From 2a7131b9403a4b22ebc55606814f604f723dc826 Mon Sep 17 00:00:00 2001 From: Sylvain Baubeau Date: Tue, 13 Oct 2015 16:36:01 +0200 Subject: Add flannel support Signed-off-by: Sylvain Baubeau --- playbooks/common/openshift-master/config.yml | 8 ++++ playbooks/common/openshift-node/config.yml | 3 ++ roles/flannel/README.md | 37 ++++++++++++++++++ roles/flannel/defaults/main.yaml | 8 ++++ roles/flannel/handlers/main.yml | 8 ++++ roles/flannel/meta/main.yml | 16 ++++++++ roles/flannel/tasks/main.yml | 44 ++++++++++++++++++++++ roles/flannel_register/README.md | 37 ++++++++++++++++++ roles/flannel_register/defaults/main.yaml | 11 ++++++ roles/flannel_register/meta/main.yml | 16 ++++++++ roles/flannel_register/tasks/main.yml | 14 +++++++ .../flannel_register/templates/flannel-config.json | 8 ++++ roles/openshift_common/tasks/main.yml | 1 + roles/openshift_facts/library/openshift_facts.py | 18 +++++++++ roles/openshift_master/tasks/main.yml | 11 +++++- roles/openshift_node/tasks/main.yml | 1 + 16 files changed, 240 insertions(+), 1 deletion(-) create mode 100644 roles/flannel/README.md create mode 100644 roles/flannel/defaults/main.yaml create mode 100644 roles/flannel/handlers/main.yml create mode 100644 roles/flannel/meta/main.yml create mode 100644 roles/flannel/tasks/main.yml create mode 100644 roles/flannel_register/README.md create mode 100644 roles/flannel_register/defaults/main.yaml create mode 100644 roles/flannel_register/meta/main.yml create mode 100644 roles/flannel_register/tasks/main.yml create mode 100644 roles/flannel_register/templates/flannel-config.json diff --git a/playbooks/common/openshift-master/config.yml b/playbooks/common/openshift-master/config.yml index 1dec923fc..54d61da06 100644 --- a/playbooks/common/openshift-master/config.yml +++ b/playbooks/common/openshift-master/config.yml @@ -247,6 +247,14 @@ when: ( deployment_type in ['atomic-enterprise','openshift-enterprise'] ) and (osm_use_cockpit | bool or osm_use_cockpit is undefined ) +- name: Configure flannel + hosts: oo_first_master + vars: + etcd_urls: "{{ openshift.master.etcd_urls }}" + roles: + - role: flannel_register + when: openshift.common.use_flannel | bool + # Additional instance config for online deployments - name: Additional instance config hosts: oo_masters_deployment_type_online diff --git a/playbooks/common/openshift-node/config.yml b/playbooks/common/openshift-node/config.yml index a14ca8e11..e39e9164c 100644 --- a/playbooks/common/openshift-node/config.yml +++ b/playbooks/common/openshift-node/config.yml @@ -84,6 +84,7 @@ vars: sync_tmpdir: "{{ hostvars.localhost.mktemp.stdout }}" openshift_node_master_api_url: "{{ hostvars[groups.oo_first_master.0].openshift.master.api_url }}" + etcd_urls: "{{ hostvars[groups.oo_first_master.0].openshift.master.etcd_urls }}" pre_tasks: - name: Ensure certificate directory exists file: @@ -100,6 +101,8 @@ when: certs_missing roles: - openshift_node + - role: flannel + when: openshift.common.use_flannel | bool - role: nickhammond.logrotate - role: fluentd_node when: openshift.common.use_fluentd | bool diff --git a/roles/flannel/README.md b/roles/flannel/README.md new file mode 100644 index 000000000..94cf15254 --- /dev/null +++ b/roles/flannel/README.md @@ -0,0 +1,37 @@ +Role Name +========= + +Configure flannel on openshift nodes + +Requirements +------------ + +This role assumes it's being deployed on a RHEL/Fedora based host with package +named 'flannel' available via yum, in version superior to 0.3. + +Role Variables +-------------- + +TODO + +Dependencies +------------ + +openshift_facts + +Example Playbook +---------------- + + - hosts: openshift_node + roles: + - { flannel } + +License +------- + +Apache License, Version 2.0 + +Author Information +------------------ + +Sylvain Baubeau diff --git a/roles/flannel/defaults/main.yaml b/roles/flannel/defaults/main.yaml new file mode 100644 index 000000000..a9acab634 --- /dev/null +++ b/roles/flannel/defaults/main.yaml @@ -0,0 +1,8 @@ +--- +flannel_interface: "{{ ansible_default_ipv4.interface }}" +flannel_etcd_key: /openshift.com/network +etcd_hosts: "{{ etcd_urls }}" +etcd_conf_dir: "{{ openshift.common.config_base }}/node" +etcd_peer_ca_file: "{{ etcd_conf_dir }}/ca.crt" +etcd_peer_cert_file: "{{ etcd_conf_dir }}/system:node:{{ openshift.common.hostname }}.crt" +etcd_peer_key_file: "{{ etcd_conf_dir }}/system:node:{{ openshift.common.hostname }}.key" diff --git a/roles/flannel/handlers/main.yml b/roles/flannel/handlers/main.yml new file mode 100644 index 000000000..f9b9ae7f1 --- /dev/null +++ b/roles/flannel/handlers/main.yml @@ -0,0 +1,8 @@ +--- +- name: restart flanneld + sudo: true + service: name=flanneld state=restarted + +- name: restart docker + sudo: true + service: name=docker state=restarted diff --git a/roles/flannel/meta/main.yml b/roles/flannel/meta/main.yml new file mode 100644 index 000000000..a64934b3c --- /dev/null +++ b/roles/flannel/meta/main.yml @@ -0,0 +1,16 @@ +--- +galaxy_info: + author: Sylvain + description: etcd management + company: Red Hat, Inc. + license: Apache License, Version 2.0 + min_ansible_version: 1.2 + platforms: + - name: EL + versions: + - 7 + categories: + - cloud + - system +dependencies: +- { role: openshift_facts } diff --git a/roles/flannel/tasks/main.yml b/roles/flannel/tasks/main.yml new file mode 100644 index 000000000..8a871efb2 --- /dev/null +++ b/roles/flannel/tasks/main.yml @@ -0,0 +1,44 @@ +--- +- name: Install flannel + sudo: true + yum: pkg=flannel state=present + +- name: Set flannel etcd url + sudo: true + lineinfile: + dest: /etc/sysconfig/flanneld + backrefs: yes + regexp: "^(FLANNEL_ETCD=)" + line: '\1{{ etcd_hosts|join(",") }}' + +- name: Set flannel etcd key + sudo: true + lineinfile: + dest: /etc/sysconfig/flanneld + backrefs: yes + regexp: "^(FLANNEL_ETCD_KEY=)" + line: '\1{{ flannel_etcd_key }}' + notify: + +- name: Set flannel options + sudo: true + lineinfile: + dest: /etc/sysconfig/flanneld + backrefs: yes + regexp: "^#?(FLANNEL_OPTIONS=)" + line: '\1--iface {{ flannel_interface }} --etcd-cafile={{ etcd_peer_ca_file }} --etcd-keyfile={{ etcd_peer_key_file }} --etcd-certfile={{ etcd_peer_cert_file }}' + +- name: Enable flanneld + sudo: true + service: + name: flanneld + state: started + enabled: yes + register: start_result + +- name: Remove docker bridge ip + sudo: true + shell: ip a del `ip a show docker0 | grep inet | awk '{print $2}'` dev docker0 + notify: + - restart docker + - restart node diff --git a/roles/flannel_register/README.md b/roles/flannel_register/README.md new file mode 100644 index 000000000..a11c8fe53 --- /dev/null +++ b/roles/flannel_register/README.md @@ -0,0 +1,37 @@ +Role Name +========= + +Register flannel configuration into etcd + +Requirements +------------ + +This role assumes it's being deployed on a RHEL/Fedora based host with package +named 'flannel' available via yum, in version superior to 0.3. + +Role Variables +-------------- + +TODO + +Dependencies +------------ + +openshift_facts + +Example Playbook +---------------- + + - hosts: openshift_master + roles: + - { flannel_register } + +License +------- + +Apache License, Version 2.0 + +Author Information +------------------ + +Sylvain Baubeau diff --git a/roles/flannel_register/defaults/main.yaml b/roles/flannel_register/defaults/main.yaml new file mode 100644 index 000000000..b7262b40f --- /dev/null +++ b/roles/flannel_register/defaults/main.yaml @@ -0,0 +1,11 @@ +--- +flannel_network: "{{ openshift.master.portal_net | default('172.16.1.1/16') }}" +flannel_min_network: "{{ min_network | default('172.16.5.0') }}" +flannel_subnet_len: "{{ subnet_len | default(24) }}" +flannel_etcd_key: /openshift.com/network +etcd_hosts: "{{ etcd_urls }}" +etcd_conf_dir: "{{ openshift.common.config_base }}/master" +etcd_peer_ca_file: "{{ etcd_conf_dir }}/ca.crt" +etcd_peer_cert_file: "{{ etcd_conf_dir }}/master.etcd-client.crt" +etcd_peer_key_file: "{{ etcd_conf_dir }}/master.etcd-client.key" + diff --git a/roles/flannel_register/meta/main.yml b/roles/flannel_register/meta/main.yml new file mode 100644 index 000000000..a64934b3c --- /dev/null +++ b/roles/flannel_register/meta/main.yml @@ -0,0 +1,16 @@ +--- +galaxy_info: + author: Sylvain + description: etcd management + company: Red Hat, Inc. + license: Apache License, Version 2.0 + min_ansible_version: 1.2 + platforms: + - name: EL + versions: + - 7 + categories: + - cloud + - system +dependencies: +- { role: openshift_facts } diff --git a/roles/flannel_register/tasks/main.yml b/roles/flannel_register/tasks/main.yml new file mode 100644 index 000000000..c58c74d34 --- /dev/null +++ b/roles/flannel_register/tasks/main.yml @@ -0,0 +1,14 @@ +--- +- name: Assures /etc/flannel dir exists + sudo: true + file: path=/etc/flannel state=directory + +- name: Generate etcd configuration for etcd + sudo: true + template: + src: "flannel-config.json" + dest: "/etc/flannel/config.json" + +- name: Insert flannel configuration into etcd + sudo: true + shell: 'curl -L --cacert "{{ etcd_peer_ca_file }}" --cert "{{ etcd_peer_cert_file }}" --key "{{ etcd_peer_key_file }}" "{{ etcd_hosts[0] }}/v2/keys{{ flannel_etcd_key }}/config" -XPUT --data-urlencode value@/etc/flannel/config.json' diff --git a/roles/flannel_register/templates/flannel-config.json b/roles/flannel_register/templates/flannel-config.json new file mode 100644 index 000000000..89ce4c30b --- /dev/null +++ b/roles/flannel_register/templates/flannel-config.json @@ -0,0 +1,8 @@ +{ + "Network": "{{ flannel_network }}", + "SubnetLen": {{ flannel_subnet_len }}, + "SubnetMin": "{{ flannel_min_network }}", + "Backend": { + "Type": "host-gw" + } +} diff --git a/roles/openshift_common/tasks/main.yml b/roles/openshift_common/tasks/main.yml index 73bd28630..64afc5081 100644 --- a/roles/openshift_common/tasks/main.yml +++ b/roles/openshift_common/tasks/main.yml @@ -13,6 +13,7 @@ sdn_network_plugin_name: "{{ os_sdn_network_plugin_name | default(None) }}" deployment_type: "{{ openshift_deployment_type }}" use_fluentd: "{{ openshift_use_fluentd | default(None) }}" + use_flannel: "{{ openshift_use_flannel | default(None) }}" - name: Set hostname hostname: name={{ openshift.common.hostname }} diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py index 67994d11d..850dc8a69 100755 --- a/roles/openshift_facts/library/openshift_facts.py +++ b/roles/openshift_facts/library/openshift_facts.py @@ -306,6 +306,23 @@ def set_fluentd_facts_if_unset(facts): facts['common']['use_fluentd'] = use_fluentd return facts +def set_flannel_facts_if_unset(facts): + """ Set flannel facts if not already present in facts dict + dict: the facts dict updated with the flannel facts if + missing + Args: + facts (dict): existing facts + Returns: + dict: the facts dict updated with the flannel + facts if they were not already present + + """ + if 'common' in facts: + if 'use_flannel' not in facts['common']: + use_flannel = False + facts['common']['use_flannel'] = use_flannel + return facts + def set_node_schedulability(facts): """ Set schedulable facts if not already present in facts dict Args: @@ -845,6 +862,7 @@ class OpenShiftFacts(object): facts = set_url_facts_if_unset(facts) facts = set_project_cfg_facts_if_unset(facts) facts = set_fluentd_facts_if_unset(facts) + facts = set_flannel_facts_if_unset(facts) facts = set_node_schedulability(facts) facts = set_master_selectors(facts) facts = set_metrics_facts_if_unset(facts) diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml index 94eb73346..da20d4f96 100644 --- a/roles/openshift_master/tasks/main.yml +++ b/roles/openshift_master/tasks/main.yml @@ -14,7 +14,10 @@ - name: Set master facts openshift_facts: - role: master + role: "{{ item.role }}" + local_facts: "{{ item.local_facts }}" + with_items: + - role: master local_facts: cluster_hostname: "{{ openshift_master_cluster_hostname | default(None) }}" cluster_public_hostname: "{{ openshift_master_cluster_public_hostname | default(None) }}" @@ -62,6 +65,12 @@ api_server_args: "{{ osm_api_server_args | default(None) }}" controller_args: "{{ osm_controller_args | default(None) }}" infra_nodes: "{{ num_infra | default(None) }}" + - role: common + local_facts: + hostname: "{{ openshift_hostname | default(none) }}" + public_hostname: "{{ openshift_public_hostname | default(none) }}" + deployment_type: "{{ openshift_deployment_type }}" + use_flannel: "{{ openshift_use_flannel | default(None) }}" - name: Install Master package yum: pkg={{ openshift.common.service_type }}-master{{ openshift_version }} state=present diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml index 98271c8b3..cb92a8d4e 100644 --- a/roles/openshift_node/tasks/main.yml +++ b/roles/openshift_node/tasks/main.yml @@ -20,6 +20,7 @@ hostname: "{{ openshift_hostname | default(none) }}" public_hostname: "{{ openshift_public_hostname | default(none) }}" deployment_type: "{{ openshift_deployment_type }}" + use_flannel: "{{ openshift_use_flannel | default(None) }}" - role: node local_facts: labels: "{{ lookup('oo_option', 'openshift_node_labels') | default( openshift_node_labels | default(none), true) }}" -- cgit v1.2.3 From 68e09d87fd859d8ec41b5eef5c44b4b39e732ba2 Mon Sep 17 00:00:00 2001 From: Sylvain Baubeau Date: Thu, 15 Oct 2015 10:38:59 +0200 Subject: Ensure openshift-sdn and flannel can't be used at the same time --- roles/openshift_common/tasks/main.