-ca.crt' if etcd_ca_crt.stat.exists else '/etc/origin/master/ca-bundle.crt' }}"
+ node_selector: "{{ openshift_service_catalog_nodeselector | default ({'openshift-infra': 'apiserver'}) }}"
+
+- name: Set Service Catalog API Server daemonset
+ oc_obj:
+ state: present
+ namespace: "kube-service-catalog"
+ kind: daemonset
+ name: apiserver
+ files:
+ - "{{ mktemp.stdout }}/service_catalog_api_server.yml"
+ delete_after: yes
+
+- template:
+ src: api_server_service.j2
+ dest: "{{ mktemp.stdout }}/service_catalog_api_service.yml"
+
+- name: Set Service Catalog API Server service
+ oc_obj:
+ state: present
+ namespace: "kube-service-catalog"
+ kind: service
+ name: apiserver
+ files:
+ - "{{ mktemp.stdout }}/service_catalog_api_service.yml"
+ delete_after: yes
+
+- template:
+ src: api_server_route.j2
+ dest: "{{ mktemp.stdout }}/service_catalog_api_route.yml"
+
+- name: Set Service Catalog API Server route
+ oc_obj:
+ state: present
+ namespace: "kube-service-catalog"
+ kind: route
+ name: apiserver
+ files:
+ - "{{ mktemp.stdout }}/service_catalog_api_route.yml"
+ delete_after: yes
+
+## controller manager
+- template:
+ src: controller_manager.j2
+ dest: "{{ mktemp.stdout }}/controller_manager.yml"
+ vars:
+ image: ""
+ cpu_limit: none
+ memory_limit: none
+ node_selector: "{{ openshift_service_catalog_nodeselector | default ({'openshift-infra': 'apiserver'}) }}"
+
+- name: Set Controller Manager deployment
+ oc_obj:
+ state: present
+ namespace: "kube-service-catalog"
+ kind: daemonset
+ name: controller-manager
+ files:
+ - "{{ mktemp.stdout }}/controller_manager.yml"
+ delete_after: yes
+
+- template:
+ src: controller_manager_service.j2
+ dest: "{{ mktemp.stdout }}/controller_manager_service.yml"
+
+- name: Set Controller Manager service
+ oc_obj:
+ state: present
+ namespace: "kube-service-catalog"
+ kind: service
+ name: controller-manager
+ files:
+ - "{{ mktemp.stdout }}/controller_manager_service.yml"
+ delete_after: yes
+
+- include: start_api_server.yml
+
+- name: Delete temp directory
+ file:
+ name: "{{ mktemp.stdout }}"
+ state: absent
+ changed_when: False
diff --git a/roles/openshift_service_catalog/tasks/main.yml b/roles/openshift_service_catalog/tasks/main.yml
new file mode 100644
index 000000000..dc0d6a370
--- /dev/null
+++ b/roles/openshift_service_catalog/tasks/main.yml
@@ -0,0 +1,8 @@
+---
+# do any asserts here
+
+- include: install.yml
+ when: not openshift_service_catalog_remove | default(false) | bool
+
+- include: remove.yml
+ when: openshift_service_catalog_remove | default(false) | bool
diff --git a/roles/openshift_service_catalog/tasks/remove.yml b/roles/openshift_service_catalog/tasks/remove.yml
new file mode 100644
index 000000000..2fb1ec440
--- /dev/null
+++ b/roles/openshift_service_catalog/tasks/remove.yml
@@ -0,0 +1,56 @@
+---
+- name: Remove Service Catalog APIServer
+ command: >
+ oc delete apiservices.apiregistration.k8s.io/v1alpha1.servicecatalog.k8s.io --ignore-not-found -n kube-service-catalog
+
+- name: Remove Policy Binding
+ command: >
+ oc delete policybindings/kube-system:default -n kube-system --ignore-not-found
+
+# TODO: this module doesn't currently remove this
+#- name: Remove service catalog api service
+# oc_obj:
+# state: absent
+# namespace: "kube-service-catalog"
+# kind: apiservices.apiregistration.k8s.io
+# name: v1alpha1.servicecatalog.k8s.io
+
+- name: Remove Service Catalog API Server route
+ oc_obj:
+ state: absent
+ namespace: "kube-service-catalog"
+ kind: route
+ name: apiserver
+
+- name: Remove Service Catalog API Server service
+ oc_obj:
+ state: absent
+ namespace: "kube-service-catalog"
+ kind: service
+ name: apiserver
+
+- name: Remove Service Catalog API Server daemonset
+ oc_obj:
+ state: absent
+ namespace: "kube-service-catalog"
+ kind: daemonset
+ name: apiserver
+
+- name: Remove Controller Manager service
+ oc_obj:
+ state: absent
+ namespace: "kube-service-catalog"
+ kind: service
+ name: controller-manager
+
+- name: Remove Controller Manager deployment
+ oc_obj:
+ state: absent
+ namespace: "kube-service-catalog"
+ kind: deployment
+ name: controller-manager
+
+- name: Remove Service Catalog namespace
+ oc_project:
+ state: absent
+ name: "kube-service-catalog"
diff --git a/roles/openshift_service_catalog/tasks/start_api_server.yml b/roles/openshift_service_catalog/tasks/start_api_server.yml
new file mode 100644
index 000000000..b143292b6
--- /dev/null
+++ b/roles/openshift_service_catalog/tasks/start_api_server.yml
@@ -0,0 +1,22 @@
+---
+# Label nodes and wait for apiserver and controller to be running (at least one)
+- name: Label {{ openshift.node.nodename }} for APIServer and controller deployment
+ oc_label:
+ name: "{{ openshift.node.nodename }}"
+ kind: node
+ state: add
+ labels: "{{ openshift_service_catalog_nodeselector | default ({'openshift-infra': 'apiserver'}) | oo_dict_to_list_of_dict }}"
+
+# wait to see that the apiserver is available
+- name: wait for api server to be ready
+ command: >
+ curl -k https://apiserver.kube-service-catalog.svc/healthz
+ args:
+ # Disables the following warning:
+ # Consider using get_url or uri module rather than running curl
+ warn: no
+ register: api_health
+ until: api_health.stdout == 'ok'
+ retries: 120
+ delay: 1
+ changed_when: false
diff --git a/roles/openshift_service_catalog/tasks/wire_aggregator.yml b/roles/openshift_service_catalog/tasks/wire_aggregator.yml
new file mode 100644
index 000000000..d5291a99a
--- /dev/null
+++ b/roles/openshift_service_catalog/tasks/wire_aggregator.yml
@@ -0,0 +1,206 @@
+---
+- name: Make temp cert dir
+ command: mktemp -d /tmp/openshift-service-catalog-ansible-XXXXXX
+ register: certtemp
+ changed_when: False
+
+- name: Check for First Master Aggregator Signer cert
+ stat:
+ path: /etc/origin/master/front-proxy-ca.crt
+ register: first_proxy_ca_crt
+ changed_when: false
+ delegate_to: "{{ first_master }}"
+
+- name: Check for First Master Aggregator Signer key
+ stat:
+ path: /etc/origin/master/front-proxy-ca.crt
+ register: first_proxy_ca_key
+ changed_when: false
+ delegate_to: "{{ first_master }}"
+
+
+# TODO: this currently has a bug where hostnames are required
+- name: Creating First Master Aggregator signer certs
+ command: >
+ oc adm ca create-signer-cert
+ --cert=/etc/origin/master/front-proxy-ca.crt
+ --key=/etc/origin/master/front-proxy-ca.key
+ --serial=/etc/origin/master/ca.serial.txt
+ delegate_to: "{{ first_master }}"
+ when:
+ - not first_proxy_ca_crt.stat.exists
+ - not first_proxy_ca_key.stat.exists
+
+- name: Check for Aggregator Signer cert
+ stat:
+ path: /etc/origin/master/front-proxy-ca.crt
+ register: proxy_ca_crt
+ changed_when: false
+
+- name: Check for Aggregator Signer key
+ stat:
+ path: /etc/origin/master/front-proxy-ca.crt
+ register: proxy_ca_key
+ changed_when: false
+
+- name: Copy Aggregator Signer certs from first master
+ fetch:
+ src: "/etc/origin/master/{{ item }}"
+ dest: "{{ certtemp.stdout }}/{{ item }}"
+ flat: yes
+ with_items:
+ - front-proxy-ca.crt
+ - front-proxy-ca.key
+ delegate_to: "{{ first_master }}"
+ when:
+ - not proxy_ca_key.stat.exists
+ - not proxy_ca_crt.stat.exists
+
+- name: Copy Aggregator Signer certs to host
+ copy:
+ src: "{{ certtemp.stdout }}/{{ item }}"
+ dest: "/etc/origin/master/{{ item }}"
+ with_items:
+ - front-proxy-ca.crt
+ - front-proxy-ca.key
+ when:
+ - not proxy_ca_key.stat.exists
+ - not proxy_ca_crt.stat.exists
+
+# oc_adm_ca_server_cert:
+# cert: /etc/origin/master/front-proxy-ca.crt
+# key: /etc/origin/master/front-proxy-ca.key
+
+- name: Check for first master api-client config
+ stat:
+ path: /etc/origin/master/aggregator-front-proxy.kubeconfig
+ register: first_front_proxy_kubeconfig
+ delegate_to: "{{ first_master }}"
+
+- name: Create first master api-client config for Aggregator
+ command: >
+ oc adm create-api-client-config
+ --certificate-authority=/etc/origin/master/front-proxy-ca.crt
+ --signer-cert=/etc/origin/master/front-proxy-ca.crt
+ --signer-key=/etc/origin/master/front-proxy-ca.key
+ --user aggregator-front-proxy
+ --client-dir=/etc/origin/master
+ --signer-serial=/etc/origin/master/ca.serial.txt
+ delegate_to: "{{ first_master }}"
+ when:
+ - not first_front_proxy_kubeconfig.stat.exists
+
+- name: Check for api-client config
+ stat:
+ path: /etc/origin/master/aggregator-front-proxy.kubeconfig
+ register: front_proxy_kubeconfig
+
+- name: Copy api-client config from first master
+ fetch:
+ src: "/etc/origin/master/{{ item }}"
+ dest: "{{ certtemp.stdout }}/{{ item }}"
+ flat: yes
+ delegate_to: "{{ first_master }}"
+ with_items:
+ - aggregator-front-proxy.crt
+ - aggregator-front-proxy.key
+ - aggregator-front-proxy.kubeconfig
+ when:
+ - not front_proxy_kubeconfig.stat.exists
+
+- name: Copy api-client config to host
+ copy:
+ src: "{{ certtemp.stdout }}/{{ item }}"
+ dest: "/etc/origin/master/{{ item }}"
+ with_items:
+ - aggregator-front-proxy.crt
+ - aggregator-front-proxy.key
+ - aggregator-front-proxy.kubeconfig
+ when:
+ - not front_proxy_kubeconfig.stat.exists
+
+- name: copy tech preview extension file for service console UI
+ copy:
+ src: openshift-ansible-catalog-console.js
+ dest: /etc/origin/master/openshift-ansible-catalog-console.js
+
+- name: Update master config
+ yedit:
+ state: present
+ src: /etc/origin/master/master-config.yaml
+ edits:
+ - key: aggregatorConfig.proxyClientInfo.certFile
+ value: aggregator-front-proxy.crt
+ - key: aggregatorConfig.proxyClientInfo.keyFile
+ value: aggregator-front-proxy.key
+ - key: authConfig.requestHeader.clientCA
+ value: front-proxy-ca.crt
+ - key: authConfig.requestHeader.clientCommonNames
+ value: [aggregator-front-proxy]
+ - key: authConfig.requestHeader.usernameHeaders
+ value: [X-Remote-User]
+ - key: authConfig.requestHeader.groupHeaders
+ value: [X-Remote-Group]
+ - key: authConfig.requestHeader.extraHeaderPrefixes
+ value: [X-Remote-Extra-]
+ - key: assetConfig.extensionScripts
+ value: [/etc/origin/master/openshift-ansible-catalog-console.js]
+ - key: kubernetesMasterConfig.apiServerArguments.runtime-config
+ value: [apis/settings.k8s.io/v1alpha1=true]
+ - key: admissionConfig.pluginConfig.PodPreset.configuration.kind
+ value: DefaultAdmissionConfig
+ - key: admissionConfig.pluginConfig.PodPreset.configuration.apiVersion
+ value: v1
+ - key: admissionConfig.pluginConfig.PodPreset.configuration.disable
+ value: false
+ register: yedit_output
+
+#restart master serially here
+- name: restart master
+ systemd: name={{ openshift.common.service_type }}-master state=restarted
+ when:
+ - yedit_output.changed
+ - openshift.master.ha is not defined or not openshift.master.ha | bool
+
+- name: restart master api
+ systemd: name={{ openshift.common.service_type }}-master-api state=restarted
+ when:
+ - yedit_output.changed
+ - openshift.master.ha is defined and openshift.master.ha | bool
+ - openshift.master.cluster_method == 'native'
+
+- name: restart master controllers
+ systemd: name={{ openshift.common.service_type }}-master-controllers state=restarted
+ when:
+ - yedit_output.changed
+ - openshift.master.ha is defined and openshift.master.ha | bool
+ - openshift.master.cluster_method == 'native'
+
+- name: Verify API Server
+ # Using curl here since the uri module requires python-httplib2 and
+ # wait_for port doesn't provide health information.
+ command: >
+ curl --silent --tlsv1.2
+ {% if openshift.common.version_gte_3_2_or_1_2 | bool %}
+ --cacert {{ openshift.common.config_base }}/master/ca-bundle.crt
+ {% else %}
+ --cacert {{ openshift.common.config_base }}/master/ca.crt
+ {% endif %}
+ {{ openshift.master.api_url }}/healthz/ready
+ args:
+ # Disables the following warning:
+ # Consider using get_url or uri module rather than running curl
+ warn: no
+ register: api_available_output
+ until: api_available_output.stdout == 'ok'
+ retries: 120
+ delay: 1
+ changed_when: false
+ when:
+ - yedit_output.changed
+
+- name: Delete temp directory
+ file:
+ name: "{{ certtemp.stdout }}"
+ state: absent
+ changed_when: False
diff --git a/roles/openshift_service_catalog/templates/api_server.j2 b/roles/openshift_service_catalog/templates/api_server.j2
new file mode 100644
index 000000000..c09834fd4
--- /dev/null
+++ b/roles/openshift_service_catalog/templates/api_server.j2
@@ -0,0 +1,79 @@
+apiVersion: extensions/v1beta1
+kind: DaemonSet
+metadata:
+ labels:
+ app: apiserver
+ name: apiserver
+spec:
+ selector:
+ matchLabels:
+ app: apiserver
+ updateStrategy:
+ rollingUpdate:
+ maxUnavailable: 1
+ type: RollingUpdate
+ template:
+ metadata:
+ labels:
+ app: apiserver
+ spec:
+ serviceAccountName: service-catalog-apiserver
+ nodeSelector:
+{% for key, value in node_selector.iteritems() %}
+ {{key}}: "{{value}}"
+{% endfor %}
+ containers:
+ - args:
+ - --storage-type
+ - etcd
+ - --secure-port
+ - "6443"
+ - --etcd-servers
+ - {{ etcd_servers }}
+ - --etcd-cafile
+ - {{ etcd_cafile }}
+ - --etcd-certfile
+ - /etc/origin/master/master.etcd-client.crt
+ - --etcd-keyfile
+ - /etc/origin/master/master.etcd-client.key
+ - -v
+ - "10"
+ - --cors-allowed-origins
+ - {{ cors_allowed_origin }}
+ - --admission-control
+ - "KubernetesNamespaceLifecycle"
+ image: {{ openshift_service_catalog_image_prefix }}service-catalog:{{ openshift_service_catalog_image_version }}
+ command: ["/usr/bin/apiserver"]
+ imagePullPolicy: Always
+ name: apiserver
+ ports:
+ - containerPort: 6443
+ protocol: TCP
+ resources: {}
+ terminationMessagePath: /dev/termination-log
+ volumeMounts:
+ - mountPath: /var/run/kubernetes-service-catalog
+ name: apiserver-ssl
+ readOnly: true
+ - mountPath: /etc/origin/master
+ name: etcd-host-cert
+ readOnly: true
+ dnsPolicy: ClusterFirst
+ restartPolicy: Always
+ securityContext: {}
+ terminationGracePeriodSeconds: 30
+ volumes:
+ - name: apiserver-ssl
+ secret:
+ defaultMode: 420
+ secretName: apiserver-ssl
+ items:
+ - key: tls.crt
+ path: apiserver.crt
+ - key: tls.key
+ path: apiserver.key
+ - hostPath:
+ path: /etc/origin/master
+ name: etcd-host-cert
+ - emptyDir: {}
+ name: data-dir
diff --git a/roles/openshift_service_catalog/templates/api_server_route.j2 b/roles/openshift_service_catalog/templates/api_server_route.j2
new file mode 100644
index 000000000..3c3da254d
--- /dev/null
+++ b/roles/openshift_service_catalog/templates/api_server_route.j2
@@ -0,0 +1,14 @@
+apiVersion: v1
+kind: Route
+metadata:
+ name: apiserver
+spec:
+ port:
+ targetPort: secure
+ tls:
+ termination: passthrough
+ to:
+ kind: Service
+ name: apiserver
+ weight: 100
+ wildcardPolicy: None
diff --git a/roles/openshift_service_catalog/templates/api_server_service.j2 b/roles/openshift_service_catalog/templates/api_server_service.j2
new file mode 100644
index 000000000..bae337201
--- /dev/null
+++ b/roles/openshift_service_catalog/templates/api_server_service.j2
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: Service
+metadata:
+ name: apiserver
+spec:
+ ports:
+ - name: secure
+ port: 443
+ protocol: TCP
+ targetPort: 6443
+ selector:
+ app: apiserver
+ sessionAffinity: None
diff --git a/roles/openshift_service_catalog/templates/controller_manager.j2 b/roles/openshift_service_catalog/templates/controller_manager.j2
new file mode 100644
index 000000000..1bbc0fa2c
--- /dev/null
+++ b/roles/openshift_service_catalog/templates/controller_manager.j2
@@ -0,0 +1,47 @@
+apiVersion: extensions/v1beta1
+kind: DaemonSet
+metadata:
+ labels:
+ app: controller-manager
+ name: controller-manager
+spec:
+ selector:
+ matchLabels:
+ app: controller-manager
+ strategy:
+ rollingUpdate:
+ maxUnavailable: 1
+ type: RollingUpdate
+ template:
+ metadata:
+ labels:
+ app: controller-manager
+ spec:
+ serviceAccountName: service-catalog-controller
+ nodeSelector:
+{% for key, value in node_selector.iteritems() %}
+ {{key}}: "{{value}}"
+{% endfor %}
+ containers:
+ - env:
+ - name: K8S_NAMESPACE
+ valueFrom:
+ fieldRef:
+ fieldPath: metadata.namespace
+ args:
+ - -v
+ - "5"
+ - "--leader-election-namespace=$(K8S_NAMESPACE)"
+ image: {{ openshift_service_catalog_image_prefix }}service-catalog:{{ openshift_service_catalog_image_version }}
+ command: ["/usr/bin/controller-manager"]
+ imagePullPolicy: Always
+ name: controller-manager
+ ports:
+ - containerPort: 8080
+ protocol: TCP
+ resources: {}
+ terminationMessagePath: /dev/termination-log
+ dnsPolicy: ClusterFirst
+ restartPolicy: Always
+ securityContext: {}
+ terminationGracePeriodSeconds: 30
diff --git a/roles/openshift_service_catalog/templates/controller_manager_service.j2 b/roles/openshift_service_catalog/templates/controller_manager_service.j2
new file mode 100644
index 000000000..2bac645fc
--- /dev/null
+++ b/roles/openshift_service_catalog/templates/controller_manager_service.j2
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: Service
+metadata:
+ name: controller-manager
+spec:
+ ports:
+ - port: 6443
+ protocol: TCP
+ targetPort: 6443
+ selector:
+ app: controller-manager
+ sessionAffinity: None
+ type: ClusterIP
diff --git a/roles/openshift_service_catalog/templates/sc_role_patching.j2 b/roles/openshift_service_catalog/templates/sc_role_patching.j2
new file mode 100644
index 000000000..69b062b3f
--- /dev/null
+++ b/roles/openshift_service_catalog/templates/sc_role_patching.j2
@@ -0,0 +1,26 @@