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/roles/openshift_common/tasks/main.yml b/roles/openshift_common/tasks/main.yml index 64afc5081..fcc23a4f4 100644 --- a/roles/openshift_common/tasks/main.yml +++ b/roles/openshift_common/tasks/main.yml @@ -1,4 +1,8 @@ --- +- fail: + msg: Flannel can not be used with openshift sdn + when: openshift_use_openshift_sdn | bool and openshift_use_flannel | bool + - name: Set common Cluster facts openshift_facts: role: common -- cgit v1.2.3 From 4d915db61a7ebfeab72e0c649f0ea34a0281b596 Mon Sep 17 00:00:00 2001 From: Sylvain Baubeau Date: Thu, 15 Oct 2015 10:39:29 +0200 Subject: Remove multiple use_flannel fact definition --- roles/openshift_master/tasks/main.yml | 11 +---------- roles/openshift_node/tasks/main.yml | 1 - 2 files changed, 1 insertion(+), 11 deletions(-) diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml index da20d4f96..94eb73346 100644 --- a/roles/openshift_master/tasks/main.yml +++ b/roles/openshift_master/tasks/main.yml @@ -14,10 +14,7 @@ - name: Set master facts openshift_facts: - role: "{{ item.role }}" - local_facts: "{{ item.local_facts }}" - with_items: - - role: master + role: master local_facts: cluster_hostname: "{{ openshift_master_cluster_hostname | default(None) }}" cluster_public_hostname: "{{ openshift_master_cluster_public_hostname | default(None) }}" @@ -65,12 +62,6 @@ api_server_args: "{{ osm_api_server_args | default(None) }}" controller_args: "{{ osm_controller_args | default(None) }}" infra_nodes: "{{ num_infra | default(None) }}" - - role: common - local_facts: - hostname: "{{ openshift_hostname | default(none) }}" - public_hostname: "{{ openshift_public_hostname | default(none) }}" - deployment_type: "{{ openshift_deployment_type }}" - use_flannel: "{{ openshift_use_flannel | default(None) }}" - name: Install Master package yum: pkg={{ openshift.common.service_type }}-master{{ openshift_version }} state=present diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml index cb92a8d4e..98271c8b3 100644 --- a/roles/openshift_node/tasks/main.yml +++ b/roles/openshift_node/tasks/main.yml @@ -20,7 +20,6 @@ hostname: "{{ openshift_hostname | default(none) }}" public_hostname: "{{ openshift_public_hostname | default(none) }}" deployment_type: "{{ openshift_deployment_type }}" - use_flannel: "{{ openshift_use_flannel | default(None) }}" - role: node local_facts: labels: "{{ lookup('oo_option', 'openshift_node_labels') | default( openshift_node_labels | default(none), true) }}" -- cgit v1.2.3 From fc9392d0b6bcf80b5dafa03e5f4c2b812cb0a57c Mon Sep 17 00:00:00 2001 From: Sylvain Baubeau Date: Thu, 15 Oct 2015 10:53:15 +0200 Subject: Only remove IPv4 address from docker bridge --- roles/flannel/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/flannel/tasks/main.yml b/roles/flannel/tasks/main.yml index 8a871efb2..57e322836 100644 --- a/roles/flannel/tasks/main.yml +++ b/roles/flannel/tasks/main.yml @@ -38,7 +38,7 @@ - name: Remove docker bridge ip sudo: true - shell: ip a del `ip a show docker0 | grep inet | awk '{print $2}'` dev docker0 + shell: ip a del `ip a show docker0 | grep "inet[[:space:]]" | awk '{print $2}'` dev docker0 notify: - restart docker - restart node -- cgit v1.2.3 From 2d084a816d4af52f7cffe3ddb913e2b4555b7d23 Mon Sep 17 00:00:00 2001 From: Sylvain Baubeau Date: Thu, 15 Oct 2015 14:41:35 +0200 Subject: Add flannel modules documentation --- roles/flannel/README.md | 12 ++++++++++-- roles/flannel/meta/main.yml | 2 +- roles/flannel_register/README.md | 12 +++++++++++- roles/flannel_register/meta/main.yml | 2 +- 4 files changed, 23 insertions(+), 5 deletions(-) diff --git a/roles/flannel/README.md b/roles/flannel/README.md index 94cf15254..b8aa830ac 100644 --- a/roles/flannel/README.md +++ b/roles/flannel/README.md @@ -12,7 +12,15 @@ named 'flannel' available via yum, in version superior to 0.3. Role Variables -------------- -TODO +| Name | Default value | Description | +|---------------------|-----------------------------------------|-----------------------------------------------| +| flannel_interface | ansible_default_ipv4.interface | interface to use for inter-host communication | +| flannel_etcd_key | /openshift.com/network | etcd prefix | +| etcd_hosts | etcd_urls | a list of etcd endpoints | +| etcd_conf_dir | {{ openshift.common.config_base }}/node | SSL certificates directory | +| etcd_peer_ca_file | {{ etcd_conf_dir }}/ca.crt | SSL CA to use for etcd | +| etcd_peer_cert_file | Openshift SSL cert | SSL cert to use for etcd | +| etcd_peer_key_file | Openshift SSL key | SSL key to use for etcd | Dependencies ------------ @@ -24,7 +32,7 @@ Example Playbook - hosts: openshift_node roles: - - { flannel } + - { role: flannel, etcd_urls: ['https://127.0.0.1:2379'] } License ------- diff --git a/roles/flannel/meta/main.yml b/roles/flannel/meta/main.yml index a64934b3c..909bdbfa4 100644 --- a/roles/flannel/meta/main.yml +++ b/roles/flannel/meta/main.yml @@ -1,7 +1,7 @@ --- galaxy_info: author: Sylvain - description: etcd management + description: flannel management company: Red Hat, Inc. license: Apache License, Version 2.0 min_ansible_version: 1.2 diff --git a/roles/flannel_register/README.md b/roles/flannel_register/README.md index a11c8fe53..ba7541ab1 100644 --- a/roles/flannel_register/README.md +++ b/roles/flannel_register/README.md @@ -12,7 +12,17 @@ named 'flannel' available via yum, in version superior to 0.3. Role Variables -------------- -TODO +| Name | Default value | Description | +|---------------------|----------------------------------------------------|-------------------------------------------------| +| flannel_network | {{ openshift.master.portal_net }} or 172.16.1.1/16 | interface to use for inter-host communication | +| flannel_min_network | {{ min_network }} or 172.16.5.0 | beginning of IP range for the subnet allocation | +| flannel_subnet_len | /openshift.com/network | size of the subnet allocated to each host | +| flannel_etcd_key | /openshift.com/network | etcd prefix | +| etcd_hosts | etcd_urls | a list of etcd endpoints | +| etcd_conf_dir | {{ openshift.common.config_base }}/master | SSL certificates directory | +| etcd_peer_ca_file | {{ etcd_conf_dir }}/ca.crt | SSL CA to use for etcd | +| etcd_peer_cert_file | {{ etcd_conf_dir }}/master.etcd-client.crt | SSL cert to use for etcd | +| etcd_peer_key_file | {{ etcd_conf_dir }}/master.etcd-client.key | SSL key to use for etcd | Dependencies ------------ diff --git a/roles/flannel_register/meta/main.yml b/roles/flannel_register/meta/main.yml index a64934b3c..73bddcca4 100644 --- a/roles/flannel_register/meta/main.yml +++ b/roles/flannel_register/meta/main.yml @@ -1,7 +1,7 @@ --- galaxy_info: author: Sylvain - description: etcd management + description: register flannel configuration into etcd company: Red Hat, Inc. license: Apache License, Version 2.0 min_ansible_version: 1.2 -- cgit v1.2.3 From 4904ae9603d3a613f872e0cf2b7a84d852b73b40 Mon Sep 17 00:00:00 2001 From: Sylvain Baubeau Date: Thu, 15 Oct 2015 14:44:59 +0200 Subject: Use 'command' module instead of 'shell' --- roles/flannel_register/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/flannel_register/tasks/main.yml b/roles/flannel_register/tasks/main.yml index c58c74d34..1629157c8 100644 --- a/roles/flannel_register/tasks/main.yml +++ b/roles/flannel_register/tasks/main.yml @@ -11,4 +11,4 @@ - name: Insert flannel configuration into etcd sudo: true - shell: 'curl -L --cacert "{{ etcd_peer_ca_file }}" --cert "{{ etcd_peer_cert_file }}" --key "{{ etcd_peer_key_file }}" "{{ etcd_hosts[0] }}/v2/keys{{ flannel_etcd_key }}/config" -XPUT --data-urlencode value@/etc/flannel/config.json' + command: 'curl -L --cacert "{{ etcd_peer_ca_file }}" --cert "{{ etcd_peer_cert_file }}" --key "{{ etcd_peer_key_file }}" "{{ etcd_hosts[0] }}/v2/keys{{ flannel_etcd_key }}/config" -XPUT --data-urlencode value@/etc/flannel/config.json' -- cgit v1.2.3 From 490c50fe358a88d7ebdf3f473a2fb3131d6773c9 Mon Sep 17 00:00:00 2001 From: Sylvain Baubeau Date: Thu, 15 Oct 2015 14:50:19 +0200 Subject: Add missing 2nd true parameters to default Jinja filter --- roles/flannel_register/defaults/main.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/flannel_register/defaults/main.yaml b/roles/flannel_register/defaults/main.yaml index b7262b40f..e4b06b49b 100644 --- a/roles/flannel_register/defaults/main.yaml +++ b/roles/flannel_register/defaults/main.yaml @@ -1,7 +1,7 @@ --- -flannel_network: "{{ openshift.master.portal_net | default('172.16.1.1/16') }}" -flannel_min_network: "{{ min_network | default('172.16.5.0') }}" -flannel_subnet_len: "{{ subnet_len | default(24) }}" +flannel_network: "{{ openshift.master.portal_net | default('172.16.1.1/16', true) }}" +flannel_min_network: "{{ min_network | default('172.16.5.0', true) }}" +flannel_subnet_len: "{{ subnet_len | default(24, true) }}" flannel_etcd_key: /openshift.com/network etcd_hosts: "{{ etcd_urls }}" etcd_conf_dir: "{{ openshift.common.config_base }}/master" -- cgit v1.2.3 From bb30f53935399fee9dcaf42664fe8678dd157ee1 Mon Sep 17 00:00:00 2001 From: Sylvain Baubeau Date: Mon, 19 Oct 2015 15:50:07 +0200 Subject: Generate etcd certificats for flannel when is not embedded --- playbooks/common/openshift-node/config.yml | 70 ++++++++++++++++++++++++++++++ roles/flannel/defaults/main.yaml | 6 +-- roles/flannel_register/defaults/main.yaml | 2 +- 3 files changed, 74 insertions(+), 4 deletions(-) diff --git a/playbooks/common/openshift-node/config.yml b/playbooks/common/openshift-node/config.yml index e39e9164c..5f0f329c4 100644 --- a/playbooks/common/openshift-node/config.yml +++ b/playbooks/common/openshift-node/config.yml @@ -38,6 +38,21 @@ node_subdir: node-{{ openshift.common.hostname }} config_dir: "{{ openshift.common.config_base }}/generated-configs/node-{{ openshift.common.hostname }}" node_cert_dir: "{{ openshift.common.config_base }}/node" + - name: Check status of flannel external etcd certificates + stat: + path: "{{ openshift.common.config_base }}/node/{{ item }}" + with_items: + - node.etcd-client.crt + - node.etcd-ca.crt + register: g_external_etcd_flannel_cert_stat_result + - set_fact: + etcd_client_flannel_certs_missing: "{{ g_external_etcd_flannel_cert_stat_result.results + | map(attribute='stat.exists') + | list | intersect([false])}}" + etcd_cert_subdir: openshift-node-{{ openshift.common.hostname }} + etcd_cert_config_dir: "{{ openshift.common.config_base }}/node" + etcd_cert_prefix: node.etcd- + when: groups.oo_etcd_to_config is defined and groups.oo_etcd_to_config - name: Create temp directory for syncing certs hosts: localhost @@ -50,6 +65,60 @@ register: mktemp changed_when: False +- name: Configure flannel etcd certificates + hosts: oo_first_etcd + vars: + etcd_generated_certs_dir: /etc/etcd/generated_certs + etcd_needing_client_certs: "{{ hostvars + | oo_select_keys(groups['oo_nodes_to_config']) + | oo_filter_list(filter_attr='etcd_client_flannel_certs_missing') }}" + sync_tmpdir: "{{ hostvars.localhost.mktemp.stdout }}" + pre_tasks: + roles: + - role: etcd_certificates + post_tasks: + - name: Create a tarball of the etcd flannel certs + command: > + tar -czvf {{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}.tgz + -C {{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }} . + args: + creates: "{{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}.tgz" + with_items: etcd_needing_client_certs + - name: Retrieve the etcd cert tarballs + fetch: + src: "{{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}.tgz" + dest: "{{ sync_tmpdir }}/" + flat: yes + fail_on_missing: yes + validate_checksum: yes + with_items: etcd_needing_client_certs + +- name: Copy the external etcd flannel certs to the nodes + hosts: oo_nodes_to_config + vars: + sync_tmpdir: "{{ hostvars.localhost.mktemp.stdout }}" + tasks: + - name: Ensure certificate directory exists + file: + path: "{{ openshift.common.config_base }}/node" + state: directory + when: etcd_client_flannel_certs_missing is defined and etcd_client_flannel_certs_missing + - name: Unarchive the tarball on the master + unarchive: + src: "{{ sync_tmpdir }}/{{ etcd_cert_subdir }}.tgz" + dest: "{{ etcd_cert_config_dir }}" + when: etcd_client_flannel_certs_missing is defined and etcd_client_flannel_certs_missing + - file: + path: "{{ etcd_cert_config_dir }}/{{ item }}" + owner: root + group: root + mode: 0600 + with_items: + - node.etcd-client.crt + - node.etcd-client.key + - node.etcd-ca.crt + when: etcd_client_flannel_certs_missing is defined and etcd_client_flannel_certs_missing + - name: Create node certificates hosts: oo_first_master vars: @@ -85,6 +154,7 @@ sync_tmpdir: "{{ hostvars.localhost.mktemp.stdout }}" openshift_node_master_api_url: "{{ hostvars[groups.oo_first_master.0].openshift.master.api_url }}" etcd_urls: "{{ hostvars[groups.oo_first_master.0].openshift.master.etcd_urls }}" + embedded_etcd: "{{ hostvars[groups.oo_first_master.0].openshift.master.embedded_etcd }}" pre_tasks: - name: Ensure certificate directory exists file: diff --git a/roles/flannel/defaults/main.yaml b/roles/flannel/defaults/main.yaml index a9acab634..34cebda9c 100644 --- a/roles/flannel/defaults/main.yaml +++ b/roles/flannel/defaults/main.yaml @@ -3,6 +3,6 @@ flannel_interface: "{{ ansible_default_ipv4.interface }}" flannel_etcd_key: /openshift.com/network etcd_hosts: "{{ etcd_urls }}" etcd_conf_dir: "{{ openshift.common.config_base }}/node" -etcd_peer_ca_file: "{{ etcd_conf_dir }}/ca.crt" -etcd_peer_cert_file: "{{ etcd_conf_dir }}/system:node:{{ openshift.common.hostname }}.crt" -etcd_peer_key_file: "{{ etcd_conf_dir }}/system:node:{{ openshift.common.hostname }}.key" +etcd_peer_ca_file: "{{ etcd_conf_dir }}/{{ 'ca' if (embedded_etcd | bool) else 'node.etcd-ca' }}.crt" +etcd_peer_cert_file: "{{ etcd_conf_dir }}/{{ 'system:node:' + openshift.common.hostname if (embedded_etcd | bool) else 'node.etcd-client' }}.crt" +etcd_peer_key_file: "{{ etcd_conf_dir }}/{{ 'system:node:' + openshift.common.hostname if (embedded_etcd | bool) else 'node.etcd-client' }}.key" diff --git a/roles/flannel_register/defaults/main.yaml b/roles/flannel_register/defaults/main.yaml index e4b06b49b..7a454d1d2 100644 --- a/roles/flannel_register/defaults/main.yaml +++ b/roles/flannel_register/defaults/main.yaml @@ -5,7 +5,7 @@ flannel_subnet_len: "{{ subnet_len | default(24, true) }}" flannel_etcd_key: /openshift.com/network etcd_hosts: "{{ etcd_urls }}" etcd_conf_dir: "{{ openshift.common.config_base }}/master" -etcd_peer_ca_file: "{{ etcd_conf_dir }}/ca.crt" +etcd_peer_ca_file: "{{ etcd_conf_dir + '/ca.crt' if (openshift.master.embedded_etcd | bool) else etcd_conf_dir + '/master.etcd-ca.crt' }}" etcd_peer_cert_file: "{{ etcd_conf_dir }}/master.etcd-client.crt" etcd_peer_key_file: "{{ etcd_conf_dir }}/master.etcd-client.key" -- cgit v1.2.3 From 7e552e7ce4b6bd7dbd99a8fcaf1a6de87f8c8bee Mon Sep 17 00:00:00 2001 From: Sylvain Baubeau Date: Tue, 27 Oct 2015 16:14:02 +0100 Subject: Fix when neither use_openshift_sdn nor use_flannel are specified --- roles/openshift_common/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/openshift_common/tasks/main.yml b/roles/openshift_common/tasks/main.yml index fcc23a4f4..38d5a08e4 100644 --- a/roles/openshift_common/tasks/main.yml +++ b/roles/openshift_common/tasks/main.yml @@ -1,7 +1,7 @@ --- - fail: msg: Flannel can not be used with openshift sdn - when: openshift_use_openshift_sdn | bool and openshift_use_flannel | bool + when: openshift_use_openshift_sdn | default(false) | bool and openshift_use_flannel | default(false) | bool - name: Set common Cluster facts openshift_facts: -- cgit v1.2.3 From 4db5a237af8b826b52622e1b79017df98611ab10 Mon Sep 17 00:00:00 2001 From: Sylvain Baubeau Date: Tue, 27 Oct 2015 16:16:44 +0100 Subject: Check etcd certs exist for flannel when its support is enabled --- playbooks/common/openshift-node/config.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/playbooks/common/openshift-node/config.yml b/playbooks/common/openshift-node/config.yml index 5f0f329c4..ba96b4a78 100644 --- a/playbooks/common/openshift-node/config.yml +++ b/playbooks/common/openshift-node/config.yml @@ -52,7 +52,7 @@ etcd_cert_subdir: openshift-node-{{ openshift.common.hostname }} etcd_cert_config_dir: "{{ openshift.common.config_base }}/node" etcd_cert_prefix: node.etcd- - when: groups.oo_etcd_to_config is defined and groups.oo_etcd_to_config + when: groups.oo_etcd_to_config is defined and groups.oo_etcd_to_config and (openshift.common.use_flannel | bool) - name: Create temp directory for syncing certs hosts: localhost -- cgit v1.2.3 From b0d050eaffd99598dff73ecba04ad343172fd465 Mon Sep 17 00:00:00 2001 From: Sylvain Baubeau Date: Wed, 28 Oct 2015 14:59:30 +0100 Subject: Remove empty notify section --- roles/flannel/tasks/main.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/roles/flannel/tasks/main.yml b/roles/flannel/tasks/main.yml index 57e322836..acfb009ec 100644 --- a/roles/flannel/tasks/main.yml +++ b/roles/flannel/tasks/main.yml @@ -18,7 +18,6 @@ backrefs: yes regexp: "^(FLANNEL_ETCD_KEY=)" line: '\1{{ flannel_etcd_key }}' - notify: - name: Set flannel options sudo: true -- cgit v1.2.3 From e7b200a24816daf05da374ccfce3a4d5db66e291 Mon Sep 17 00:00:00 2001 From: Sylvain Baubeau Date: Wed, 28 Oct 2015 15:43:05 +0100 Subject: Change flannel registration default values --- roles/flannel_register/defaults/main.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/flannel_register/defaults/main.yaml b/roles/flannel_register/defaults/main.yaml index 7a454d1d2..269d1a17c 100644 --- a/roles/flannel_register/defaults/main.yaml +++ b/roles/flannel_register/defaults/main.yaml @@ -1,7 +1,7 @@ --- -flannel_network: "{{ openshift.master.portal_net | default('172.16.1.1/16', true) }}" -flannel_min_network: "{{ min_network | default('172.16.5.0', true) }}" -flannel_subnet_len: "{{ subnet_len | default(24, true) }}" +flannel_network: "{{ openshift.master.portal_net | default('172.30.0.0/16', true) }}" +flannel_min_network: 172.30.5.0 +flannel_subnet_len: 24 flannel_etcd_key: /openshift.com/network etcd_hosts: "{{ etcd_urls }}" etcd_conf_dir: "{{ openshift.common.config_base }}/master" -- cgit v1.2.3 From 7197aba51d24ab2cf6cde77efa853903d7ddd5ba Mon Sep 17 00:00:00 2001 From: Devan Goodwin Date: Wed, 28 Oct 2015 12:12:39 -0300 Subject: Block upgrade if targetting enterprise deployment type. enterprise is being phased out in favor of openshift-enterprise, you need to specify where you wish to go. --- playbooks/adhoc/upgrades/upgrade.yml | 8 ++++++++ utils/src/ooinstall/cli_installer.py | 21 +++++++++++++++++++++ utils/src/ooinstall/install_transactions.py | 12 ++++++++++++ 3 files changed, 41 insertions(+) diff --git a/playbooks/adhoc/upgrades/upgrade.yml b/playbooks/adhoc/upgrades/upgrade.yml index 56a1df860..e8d6a335d 100644 --- a/playbooks/adhoc/upgrades/upgrade.yml +++ b/playbooks/adhoc/upgrades/upgrade.yml @@ -1,4 +1,12 @@ --- +- name: Verify deployment type + hosts: masters + tasks: + # Checking the global deployment type rather than host facts, this is about + # what the user is requesting. + - fail: msg="Deployment type enterprise not supported for upgrade" + when: deployment_type == "enterprise" + - name: Re-Run cluster configuration to apply latest configuration changes include: ../../common/openshift-cluster/config.yml vars: diff --git a/utils/src/ooinstall/cli_installer.py b/utils/src/ooinstall/cli_installer.py index 03f86a166..e22217fdb 100644 --- a/utils/src/ooinstall/cli_installer.py +++ b/utils/src/ooinstall/cli_installer.py @@ -459,6 +459,26 @@ def uninstall(ctx): install_transactions.run_uninstall_playbook() +@click.command() +@click.pass_context +def upgrade(ctx): + oo_cfg = ctx.obj['oo_cfg'] + + if len(oo_cfg.hosts) == 0: + click.echo("No hosts defined in: %s" % oo_cfg['configuration']) + sys.exit(1) + + click.echo("OpenShift will be upgraded on the following hosts:\n") + if not ctx.obj['unattended']: + # Prompt interactively to confirm: + for host in oo_cfg.hosts: + click.echo(" * %s" % host.name) + proceed = click.confirm("\nDo you wish to proceed?") + if not proceed: + click.echo("Upgrade cancelled.") + sys.exit(0) + install_transactions.run_upgrade_playbook() + @click.command() @click.option('--force', '-f', is_flag=True, default=False) @@ -523,6 +543,7 @@ http://docs.openshift.com/enterprise/latest/admin_guide/overview.html click.pause() cli.add_command(install) +cli.add_command(upgrade) cli.add_command(uninstall) if __name__ == '__main__': diff --git a/utils/src/ooinstall/install_transactions.py b/utils/src/ooinstall/install_transactions.py index 3306271c8..60b0f3d9f 100644 --- a/utils/src/ooinstall/install_transactions.py +++ b/utils/src/ooinstall/install_transactions.py @@ -143,3 +143,15 @@ def run_uninstall_playbook(): if 'ansible_config' in CFG.settings: facts_env['ANSIBLE_CONFIG'] = CFG.settings['ansible_config'] return run_ansible(playbook, inventory_file, facts_env) + +def run_upgrade_playbook(): + playbook = os.path.join(CFG.settings['ansible_playbook_directory'], + 'playbooks/adhoc/upgrades/upgrade.yml') + # TODO: Upgrade inventory for upgrade? + inventory_file = generate_inventory(CFG.hosts) + facts_env = os.environ.copy() + if 'ansible_log_path' in CFG.settings: + facts_env['ANSIBLE_LOG_PATH'] = CFG.settings['ansible_log_path'] + if 'ansible_config' in CFG.settings: + facts_env['ANSIBLE_CONFIG'] = CFG.settings['ansible_config'] + return run_ansible(playbook, inventory_file, facts_env) -- cgit v1.2.3 From 3d7c5c6fd545112d87fa09e4a8c3f3cbc1cda1ee Mon Sep 17 00:00:00 2001 From: Devan Goodwin Date: Wed, 28 Oct 2015 15:29:52 -0300 Subject: First cut at checking available disk space for etcd backup. --- playbooks/adhoc/upgrades/upgrade.yml | 27 ++++++++++++++++++++++++++- utils/src/ooinstall/cli_installer.py | 15 ++++++++++++++- utils/src/ooinstall/install_transactions.py | 1 - utils/src/ooinstall/variants.py | 5 ++++- 4 files changed, 44 insertions(+), 4 deletions(-) diff --git a/playbooks/adhoc/upgrades/upgrade.yml b/playbooks/adhoc/upgrades/upgrade.yml index e8d6a335d..c2c1d57e8 100644 --- a/playbooks/adhoc/upgrades/upgrade.yml +++ b/playbooks/adhoc/upgrades/upgrade.yml @@ -1,5 +1,5 @@ --- -- name: Verify deployment type +- name: Verify upgrade can proceed hosts: masters tasks: # Checking the global deployment type rather than host facts, this is about @@ -7,6 +7,31 @@ - fail: msg="Deployment type enterprise not supported for upgrade" when: deployment_type == "enterprise" +- name: Backup etcd + hosts: masters + vars: + embedded_etcd: "{{ openshift.master.embedded_etcd }}" + roles: + - openshift_facts + tasks: + - name: display all variables set for the current host + debug: + var: hostvars[inventory_hostname] + - debug: var=embedded_etcd + - name: Check available data dir disk space + shell: > + df --output=avail -k {{ openshift.common.data_dir }} | tail -n 1 + register: avail_disk + when: embedded_etcd | bool + - debug: var=avail_disk.stdout + - name: Check current etcd disk usage + shell: > + df --output=avail -k /var/lib/openshift/openshift.local.etcd/ | tail -n 1 + register: etc_disk_usage + when: embedded_etcd | bool + - debug: var=etc_disk_usage.stdout + - fail: msg="All done for now." + - name: Re-Run cluster configuration to apply latest configuration changes include: ../../common/openshift-cluster/config.yml vars: diff --git a/utils/src/ooinstall/cli_installer.py b/utils/src/ooinstall/cli_installer.py index e22217fdb..daac5e388 100644 --- a/utils/src/ooinstall/cli_installer.py +++ b/utils/src/ooinstall/cli_installer.py @@ -191,7 +191,7 @@ Notes: facts_confirmed = click.confirm("Do the above facts look correct?") if not facts_confirmed: message = """ -Edit %s with the desired values and rerun oo-install with --unattended . +Edit %s with the desired values and re-run with --unattended . """ % oo_cfg.config_path click.echo(message) # Make sure we actually write out the config file. @@ -477,6 +477,19 @@ def upgrade(ctx): if not proceed: click.echo("Upgrade cancelled.") sys.exit(0) + + # Update config to reflect the version we're targetting, we'll write + # to disk once ansible completes successfully, not before. + old_variant = oo_cfg.settings['variant'] + old_version = oo_cfg.settings['variant_version'] + if oo_cfg.settings['variant'] == 'enterprise': + oo_cfg.settings['variant'] = 'openshift-enterprise' + variant, version = find_variant(oo_cfg.settings['variant']) + oo_cfg.settings['variant_version'] = version.name + click.echo("Upgrading from %s %s to %s %s" % ( + old_variant, old_version, oo_cfg.settings['variant'], + oo_cfg.settings['variant_version'])) + install_transactions.run_upgrade_playbook() diff --git a/utils/src/ooinstall/install_transactions.py b/utils/src/ooinstall/install_transactions.py index 60b0f3d9f..1d1dbe340 100644 --- a/utils/src/ooinstall/install_transactions.py +++ b/utils/src/ooinstall/install_transactions.py @@ -14,7 +14,6 @@ def set_config(cfg): CFG = cfg def generate_inventory(hosts): - print hosts global CFG base_inventory_path = CFG.settings['ansible_inventory_path'] base_inventory = open(base_inventory_path, 'w') diff --git a/utils/src/ooinstall/variants.py b/utils/src/ooinstall/variants.py index ed98429fc..219af6cd2 100644 --- a/utils/src/ooinstall/variants.py +++ b/utils/src/ooinstall/variants.py @@ -29,6 +29,9 @@ class Variant(object): self.versions = versions + def latest_version(self): + return self.versions[-1] + # WARNING: Keep the versions ordered, most recent last: OSE = Variant('openshift-enterprise', 'OpenShift Enterprise', @@ -58,7 +61,7 @@ def find_variant(name, version=None): for prod in SUPPORTED_VARIANTS: if prod.name == name: if version is None: - return (prod, prod.versions[-1]) + return (prod, prod.latest_version()) for v in prod.versions: if v.name == version: return (prod, v) -- cgit v1.2.3 From 18df191a381ced63613dea302c5bf2e172d3c803 Mon Sep 17 00:00:00 2001 From: Devan Goodwin Date: Thu, 29 Oct 2015 15:07:42 -0300 Subject: Functional disk space checking for etcd backup. --- playbooks/adhoc/upgrades/upgrade.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/playbooks/adhoc/upgrades/upgrade.yml b/playbooks/adhoc/upgrades/upgrade.yml index c2c1d57e8..ec0eca66c 100644 --- a/playbooks/adhoc/upgrades/upgrade.yml +++ b/playbooks/adhoc/upgrades/upgrade.yml @@ -26,10 +26,13 @@ - debug: var=avail_disk.stdout - name: Check current etcd disk usage shell: > - df --output=avail -k /var/lib/openshift/openshift.local.etcd/ | tail -n 1 + du -k {{ openshift.common.data_dir }}/openshift.local.etcd | tail -n 1 | cut -f1 register: etc_disk_usage when: embedded_etcd | bool - debug: var=etc_disk_usage.stdout + - name: Abort if insufficient disk space for etcd backup + fail: msg="{{ etc_disk_usage.stdout }} Kb disk space required for etcd backup, {{ avail_disk.stdout }} Kb available." + when: (embedded_etcd | bool) and (etc_disk_usage.stdout|int > avail_disk.stdout|int) - fail: msg="All done for now." - name: Re-Run cluster configuration to apply latest configuration changes -- cgit v1.2.3 From ef2e4fc1fa247ba51394766f9cf9279f0beaf0b0 Mon Sep 17 00:00:00 2001 From: Devan Goodwin Date: Fri, 30 Oct 2015 09:02:26 -0300 Subject: Add etcd_data_dir fact. --- playbooks/adhoc/upgrades/upgrade.yml | 27 ++++++++++++------------ roles/openshift_facts/library/openshift_facts.py | 6 ++++++ 2 files changed, 20 insertions(+), 13 deletions(-) diff --git a/playbooks/adhoc/upgrades/upgrade.yml b/playbooks/adhoc/upgrades/upgrade.yml index ec0eca66c..948a320a2 100644 --- a/playbooks/adhoc/upgrades/upgrade.yml +++ b/playbooks/adhoc/upgrades/upgrade.yml @@ -14,25 +14,26 @@ roles: - openshift_facts tasks: - - name: display all variables set for the current host - debug: - var: hostvars[inventory_hostname] - - debug: var=embedded_etcd - - name: Check available data dir disk space + - debug: var=etcd_data_dir + - name: Check available disk space for etcd backup + # We assume to be using the data dir for all backups. shell: > df --output=avail -k {{ openshift.common.data_dir }} | tail -n 1 register: avail_disk - when: embedded_etcd | bool - - debug: var=avail_disk.stdout - - name: Check current etcd disk usage + + - name: Check current embedded etcd disk usage shell: > - du -k {{ openshift.common.data_dir }}/openshift.local.etcd | tail -n 1 | cut -f1 - register: etc_disk_usage + du -k {{ openshift.master.etcd_data_dir }} | tail -n 1 | cut -f1 + register: etcd_disk_usage when: embedded_etcd | bool - - debug: var=etc_disk_usage.stdout + - name: Abort if insufficient disk space for etcd backup - fail: msg="{{ etc_disk_usage.stdout }} Kb disk space required for etcd backup, {{ avail_disk.stdout }} Kb available." - when: (embedded_etcd | bool) and (etc_disk_usage.stdout|int > avail_disk.stdout|int) + fail: msg="{{ etcd_disk_usage.stdout }} Kb disk space required for etcd backup, {{ avail_disk.stdout }} Kb available." + when: (embedded_etcd | bool) and (etcd_disk_usage.stdout|int > avail_disk.stdout|int) + - name: Install etcd (for etcdctl) + yum: pkg=etcd state=latest + - name: Generate etcd backup + command: etcdctl backup - fail: msg="All done for now." - name: Re-Run cluster configuration to apply latest configuration changes diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py index 3570de693..44f8cbb31 100755 --- a/roles/openshift_facts/library/openshift_facts.py +++ b/roles/openshift_facts/library/openshift_facts.py @@ -465,6 +465,12 @@ def set_aggregate_facts(facts): if 'cluster_public_hostname' in facts['master']: all_hostnames.add(facts['master']['cluster_public_hostname']) + if facts['master']['embedded_etcd']: + facts['master']['etcd_data_dir'] = os.path.join( + facts['common']['data_dir'], 'openshift.local.etcd') + else: + facts['master']['etcd_data_dir'] = '/var/lib/etcd' + facts['common']['all_hostnames'] = list(all_hostnames) return facts -- cgit v1.2.3 From 561c347d54c3a124f64b54eedbf6d2d56fb07c34 Mon Sep 17 00:00:00 2001 From: Devan Goodwin Date: Fri, 30 Oct 2015 09:41:12 -0300 Subject: Generate timestamped etcd backups. --- playbooks/adhoc/upgrades/upgrade.