+{{ original_content }}
+- apiGroups:
+ - "servicecatalog.k8s.io"
+ attributeRestrictions: null
+ resources:
+ - instances
+ - bindings
+ verbs:
+ - create
+ - update
+ - delete
+ - get
+ - list
+ - watch
+- apiGroups:
+ - "settings.k8s.io"
+ attributeRestrictions: null
+ resources:
+ - podpresets
+ verbs:
+ - create
+ - update
+ - delete
+ - get
+ - list
+ - watch
diff --git a/roles/openshift_service_catalog/vars/default_images.yml b/roles/openshift_service_catalog/vars/default_images.yml
new file mode 100644
index 000000000..6fb9d1b86
--- /dev/null
+++ b/roles/openshift_service_catalog/vars/default_images.yml
@@ -0,0 +1,3 @@
+---
+__openshift_service_catalog_image_prefix: "docker.io/openshift/origin-"
+__openshift_service_catalog_image_version: "latest"
diff --git a/roles/openshift_service_catalog/vars/openshift-enterprise.yml b/roles/openshift_service_catalog/vars/openshift-enterprise.yml
new file mode 100644
index 000000000..4df60e9a8
--- /dev/null
+++ b/roles/openshift_service_catalog/vars/openshift-enterprise.yml
@@ -0,0 +1,3 @@
+---
+__openshift_service_catalog_image_prefix: "registry.access.redhat.com/openshift3/ose-"
+__openshift_service_catalog_image_version: "v3.6"
diff --git a/roles/openshift_storage_glusterfs/README.md b/roles/openshift_storage_glusterfs/README.md
index 62fc35299..b367e7daf 100644
--- a/roles/openshift_storage_glusterfs/README.md
+++ b/roles/openshift_storage_glusterfs/README.md
@@ -63,8 +63,8 @@ their configuration as GlusterFS nodes:
| Name | Default value | Description |
|--------------------|---------------------------|-----------------------------------------|
| glusterfs_cluster | 1 | The ID of the cluster this node should belong to. This is useful when a single heketi service is expected to manage multiple distinct clusters. **NOTE:** For natively-hosted clusters, all pods will be in the same OpenShift namespace
-| glusterfs_hostname | openshift.common.hostname | A hostname (or IP address) that will be used for internal GlusterFS communication
-| glusterfs_ip | openshift.common.ip | An IP address that will be used by pods to communicate with the GlusterFS node
+| glusterfs_hostname | openshift.node.nodename | A hostname (or IP address) that will be used for internal GlusterFS communication
+| glusterfs_ip | openshift.common.ip | An IP address that will be used by pods to communicate with the GlusterFS node. **NOTE:** Required for external GlusterFS nodes
| glusterfs_zone | 1 | A zone number for the node. Zones are used within the cluster for determining how to distribute the bricks of GlusterFS volumes. heketi will try to spread each volumes' bricks as evenly as possible across all zones
Role Variables
@@ -76,7 +76,7 @@ GlusterFS cluster into a new or existing OpenShift cluster:
| Name | Default value | Description |
|--------------------------------------------------|-------------------------|-----------------------------------------|
| openshift_storage_glusterfs_timeout | 300 | Seconds to wait for pods to become ready
-| openshift_storage_glusterfs_namespace | 'default' | Namespace in which to create GlusterFS resources
+| openshift_storage_glusterfs_namespace | 'glusterfs' | Namespace in which to create GlusterFS resources
| openshift_storage_glusterfs_is_native | True | GlusterFS should be containerized
| openshift_storage_glusterfs_name | 'storage' | A name to identify the GlusterFS cluster, which will be used in resource names
| openshift_storage_glusterfs_nodeselector | 'glusterfs=storage-host'| Selector to determine which nodes will host GlusterFS pods in native mode. **NOTE:** The label value is taken from the cluster name
@@ -85,12 +85,19 @@ GlusterFS cluster into a new or existing OpenShift cluster:
| openshift_storage_glusterfs_version | 'latest' | Container image version to use for GlusterFS pods
| openshift_storage_glusterfs_wipe | False | Destroy any existing GlusterFS resources and wipe storage devices. **WARNING: THIS WILL DESTROY ANY DATA ON THOSE DEVICES.**
| openshift_storage_glusterfs_heketi_is_native | True | heketi should be containerized
+| openshift_storage_glusterfs_heketi_cli | 'heketi-cli' | Command/Path to invoke the heketi-cli tool **NOTE:** Change this only for **non-native heketi** if heketi-cli is not in the global `$PATH` of the machine running openshift-ansible
| openshift_storage_glusterfs_heketi_image | 'heketi/heketi' | Container image to use for heketi pods, enterprise default is 'rhgs3/rhgs-volmanager-rhel7'
| openshift_storage_glusterfs_heketi_version | 'latest' | Container image version to use for heketi pods
| openshift_storage_glusterfs_heketi_admin_key | auto-generated | String to use as secret key for performing heketi commands as admin
| openshift_storage_glusterfs_heketi_user_key | auto-generated | String to use as secret key for performing heketi commands as user that can only view or modify volumes
| openshift_storage_glusterfs_heketi_topology_load | True | Load the GlusterFS topology information into heketi
-| openshift_storage_glusterfs_heketi_url | Undefined | URL for the heketi REST API, dynamically determined in native mode
+| openshift_storage_glusterfs_heketi_url | Undefined | When heketi is native, this sets the hostname portion of the final heketi route URL. When heketi is external, this is the full URL to the heketi service.
+| openshift_storage_glusterfs_heketi_port | 8080 | TCP port for external heketi service **NOTE:** This has no effect in native mode
+| openshift_storage_glusterfs_heketi_executor | 'kubernetes' | Selects how a native heketi service will manage GlusterFS nodes: 'kubernetes' for native nodes, 'ssh' for external nodes
+| openshift_storage_glusterfs_heketi_ssh_port | 22 | SSH port for external GlusterFS nodes via native heketi
+| openshift_storage_glusterfs_heketi_ssh_user | 'root' | SSH user for external GlusterFS nodes via native heketi
+| openshift_storage_glusterfs_heketi_ssh_sudo | False | Whether to sudo (if non-root user) for SSH to external GlusterFS nodes via native heketi
+| openshift_storage_glusterfs_heketi_ssh_keyfile | '/dev/null' | Path to a private key file for use with SSH connections to external GlusterFS nodes via native heketi **NOTE:** This must be an absolute path
| openshift_storage_glusterfs_heketi_wipe | False | Destroy any existing heketi resources, defaults to the value of `openshift_storage_glusterfs_wipe`
Each role variable also has a corresponding variable to optionally configure a
@@ -102,7 +109,7 @@ are an exception:
| Name | Default value | Description |
|-------------------------------------------------------|-----------------------|-----------------------------------------|
-| openshift_storage_glusterfs_registry_namespace | registry namespace | Default is to use the hosted registry's namespace, otherwise 'default'
+| openshift_storage_glusterfs_registry_namespace | registry namespace | Default is to use the hosted registry's namespace, otherwise 'glusterfs'
| openshift_storage_glusterfs_registry_name | 'registry' | This allows for the logical separation of the registry GlusterFS cluster from other GlusterFS clusters
| openshift_storage_glusterfs_registry_storageclass | False | It is recommended to not create a StorageClass for GlusterFS clusters serving registry storage, so as to avoid performance penalties
| openshift_storage_glusterfs_registry_heketi_admin_key | auto-generated | Separate from the above
diff --git a/roles/openshift_storage_glusterfs/defaults/main.yml b/roles/openshift_storage_glusterfs/defaults/main.yml
index 468877e57..a846889ca 100644
--- a/roles/openshift_storage_glusterfs/defaults/main.yml
+++ b/roles/openshift_storage_glusterfs/defaults/main.yml
@@ -1,6 +1,6 @@
---
openshift_storage_glusterfs_timeout: 300
-openshift_storage_glusterfs_namespace: 'default'
+openshift_storage_glusterfs_namespace: 'glusterfs'
openshift_storage_glusterfs_is_native: True
openshift_storage_glusterfs_name: 'storage'
openshift_storage_glusterfs_nodeselector: "glusterfs={{ openshift_storage_glusterfs_name }}-host"
@@ -8,19 +8,26 @@ openshift_storage_glusterfs_storageclass: True
openshift_storage_glusterfs_image: "{{ 'rhgs3/rhgs-server-rhel7' | quote if deployment_type == 'openshift-enterprise' else 'gluster/gluster-centos' | quote }}"
openshift_storage_glusterfs_version: 'latest'
openshift_storage_glusterfs_wipe: False
-openshift_storage_glusterfs_heketi_is_native: True
+openshift_storage_glusterfs_heketi_is_native: "{{ openshift_storage_glusterfs_is_native }}"
openshift_storage_glusterfs_heketi_is_missing: True
openshift_storage_glusterfs_heketi_deploy_is_missing: True