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/playbooks/adhoc/upgrades/upgrade.yml b/playbooks/adhoc/upgrades/upgrade.yml index 948a320a2..11d89a3da 100644 --- a/playbooks/adhoc/upgrades/upgrade.yml +++ b/playbooks/adhoc/upgrades/upgrade.yml @@ -11,10 +11,10 @@ hosts: masters vars: embedded_etcd: "{{ openshift.master.embedded_etcd }}" + timestamp: "{{ lookup('pipe', 'date +%Y%m%d%H%M%S') }}" roles: - openshift_facts tasks: - - debug: var=etcd_data_dir - name: Check available disk space for etcd backup # We assume to be using the data dir for all backups. shell: > @@ -33,7 +33,7 @@ - name: Install etcd (for etcdctl) yum: pkg=etcd state=latest - name: Generate etcd backup - command: etcdctl backup + command: etcdctl backup --data-dir={{ openshift.master.etcd_data_dir }} --backup-dir={{ openshift.common.data_dir }}/etcd-backup-{{ timestamp }} - fail: msg="All done for now." - name: Re-Run cluster configuration to apply latest configuration changes -- cgit v1.2.3 From 1976af21fed73240eb9b1f38daabc0af4d1dd388 Mon Sep 17 00:00:00 2001 From: Devan Goodwin Date: Fri, 30 Oct 2015 10:51:40 -0300 Subject: Add utils subpackage missing dep on openshift-ansible-roles. --- openshift-ansible.spec | 1 + 1 file changed, 1 insertion(+) diff --git a/openshift-ansible.spec b/openshift-ansible.spec index 3b69da825..d3be338a7 100644 --- a/openshift-ansible.spec +++ b/openshift-ansible.spec @@ -209,6 +209,7 @@ BuildArch: noarch Summary: Atomic OpenShift Utilities BuildRequires: python-setuptools Requires: openshift-ansible-playbooks +Requires: openshift-ansible-roles Requires: ansible Requires: python-click Requires: python-setuptools -- cgit v1.2.3 From 83e20a43c7b7e6876a7828d02b7fc96b8c8bbf38 Mon Sep 17 00:00:00 2001 From: Devan Goodwin Date: Fri, 30 Oct 2015 11:20:44 -0300 Subject: Remove devel fail and let upgrade proceed. --- playbooks/adhoc/upgrades/upgrade.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/playbooks/adhoc/upgrades/upgrade.yml b/playbooks/adhoc/upgrades/upgrade.yml index 11d89a3da..30896dc8e 100644 --- a/playbooks/adhoc/upgrades/upgrade.yml +++ b/playbooks/adhoc/upgrades/upgrade.yml @@ -34,7 +34,6 @@ yum: pkg=etcd state=latest - name: Generate etcd backup command: etcdctl backup --data-dir={{ openshift.master.etcd_data_dir }} --backup-dir={{ openshift.common.data_dir }}/etcd-backup-{{ timestamp }} - - fail: msg="All done for now." - name: Re-Run cluster configuration to apply latest configuration changes include: ../../common/openshift-cluster/config.yml @@ -50,6 +49,8 @@ vars: openshift_version: "{{ openshift_pkg_version | default('') }}" tasks: + - name: Upgrade to latest available kernel + yum: pkg=kernel state=latest - name: Upgrade master packages yum: pkg={{ openshift.common.service_type }}-master{{ openshift_version }} state=latest - name: Restart master services -- cgit v1.2.3 From 7063a66354faebe143124ff275cbe04a56c03237 Mon Sep 17 00:00:00 2001 From: Devan Goodwin Date: Mon, 2 Nov 2015 09:27:06 -0400 Subject: Automatically upgrade legacy config files. --- utils/src/ooinstall/oo_config.py | 41 ++++++++++++++++++++------- utils/test/oo_config_tests.py | 61 ++++++++++++++++++++++++++++++++++++++++ 2 files changed, 92 insertions(+), 10 deletions(-) diff --git a/utils/src/ooinstall/oo_config.py b/utils/src/ooinstall/oo_config.py index a2f53cf78..aa63180b5 100644 --- a/utils/src/ooinstall/oo_config.py +++ b/utils/src/ooinstall/oo_config.py @@ -73,7 +73,6 @@ class Host(object): class OOConfig(object): - new_config = True default_dir = os.path.normpath( os.environ.get('XDG_CONFIG_HOME', os.environ['HOME'] + '/.config/') + '/openshift/') @@ -86,19 +85,22 @@ class OOConfig(object): self.config_path = os.path.normpath(self.default_dir + self.default_file) self.settings = {} - self.read_config() - self.set_defaults() + self._read_config() + self._set_defaults() - def read_config(self, is_new=False): + def _read_config(self): self.hosts = [] try: - new_settings = None if os.path.exists(self.config_path): cfgfile = open(self.config_path, 'r') - new_settings = yaml.safe_load(cfgfile.read()) + self.settings = yaml.safe_load(cfgfile.read()) cfgfile.close() - if new_settings: - self.settings = new_settings + + # Use the presence of a Description as an indicator this is + # a legacy config file: + if 'Description' in self.settings: + self._upgrade_legacy_config() + # Parse the hosts into DTO objects: if 'hosts' in self.settings: for host in self.settings['hosts']: @@ -114,9 +116,28 @@ class OOConfig(object): ferr.strerror)) except yaml.scanner.ScannerError: raise OOConfigFileError('Config file "{}" is not a valid YAML document'.format(self.config_path)) - self.new_config = is_new - def set_defaults(self): + def _upgrade_legacy_config(self): + new_hosts = [] + if 'validated_facts' in self.settings: + for key, value in self.settings['validated_facts'].iteritems(): + if 'masters' in self.settings and key in self.settings['masters']: + value['master'] = True + if 'nodes' in self.settings and key in self.settings['nodes']: + value['node'] = True + new_hosts.append(value) + self.settings['hosts'] = new_hosts + + remove_settings = ['validated_facts', 'Description', 'Name', + 'Subscription', 'Vendor', 'Version', 'masters', 'nodes'] + for s in remove_settings: + del self.settings[s] + + # A legacy config implies openshift-enterprise 3.0: + self.settings['variant'] = 'openshift-enterprise' + self.settings['variant_version'] = '3.0' + + def _set_defaults(self): if 'ansible_inventory_directory' not in self.settings: self.settings['ansible_inventory_directory'] = \ diff --git a/utils/test/oo_config_tests.py b/utils/test/oo_config_tests.py index 01af33fd9..b88218459 100644 --- a/utils/test/oo_config_tests.py +++ b/utils/test/oo_config_tests.py @@ -32,6 +32,26 @@ hosts: node: true """ +# Used to test automatic upgrading of config: +LEGACY_CONFIG = """ +Description: This is the configuration file for the OpenShift Ansible-Based Installer. +Name: OpenShift Ansible-Based Installer Configuration +Subscription: {type: none} +Vendor: OpenShift Community +Version: 0.0.1 +ansible_config: /home/dgoodwin/.python-eggs/ooinstall-3.0.0-py2.7.egg-tmp/ooinstall/ansible.cfg +ansible_inventory_directory: /home/dgoodwin/.config/openshift/.ansible +ansible_log_path: /tmp/ansible.log +ansible_plugins_directory: /home/dgoodwin/.python-eggs/ooinstall-3.0.0-py2.7.egg-tmp/ooinstall/ansible_plugins +masters: [10.0.0.1] +nodes: [10.0.0.2, 10.0.0.3] +validated_facts: + 10.0.0.1: {hostname: master-private.example.com, ip: 10.0.0.1, public_hostname: master.example.com, public_ip: 24.222.0.1} + 10.0.0.2: {hostname: node1-private.example.com, ip: 10.0.0.2, public_hostname: node1.example.com, public_ip: 24.222.0.2} + 10.0.0.3: {hostname: node2-private.example.com, ip: 10.0.0.3, public_hostname: node2.example.com, public_ip: 24.222.0.3} +""" + + CONFIG_INCOMPLETE_FACTS = """ hosts: - ip: 10.0.0.1 @@ -74,6 +94,47 @@ class OOInstallFixture(unittest.TestCase): return path +class LegacyOOConfigTests(OOInstallFixture): + + def setUp(self): + OOInstallFixture.setUp(self) + self.cfg_path = self.write_config(os.path.join(self.work_dir, + 'ooinstall.conf'), LEGACY_CONFIG) + self.cfg = OOConfig(self.cfg_path) + + def test_load_config_memory(self): + self.assertEquals('openshift-enterprise', self.cfg.settings['variant']) + self.assertEquals('3.0', self.cfg.settings['variant_version']) + + self.assertEquals(3, len(self.cfg.hosts)) + h1 = self.cfg.get_host('10.0.0.1') + self.assertEquals('10.0.0.1', h1.ip) + self.assertEquals('24.222.0.1', h1.public_ip) + self.assertEquals('master-private.example.com', h1.hostname) + self.assertEquals('master.example.com', h1.public_hostname) + + h2 = self.cfg.get_host('10.0.0.2') + self.assertEquals('10.0.0.2', h2.ip) + self.assertEquals('24.222.0.2', h2.public_ip) + self.assertEquals('node1-private.example.com', h2.hostname) + self.assertEquals('node1.example.com', h2.public_hostname) + + h3 = self.cfg.get_host('10.0.0.3') + self.assertEquals('10.0.0.3', h3.ip) + self.assertEquals('24.222.0.3', h3.public_ip) + self.assertEquals('node2-private.example.com', h3.hostname) + self.assertEquals('node2.example.com', h3.public_hostname) + + self.assertFalse('masters' in self.cfg.settings) + self.assertFalse('nodes' in self.cfg.settings) + self.assertFalse('Description' in self.cfg.settings) + self.assertFalse('Name' in self.cfg.settings) + self.assertFalse('Subscription' in self.cfg.settings) + self.assertFalse('Vendor' in self.cfg.settings) + self.assertFalse('Version' in self.cfg.settings) + self.assertFalse('validates_facts' in self.cfg.settings) + + class OOConfigTests(OOInstallFixture): def test_load_config(self): -- cgit v1.2.3 From 1ddfdd136f4b22368c87ad7656faa0cccdfa4a25 Mon Sep 17 00:00:00 2001 From: Devan Goodwin Date: Mon, 2 Nov 2015 10:10:46 -0400 Subject: Print info after upgrade completes. --- utils/src/ooinstall/cli_installer.py | 7 ++++++- utils/src/ooinstall/install_transactions.py | 2 ++ 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/utils/src/ooinstall/cli_installer.py b/utils/src/ooinstall/cli_installer.py index daac5e388..978259f79 100644 --- a/utils/src/ooinstall/cli_installer.py +++ b/utils/src/ooinstall/cli_installer.py @@ -490,7 +490,12 @@ def upgrade(ctx): old_variant, old_version, oo_cfg.settings['variant'], oo_cfg.settings['variant_version'])) - install_transactions.run_upgrade_playbook() + retcode = install_transactions.run_upgrade_playbook() + if retcode > 0: + click.echo("Errors encountered during upgrade, please check %s." % + oo_cfg.settings['ansible_log_path']) + else: + click.echo("Upgrade completed! Rebooting all hosts is recommended.") @click.command() diff --git a/utils/src/ooinstall/install_transactions.py b/utils/src/ooinstall/install_transactions.py index 1d1dbe340..0754b8ab6 100644 --- a/utils/src/ooinstall/install_transactions.py +++ b/utils/src/ooinstall/install_transactions.py @@ -143,6 +143,7 @@ def run_uninstall_playbook(): facts_env['ANSIBLE_CONFIG'] = CFG.settings['ansible_config'] return run_ansible(playbook, inventory_file, facts_env) + def run_upgrade_playbook(): playbook = os.path.join(CFG.settings['ansible_playbook_directory'], 'playbooks/adhoc/upgrades/upgrade.yml') @@ -154,3 +155,4 @@ def run_upgrade_playbook(): if 'ansible_config' in CFG.settings: facts_env['ANSIBLE_CONFIG'] = CFG.settings['ansible_config'] return run_ansible(playbook, inventory_file, facts_env) + -- cgit v1.2.3 From 866dcbe962464a571f24e1e4ae5a9e928f7bbc47 Mon Sep 17 00:00:00 2001 From: Devan Goodwin Date: Mon, 2 Nov 2015 13:14:26 -0400 Subject: Fix etcd backup bug with not-yet-created /var/lib/origin symlink --- playbooks/adhoc/upgrades/upgrade.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/playbooks/adhoc/upgrades/upgrade.yml b/playbooks/adhoc/upgrades/upgrade.yml index 30896dc8e..c543a4416 100644 --- a/playbooks/adhoc/upgrades/upgrade.yml +++ b/playbooks/adhoc/upgrades/upgrade.yml @@ -15,6 +15,11 @@ roles: - openshift_facts tasks: + - stat: path=/var/lib/openshift + register: var_lib_openshift + - name: Create origin symlink if necessary + file: src=/var/lib/openshift/ dest=/var/lib/origin state=link + when: var_lib_openshift.stat.exists == True - name: Check available disk space for etcd backup # We assume to be using the data dir for all backups. shell: > -- cgit v1.2.3 From ef6b36d14a00757754aaf001a8acad8354cf62ff Mon Sep 17 00:00:00 2001 From: Devan Goodwin Date: Mon, 2 Nov 2015 15:17:47 -0400 Subject: Better info prior to initiating upgrade. --- utils/src/ooinstall/cli_installer.py | 21 ++++++++++----------- 1 file changed, 10 insertions(+), 11 deletions(-) diff --git a/utils/src/ooinstall/cli_installer.py b/utils/src/ooinstall/cli_installer.py index 978259f79..c39eb5cac 100644 --- a/utils/src/ooinstall/cli_installer.py +++ b/utils/src/ooinstall/cli_installer.py @@ -468,16 +468,6 @@ def upgrade(ctx): click.echo("No hosts defined in: %s" % oo_cfg['configuration']) sys.exit(1) - click.echo("OpenShift will be upgraded on the following hosts:\n") - if not ctx.obj['unattended']: - # Prompt interactively to confirm: - for host in oo_cfg.hosts: - click.echo(" * %s" % host.name) - proceed = click.confirm("\nDo you wish to proceed?") - if not proceed: - click.echo("Upgrade cancelled.") - sys.exit(0) - # Update config to reflect the version we're targetting, we'll write # to disk once ansible completes successfully, not before. old_variant = oo_cfg.settings['variant'] @@ -486,9 +476,18 @@ def upgrade(ctx): oo_cfg.settings['variant'] = 'openshift-enterprise' variant, version = find_variant(oo_cfg.settings['variant']) oo_cfg.settings['variant_version'] = version.name - click.echo("Upgrading from %s %s to %s %s" % ( + click.echo("Openshift will be upgraded from %s %s to %s %s on the following hosts:\n" % ( old_variant, old_version, oo_cfg.settings['variant'], oo_cfg.settings['variant_version'])) + for host in oo_cfg.hosts: + click.echo(" * %s" % host.name) + + if not ctx.obj['unattended']: + # Prompt interactively to confirm: + proceed = click.confirm("\nDo you wish to proceed?") + if not proceed: + click.echo("Upgrade cancelled.") + sys.exit(0) retcode = install_transactions.run_upgrade_playbook() if retcode > 0: -- cgit v1.2.3 From 078a44715b1190f4a7e0b098b0dc87446d88ac8c Mon Sep 17 00:00:00 2001 From: Jason DeTiberus Date: Mon, 2 Nov 2015 17:09:54 -0500 Subject: initial module framework --- .../upgrades/library/openshift_upgrade_config.py | 62 ++++++++++++++++++++++ 1 file changed, 62 insertions(+) create mode 100755 playbooks/adhoc/upgrades/library/openshift_upgrade_config.py diff --git a/playbooks/adhoc/upgrades/library/openshift_upgrade_config.py b/playbooks/adhoc/upgrades/library/openshift_upgrade_config.py new file mode 100755 index 000000000..157fbc5c2 --- /dev/null +++ b/playbooks/adhoc/upgrades/library/openshift_upgrade_config.py @@ -0,0 +1,62 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# vim: expandtab:tabstop=4:shiftwidth=4 + +"""Ansible module for modifying OpenShift configs during an upgrade""" + +DOCUMENTATION = ''' +--- +module: openshift_upgrade_config +short_description: OpenShift Upgrade Config +author: Jason DeTiberus +requirements: [ ] +''' +EXAMPLES = ''' +''' + +def upgrade_master_3_0_to_3_1(backup): + pass + + +def upgrade_master(from_version, to_version, backup): + if from_version == '3.0': + if to_version == '3.1': + upgrade_master_3_0_to_3_1(backup) + + +def main(): + """ main """ + # disabling pylint errors for global-variable-undefined and invalid-name + # for 'global module' usage, since it is required to use ansible_facts + # pylint: disable=global-variable-undefined, invalid-name + global module + + module = AnsibleModule( + argument_spec=dict( + from_version=dict(required=True, choices=['3.0']), + to_version=dict(required=True, choices=['3.1']), + role=dict(required=True, choices=['master']), + backup=dict(required=False, default=True, type='bool') + ), + supports_check_mode=True, + ) + + changed = False + + from_version = module.params['from_version'] + to_version = module.params['to_version'] + role = module.params['role'] + backup = module.params['backup'] + + if role == 'master': + upgrade_master(from_version, to_version, backup) + + return module.exit_json(changed=changed) + +# ignore pylint errors related to the module_utils import +# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import +# import module snippets +from ansible.module_utils.basic import * + +if __name__ == '__main__': + main() -- cgit v1.2.3 From 37517bf00da3491819c4b47c113ad29e2b3ae9cd Mon Sep 17 00:00:00 2001 From: Andrew Butcher Date: Mon, 2 Nov 2015 16:25:10 -0500 Subject: Fix issue with master.proxy-client.{crt,key} and omit. --- roles/openshift_master_certificates/tasks/main.yml | 23 +++++++++++++--------- 1 file changed, 14 insertions(+), 9 deletions(-) diff --git a/roles/openshift_master_certificates/tasks/main.yml b/roles/openshift_master_certificates/tasks/main.yml index e4602337e..9bc59d89d 100644 --- a/roles/openshift_master_certificates/tasks/main.yml +++ b/roles/openshift_master_certificates/tasks/main.yml @@ -6,13 +6,9 @@ mode: 0700 with_items: masters_needing_certs -- file: - src: "{{ openshift_master_config_dir }}/{{ item.1 }}" - dest: "{{ openshift_generated_configs_dir }}/{{ item.0.master_cert_subdir }}/{{ item.1 }}" - state: hard - with_nested: - - masters_needing_certs - - - ca.crt +- set_fact: + master_certificates: + - ca.crt - ca.key - ca.serial.txt - admin.crt @@ -20,8 +16,6 @@ - admin.kubeconfig - master.kubelet-client.crt - master.kubelet-client.key - - "{{ 'master.proxy-client.crt' if openshift.common.version_greater_than_3_1_or_1_1 else omit }}" - - "{{ 'master.proxy-client.key' if openshift.common.version_greater_than_3_1_or_1_1 else omit }}" - openshift-master.crt - openshift-master.key - openshift-master.kubeconfig @@ -33,6 +27,17 @@ - openshift-router.kubeconfig - serviceaccounts.private.key - serviceaccounts.public.key + master_31_certificates: + - master.proxy-client.crt + - master.proxy-client.key + +- file: + src: "{{ openshift_master_config_dir }}/{{ item.1 }}" + dest: "{{ openshift_generated_configs_dir }}/{{ item.0.master_cert_subdir }}/{{ item.1 }}" + state: hard + with_nested: + - masters_needing_certs + - "{{ master_certificates | union(master_31_certificates) if openshift.common.version_greater_than_3_1_or_1_1 | bool else master_certificates }}" - name: Create the master certificates if they do not already exist -- cgit v1.2.3 From 39250a47afca63ef0b5a73158a2c9b15443a4235 Mon Sep 17 00:00:00 2001 From: Devan Goodwin Date: Tue, 3 Nov 2015 08:27:26 -0400 Subject: Pylint fix. --- utils/src/ooinstall/cli_installer.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/utils/src/ooinstall/cli_installer.py b/utils/src/ooinstall/cli_installer.py index c39eb5cac..21e50de6d 100644 --- a/utils/src/ooinstall/cli_installer.py +++ b/utils/src/ooinstall/cli_installer.py @@ -474,7 +474,7 @@ def upgrade(ctx): old_version = oo_cfg.settings['variant_version'] if oo_cfg.settings['variant'] == 'enterprise': oo_cfg.settings['variant'] = 'openshift-enterprise' - variant, version = find_variant(oo_cfg.settings['variant']) + version = find_variant(oo_cfg.settings['variant'])[0] oo_cfg.settings['variant_version'] = version.name click.echo("Openshift will be upgraded from %s %s to %s %s on the following hosts:\n" % ( old_variant, old_version, oo_cfg.settings['variant'], -- cgit v1.2.3 From f91c0cac0b6e671d5ad70543054a17178c5f0a46 Mon Sep 17 00:00:00 2001 From: Devan Goodwin Date: Tue, 3 Nov 2015 08:37:31 -0400 Subject: Add a simple version for the installer config file. --- utils/src/ooinstall/oo_config.py | 3 +++ utils/test/oo_config_tests.py | 3 +++ 2 files changed, 6 insertions(+) diff --git a/utils/src/ooinstall/oo_config.py b/utils/src/ooinstall/oo_config.py index aa63180b5..4281947f1 100644 --- a/utils/src/ooinstall/oo_config.py +++ b/utils/src/ooinstall/oo_config.py @@ -12,6 +12,7 @@ PERSIST_SETTINGS = [ 'ansible_log_path', 'variant', 'variant_version', + 'version', ] REQUIRED_FACTS = ['ip', 'public_ip', 'hostname', 'public_hostname'] @@ -146,6 +147,8 @@ class OOConfig(object): os.makedirs(self.settings['ansible_inventory_directory']) if 'ansible_plugins_directory' not in self.settings: self.settings['ansible_plugins_directory'] = resource_filename(__name__, 'ansible_plugins') + if 'version' not in self.settings: + self.settings['version'] = 'v1' if 'ansible_callback_facts_yaml' not in self.settings: self.settings['ansible_callback_facts_yaml'] = '%s/callback_facts.yaml' % \ diff --git a/utils/test/oo_config_tests.py b/utils/test/oo_config_tests.py index b88218459..480560542 100644 --- a/utils/test/oo_config_tests.py +++ b/utils/test/oo_config_tests.py @@ -105,6 +105,7 @@ class LegacyOOConfigTests(OOInstallFixture): def test_load_config_memory(self): self.assertEquals('openshift-enterprise', self.cfg.settings['variant']) self.assertEquals('3.0', self.cfg.settings['variant_version']) + self.assertEquals('v1', self.cfg.settings['version']) self.assertEquals(3, len(self.cfg.hosts)) h1 = self.cfg.get_host('10.0.0.1') @@ -152,6 +153,7 @@ class OOConfigTests(OOInstallFixture): [host['ip'] for host in ooconfig.settings['hosts']]) self.assertEquals('openshift-enterprise', ooconfig.settings['variant']) + self.assertEquals('v1', ooconfig.settings['version']) def test_load_complete_facts(self): cfg_path = self.write_config(os.path.join(self.work_dir, @@ -189,6 +191,7 @@ class OOConfigTests(OOInstallFixture): self.assertTrue('ansible_ssh_user' in written_config) self.assertTrue('variant' in written_config) + self.assertEquals('v1', written_config['version']) # Some advanced settings should not get written out if they # were not specified by the user: -- cgit v1.2.3 From 3f28361fdf56c9e7395fcbfe5c2698569f8a5684 Mon Sep 17 00:00:00 2001 From: Devan Goodwin Date: Tue, 3 Nov 2015 08:57:57 -0400 Subject: Remove my username from some test data. --- utils/test/oo_config_tests.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/utils/test/oo_config_tests.py b/utils/test/oo_config_tests.py index 480560542..6dc335a0e 100644 --- a/utils/test/oo_config_tests.py +++ b/utils/test/oo_config_tests.py @@ -39,10 +39,10 @@ Name: OpenShift Ansible-Based Installer Configuration Subscription: {type: none} Vendor: OpenShift Community Version: 0.0.1 -ansible_config: /home/dgoodwin/.python-eggs/ooinstall-3.0.0-py2.7.egg-tmp/ooinstall/ansible.cfg -ansible_inventory_directory: /home/dgoodwin/.config/openshift/.ansible +ansible_config: /tmp/notreal/ansible.cfg +ansible_inventory_directory: /tmp/notreal/.config/openshift/.ansible ansible_log_path: /tmp/ansible.log -ansible_plugins_directory: /home/dgoodwin/.python-eggs/ooinstall-3.0.0-py2.7.egg-tmp/ooinstall/ansible_plugins +ansible_plugins_directory: /tmp/notreal/.python-eggs/ooinstall-3.0.0-py2.7.egg-tmp/ooinstall/ansible_plugins masters: [10.0.0.1] nodes: [10.0.0.2, 10.0.0.3] validated_facts: -- cgit v1.2.3 From ec31736606fc280de641e8909f03416c6b74e004 Mon Sep 17 00:00:00 2001 From: Devan Goodwin Date: Tue, 3 Nov 2015 09:20:04 -0400 Subject: Document the new version field for installer config. --- utils/docs/config.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/utils/docs/config.md b/utils/docs/config.md index 9399409dd..ee4b157c9 100644 --- a/utils/docs/config.md +++ b/utils/docs/config.md @@ -7,6 +7,7 @@ The default location this config file will be written to ~/.config/openshift/ins ## Example ``` +version: v1 variant: openshift-enterprise variant_version: 3.0 ansible_ssh_user: root @@ -32,6 +33,10 @@ hosts: ## Primary Settings +### version + +Indicates the version of configuration this file was written with. Current implementation is v1. + ### variant The OpenShift variant to install. Currently valid options are: -- cgit v1.2.3 From ab83e16dbed3eb5cf1dff96992509439d2739550 Mon Sep 17 00:00:00 2001 From: Devan Goodwin Date: Tue, 3 Nov 2015 09:51:10 -0400 Subject: Fix installer upgrade bug following pylint fix. --- utils/src/ooinstall/cli_installer.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/utils/src/ooinstall/cli_installer.py b/utils/src/ooinstall/cli_installer.py index 21e50de6d..2fc7a872f 100644 --- a/utils/src/ooinstall/cli_installer.py +++ b/utils/src/ooinstall/cli_installer.py @@ -474,7 +474,7 @@ def upgrade(ctx): old_version = oo_cfg.settings['variant_version'] if oo_cfg.settings['variant'] == 'enterprise': oo_cfg.settings['variant'] = 'openshift-enterprise' - version = find_variant(oo_cfg.settings['variant'])[0] + version = find_variant(oo_cfg.settings['variant'])[1] oo_cfg.settings['variant_version'] = version.name click.echo("Openshift will be upgraded from %s %s to %s %s on the following hosts:\n" % ( old_variant, old_version, oo_cfg.settings['variant'], -- cgit v1.2.3 From cbf98f53b0975a829a5720c33149c7014d5bd7cd Mon Sep 17 00:00:00 2001 From: Devan Goodwin Date: Tue, 3 Nov 2015 09:27:13 -0400 Subject: Implement master-config.yaml upgrade for v1beta3 apiLevel removal. --- .../upgrades/library/openshift_upgrade_config.py | 53 ++++++++++++++++++++-- playbooks/adhoc/upgrades/upgrade.yml | 25 ++++++---- utils/src/ooinstall/install_transactions.py | 2 +- 3 files changed, 67 insertions(+), 13 deletions(-) diff --git a/playbooks/adhoc/upgrades/library/openshift_upgrade_config.py b/playbooks/adhoc/upgrades/library/openshift_upgrade_config.py index 157fbc5c2..f41c6fb59 100755 --- a/playbooks/adhoc/upgrades/library/openshift_upgrade_config.py +++ b/playbooks/adhoc/upgrades/library/openshift_upgrade_config.py @@ -2,6 +2,12 @@ # -*- coding: utf-8 -*- # vim: expandtab:tabstop=4:shiftwidth=4 +import os +import shutil +import yaml + +from datetime import datetime + """Ansible module for modifying OpenShift configs during an upgrade""" DOCUMENTATION = ''' @@ -14,14 +20,53 @@ requirements: [ ] EXAMPLES = ''' ''' +def get_cfg_dir(): + cfg_path = '/etc/origin/' + if not os.path.exists(cfg_path): + cfg_path = '/etc/openshift/' + return cfg_path + def upgrade_master_3_0_to_3_1(backup): - pass + changed = False + + # Facts do not get transferred to the hosts where custom modules run, + # need to make some assumptions here. + master_config = os.path.join(get_cfg_dir(), 'master/master-config.yaml') + + f = open(master_config, 'r') + config = yaml.safe_load(f.read()) + f.close() + + # Remove v1beta3 from apiLevels: + if 'apiLevels' in config and \ + 'v1beta3' in config['apiLevels']: + config['apiLevels'].remove('v1beta3') + changed = True + if 'kubernetesMasterConfig' in config and \ + 'apiLevels' in config['kubernetesMasterConfig'] and \ + 'v1beta3' in config['kubernetesMasterConfig']['apiLevels']: + config['kubernetesMasterConfig']['apiLevels'].remove('v1beta3') + changed = True + + if changed: + if backup: + timestamp = datetime.now().strftime('%Y%m%d%H%M%S') + basedir = os.path.split(master_config)[0] + backup_file = os.path.join(basedir, 'master-config.yaml.bak-%s' + % timestamp) + shutil.copyfile(master_config, backup_file) + # Write the modified config: + out_file = open(master_config, 'w') + out_file.write(yaml.safe_dump(config, default_flow_style=False)) + out_file.close() + + return changed def upgrade_master(from_version, to_version, backup): if from_version == '3.0': if to_version == '3.1': - upgrade_master_3_0_to_3_1(backup) + return upgrade_master_3_0_to_3_1(backup) def main(): @@ -41,15 +86,15 @@ def main(): supports_check_mode=True, ) - changed = False from_version = module.params['from_version'] to_version = module.params['to_version'] role = module.params['role'] backup = module.params['backup'] + changed = False if role == 'master': - upgrade_master(from_version, to_version, backup) + changed = upgrade_master(from_version, to_version, backup) return module.exit_json(changed=changed) diff --git a/playbooks/adhoc/upgrades/upgrade.yml b/playbooks/adhoc/upgrades/upgrade.yml index e55f1536f..6cb6803a9 100644 --- a/playbooks/adhoc/upgrades/upgrade.yml +++ b/playbooks/adhoc/upgrades/upgrade.yml @@ -40,6 +40,15 @@ - name: Generate etcd backup command: etcdctl backup --data-dir={{ openshift.master.etcd_data_dir }} --backup-dir={{ openshift.common.data_dir }}/etcd-backup-{{ timestamp }} +- name: Update 3.0 