+openshift_storage_glusterfs_heketi_cli: 'heketi-cli'
openshift_storage_glusterfs_heketi_image: "{{ 'rhgs3/rhgs-volmanager-rhel7' | quote if deployment_type == 'openshift-enterprise' else 'heketi/heketi' | quote }}"
openshift_storage_glusterfs_heketi_version: 'latest'
-openshift_storage_glusterfs_heketi_admin_key: "{{ 32 | oo_generate_secret }}"
-openshift_storage_glusterfs_heketi_user_key: "{{ 32 | oo_generate_secret }}"
+openshift_storage_glusterfs_heketi_admin_key: "{{ omit }}"
+openshift_storage_glusterfs_heketi_user_key: "{{ omit }}"
openshift_storage_glusterfs_heketi_topology_load: True
openshift_storage_glusterfs_heketi_wipe: "{{ openshift_storage_glusterfs_wipe }}"
openshift_storage_glusterfs_heketi_url: "{{ omit }}"
+openshift_storage_glusterfs_heketi_port: 8080
+openshift_storage_glusterfs_heketi_executor: 'kubernetes'
+openshift_storage_glusterfs_heketi_ssh_port: 22
+openshift_storage_glusterfs_heketi_ssh_user: 'root'
+openshift_storage_glusterfs_heketi_ssh_sudo: False
+openshift_storage_glusterfs_heketi_ssh_keyfile: '/dev/null'
openshift_storage_glusterfs_registry_timeout: "{{ openshift_storage_glusterfs_timeout }}"
-openshift_storage_glusterfs_registry_namespace: "{{ openshift.hosted.registry.namespace | default('default') }}"
+openshift_storage_glusterfs_registry_namespace: "{{ openshift.hosted.registry.namespace | default(openshift_storage_glusterfs_namespace) }}"
openshift_storage_glusterfs_registry_is_native: "{{ openshift_storage_glusterfs_is_native }}"
openshift_storage_glusterfs_registry_name: 'registry'
openshift_storage_glusterfs_registry_nodeselector: "glusterfs={{ openshift_storage_glusterfs_registry_name }}-host"
@@ -28,13 +35,20 @@ openshift_storage_glusterfs_registry_storageclass: False
openshift_storage_glusterfs_registry_image: "{{ openshift_storage_glusterfs_image }}"
openshift_storage_glusterfs_registry_version: "{{ openshift_storage_glusterfs_version }}"
openshift_storage_glusterfs_registry_wipe: "{{ openshift_storage_glusterfs_wipe }}"
-openshift_storage_glusterfs_registry_heketi_is_native: "{{ openshift_storage_glusterfs_heketi_is_native }}"
+openshift_storage_glusterfs_registry_heketi_is_native: "{{ openshift_storage_glusterfs_registry_is_native }}"
openshift_storage_glusterfs_registry_heketi_is_missing: "{{ openshift_storage_glusterfs_heketi_is_missing }}"
openshift_storage_glusterfs_registry_heketi_deploy_is_missing: "{{ openshift_storage_glusterfs_heketi_deploy_is_missing }}"
+openshift_storage_glusterfs_registry_heketi_cli: "{{ openshift_storage_glusterfs_heketi_cli }}"
openshift_storage_glusterfs_registry_heketi_image: "{{ openshift_storage_glusterfs_heketi_image }}"
openshift_storage_glusterfs_registry_heketi_version: "{{ openshift_storage_glusterfs_heketi_version }}"
-openshift_storage_glusterfs_registry_heketi_admin_key: "{{ 32 | oo_generate_secret }}"
-openshift_storage_glusterfs_registry_heketi_user_key: "{{ 32 | oo_generate_secret }}"
+openshift_storage_glusterfs_registry_heketi_admin_key: "{{ omit }}"
+openshift_storage_glusterfs_registry_heketi_user_key: "{{ omit }}"
openshift_storage_glusterfs_registry_heketi_topology_load: "{{ openshift_storage_glusterfs_heketi_topology_load }}"
openshift_storage_glusterfs_registry_heketi_wipe: "{{ openshift_storage_glusterfs_heketi_wipe }}"
openshift_storage_glusterfs_registry_heketi_url: "{{ openshift_storage_glusterfs_heketi_url | default(omit) }}"
+openshift_storage_glusterfs_registry_heketi_port: "{{ openshift_storage_glusterfs_heketi_port }}"
+openshift_storage_glusterfs_registry_heketi_executor: "{{ openshift_storage_glusterfs_heketi_executor }}"
+openshift_storage_glusterfs_registry_heketi_ssh_port: "{{ openshift_storage_glusterfs_heketi_ssh_port }}"
+openshift_storage_glusterfs_registry_heketi_ssh_user: "{{ openshift_storage_glusterfs_heketi_ssh_user }}"
+openshift_storage_glusterfs_registry_heketi_ssh_sudo: "{{ openshift_storage_glusterfs_heketi_ssh_sudo }}"
+openshift_storage_glusterfs_registry_heketi_ssh_keyfile: "{{ openshift_storage_glusterfs_heketi_ssh_keyfile }}"
diff --git a/roles/openshift_storage_glusterfs/files/v3.6/deploy-heketi-template.yml b/roles/openshift_storage_glusterfs/files/v3.6/deploy-heketi-template.yml
index 81b4fa5dc..9ebb0d5ec 100644
--- a/roles/openshift_storage_glusterfs/files/v3.6/deploy-heketi-template.yml
+++ b/roles/openshift_storage_glusterfs/files/v3.6/deploy-heketi-template.yml
@@ -29,7 +29,7 @@ objects:
- kind: Route
apiVersion: v1
metadata:
- name: deploy-heketi-${CLUSTER_NAME}
+ name: ${HEKETI_ROUTE}
labels:
glusterfs: deploy-heketi-${CLUSTER_NAME}-route
deploy-heketi: support
@@ -71,7 +71,7 @@ objects:
- name: HEKETI_ADMIN_KEY
value: ${HEKETI_ADMIN_KEY}
- name: HEKETI_EXECUTOR
- value: kubernetes
+ value: ${HEKETI_EXECUTOR}
- name: HEKETI_FSTAB
value: /var/lib/heketi/fstab
- name: HEKETI_SNAPSHOT_LIMIT
@@ -87,6 +87,8 @@ objects:
mountPath: /var/lib/heketi
- name: topology
mountPath: ${TOPOLOGY_PATH}
+ - name: config
+ mountPath: /etc/heketi
readinessProbe:
timeoutSeconds: 3
initialDelaySeconds: 3
@@ -104,6 +106,9 @@ objects:
- name: topology
secret:
secretName: heketi-${CLUSTER_NAME}-topology-secret
+ - name: config
+ secret:
+ secretName: heketi-${CLUSTER_NAME}-config-secret
parameters:
- name: HEKETI_USER_KEY
displayName: Heketi User Secret
@@ -111,18 +116,27 @@ parameters:
- name: HEKETI_ADMIN_KEY
displayName: Heketi Administrator Secret
description: Set secret for administration of the Heketi service as user _admin_
+- name: HEKETI_EXECUTOR
+ displayName: heketi executor type
+ description: Set the executor type, kubernetes or ssh
+ value: kubernetes
- name: HEKETI_KUBE_NAMESPACE
displayName: Namespace
description: Set the namespace where the GlusterFS pods reside
value: default
+- name: HEKETI_ROUTE
+ displayName: heketi route name
+ description: Set the hostname for the route URL
+ value: "heketi-glusterfs"
- name: IMAGE_NAME
- displayName: heketi container name
+ displayName: heketi container image name
required: True
- name: IMAGE_VERSION
- displayName: heketi container versiona
+ displayName: heketi container image version
required: True
- name: CLUSTER_NAME
displayName: GlusterFS cluster name
+ description: A unique name to identify this heketi service, useful for running multiple heketi instances
value: glusterfs
- name: TOPOLOGY_PATH
displayName: heketi topology file location
diff --git a/roles/openshift_storage_glusterfs/files/v3.6/glusterfs-template.yml b/roles/openshift_storage_glusterfs/files/v3.6/glusterfs-template.yml
index dc3d2250a..8c5e1ded3 100644
--- a/roles/openshift_storage_glusterfs/files/v3.6/glusterfs-template.yml
+++ b/roles/openshift_storage_glusterfs/files/v3.6/glusterfs-template.yml
@@ -125,11 +125,12 @@ parameters:
description: Labels which define the daemonset node selector. Must contain at least one label of the format \'glusterfs=<CLUSTER_NAME>-host\'
value: '{ "glusterfs": "storage-host" }'
- name: IMAGE_NAME
- displayName: GlusterFS container name
+ displayName: GlusterFS container image name
required: True
- name: IMAGE_VERSION
- displayName: GlusterFS container versiona
+ displayName: GlusterFS container image version
required: True
- name: CLUSTER_NAME
displayName: GlusterFS cluster name
+ description: A unique name to identify which heketi service manages this cluster, useful for running multiple heketi instances
value: storage
diff --git a/roles/openshift_storage_glusterfs/files/v3.6/heketi-template.yml b/roles/openshift_storage_glusterfs/files/v3.6/heketi-template.yml
index 1d8f1abdf..61b6a8c13 100644
--- a/roles/openshift_storage_glusterfs/files/v3.6/heketi-template.yml
+++ b/roles/openshift_storage_glusterfs/files/v3.6/heketi-template.yml
@@ -27,7 +27,7 @@ objects:
- kind: Route
apiVersion: v1
metadata:
- name: heketi-${CLUSTER_NAME}
+ name: ${HEKETI_ROUTE}
labels:
glusterfs: heketi-${CLUSTER_NAME}-route
spec:
@@ -67,7 +67,7 @@ objects:
- name: HEKETI_ADMIN_KEY
value: ${HEKETI_ADMIN_KEY}
- name: HEKETI_EXECUTOR
- value: kubernetes
+ value: ${HEKETI_EXECUTOR}
- name: HEKETI_FSTAB
value: /var/lib/heketi/fstab
- name: HEKETI_SNAPSHOT_LIMIT
@@ -81,6 +81,8 @@ objects:
volumeMounts:
- name: db
mountPath: /var/lib/heketi
+ - name: config
+ mountPath: /etc/heketi
readinessProbe:
timeoutSeconds: 3
initialDelaySeconds: 3
@@ -98,6 +100,9 @@ objects:
glusterfs:
endpoints: heketi-db-${CLUSTER_NAME}-endpoints
path: heketidbstorage
+ - name: config
+ secret:
+ secretName: heketi-${CLUSTER_NAME}-config-secret
parameters:
- name: HEKETI_USER_KEY
displayName: Heketi User Secret
@@ -105,16 +110,25 @@ parameters:
- name: HEKETI_ADMIN_KEY
displayName: Heketi Administrator Secret