configuration to 3.1 + hosts: masters + tasks: + tasks: + - debug: var=openshift_master_config_dir + - name: Upgrade configuration. + openshift_upgrade_config: from_version=3.0 to_version=3.1 role=master + - fail: All done for now. + - name: Upgrade base package on masters hosts: masters roles: @@ -50,14 +59,14 @@ - name: Upgrade base package yum: pkg={{ openshift.common.service_type }}{{ openshift_version }} state=latest -- name: Re-Run cluster configuration to apply latest configuration changes - include: ../../common/openshift-cluster/config.yml - vars: - g_etcd_group: "{{ 'etcd' }}" - g_masters_group: "{{ 'masters' }}" - g_nodes_group: "{{ 'nodes' }}" - openshift_cluster_id: "{{ cluster_id | default('default') }}" - openshift_deployment_type: "{{ deployment_type }}" + #- name: Re-Run cluster configuration to apply latest configuration changes + # include: ../../common/openshift-cluster/config.yml + # vars: + # g_etcd_group: "{{ 'etcd' }}" + # g_masters_group: "{{ 'masters' }}" + # g_nodes_group: "{{ 'nodes' }}" + # openshift_cluster_id: "{{ cluster_id | default('default') }}" + # openshift_deployment_type: "{{ deployment_type }}" - name: Upgrade masters hosts: masters diff --git a/utils/src/ooinstall/install_transactions.py b/utils/src/ooinstall/install_transactions.py index 0754b8ab6..e71bc183b 100644 --- a/utils/src/ooinstall/install_transactions.py +++ b/utils/src/ooinstall/install_transactions.py @@ -127,7 +127,7 @@ def run_main_playbook(hosts, hosts_to_run_on): def run_ansible(playbook, inventory, env_vars): - return subprocess.call(['ansible-playbook', + return subprocess.call(['ansible-playbook', '-v', '--inventory-file={}'.format(inventory), playbook], env=env_vars) -- cgit v1.2.3 From 6b03fcb185c7f37e258dd34ca8b70d5c124cabba Mon Sep 17 00:00:00 2001 From: Devan Goodwin Date: Tue, 3 Nov 2015 11:48:27 -0400 Subject: Add in proxyClientInfo if missing during config upgrade. --- playbooks/adhoc/upgrades/library/openshift_upgrade_config.py | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/playbooks/adhoc/upgrades/library/openshift_upgrade_config.py b/playbooks/adhoc/upgrades/library/openshift_upgrade_config.py index f41c6fb59..95c7b1664 100755 --- a/playbooks/adhoc/upgrades/library/openshift_upgrade_config.py +++ b/playbooks/adhoc/upgrades/library/openshift_upgrade_config.py @@ -26,6 +26,7 @@ def get_cfg_dir(): cfg_path = '/etc/openshift/' return cfg_path + def upgrade_master_3_0_to_3_1(backup): changed = False @@ -42,12 +43,18 @@ def upgrade_master_3_0_to_3_1(backup): 'v1beta3' in config['apiLevels']: config['apiLevels'].remove('v1beta3') changed = True - if 'kubernetesMasterConfig' in config and \ - 'apiLevels' in config['kubernetesMasterConfig'] and \ + if 'apiLevels' in config['kubernetesMasterConfig'] and \ 'v1beta3' in config['kubernetesMasterConfig']['apiLevels']: config['kubernetesMasterConfig']['apiLevels'].remove('v1beta3') changed = True + # Add the new master proxy client certs: + if 'proxyClientInfo' not in config['kubernetesMasterConfig']: + config['kubernetesMasterConfig']['proxyClientInfo'] = { + 'certFile': 'master.proxy-client.crt', + 'keyFile': 'master.proxy-client.key' + } + if changed: if backup: timestamp = datetime.now().strftime('%Y%m%d%H%M%S') @@ -86,7 +93,6 @@ def main(): supports_check_mode=True, ) - from_version = module.params['from_version'] to_version = module.params['to_version'] role = module.params['role'] -- cgit v1.2.3 From 74420660b1b12a00392a6d88a257e0cfe1b0a08e Mon Sep 17 00:00:00 2001 From: Devan Goodwin Date: Tue, 3 Nov 2015 12:34:05 -0400 Subject: Move config upgrade to correct place, fix node facts. --- playbooks/adhoc/upgrades/upgrade.yml | 29 ++++++++++++++++++--------- playbooks/common/openshift-cluster/config.yml | 6 +++--- utils/src/ooinstall/install_transactions.py | 2 +- 3 files changed, 24 insertions(+), 13 deletions(-) diff --git a/playbooks/adhoc/upgrades/upgrade.yml b/playbooks/adhoc/upgrades/upgrade.yml index 6cb6803a9..6e7292da1 100644 --- a/playbooks/adhoc/upgrades/upgrade.yml +++ b/playbooks/adhoc/upgrades/upgrade.yml @@ -40,15 +40,6 @@ - name: Generate etcd backup command: etcdctl backup --data-dir={{ openshift.master.etcd_data_dir }} --backup-dir={{ openshift.common.data_dir }}/etcd-backup-{{ timestamp }} -- name: Update 3.0 configuration to 3.1 - hosts: masters - tasks: - tasks: - - debug: var=openshift_master_config_dir - - name: Upgrade configuration. - openshift_upgrade_config: from_version=3.0 to_version=3.1 role=master - - fail: All done for now. - - name: Upgrade base package on masters hosts: masters roles: @@ -77,6 +68,8 @@ yum: pkg=kernel state=latest - name: Upgrade master packages yum: pkg={{ openshift.common.service_type }}-master{{ openshift_version }} state=latest + - name: Upgrade master configuration. + openshift_upgrade_config: from_version=3.0 to_version=3.1 role=master - name: Restart master services service: name="{{ openshift.common.service_type}}-master" state=restarted @@ -84,12 +77,30 @@ hosts: nodes vars: openshift_version: "{{ openshift_pkg_version | default('') }}" + roles: + - openshift_facts tasks: - name: Upgrade node packages yum: pkg={{ openshift.common.service_type }}-node{{ openshift_version }} state=latest - name: Restart node services service: name="{{ openshift.common.service_type }}-node" state=restarted +- name: Evaluate oo_first_master + hosts: localhost + vars: + g_masters_group: "{{ 'masters' }}" + tasks: + - name: display all variables set for the current host + debug: + var: hostvars[inventory_hostname] + - name: Evaluate oo_first_master + add_host: + name: "{{ groups[g_masters_group][0] }}" + groups: oo_first_master + ansible_ssh_user: "{{ g_ssh_user | default(omit) }}" + ansible_sudo: "{{ g_sudo | default(omit) }}" + when: g_masters_group in groups and (groups[g_masters_group] | length) > 0 + - name: Determine new master version hosts: oo_first_master tasks: diff --git a/playbooks/common/openshift-cluster/config.yml b/playbooks/common/openshift-cluster/config.yml index 4c74f96db..e6bf41ae4 100644 --- a/playbooks/common/openshift-cluster/config.yml +++ b/playbooks/common/openshift-cluster/config.yml @@ -4,15 +4,15 @@ gather_facts: no tasks: - fail: - msg: This playbook rquires g_etcd_group to be set + msg: This playbook requires g_etcd_group to be set when: g_etcd_group is not defined - fail: - msg: This playbook rquires g_masters_group to be set + msg: This playbook requires g_masters_group to be set when: g_masters_group is not defined - fail: - msg: This playbook rquires g_nodes_group to be set + msg: This playbook requires g_nodes_group to be set when: g_nodes_group is not defined - name: Evaluate oo_etcd_to_config diff --git a/utils/src/ooinstall/install_transactions.py b/utils/src/ooinstall/install_transactions.py index e71bc183b..0754b8ab6 100644 --- a/utils/src/ooinstall/install_transactions.py +++ b/utils/src/ooinstall/install_transactions.py @@ -127,7 +127,7 @@ def run_main_playbook(hosts, hosts_to_run_on): def run_ansible(playbook, inventory, env_vars): - return subprocess.call(['ansible-playbook', '-v', + return subprocess.call(['ansible-playbook', '--inventory-file={}'.format(inventory), playbook], env=env_vars) -- cgit v1.2.3 From 867a372321270311946375d71f7d08aab2b56d67 Mon Sep 17 00:00:00 2001 From: Devan Goodwin Date: Tue, 3 Nov 2015 14:57:06 -0400 Subject: Add debug output for location of etcd backup. --- playbooks/adhoc/upgrades/upgrade.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/playbooks/adhoc/upgrades/upgrade.yml b/playbooks/adhoc/upgrades/upgrade.yml index e55f1536f..539710469 100644 --- a/playbooks/adhoc/upgrades/upgrade.yml +++ b/playbooks/adhoc/upgrades/upgrade.yml @@ -39,6 +39,9 @@ yum: pkg=etcd state=latest - name: Generate etcd backup command: etcdctl backup --data-dir={{ openshift.master.etcd_data_dir }} --backup-dir={{ openshift.common.data_dir }}/etcd-backup-{{ timestamp }} + - name: Display location of etcd backup + debug: msg="Etcd backup created in {{ openshift.common.data_dir }}/etcd-backup-{{ timestamp }}" + - name: Upgrade base package on masters hosts: masters -- cgit v1.2.3 From 4a4ecb7e4517dddf989441f0e7d99617917f942d Mon Sep 17 00:00:00 2001 From: Devan Goodwin Date: Wed, 4 Nov 2015 08:14:46 -0400 Subject: Skip fail if enterprise deployment type depending on version. --- playbooks/adhoc/upgrades/upgrade.yml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/playbooks/adhoc/upgrades/upgrade.yml b/playbooks/adhoc/upgrades/upgrade.yml index 539710469..ffcd2757b 100644 --- a/playbooks/adhoc/upgrades/upgrade.yml +++ b/playbooks/adhoc/upgrades/upgrade.yml @@ -98,6 +98,14 @@ fail: This playbook requires Origin 1.0.6 or Atomic OpenShift 3.0.2 or later when: _new_version.stdout | version_compare('1.0.6','<') or ( _new_version.stdout | version_compare('3.0','>=' and _new_version.stdout | version_compare('3.0.2','<') ) +- name: Verify upgrade can proceed + hosts: masters + tasks: + # Checking the global deployment type rather than host facts, this is about + # what the user is requesting. + - fail: msg="Deployment type 'enterprise' must be updated to 'openshift-enterprise' for upgrade to proceed" + when: deployment_type == "enterprise" and (_new_version.stdout | version_compare('1.0.7', '>=') or _new_version.stdout | version_compare('3.1', '>=')) + - name: Update cluster policy hosts: oo_first_master tasks: -- cgit v1.2.3 From 8ca4308854c44649d2dcfd94f441790c2e5c5d2b Mon Sep 17 00:00:00 2001 From: Devan Goodwin Date: Wed, 4 Nov 2015 08:27:21 -0400 Subject: Use the base package upgrade version so we can check things earlier. --- playbooks/adhoc/upgrades/upgrade.yml | 64 +++++++++++++++++++++++------------- 1 file changed, 41 insertions(+), 23 deletions(-) diff --git a/playbooks/adhoc/upgrades/upgrade.yml b/playbooks/adhoc/upgrades/upgrade.yml index ffcd2757b..a959aa881 100644 --- a/playbooks/adhoc/upgrades/upgrade.yml +++ b/playbooks/adhoc/upgrades/upgrade.yml @@ -42,7 +42,6 @@ - name: Display location of etcd backup debug: msg="Etcd backup created in {{ openshift.common.data_dir }}/etcd-backup-{{ timestamp }}" - - name: Upgrade base package on masters hosts: masters roles: @@ -53,6 +52,47 @@ - name: Upgrade base package yum: pkg={{ openshift.common.service_type }}{{ openshift_version }} state=latest +- name: Evaluate oo_first_master + hosts: localhost + vars: + g_masters_group: "{{ 'masters' }}" + tasks: + - name: display all variables set for the current host + debug: + var: hostvars[inventory_hostname] + - name: Evaluate oo_first_master + add_host: + name: "{{ groups[g_masters_group][0] }}" + groups: oo_first_master + ansible_ssh_user: "{{ g_ssh_user | default(omit) }}" + ansible_sudo: "{{ g_sudo | default(omit) }}" + when: g_masters_group in groups and (groups[g_masters_group] | length) > 0 + +# TODO: ideally we would check the new version, without installing it. (some +# kind of yum repoquery? would need to handle openshift -> atomic-openshift +# package rename) +- name: Perform upgrade version checking + hosts: oo_first_master + tasks: + - name: Determine new version + command: > + rpm -q --queryformat '%{version}' {{ openshift.common.service_type }} + register: _new_version + +- name: Ensure AOS 3.0.2 or Origin 1.0.6 + hosts: oo_first_master + tasks: + fail: This playbook requires Origin 1.0.6 or Atomic OpenShift 3.0.2 or later + when: _new_version.stdout | version_compare('1.0.6','<') or ( _new_version.stdout | version_compare('3.0','>=' and _new_version.stdout | version_compare('3.0.2','<') ) + +- name: Verify upgrade can proceed + hosts: oo_first_master + tasks: + # Checking the global deployment type rather than host facts, this is about + # what the user is requesting. + - fail: msg="Deployment type 'enterprise' must be updated to 'openshift-enterprise' for upgrade to proceed" + when: deployment_type == "enterprise" and (_new_version.stdout | version_compare('1.0.7', '>=') or _new_version.stdout | version_compare('3.1', '>=')) + - name: Re-Run cluster configuration to apply latest configuration changes include: ../../common/openshift-cluster/config.yml vars: @@ -84,28 +124,6 @@ - name: Restart node services service: name="{{ openshift.common.service_type }}-node" state=restarted -- name: Determine new master version - hosts: oo_first_master - tasks: - - name: Determine new version - command: > - rpm -q --queryformat '%{version}' {{ openshift.common.service_type }}-master - register: _new_version - -- name: Ensure AOS 3.0.2 or Origin 1.0.6 - hosts: oo_first_master - tasks: - fail: This playbook requires Origin 1.0.6 or Atomic OpenShift 3.0.2 or later - when: _new_version.stdout | version_compare('1.0.6','<') or ( _new_version.stdout | version_compare('3.0','>=' and _new_version.stdout | version_compare('3.0.2','<') ) - -- name: Verify upgrade can proceed - hosts: masters - tasks: - # Checking the global deployment type rather than host facts, this is about - # what the user is requesting. - - fail: msg="Deployment type 'enterprise' must be updated to 'openshift-enterprise' for upgrade to proceed" - when: deployment_type == "enterprise" and (_new_version.stdout | version_compare('1.0.7', '>=') or _new_version.stdout | version_compare('3.1', '>=')) - - name: Update cluster policy hosts: oo_first_master tasks: -- cgit v1.2.3 From 21f793b8aefcd680041150d0740eeed05d272c31 Mon Sep 17 00:00:00 2001 From: Devan Goodwin Date: Wed, 4 Nov 2015 09:13:39 -0400 Subject: Fix bug with default ansible playbook dir. --- utils/src/ooinstall/cli_installer.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/utils/src/ooinstall/cli_installer.py b/utils/src/ooinstall/cli_installer.py index 25705ec7a..455f56a66 100644 --- a/utils/src/ooinstall/cli_installer.py +++ b/utils/src/ooinstall/cli_installer.py @@ -385,7 +385,7 @@ def get_hosts_to_run_on(oo_cfg, callback_facts, unattended, force): dir_okay=True, readable=True), # callback=validate_ansible_dir, - default='/usr/share/openshift-ansible/', + default=DEFAULT_PLAYBOOK_DIR, envvar='OO_ANSIBLE_PLAYBOOK_DIRECTORY') @click.option('--ansible-config', type=click.Path(file_okay=True, -- cgit v1.2.3 From 6b2644268ed1bbb1ff3f2fd85427aefef0e51e0f Mon Sep 17 00:00:00 2001 From: Devan Goodwin Date: Wed, 4 Nov 2015 09:54:55 -0400 Subject: Fix bug from module rename. --- utils/src/ooinstall/cli_installer.