description: Set secret for administration of the Heketi service as user _admin_
+- name: HEKETI_EXECUTOR
+ displayName: heketi executor type
+ description: Set the executor type, kubernetes or ssh
+ value: kubernetes
- name: HEKETI_KUBE_NAMESPACE
displayName: Namespace
description: Set the namespace where the GlusterFS pods reside
value: default
+- name: HEKETI_ROUTE
+ displayName: heketi route name
+ description: Set the hostname for the route URL
+ value: "heketi-glusterfs"
- name: IMAGE_NAME
- displayName: heketi container name
+ displayName: heketi container image name
required: True
- name: IMAGE_VERSION
- displayName: heketi container versiona
+ displayName: heketi container image version
required: True
- name: CLUSTER_NAME
displayName: GlusterFS cluster name
+ description: A unique name to identify this heketi service, useful for running multiple heketi instances
value: glusterfs
diff --git a/roles/openshift_storage_glusterfs/tasks/glusterfs_common.yml b/roles/openshift_storage_glusterfs/tasks/glusterfs_common.yml
index 829c1f51b..600d8f676 100644
--- a/roles/openshift_storage_glusterfs/tasks/glusterfs_common.yml
+++ b/roles/openshift_storage_glusterfs/tasks/glusterfs_common.yml
@@ -1,4 +1,16 @@
---
+- name: Make sure heketi-client is installed
+ package: name=heketi-client state=present
+ when:
+ - not openshift.common.is_atomic | bool
+ - not glusterfs_heketi_is_native | bool
+
+- name: Verify heketi-cli is installed
+ shell: "command -v {{ glusterfs_heketi_cli }} >/dev/null 2>&1 || { echo >&2 'ERROR: Make sure heketi-cli is available, then re-run the installer'; exit 1; }"
+ changed_when: False
+ when:
+ - not glusterfs_heketi_is_native | bool
+
- name: Verify target namespace exists
oc_project:
state: present
@@ -19,6 +31,8 @@
name: "heketi-storage-endpoints"
- kind: "secret"
name: "heketi-{{ glusterfs_name }}-topology-secret"
+ - kind: "secret"
+ name: "heketi-{{ glusterfs_name }}-config-secret"
- kind: "template,route,service,dc"
name: "heketi-{{ glusterfs_name }}"
- kind: "svc"
@@ -26,7 +40,7 @@
- kind: "sa"
name: "heketi-{{ glusterfs_name }}-service-account"
- kind: "secret"
- name: "heketi-{{ glusterfs_name }}-user-secret"
+ name: "heketi-{{ glusterfs_name }}-admin-secret"
failed_when: False
when: glusterfs_heketi_wipe
@@ -66,6 +80,7 @@
- name: Add heketi service account to privileged SCC
oc_adm_policy_user:
+ namespace: "{{ glusterfs_namespace }}"
user: "system:serviceaccount:{{ glusterfs_namespace }}:heketi-{{ glusterfs_name }}-service-account"
resource_kind: scc
resource_name: privileged
@@ -74,6 +89,7 @@
- name: Allow heketi service account to view/edit pods
oc_adm_policy_user:
+ namespace: "{{ glusterfs_namespace }}"
user: "system:serviceaccount:{{ glusterfs_namespace }}:heketi-{{ glusterfs_name }}-service-account"
resource_kind: role
resource_name: edit
@@ -123,21 +139,53 @@
when:
- glusterfs_heketi_topology_load
-- include: heketi_deploy_part1.yml
+- name: Generate heketi config file
+ template:
+ src: "{{ openshift.common.examples_content_version }}/heketi.json.j2"
+ dest: "{{ mktemp.stdout }}/heketi.json"
when:
- glusterfs_heketi_is_native
- - glusterfs_heketi_deploy_is_missing
- - glusterfs_heketi_is_missing
-- name: Set heketi URL
+- name: Generate heketi admin key
set_fact:
- glusterfs_heketi_url: "localhost:8080"
+ glusterfs_heketi_admin_key: "{{ 32 | oo_generate_secret }}"
+ when:
+ - glusterfs_heketi_is_native
+ - glusterfs_heketi_admin_key is undefined
+
+- name: Generate heketi user key
+ set_fact:
+ glusterfs_heketi_user_key: "{{ 32 | oo_generate_secret }}"
+ until: "glusterfs_heketi_user_key != glusterfs_heketi_admin_key"
+ delay: 1
+ retries: 10
+ when:
+ - glusterfs_heketi_is_native
+ - glusterfs_heketi_user_key is undefined
+
+- name: Create heketi config secret
+ oc_secret:
+ namespace: "{{ glusterfs_namespace }}"
+ state: present
+ name: "heketi-{{ glusterfs_name }}-config-secret"
+ force: True
+ files:
+ - name: heketi.json
+ path: "{{ mktemp.stdout }}/heketi.json"
+ - name: private_key
+ path: "{{ glusterfs_heketi_ssh_keyfile }}"
when:
- glusterfs_heketi_is_native
+- include: heketi_deploy_part1.yml
+ when:
+ - glusterfs_heketi_is_native
+ - glusterfs_heketi_deploy_is_missing
+ - glusterfs_heketi_is_missing
+
- name: Set heketi-cli command
set_fact:
- glusterfs_heketi_client: "{% if glusterfs_heketi_is_native %}oc rsh {{ heketi_pod.results.results[0]['items'][0]['metadata']['name'] }} {% endif %}heketi-cli -s http://{{ glusterfs_heketi_url }} --user admin --secret '{{ glusterfs_heketi_admin_key }}'"
+ glusterfs_heketi_client: "{% if glusterfs_heketi_is_native %}{{ openshift.common.client_binary }} rsh --namespace={{ glusterfs_namespace }} {{ heketi_pod.results.results[0]['items'][0]['metadata']['name'] }} {% endif %}{{ glusterfs_heketi_cli }} -s http://{% if glusterfs_heketi_is_native %}localhost:8080{% else %}{{ glusterfs_heketi_url }}:{{ glusterfs_heketi_port }}{% endif %} --user admin {% if glusterfs_heketi_admin_key is defined %}--secret '{{ glusterfs_heketi_admin_key }}'{% endif %}"
- name: Verify heketi service
command: "{{ glusterfs_heketi_client }} cluster list"
@@ -155,21 +203,44 @@
- glusterfs_heketi_is_native
- glusterfs_heketi_is_missing
-- name: Create heketi user secret
+- name: Create heketi secret
oc_secret:
namespace: "{{ glusterfs_namespace }}"
state: present
- name: "heketi-{{ glusterfs_name }}-user-secret"
+ name: "heketi-{{ glusterfs_name }}-admin-secret"
type: "kubernetes.io/glusterfs"
force: True
contents:
- path: key
- data: "{{ glusterfs_heketi_user_key }}"
+ data: "{{ glusterfs_heketi_admin_key }}"
+ when:
+ - glusterfs_storageclass
+ - glusterfs_heketi_admin_key is defined
+
+- name: Get heketi route
+ oc_obj:
+ namespace: "{{ glusterfs_namespace }}"
+ kind: route
+ state: list
+ name: "heketi-{{ glusterfs_name }}"
+ register: heketi_route
+ when:
+ - glusterfs_storageclass
+ - glusterfs_heketi_is_native
+
+- name: Determine StorageClass heketi URL
+ set_fact:
+ glusterfs_heketi_route: "{{ heketi_route.results.results[0]['spec']['host'] }}"
+ when:
+ - glusterfs_storageclass
+ - glusterfs_heketi_is_native
- name: Generate GlusterFS StorageClass file
template:
src: "{{ openshift.common.examples_content_version }}/glusterfs-storageclass.yml.j2"
dest: "{{ mktemp.stdout }}/glusterfs-storageclass.yml"
+ when:
+ - glusterfs_storageclass
- name: Create GlusterFS StorageClass
oc_obj:
diff --git a/roles/openshift_storage_glusterfs/tasks/glusterfs_config.yml b/roles/openshift_storage_glusterfs/tasks/glusterfs_config.yml
index aa303d126..7a2987883 100644
--- a/roles/openshift_storage_glusterfs/tasks/glusterfs_config.yml
+++ b/roles/openshift_storage_glusterfs/tasks/glusterfs_config.yml
@@ -2,23 +2,30 @@
- set_fact:
glusterfs_timeout: "{{ openshift_storage_glusterfs_timeout }}"
glusterfs_namespace: "{{ openshift_storage_glusterfs_namespace }}"
- glusterfs_is_native: "{{ openshift_storage_glusterfs_is_native }}"
+ glusterfs_is_native: "{{ openshift_storage_glusterfs_is_native | bool }}"
glusterfs_name: "{{ openshift_storage_glusterfs_name }}"
glusterfs_nodeselector: "{{ openshift_storage_glusterfs_nodeselector | default(['storagenode', openshift_storage_glusterfs_name] | join('=')) | map_from_pairs }}"
glusterfs_storageclass: "{{ openshift_storage_glusterfs_storageclass }}"
glusterfs_image: "{{ openshift_storage_glusterfs_image }}"
glusterfs_version: "{{ openshift_storage_glusterfs_version }}"
- glusterfs_wipe: "{{ openshift_storage_glusterfs_wipe }}"
- glusterfs_heketi_is_native: "{{ openshift_storage_glusterfs_heketi_is_native }}"
- glusterfs_heketi_is_missing: "{{ openshift_storage_glusterfs_heketi_is_missing }}"
- glusterfs_heketi_deploy_is_missing: "{{ openshift_storage_glusterfs_heketi_deploy_is_missing }}"
+ glusterfs_wipe: "{{ openshift_storage_glusterfs_wipe | bool }}"
+ glusterfs_heketi_is_native: "{{ openshift_storage_glusterfs_heketi_is_native | bool }}"
+ glusterfs_heketi_is_missing: "{{ openshift_storage_glusterfs_heketi_is_missing | bool }}"
+ glusterfs_heketi_deploy_is_missing: "{{ openshift_storage_glusterfs_heketi_deploy_is_missing | bool }}"
+ glusterfs_heketi_cli: "{{ openshift_storage_glusterfs_heketi_cli }}"
glusterfs_heketi_image: "{{ openshift_storage_glusterfs_heketi_image }}"
glusterfs_heketi_version: "{{ openshift_storage_glusterfs_heketi_version }}"
glusterfs_heketi_admin_key: "{{ openshift_storage_glusterfs_heketi_admin_key }}"
glusterfs_heketi_user_key: "{{ openshift_storage_glusterfs_heketi_user_key }}"
- glusterfs_heketi_topology_load: "{{ openshift_storage_glusterfs_heketi_topology_load }}"
- glusterfs_heketi_wipe: "{{ openshift_storage_glusterfs_heketi_wipe }}"
+ glusterfs_heketi_topology_load: "{{ openshift_storage_glusterfs_heketi_topology_load | bool }}"
+ glusterfs_heketi_wipe: "{{ openshift_storage_glusterfs_heketi_wipe | bool }}"
glusterfs_heketi_url: "{{ openshift_storage_glusterfs_heketi_url }}"
+ glusterfs_heketi_port: "{{ openshift_storage_glusterfs_heketi_port }}"
+ glusterfs_heketi_executor: "{{ openshift_storage_glusterfs_heketi_executor }}"
+ glusterfs_heketi_ssh_port: "{{ openshift_storage_glusterfs_heketi_ssh_port }}"
+ glusterfs_heketi_ssh_user: "{{ openshift_storage_glusterfs_heketi_ssh_user }}"
+ glusterfs_heketi_ssh_sudo: "{{ openshift_storage_glusterfs_heketi_ssh_sudo | bool }}"
+ glusterfs_heketi_ssh_keyfile: "{{ openshift_storage_glusterfs_heketi_ssh_keyfile }}"
glusterfs_nodes: "{{ groups.glusterfs }}"
- include: glusterfs_common.yml
diff --git a/roles/openshift_storage_glusterfs/tasks/glusterfs_deploy.yml b/roles/openshift_storage_glusterfs/tasks/glusterfs_deploy.yml
index ea4dcc510..3db5cc389 100644
--- a/roles/openshift_storage_glusterfs/tasks/glusterfs_deploy.yml
+++ b/roles/openshift_storage_glusterfs/tasks/glusterfs_deploy.yml
@@ -18,7 +18,7 @@
- name: Unlabel any existing GlusterFS nodes
oc_label:
- name: "{{ hostvars[item].openshift.common.hostname }}"
+ name: "{{ hostvars[item].openshift.node.nodename }}"
kind: node
state: absent
labels: "{{ glusterfs_nodeselector | oo_dict_to_list_of_dict }}"
@@ -67,7 +67,7 @@
- name: Label GlusterFS nodes
oc_label:
- name: "{{ hostvars[item].openshift.common.hostname }}"
+ name: "{{ hostvars[item].openshift.node.nodename }}"
kind: node
state: add
labels: "{{ glusterfs_nodeselector | oo_dict_to_list_of_dict }}"
diff --git a/roles/openshift_storage_glusterfs/tasks/glusterfs_registry.yml b/roles/openshift_storage_glusterfs/tasks/glusterfs_registry.yml
index 4c6891eeb..e46cec378 100644
--- a/roles/openshift_storage_glusterfs/tasks/glusterfs_registry.yml
+++ b/roles/openshift_storage_glusterfs/tasks/glusterfs_registry.yml
@@ -2,29 +2,36 @@
- set_fact:
glusterfs_timeout: "{{ openshift_storage_glusterfs_registry_timeout }}"
glusterfs_namespace: "{{ openshift_storage_glusterfs_registry_namespace }}"
- glusterfs_is_native: "{{ openshift_storage_glusterfs_registry_is_native }}"
+ glusterfs_is_native: "{{ openshift_storage_glusterfs_registry_is_native | bool }}"
glusterfs_name: "{{ openshift_storage_glusterfs_registry_name }}"
glusterfs_nodeselector: "{{ openshift_storage_glusterfs_registry_nodeselector | default(['storagenode', openshift_storage_glusterfs_registry_name] | join('=')) | map_from_pairs }}"
glusterfs_storageclass: "{{ openshift_storage_glusterfs_registry_storageclass }}"
glusterfs_image: "{{ openshift_storage_glusterfs_registry_image }}"
glusterfs_version: "{{ openshift_storage_glusterfs_registry_version }}"
- glusterfs_wipe: "{{ openshift_storage_glusterfs_registry_wipe }}"
- glusterfs_heketi_is_native: "{{ openshift_storage_glusterfs_registry_heketi_is_native }}"
- glusterfs_heketi_is_missing: "{{ openshift_storage_glusterfs_registry_heketi_is_missing }}"
- glusterfs_heketi_deploy_is_missing: "{{ openshift_storage_glusterfs_registry_heketi_deploy_is_missing }}"
+ glusterfs_wipe: "{{ openshift_storage_glusterfs_registry_wipe | bool }}"
+ glusterfs_heketi_is_native: "{{ openshift_storage_glusterfs_registry_heketi_is_native | bool }}"
+ glusterfs_heketi_is_missing: "{{ openshift_storage_glusterfs_registry_heketi_is_missing | bool }}"
+ glusterfs_heketi_deploy_is_missing: "{{ openshift_storage_glusterfs_registry_heketi_deploy_is_missing | bool }}"
+ glusterfs_heketi_cli: "{{ openshift_storage_glusterfs_registry_heketi_cli }}"
glusterfs_heketi_image: "{{ openshift_storage_glusterfs_registry_heketi_image }}"
glusterfs_heketi_version: "{{ openshift_storage_glusterfs_registry_heketi_version }}"
glusterfs_heketi_admin_key: "{{ openshift_storage_glusterfs_registry_heketi_admin_key }}"
glusterfs_heketi_user_key: "{{ openshift_storage_glusterfs_registry_heketi_user_key }}"
- glusterfs_heketi_topology_load: "{{ openshift_storage_glusterfs_registry_heketi_topology_load }}"
- glusterfs_heketi_wipe: "{{ openshift_storage_glusterfs_registry_heketi_wipe }}"
+ glusterfs_heketi_topology_load: "{{ openshift_storage_glusterfs_registry_heketi_topology_load | bool }}"
+ glusterfs_heketi_wipe: "{{ openshift_storage_glusterfs_registry_heketi_wipe | bool }}"
glusterfs_heketi_url: "{{ openshift_storage_glusterfs_registry_heketi_url }}"
- glusterfs_nodes: "{{ groups.glusterfs_registry }}"
+ glusterfs_heketi_port: "{{ openshift_storage_glusterfs_registry_heketi_port }}"
+ glusterfs_heketi_executor: "{{ openshift_storage_glusterfs_registry_heketi_executor }}"
+ glusterfs_heketi_ssh_port: "{{ openshift_storage_glusterfs_registry_heketi_ssh_port }}"
+ glusterfs_heketi_ssh_user: "{{ openshift_storage_glusterfs_registry_heketi_ssh_user }}"
+ glusterfs_heketi_ssh_sudo: "{{ openshift_storage_glusterfs_registry_heketi_ssh_sudo | bool }}"
+ glusterfs_heketi_ssh_keyfile: "{{ openshift_storage_glusterfs_registry_heketi_ssh_keyfile }}"
+ glusterfs_nodes: "{{ groups.glusterfs_registry | default(groups.glusterfs) }}"
- include: glusterfs_common.yml
when:
- - groups.glusterfs_registry | default([]) | count > 0
- - "'glusterfs' not in groups or groups.glusterfs_registry != groups.glusterfs"
+ - glusterfs_nodes | default([]) | count > 0
+ - "'glusterfs' not in groups or glusterfs_nodes != groups.glusterfs"
- name: Delete pre-existing GlusterFS registry resources
oc_obj:
@@ -49,7 +56,7 @@
- name: Create GlusterFS registry endpoints
oc_obj:
- namespace: "{{ glusterfs_namespace }}"
+ namespace: "{{ openshift.hosted.registry.namespace | default('default') }}"
state: present
kind: endpoints
name: "glusterfs-{{ glusterfs_name }}-endpoints"
@@ -58,7 +65,7 @@
- name: Create GlusterFS registry service
oc_obj:
- namespace: "{{ glusterfs_namespace }}"
+ namespace: "{{ openshift.hosted.registry.namespace | default('default') }}"
state: present
kind: service
name: "glusterfs-{{ glusterfs_name }}-endpoints"
diff --git a/roles/openshift_storage_glusterfs/tasks/heketi_deploy_part1.yml b/roles/openshift_storage_glusterfs/tasks/heketi_deploy_part1.yml
index 318d34b5d..3ba1eb2d2 100644
--- a/roles/openshift_storage_glusterfs/tasks/heketi_deploy_part1.yml
+++ b/roles/openshift_storage_glusterfs/tasks/heketi_deploy_part1.yml
@@ -33,8 +33,10 @@
params:
IMAGE_NAME: "{{ glusterfs_heketi_image }}"
IMAGE_VERSION: "{{ glusterfs_heketi_version }}"
+ HEKETI_ROUTE: "{{ glusterfs_heketi_url | default(['heketi-',glusterfs_name]|join) }}"
HEKETI_USER_KEY: "{{ glusterfs_heketi_user_key }}"
HEKETI_ADMIN_KEY: "{{ glusterfs_heketi_admin_key }}"
+ HEKETI_EXECUTOR: "{{ glusterfs_heketi_executor }}"
HEKETI_KUBE_NAMESPACE: "{{ glusterfs_namespace }}"
CLUSTER_NAME: "{{ glusterfs_name }}"
TOPOLOGY_PATH: "{{ mktemp.stdout }}"
diff --git a/roles/openshift_storage_glusterfs/tasks/heketi_deploy_part2.yml b/roles/openshift_storage_glusterfs/tasks/heketi_deploy_part2.yml
index 3a9619d9d..37d3e6ba2 100644
--- a/roles/openshift_storage_glusterfs/tasks/heketi_deploy_part2.yml
+++ b/roles/openshift_storage_glusterfs/tasks/heketi_deploy_part2.yml
@@ -4,7 +4,7 @@
register: setup_storage
- name: Copy heketi-storage list
- shell: "{{ openshift.common.client_binary }} rsh {{ heketi_pod.results.results[0]['items'][0]['metadata']['name'] }} cat /tmp/heketi-storage.json > {{ mktemp.stdout }}/heketi-storage.json"
+ shell: "{{ openshift.common.client_binary }} rsh --namespace={{ glusterfs_namespace }} {{ heketi_pod.results.results[0]['items'][0]['metadata']['name'] }} cat /tmp/heketi-storage.json > {{ mktemp.stdout }}/heketi-storage.json"
# This is used in the subsequent task
- name: Copy the admin client config
@@ -103,8 +103,10 @@
params:
IMAGE_NAME: "{{ glusterfs_heketi_image }}"
IMAGE_VERSION: "{{ glusterfs_heketi_version }}"
+ HEKETI_ROUTE: "{{ glusterfs_heketi_url | default(['heketi-',glusterfs_name]|join) }}"
HEKETI_USER_KEY: "{{ glusterfs_heketi_user_key }}"
HEKETI_ADMIN_KEY: "{{ glusterfs_heketi_admin_key }}"
+ HEKETI_EXECUTOR: "{{ glusterfs_heketi_executor }}"
HEKETI_KUBE_NAMESPACE: "{{ glusterfs_namespace }}"
CLUSTER_NAME: "{{ glusterfs_name }}"
@@ -124,7 +126,7 @@
- name: Set heketi-cli command
set_fact:
- glusterfs_heketi_client: "{% if glusterfs_heketi_is_native %}oc rsh {{ heketi_pod.results.results[0]['items'][0]['metadata']['name'] }} {% endif %}heketi-cli -s http://localhost:8080 --user admin --secret '{{ glusterfs_heketi_admin_key }}'"
+ glusterfs_heketi_client: "{{ openshift.common.client_binary }} rsh --namespace={{ glusterfs_namespace }} {{ heketi_pod.results.results[0]['items'][0]['metadata']['name'] }} {{ glusterfs_heketi_cli }} -s http://localhost:8080 --user admin --secret '{{ glusterfs_heketi_admin_key }}'"
- name: Verify heketi service
command: "{{ glusterfs_heketi_client }} cluster list"
diff --git a/roles/openshift_storage_glusterfs/tasks/main.yml b/roles/openshift_storage_glusterfs/tasks/main.yml
index c9bfdd1cd..d2d8c6c10 100644
--- a/roles/openshift_storage_glusterfs/tasks/main.yml
+++ b/roles/openshift_storage_glusterfs/tasks/main.yml
@@ -11,7 +11,7 @@
- include: glusterfs_registry.yml
when:
- - "groups.glusterfs_registry | default([]) | count > 0 or openshift.hosted.registry.storage.kind == 'glusterfs' or openshift.hosted.registry.glusterfs.swap"
+ - "groups.glusterfs_registry | default([]) | count > 0 or openshift.hosted.registry.storage.kind == 'glusterfs' or openshift.hosted.registry.storage.glusterfs.swap"
- name: Delete temp directory
file:
diff --git a/roles/openshift_storage_glusterfs/templates/v3.6/glusterfs-storageclass.yml.j2 b/roles/openshift_storage_glusterfs/templates/v3.6/glusterfs-storageclass.yml.j2
index 9b8fae310..095fb780f 100644
--- a/roles/openshift_storage_glusterfs/templates/v3.6/glusterfs-storageclass.yml.j2
+++ b/roles/openshift_storage_glusterfs/templates/v3.6/glusterfs-storageclass.yml.j2
@@ -5,6 +5,9 @@ metadata:
name: glusterfs-{{ glusterfs_name }}
provisioner: kubernetes.io/glusterfs
parameters:
- resturl: "http://{{ glusterfs_heketi_url }}:8081"
+ resturl: "http://{% if glusterfs_heketi_is_native %}{{ glusterfs_heketi_route }}{% else %}{{ glusterfs_heketi_url }}:{{ glusterfs_heketi_port }}{% endif %}"
+ restuser: "admin"
+{% if glusterfs_heketi_admin_key is defined %}
secretNamespace: "{{ glusterfs_namespace }}"
- secretName: "heketi-{{ glusterfs_name }}-user-secret"
+ secretName: "heketi-{{ glusterfs_name }}-admin-secret"
+{%- endif -%}
diff --git a/roles/openshift_storage_glusterfs/templates/v3.6/heketi.json.j2 b/roles/openshift_storage_glusterfs/templates/v3.6/heketi.json.j2
new file mode 100644
index 000000000..579b11bb7
--- /dev/null
+++ b/roles/openshift_storage_glusterfs/templates/v3.6/heketi.json.j2
@@ -0,0 +1,36 @@
+{
+ "_port_comment": "Heketi Server Port Number",
+ "port" : "8080",
+
+ "_use_auth": "Enable JWT authorization. Please enable for deployment",
+ "use_auth" : false,
+
+ "_jwt" : "Private keys for access",
+ "jwt" : {
+ "_admin" : "Admin has access to all APIs",
+ "admin" : {
+ "key" : "My Secret"
+ },
+ "_user" : "User only has access to /volumes endpoint",
+ "user" : {
+ "key" : "My Secret"
+ }
+ },
+
+ "_glusterfs_comment": "GlusterFS Configuration",
+ "glusterfs" : {
+
+ "_executor_comment": "Execute plugin. Possible choices: mock, kubernetes, ssh",
+ "executor" : "{{ glusterfs_heketi_executor }}",
+
+ "_db_comment": "Database file name",
+ "db" : "/var/lib/heketi/heketi.db",
+
+ "sshexec" : {
+ "keyfile" : "/etc/heketi/private_key",
+ "port" : "{{ glusterfs_heketi_ssh_port }}",
+ "user" : "{{ glusterfs_heketi_ssh_user }}",
+ "sudo" : {{ glusterfs_heketi_ssh_sudo | lower }}
+ }
+ }
+}
diff --git a/roles/openshift_storage_glusterfs/templates/v3.6/topology.json.j2 b/roles/openshift_storage_glusterfs/templates/v3.6/topology.json.j2
index 33d8f9b36..d6c28f6dd 100644
--- a/roles/openshift_storage_glusterfs/templates/v3.6/topology.json.j2
+++ b/roles/openshift_storage_glusterfs/templates/v3.6/topology.json.j2
@@ -17,10 +17,20 @@
"node": {
"hostnames": {
"manage": [
- "{{ hostvars[node].glusterfs_hostname | default(hostvars[node].openshift.common.hostname) }}"
+{%- if 'glusterfs_hostname' in hostvars[node] -%}
+ "{{ hostvars[node].glusterfs_hostname }}"
+{%- elif 'openshift' in hostvars[node] -%}
+ "{{ hostvars[node].openshift.node.nodename }}"
+{%- else -%}
+ "{{ node }}"
+{%- endif -%}
],
"storage": [
- "{{ hostvars[node].glusterfs_ip | default(hostvars[node].openshift.common.ip) }}"
+{%- if 'glusterfs_ip' in hostvars[node] -%}
+ "{{ hostvars[node].glusterfs_ip }}"
+{%- else -%}
+ "{{ hostvars[node].openshift.common.ip }}"
+{%- endif -%}
]
},
"zone": {{ hostvars[node].glusterfs_zone | default(1) }}
diff --git a/roles/openshift_storage_nfs/tasks/main.yml b/roles/openshift_storage_nfs/tasks/main.yml
index 0d6b8b7d4..019ada2fb 100644
--- a/roles/openshift_storage_nfs/tasks/main.yml
+++ b/roles/openshift_storage_nfs/tasks/main.yml
@@ -30,7 +30,7 @@
- "{{ openshift.hosted.metrics }}"
- "{{ openshift.hosted.logging }}"
- "{{ openshift.hosted.loggingops }}"
-
+ - "{{ openshift.hosted.etcd }}"
- name: Configure exports
template:
diff --git a/roles/openshift_storage_nfs/templates/exports.j2 b/roles/openshift_storage_nfs/templates/exports.j2
index 8c6d4105c..7e8f70b23 100644
--- a/roles/openshift_storage_nfs/templates/exports.j2
+++ b/roles/openshift_storage_nfs/templates/exports.j2
@@ -2,3 +2,4 @@
{{ openshift.hosted.metrics.storage.nfs.directory }}/{{ openshift.hosted.metrics.storage.volume.name }} {{ openshift.hosted.metrics.storage.nfs.options }}
{{ openshift.hosted.logging.storage.nfs.directory }}/{{ openshift.hosted.logging.storage.volume.name }} {{ openshift.hosted.logging.storage.nfs.options }}
{{ openshift.hosted.loggingops.storage.nfs.directory }}/{{ openshift.hosted.loggingops.storage.volume.name }} {{ openshift.hosted.loggingops.storage.nfs.options }}
+{{ openshift.hosted.etcd.storage.nfs.directory }}/{{ openshift.hosted.etcd.storage.volume.name }} {{ openshift.hosted.etcd.storage.nfs.options }}
diff --git a/roles/openshift_version/tasks/main.yml b/roles/openshift_version/tasks/main.yml
index 16792388f..f4cb8ddb2 100644
--- a/roles/openshift_version/tasks/main.yml
+++ b/roles/openshift_version/tasks/main.yml
@@ -84,115 +84,119 @@
- openshift_version is not defined
- openshift_protect_installed_version | bool
-- name: Set openshift_version for rpm installation
- include: set_version_rpm.yml
- when: not is_containerized | bool
-
-- name: Set openshift_version for containerized installation
- include: set_version_containerized.yml
- when: is_containerized | bool
-
-- block:
- - name: Get available {{ openshift.common.service_type}} version
- repoquery:
- name: "{{ openshift.common.service_type}}"
- ignore_excluders: true
- register: rpm_results
- - fail:
- msg: "Package {{ openshift.common.service_type}} not found"
- when: not rpm_results.results.package_found
- - set_fact:
- openshift_rpm_version: "{{ rpm_results.results.versions.available_versions.0 | default('0.0', True) }}"
- - name: Fail if rpm version and docker image version are different
- fail:
- msg: "OCP rpm version {{ openshift_rpm_version }} is different from OCP image version {{ openshift_version }}"
- # Both versions have the same string representation
+# The rest of these tasks should only execute on
+# masters and nodes as we can verify they have subscriptions
+- when:
+ - inventory_hostname in groups['oo_masters_to_config'] or inventory_hostname in groups['oo_nodes_to_config']
+ block:
+ - name: Set openshift_version for rpm installation
+ include: set_version_rpm.yml
+ when: not is_containerized | bool
+
+ - name: Set openshift_version for containerized installation
+ include: set_version_containerized.yml
+ when: is_containerized | bool
+
+ - block:
+ - name: Get available {{ openshift.common.service_type}} version
+ repoquery:
+ name: "{{ openshift.common.service_type}}"
+ ignore_excluders: true
+ register: rpm_results
+ - fail:
+ msg: "Package {{ openshift.common.service_type}} not found"
+ when: not rpm_results.results.package_found
+ - set_fact:
+ openshift_rpm_version: "{{ rpm_results.results.versions.available_versions.0 | default('0.0', True) }}"
+ - name: Fail if rpm version and docker image version are different
+ fail:
+ msg: "OCP rpm version {{ openshift_rpm_version }} is different from OCP image version {{ openshift_version }}"
+ # Both versions have the same string representation
+ when:
+ - openshift_rpm_version != openshift_version
+ # if openshift_pkg_version or openshift_image_tag is defined, user gives a permission the rpm and docker image versions can differ
+ - openshift_pkg_version is not defined
+ - openshift_image_tag is not defined
when:
- - openshift_rpm_version != openshift_version
- # if openshift_pkg_version or openshift_image_tag is defined, user gives a permission the rpm and docker image versions can differ
- - openshift_pkg_version is not defined
- - openshift_image_tag is not defined
- when:
- - is_containerized | bool
- - not is_atomic | bool
-
-# Warn if the user has provided an openshift_image_tag but is not doing a containerized install
-# NOTE: This will need to be modified/removed for future container + rpm installations work.
-- name: Warn if openshift_image_tag is defined when not doing a containerized install
- debug:
- msg: >
- openshift_image_tag is used for containerized installs. If you are trying to
- specify an image for a non-container install see oreg_url or oreg_url_master or oreg_url_node.
- when:
- - not is_containerized | bool
- - openshift_image_tag is defined
-
+ - is_containerized | bool
+ - not is_atomic | bool
+
+ # Warn if the user has provided an openshift_image_tag but is not doing a containerized install
+ # NOTE: This will need to be modified/removed for future container + rpm installations work.
+ - name: Warn if openshift_image_tag is defined when not doing a containerized install
+ debug:
+ msg: >
+ openshift_image_tag is used for containerized installs. If you are trying to
+ specify an image for a non-container install see oreg_url or oreg_url_master or oreg_url_node.
+ when:
+ - not is_containerized | bool
+ - openshift_image_tag is defined
-# At this point we know openshift_version is set appropriately. Now we set
-# openshift_image_tag and openshift_pkg_version, so all roles can always assume
-# each of this variables *will* be set correctly and can use them per their
-# intended purpose.
+ # At this point we know openshift_version is set appropriately. Now we set
+ # openshift_image_tag and openshift_pkg_version, so all roles can always assume
+ # each of this variables *will* be set correctly and can use them per their
+ # intended purpose.
-- block:
- - debug:
- msg: "openshift_image_tag was not defined. Falling back to v{{ openshift_version }}"
+ - block:
+ - debug:
+ msg: "openshift_image_tag was not defined. Falling back to v{{ openshift_version }}"
- - set_fact:
- openshift_image_tag: v{{ openshift_version }}
+ - set_fact:
+ openshift_image_tag: v{{ openshift_version }}
- when: openshift_image_tag is not defined
+ when: openshift_image_tag is not defined
-- block:
- - debug:
- msg: "openshift_pkg_version was not defined. Falling back to -{{ openshift_version }}"
+ - block:
+ - debug:
+ msg: "openshift_pkg_version was not defined. Falling back to -{{ openshift_version }}"
- - set_fact:
- openshift_pkg_version: -{{ openshift_version }}
+ - set_fact:
+ openshift_pkg_version: -{{ openshift_version }}
- when: openshift_pkg_version is not defined
+ when: openshift_pkg_version is not defined
-- fail:
- msg: openshift_version role was unable to set openshift_version
- name: Abort if openshift_version was not set
- when: openshift_version is not defined
+ - fail:
+ msg: openshift_version role was unable to set openshift_version
+ name: Abort if openshift_version was not set
+ when: openshift_version is not defined
-- fail:
- msg: openshift_version role was unable to set openshift_image_tag
- name: Abort if openshift_image_tag was not set
- when: openshift_image_tag is not defined
+ - fail:
+ msg: openshift_version role was unable to set openshift_image_tag
+ name: Abort if openshift_image_tag was not set
+ when: openshift_image_tag is not defined
-- fail:
- msg: openshift_version role was unable to set openshift_pkg_version
- name: Abort if openshift_pkg_version was not set
- when: openshift_pkg_version is not defined
+ - fail:
+ msg: openshift_version role was unable to set openshift_pkg_version
+ name: Abort if openshift_pkg_version was not set
+ when: openshift_pkg_version is not defined
-- fail:
- msg: "No OpenShift version available; please ensure your systems are fully registered and have access to appropriate yum repositories."
- name: Abort if openshift_pkg_version was not set
- when:
- - not is_containerized | bool
- - openshift_version == '0.0'
+ - fail:
+ msg: "No OpenShift version available; please ensure your systems are fully registered and have access to appropriate yum repositories."
+ name: Abort if openshift_pkg_version was not set
+ when:
+ - not is_containerized | bool
+ - openshift_version == '0.0'
-# We can't map an openshift_release to full rpm version like we can with containers; make sure
-# the rpm version we looked up matches the release requested and error out if not.
-- name: For an RPM install, abort when the release requested does not match the available version.
- when:
- - not is_containerized | bool
- - openshift_release is defined
- assert:
- that:
- - openshift_version.startswith(openshift_release) | bool
- msg: |-
- You requested openshift_release {{ openshift_release }}, which is not matched by
- the latest OpenShift RPM we detected as {{ openshift.common.service_type }}-{{ openshift_version }}
- on host {{ inventory_hostname }}.
- We will only install the latest RPMs, so please ensure you are getting the release
- you expect. You may need to adjust your Ansible inventory, modify the repositories
- available on the host, or run the appropriate OpenShift upgrade playbook.
+ # We can't map an openshift_release to full rpm version like we can with containers; make sure
+ # the rpm version we looked up matches the release requested and error out if not.
+ - name: For an RPM install, abort when the release requested does not match the available version.
+ when:
+ - not is_containerized | bool
+ - openshift_release is defined
+ assert:
+ that:
+ - openshift_version.startswith(openshift_release) | bool
+ msg: |-
+ You requested openshift_release {{ openshift_release }}, which is not matched by
+ the latest OpenShift RPM we detected as {{ openshift.common.service_type }}-{{ openshift_version }}
+ on host {{ inventory_hostname }}.
+ We will only install the latest RPMs, so please ensure you are getting the release
+ you expect. You may need to adjust your Ansible inventory, modify the repositories
+ available on the host, or run the appropriate OpenShift upgrade playbook.
-# The end result of these three variables is quite important so make sure they are displayed and logged:
-- debug: var=openshift_release
+ # The end result of these three variables is quite important so make sure they are displayed and logged:
+ - debug: var=openshift_release
-- debug: var=openshift_image_tag
+ - debug: var=openshift_image_tag
-- debug: var=openshift_pkg_version
+ - debug: var=openshift_pkg_version
diff --git a/roles/rhel_subscribe/meta/main.yml b/roles/rhel_subscribe/meta/main.yml
index 0bbeadd34..23d65c7ef 100644
--- a/roles/rhel_subscribe/meta/main.yml
+++ b/roles/rhel_subscribe/meta/main.yml
@@ -1,3 +1,2 @@
---
-dependencies:
- - role: openshift_facts
+dependencies: []
diff --git a/roles/rhel_subscribe/tasks/main.yml b/roles/rhel_subscribe/tasks/main.yml
index 28c3c7080..453044a6e 100644
--- a/roles/rhel_subscribe/tasks/main.yml
+++ b/roles/rhel_subscribe/tasks/main.yml
@@ -21,6 +21,11 @@
msg: Either rhsub_pass or the rhel_subscription_pass env variable are required for this role.
when: rhel_subscription_pass is not defined
+- name: Detecting Atomic Host Operating System
+ stat:
+ path: /run/ostree-booted
+ register: ostree_booted
+
- name: Satellite preparation
command: "rpm -Uvh http://{{ rhel_subscription_server }}/pub/katello-ca-consumer-latest.noarch.rpm"
args:
@@ -57,5 +62,6 @@
when: openshift_pool_id.stdout != ''
- include: enterprise.yml
- when: deployment_type in [ 'enterprise', 'atomic-enterprise', 'openshift-enterprise' ] and
- not openshift.common.is_atomic | bool
+ when:
+ - deployment_type in [ 'enterprise', 'atomic-enterprise', 'openshift-enterprise' ]
+ - not ostree_booted.stat.exists | bool
diff --git a/test/integration/openshift_health_checker/setup_container.yml b/test/integration/openshift_health_checker/setup_container.yml
index 8793d954e..33e94cf1f 100644
--- a/test/integration/openshift_health_checker/setup_container.yml
+++ b/test/integration/openshift_health_checker/setup_container.yml
@@ -43,3 +43,6 @@
delegate_facts: True
delegate_to: "{{ container_name }}"
with_dict: "{{ l_host_vars | default({}) }}"
+
+- include: ../../../playbooks/byo/openshift-cluster/initialize_groups.yml
+- include: ../../../playbooks/common/openshift-cluster/evaluate_groups.yml
diff --git a/tox.ini b/tox.ini
index bd27ba313..cc17377ea 100644
--- a/tox.ini
+++ b/tox.ini
@@ -24,9 +24,4 @@ commands =
generate_validation: python setup.py generate_validation
# TODO(rhcarvalho): check syntax of other important entrypoint playbooks
ansible_syntax: python setup.py ansible_syntax
- # ansible 2.2.2+ unfortunately breaks the integration test runner
- # because it can no longer set facts on the test docker hosts.
- # So for now, install separate ansible version for integration.
- # PR that fixes it: https://github.com/ansible/ansible/pull/23599
- # Once that PR is available, drop this and use same ansible.
- integration: pip install ansible==2.2.1.0
+ integration: python -c 'print "run test/integration/run-tests.sh"'
diff --git a/utils/etc/ansible.cfg b/utils/etc/ansible.cfg
index 3425e7e62..f7e6fe2ff 100644
--- a/utils/etc/ansible.cfg
+++ b/utils/etc/ansible.cfg
@@ -28,3 +28,9 @@ deprecation_warnings = False
# remote_tmp - set if provided by user (cli)
# ssh_args - set if provided by user (cli)
# control_path
+
+# Additional ssh options for OpenShift Ansible
+[ssh_connection]
+# shorten the ControlPath which is often too long; when it is,
+# ssh connection reuse silently fails, making everything slower.
+control_path = %(directory)s/%%h-%%r