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/utils/src/ooinstall/cli_installer.py b/utils/src/ooinstall/cli_installer.py index 455f56a66..e4fda2813 100644 --- a/utils/src/ooinstall/cli_installer.py +++ b/utils/src/ooinstall/cli_installer.py @@ -489,7 +489,7 @@ def upgrade(ctx): click.echo("Upgrade cancelled.") sys.exit(0) - retcode = install_transactions.run_upgrade_playbook() + retcode = openshift_ansible.run_upgrade_playbook() if retcode > 0: click.echo("Errors encountered during upgrade, please check %s." % oo_cfg.settings['ansible_log_path']) -- cgit v1.2.3 From 53f8a753a219b623d49cc536986bfcbad44be1df Mon Sep 17 00:00:00 2001 From: Jason DeTiberus Date: Wed, 4 Nov 2015 10:54:58 -0500 Subject: Fix subpackage dependencies --- openshift-ansible.spec | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/openshift-ansible.spec b/openshift-ansible.spec index 8ea9120f2..8cf30aa83 100644 --- a/openshift-ansible.spec +++ b/openshift-ansible.spec @@ -170,6 +170,9 @@ Ansible Inventories for GCE used with the openshift-ansible scripts and playbook %package playbooks Summary: Openshift and Atomic Enterprise Ansible Playbooks Requires: %{name} +Requires: %{name}-roles +Requires: %{name}-lookup-plugins +Requires: %{name}-filter-plugins BuildArch: noarch %description playbooks @@ -185,6 +188,8 @@ BuildArch: noarch %package roles Summary: Openshift and Atomic Enterprise Ansible roles Requires: %{name} +Requires: %{name}-lookup-plugins +Requires: %{name}-filter-plugins BuildArch: noarch %description roles -- cgit v1.2.3 From 215a7aacc2fc3df19a64a2a57910516533665423 Mon Sep 17 00:00:00 2001 From: Devan Goodwin Date: Wed, 4 Nov 2015 10:41:39 -0400 Subject: Fix bug with not upgrading openshift-master to atomic-openshift-master. Removing the full call to config resulted in rpms not getting upgraded. Config was doing a yum update of everything, which picks up the atomic-openshift-master obsoleting openshift-master. The actual yum call changed here would not. Instead we switch to a direct call to yum which correctly picks up the obsoletes and updates to atomic-openshift packages. --- playbooks/adhoc/upgrades/upgrade.yml | 19 +++++-------------- utils/src/ooinstall/openshift_ansible.py | 1 + 2 files changed, 6 insertions(+), 14 deletions(-) diff --git a/playbooks/adhoc/upgrades/upgrade.yml b/playbooks/adhoc/upgrades/upgrade.yml index 8c1138797..0f505bf7d 100644 --- a/playbooks/adhoc/upgrades/upgrade.yml +++ b/playbooks/adhoc/upgrades/upgrade.yml @@ -57,9 +57,6 @@ vars: g_masters_group: "{{ 'masters' }}" tasks: - - name: display all variables set for the current host - debug: - var: hostvars[inventory_hostname] - name: Evaluate oo_first_master add_host: name: "{{ groups[g_masters_group][0] }}" @@ -93,15 +90,6 @@ - fail: msg="Deployment type 'enterprise' must be updated to 'openshift-enterprise' for upgrade to proceed" when: deployment_type == "enterprise" and (_new_version.stdout | version_compare('1.0.7', '>=') or _new_version.stdout | version_compare('3.1', '>=')) - #- name: Re-Run cluster configuration to apply latest configuration changes - # include: ../../common/openshift-cluster/config.yml - # vars: - # g_etcd_group: "{{ 'etcd' }}" - # g_masters_group: "{{ 'masters' }}" - # g_nodes_group: "{{ 'nodes' }}" - # openshift_cluster_id: "{{ cluster_id | default('default') }}" - # openshift_deployment_type: "{{ deployment_type }}" - - name: Upgrade masters hosts: masters vars: @@ -109,8 +97,11 @@ tasks: - name: Upgrade to latest available kernel yum: pkg=kernel state=latest + - name: display just the deployment_type variable for the current host + debug: + var: hostvars[inventory_hostname] - name: Upgrade master packages - yum: pkg={{ openshift.common.service_type }}-master{{ openshift_version }} state=latest + command: yum update -y {{ openshift.common.service_type }}-master{{ openshift_version }} - name: Upgrade master configuration. openshift_upgrade_config: from_version=3.0 to_version=3.1 role=master - name: Restart master services @@ -124,7 +115,7 @@ - openshift_facts tasks: - name: Upgrade node packages - yum: pkg={{ openshift.common.service_type }}-node{{ openshift_version }} state=latest + command: yum update -y {{ openshift.common.service_type }}-node{{ openshift_version }} - name: Restart node services service: name="{{ openshift.common.service_type }}-node" state=restarted diff --git a/utils/src/ooinstall/openshift_ansible.py b/utils/src/ooinstall/openshift_ansible.py index 9d801cabe..e33330102 100644 --- a/utils/src/ooinstall/openshift_ansible.py +++ b/utils/src/ooinstall/openshift_ansible.py @@ -144,6 +144,7 @@ def run_ansible(playbook, inventory, env_vars): playbook], env=env_vars) + def run_uninstall_playbook(): playbook = os.path.join(CFG.settings['ansible_playbook_directory'], 'playbooks/adhoc/uninstall.yml') -- cgit v1.2.3 From 943e2d93b89ec5abd8b94c38610cd6aba627e7bf Mon Sep 17 00:00:00 2001 From: talset Date: Wed, 4 Nov 2015 19:25:46 +0100 Subject: [roles/openshift_master_certificates/tasks/main.yml] Fix variable openshift.master.all_hostnames to openshift.common.all_hostnames --- roles/openshift_master_certificates/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/openshift_master_certificates/tasks/main.yml b/roles/openshift_master_certificates/tasks/main.yml index 4b39b043a..bfc94d4c8 100644 --- a/roles/openshift_master_certificates/tasks/main.yml +++ b/roles/openshift_master_certificates/tasks/main.yml @@ -34,7 +34,7 @@ - serviceaccounts.private.key - serviceaccounts.public.key -- debug: msg="{{ item.openshift.master.all_hostnames | join (',') }}" +- debug: msg="{{ item.openshift.common.all_hostnames | join (',') }}" with_items: masters_needing_certs - name: Create the master certificates if they do not already exist -- cgit v1.2.3 From ddadd34e5c25e2fe59ddd4621ecb27070b148896 Mon Sep 17 00:00:00 2001 From: talset Date: Wed, 4 Nov 2015 19:38:39 +0100 Subject: remove debug line --- roles/openshift_master_certificates/tasks/main.yml | 3 --- 1 file changed, 3 deletions(-) diff --git a/roles/openshift_master_certificates/tasks/main.yml b/roles/openshift_master_certificates/tasks/main.yml index bfc94d4c8..e966e793e 100644 --- a/roles/openshift_master_certificates/tasks/main.yml +++ b/roles/openshift_master_certificates/tasks/main.yml @@ -34,9 +34,6 @@ - serviceaccounts.private.key - serviceaccounts.public.key -- debug: msg="{{ item.openshift.common.all_hostnames | join (',') }}" - with_items: masters_needing_certs - - name: Create the master certificates if they do not already exist command: > {{ openshift.common.admin_binary }} create-master-certs -- cgit v1.2.3 From abab19316ff270d090e27a1fb576b78889e5563c Mon Sep 17 00:00:00 2001 From: Devan Goodwin Date: Wed, 4 Nov 2015 15:49:57 -0400 Subject: Disable proxy cert config upgrade until certs being generated. --- playbooks/adhoc/upgrades/library/openshift_upgrade_config.py | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/playbooks/adhoc/upgrades/library/openshift_upgrade_config.py b/playbooks/adhoc/upgrades/library/openshift_upgrade_config.py index 95c7b1664..357f244e0 100755 --- a/playbooks/adhoc/upgrades/library/openshift_upgrade_config.py +++ b/playbooks/adhoc/upgrades/library/openshift_upgrade_config.py @@ -49,11 +49,12 @@ def upgrade_master_3_0_to_3_1(backup): changed = True # Add the new master proxy client certs: - if 'proxyClientInfo' not in config['kubernetesMasterConfig']: - config['kubernetesMasterConfig']['proxyClientInfo'] = { - 'certFile': 'master.proxy-client.crt', - 'keyFile': 'master.proxy-client.key' - } + # TODO: re-enable this once these certs are generated during upgrade: +# if 'proxyClientInfo' not in config['kubernetesMasterConfig']: +# config['kubernetesMasterConfig']['proxyClientInfo'] = { +# 'certFile': 'master.proxy-client.crt', +# 'keyFile': 'master.proxy-client.key' +# } if changed: if backup: -- cgit v1.2.3 From 922cc828e959eb9bc0438890a876e7830cd73717 Mon Sep 17 00:00:00 2001 From: Devan Goodwin Date: Wed, 4 Nov 2015 16:07:58 -0400 Subject: Pylint fixes for config upgrade module. --- .../upgrades/library/openshift_upgrade_config.py | 23 ++++++++++++---------- 1 file changed, 13 insertions(+), 10 deletions(-) diff --git a/playbooks/adhoc/upgrades/library/openshift_upgrade_config.py b/playbooks/adhoc/upgrades/library/openshift_upgrade_config.py index 357f244e0..60f4fd8b8 100755 --- a/playbooks/adhoc/upgrades/library/openshift_upgrade_config.py +++ b/playbooks/adhoc/upgrades/library/openshift_upgrade_config.py @@ -2,14 +2,14 @@ # -*- coding: utf-8 -*- # vim: expandtab:tabstop=4:shiftwidth=4 +"""Ansible module for modifying OpenShift configs during an upgrade""" + import os import shutil import yaml from datetime import datetime -"""Ansible module for modifying OpenShift configs during an upgrade""" - DOCUMENTATION = ''' --- module: openshift_upgrade_config @@ -21,6 +21,7 @@ EXAMPLES = ''' ''' def get_cfg_dir(): + """Return the correct config directory to use.""" cfg_path = '/etc/origin/' if not os.path.exists(cfg_path): cfg_path = '/etc/openshift/' @@ -28,25 +29,26 @@ def get_cfg_dir(): def upgrade_master_3_0_to_3_1(backup): + """Main upgrade method for 3.0 to 3.1.""" changed = False # Facts do not get transferred to the hosts where custom modules run, # need to make some assumptions here. master_config = os.path.join(get_cfg_dir(), 'master/master-config.yaml') - f = open(master_config, 'r') - config = yaml.safe_load(f.read()) - f.close() + master_cfg_file = open(master_config, 'r') + config = yaml.safe_load(master_cfg_file.read()) + master_cfg_file.close() # Remove v1beta3 from apiLevels: if 'apiLevels' in config and \ 'v1beta3' in config['apiLevels']: - config['apiLevels'].remove('v1beta3') - changed = True + config['apiLevels'].remove('v1beta3') + changed = True if 'apiLevels' in config['kubernetesMasterConfig'] and \ 'v1beta3' in config['kubernetesMasterConfig']['apiLevels']: - config['kubernetesMasterConfig']['apiLevels'].remove('v1beta3') - changed = True + config['kubernetesMasterConfig']['apiLevels'].remove('v1beta3') + changed = True # Add the new master proxy client certs: # TODO: re-enable this once these certs are generated during upgrade: @@ -61,7 +63,7 @@ def upgrade_master_3_0_to_3_1(backup): timestamp = datetime.now().strftime('%Y%m%d%H%M%S') basedir = os.path.split(master_config)[0] backup_file = os.path.join(basedir, 'master-config.yaml.bak-%s' - % timestamp) + % timestamp) shutil.copyfile(master_config, backup_file) # Write the modified config: out_file = open(master_config, 'w') @@ -72,6 +74,7 @@ def upgrade_master_3_0_to_3_1(backup): def upgrade_master(from_version, to_version, backup): + """Upgrade entry point.""" if from_version == '3.0': if to_version == '3.1': return upgrade_master_3_0_to_3_1(backup) -- cgit v1.2.3 From 75d357c9bba120221a5f996660aa4fdbb87f1fa8 Mon Sep 17 00:00:00 2001 From: Devan Goodwin Date: Wed, 4 Nov 2015 16:10:07 -0400 Subject: Override hosts deployment_type fact for version we're upgrading to. --- playbooks/adhoc/upgrades/upgrade.yml | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/playbooks/adhoc/upgrades/upgrade.yml b/playbooks/adhoc/upgrades/upgrade.yml index 0f505bf7d..09f991b1d 100644 --- a/playbooks/adhoc/upgrades/upgrade.yml +++ b/playbooks/adhoc/upgrades/upgrade.yml @@ -1,4 +1,14 @@ --- +- name: Update deployment type + hosts: OSEv3 + roles: + - openshift_facts + post_tasks: # technically tasks are run after roles, but post_tasks is a bit more explicit. + - openshift_facts: + role: common + local_facts: + deployment_type: "{{ deployment_type }}" + - name: Verify upgrade can proceed hosts: masters tasks: -- cgit v1.2.3 From 482c47e87768d7ab4a157c8768283459b6b4bddd Mon Sep 17 00:00:00 2001 From: Andrew Butcher Date: Wed, 4 Nov 2015 19:46:41 -0500 Subject: Remove pacemaker bits. --- playbooks/adhoc/uninstall.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/playbooks/adhoc/uninstall.yml b/playbooks/adhoc/uninstall.yml index 0503b7cd4..5b10f856c 100644 --- a/playbooks/adhoc/uninstall.yml +++ b/playbooks/adhoc/uninstall.yml @@ -45,6 +45,7 @@ - origin-master-api - origin-master-controllers - origin-node + - pcsd - yum: name={{ item }} state=absent when: not is_atomic | bool @@ -59,6 +60,7 @@ - atomic-openshift-node - atomic-openshift-sdn-ovs - etcd + - corosync - openshift - openshift-master - openshift-node @@ -69,6 +71,8 @@ - origin-master - origin-node - origin-sdn-ovs + - pacemaker + - pcs - tuned-profiles-atomic-enterprise-node - tuned-profiles-atomic-openshift-node - tuned-profiles-openshift-node @@ -139,6 +143,7 @@ - /etc/ansible/facts.d/openshift.fact - /etc/atomic-enterprise - /etc/etcd + - /etc/corosync - /etc/openshift - /etc/openshift-sdn - /etc/origin @@ -157,3 +162,4 @@ - /var/lib/etcd - /var/lib/openshift - /var/lib/origin + - /var/lib/pacemaker -- cgit v1.2.3 From 399b19864653806c769ac954a6c79ef13a895d64 Mon Sep 17 00:00:00 2001 From: Avesh Agarwal Date: Fri, 19 Jun 2015 14:41:10 -0400 Subject: Atomic Enterprise related changes. --- inventory/byo/hosts.example | 3 --- roles/openshift_common/vars/main.yml | 2 ++ roles/openshift_facts/library/openshift_facts.py | 4 +++- roles/openshift_master/tasks/main.yml | 2 +- roles/openshift_master_ca/tasks/main.yml | 2 +- roles/openshift_node/tasks/main.yml | 9 +++++++++ 6 files changed, 16 insertions(+), 6 deletions(-) diff --git a/inventory/byo/hosts.example b/inventory/byo/hosts.example index f60918e6d..7fd91e284 100644 --- a/inventory/byo/hosts.example +++ b/inventory/byo/hosts.example @@ -20,9 +20,6 @@ ansible_ssh_user=root # deployment type valid values are origin, online and enterprise deployment_type=atomic-enterprise -# Enable cluster metrics -#use_cluster_metrics=true - # Pre-release registry URL #oreg_url=example.com/openshift3/ose-${component}:${version} diff --git a/roles/openshift_common/vars/main.yml b/roles/openshift_common/vars/main.yml index 50816d319..817fe0a5f 100644 --- a/roles/openshift_common/vars/main.yml +++ b/roles/openshift_common/vars/main.yml @@ -5,3 +5,5 @@ # chains with the public zone (or the zone associated with the correct # interfaces) os_firewall_use_firewalld: False + +openshift_data_dir: /var/lib/origin diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py index 1b2ba6be3..24ae5183e 100755 --- a/roles/openshift_facts/library/openshift_facts.py +++ b/roles/openshift_facts/library/openshift_facts.py @@ -540,7 +540,7 @@ def set_deployment_facts_if_unset(facts): if 'service_type' not in facts['common']: service_type = 'atomic-openshift' if deployment_type == 'origin': - service_type = 'origin' + service_type = 'openshift' elif deployment_type in ['enterprise', 'online']: service_type = 'openshift' facts['common']['service_type'] = service_type @@ -548,6 +548,8 @@ def set_deployment_facts_if_unset(facts): config_base = '/etc/origin' if deployment_type in ['enterprise', 'online']: config_base = '/etc/openshift' + elif deployment_type == 'origin': + config_base = '/etc/openshift' facts['common']['config_base'] = config_base if 'data_dir' not in facts['common']: data_dir = '/var/lib/origin' diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml index 3a886935f..e1049abdd 100644 --- a/roles/openshift_master/tasks/main.yml +++ b/roles/openshift_master/tasks/main.yml @@ -65,7 +65,7 @@ disabled_features: "{{ osm_disabled_features | default(None) }}" - name: Install Master package - yum: pkg={{ openshift.common.service_type }}-master{{ openshift_version }} state=present + yum: pkg={{ openshift.common.service_type }}-master state=present register: install_result # TODO: These values need to be configurable diff --git a/roles/openshift_master_ca/tasks/main.yml b/roles/openshift_master_ca/tasks/main.yml index cfd1ceabf..abb0f8252 100644 --- a/roles/openshift_master_ca/tasks/main.yml +++ b/roles/openshift_master_ca/tasks/main.yml @@ -1,6 +1,6 @@ --- - name: Install the base package for admin tooling - yum: pkg={{ openshift.common.service_type }}{{ openshift_version }} state=present + yum: pkg={{ openshift.common.service_type }} state=present register: install_result - name: Reload generated facts diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml index aea60b75c..fbeba823e 100644 --- a/roles/openshift_node/tasks/main.yml +++ b/roles/openshift_node/tasks/main.yml @@ -45,6 +45,15 @@ register: sdn_install_result when: openshift.common.use_openshift_sdn +- name: Install Node package + yum: pkg={{ openshift.common.service_type }}-node state=present + register: node_install_result + +- name: Install sdn-ovs package + yum: pkg={{ openshift.common.service_type }}-sdn-ovs state=present + register: sdn_install_result + when: openshift.common.use_openshift_sdn + # TODO: add the validate parameter when there is a validation command to run - name: Create the Node config template: -- cgit v1.2.3 From 3778662ef816b2bb0a3788ed65229b45622a0139 Mon Sep 17 00:00:00 2001 From: Jason DeTiberus Date: Fri, 21 Aug 2015 23:49:49 -0400 Subject: Start of true master ha --- filter_plugins/oo_filters.py | 16 ++++++++++ playbooks/common/openshift-master/config.yml | 26 +++++++++++++++ roles/haproxy/README.md | 34 ++++++++++++++++++++ roles/haproxy/defaults/main.yml | 13 ++++++++ roles/haproxy/handlers/main.yml | 5 +++ roles/haproxy/meta/main.yml | 12 +++++++ roles/haproxy/tasks/main.yml | 25 +++++++++++++++ roles/haproxy/templates/haproxy.cfg.j2 | 48 ++++++++++++++++++++++++++++ roles/openshift_master/tasks/main.yml | 8 ++--- 9 files changed, 183 insertions(+), 4 deletions(-) create mode 100644 roles/haproxy/README.md create mode 100644 roles/haproxy/defaults/main.yml create mode 100644 roles/haproxy/handlers/main.yml create mode 100644 roles/haproxy/meta/main.yml create mode 100644 roles/haproxy/tasks/main.yml create mode 100644 roles/haproxy/templates/haproxy.cfg.j2 diff --git a/filter_plugins/oo_filters.py b/filter_plugins/oo_filters.py index dfd9a111e..80bce80f0 100644 --- a/filter_plugins/oo_filters.py +++ b/filter_plugins/oo_filters.py @@ -242,6 +242,21 @@ class FilterModule(object): ''' return string.split(separator) + @staticmethod + def oo_haproxy_backend_masters(hosts): + ''' This takes an array of dicts and returns an array of dicts + to be used as a backend for the haproxy role + ''' + servers = [] + for idx, host_info in enumerate(hosts): + server = dict(name="master%s" % idx) + server_ip = host_info['openshift']['common']['ip'] + server_port = host_info['openshift']['master']['api_port'] + server['address'] = "%s:%s" % (server_ip, server_port) + server['opts'] = 'check ssl verify none' + servers.append(server) + return servers + @staticmethod def oo_filter_list(data, filter_attr=None): ''' This returns a list, which contains all items where filter_attr @@ -408,4 +423,5 @@ class FilterModule(object): "oo_filter_list": self.oo_filter_list, "oo_parse_heat_stack_outputs": self.oo_parse_heat_stack_outputs, "oo_parse_certificate_names": self.oo_parse_certificate_names + "oo_haproxy_backend_masters": self.oo_haproxy_backend_masters } diff --git a/playbooks/common/openshift-master/config.yml b/playbooks/common/openshift-master/config.yml index 59c4b2370..84ce65f48 100644 --- a/playbooks/common/openshift-master/config.yml +++ b/playbooks/common/openshift-master/config.yml @@ -34,7 +34,9 @@ - role: common local_facts: hostname: "{{ openshift_hostname | default(None) }}" + ip: "{{ openshift_ip | default(None) }}" public_hostname: "{{ openshift_public_hostname | default(None) }}" + public_ip: "{{ openshift_public_ip | default(None) }}" deployment_type: "{{ openshift_deployment_type }}" - role: master local_facts: @@ -207,6 +209,30 @@ parsed_named_certificates: "{{ openshift_master_named_certificates | oo_parse_certificate_names(master_cert_config_dir, openshift.common.internal_hostnames) }}" when: openshift_master_named_certificates is defined +- name: Compute haproxy_backend_servers + hosts: localhost + connection: local + sudo: false + gather_facts: no + tasks: + - set_fact: + haproxy_backend_servers: "{{ hostvars | oo_select_keys(groups['oo_masters_to_config']) | oo_haproxy_backend_masters }}" + +- name: Configure load balancers + hosts: oo_first_master + vars: + haproxy_frontends: + - name: atomic-openshift + bind: "*:80" + default_backend: atomic-openshift + haproxy_backends: + - name: atomic-openshift + balance: roundrobin + servers: "{{ hostvars.localhost.haproxy_backend_servers }}" + roles: + - role: haproxy + when: groups.oo_masters_to_config | length > 1 + - name: Configure master instances hosts: oo_masters_to_config vars: diff --git a/roles/haproxy/README.md b/roles/haproxy/README.md new file mode 100644 index 000000000..5bc415066 --- /dev/null +++ b/roles/haproxy/README.md @@ -0,0 +1,34 @@ +HAProxy +======= + +TODO + +Requirements +------------ + +TODO + +Role Variables +-------------- + +TODO + +Dependencies +------------ + +TODO + +Example Playbook +---------------- + +TODO + +License +------- + +Apache License, Version 2.0 + +Author Information +------------------ + +Jason DeTiberus (jdetiber@redhat.com) diff --git a/roles/haproxy/defaults/main.yml b/roles/haproxy/defaults/main.yml new file mode 100644 index 000000000..c002efdbc --- /dev/null +++ b/roles/haproxy/defaults/main.yml @@ -0,0 +1,13 @@ +--- +haproxy_frontends: +- name: main + bind: "*:80" + default_backend: default + +haproxy_backends: +- name: default + balance: roundrobin + servers: + - name: web01 + address: 127.0.0.1:9000 + opts: check diff --git a/roles/haproxy/handlers/main.yml b/roles/haproxy/handlers/main.yml new file mode 100644 index 000000000..ee60adcab --- /dev/null +++ b/roles/haproxy/handlers/main.yml @@ -0,0 +1,5 @@ +--- +- name: restart haproxy + service: + name: haproxy + state: restarted diff --git a/roles/haproxy/meta/main.yml b/roles/haproxy/meta/main.yml new file mode 100644 index 000000000..e02d8f53c --- /dev/null +++ b/roles/haproxy/meta/main.yml @@ -0,0 +1,12 @@ +--- +galaxy_info: + author: Jason DeTiberus + description: HAProxy + company: Red Hat, Inc. + license: Apache License, Version 2.0 + min_ansible_version: 1.9 + platforms: + - name: EL + versions: + - 7 +dependencies: [] diff --git a/roles/haproxy/tasks/main.yml b/roles/haproxy/tasks/main.yml new file mode 100644 index 000000000..5638b7313 --- /dev/null +++ b/roles/haproxy/tasks/main.yml @@ -0,0 +1,25 @@ +--- +- name: Install haproxy + yum: + pkg: haproxy + state: present + +- name: Configure haproxy + template: + src: haproxy.cfg.j2 + dest: /etc/haproxy/haproxy.cfg + owner: root + group: root + mode: 0644 + notify: restart haproxy + +- name: Enable and start haproxy + service: + name: haproxy + state: started + enabled: yes + register: start_result + +- name: Pause 30 seconds if haproxy was just started + pause: seconds=30 + when: start_result | changed diff --git a/roles/haproxy/templates/haproxy.cfg.j2 b/roles/haproxy/templates/haproxy.cfg.j2 new file mode 100644 index 000000000..bfcdcfdb1 --- /dev/null +++ b/roles/haproxy/templates/haproxy.cfg.j2 @@ -0,0 +1,48 @@ +# Global settings +#--------------------------------------------------------------------- +global + chroot /var/lib/haproxy + pidfile /var/run/haproxy.pid + maxconn 4000 + user haproxy + group haproxy + daemon + + # turn on stats unix socket + stats socket /var/lib/haproxy/stats + +#--------------------------------------------------------------------- +# common defaults that all the 'listen' and 'backend' sections will +# use if not designated in their block +#--------------------------------------------------------------------- +defaults + mode http + log global + option httplog + option dontlognull + option http-server-close + option forwardfor except 127.0.0.0/8 + option redispatch + retries 3 + timeout http-request 10s + timeout queue 1m + timeout connect 10s + timeout client 1m + timeout server 1m + timeout http-keep-alive 10s + timeout check 10s + maxconn 3000 + +{% for frontend in haproxy_frontends %} +frontend {{ frontend.name }} + bind {{ frontend.bind }} + default_backend {{ frontend.default_backend }} +{% endfor %} + +{% for backend in haproxy_backends %} +backend {{ backend.name }} + balance {{ backend.balance }} +{% for server in backend.servers %} + server {{ server.name }} {{ server.address }} {{ server.opts }} +{% endfor %} +{% endfor %} diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml index e1049abdd..abe652bcb 100644 --- a/roles/openshift_master/tasks/main.yml +++ b/roles/openshift_master/tasks/main.yml @@ -8,9 +8,9 @@ - openshift_master_oauth_grant_method in openshift_master_valid_grant_methods when: openshift_master_oauth_grant_method is defined -- fail: - msg: "openshift_master_cluster_password must be set for multi-master installations" - when: openshift_master_ha | bool and not openshift.master.cluster_defer_ha | bool and openshift_master_cluster_password is not defined +#- fail: +# msg: "openshift_master_cluster_password must be set for multi-master installations" +# when: openshift_master_ha | bool and not openshift.master.cluster_defer_ha | bool and openshift_master_cluster_password is not defined - name: Set master facts openshift_facts: @@ -144,7 +144,7 @@ - name: Start and enable master service: name={{ openshift.common.service_type }}-master enabled=yes state=started - when: not openshift_master_ha | bool +# when: not openshift_master_ha | bool register: start_result - set_fact: -- cgit v1.2.3 From 51bcc78aea4015bf23d06b621b57de675b21e7cf Mon Sep 17 00:00:00 2001 From: Andrew Butcher Date: Thu, 22 Oct 2015 13:58:38 -0400 Subject: additional native ha changes --- playbooks/common/openshift-master/config.yml | 10 +++++----- roles/openshift_master/tasks/main.yml | 1 + roles/openshift_master/templates/master.yaml.v1.j2 | 3 +-- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/playbooks/common/openshift-master/config.yml b/playbooks/common/openshift-master/config.yml index 84ce65f48..e5357f6e3 100644 --- a/playbooks/common/openshift-master/config.yml +++ b/playbooks/common/openshift-master/config.yml @@ -239,7 +239,7 @@ named_certificates: "{{ hostvars[groups['oo_first_master'][0]]['parsed_named_certificates'] | default([])}}" sync_tmpdir: "{{ hostvars.localhost.g_master_mktemp.stdout }}" openshift_master_ha: "{{ groups.oo_masters_to_config | length > 1 }}" - embedded_etcd: "{{ openshift.master.embedded_etcd }}" + openshift_master_count: "{{ groups.oo_masters_to_config | length }}" pre_tasks: - name: Ensure certificate directory exists file: @@ -264,11 +264,11 @@ - name: Additional master configuration hosts: oo_first_master vars: - openshift_master_ha: "{{ groups.oo_masters_to_config | length > 1 }}" - omc_cluster_hosts: "{{ groups.oo_masters_to_config | join(' ')}}" + #openshift_master_ha: "{{ groups.oo_masters_to_config | length > 1 }}" + # omc_cluster_hosts: "{{ groups.oo_masters_to_config | join(' ')}}" roles: - - role: openshift_master_cluster - when: openshift_master_ha | bool +# - role: openshift_master_cluster +# when: openshift_master_ha | bool - openshift_examples - role: openshift_cluster_metrics when: openshift.common.use_cluster_metrics | bool diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml index abe652bcb..f11582ce7 100644 --- a/roles/openshift_master/tasks/main.yml +++ b/roles/openshift_master/tasks/main.yml @@ -63,6 +63,7 @@ controller_args: "{{ osm_controller_args | default(None) }}" infra_nodes: "{{ num_infra | default(None) }}" disabled_features: "{{ osm_disabled_features | default(None) }}" + master_count: "{{ openshift_master_count | default(None) }}" - name: Install Master package yum: pkg={{ openshift.common.service_type }}-master state=present diff --git a/roles/openshift_master/templates/master.yaml.v1.j2 b/roles/openshift_master/templates/master.yaml.v1.j2 index 9547a6945..877c44772 100644 --- a/roles/openshift_master/templates/master.yaml.v1.j2 +++ b/roles/openshift_master/templates/master.yaml.v1.j2 @@ -80,8 +80,7 @@ kubernetesMasterConfig: - v1 apiServerArguments: {{ api_server_args if api_server_args is defined else 'null' }} controllerArguments: {{ controller_args if controller_args is defined else 'null' }} -{# TODO: support overriding masterCount #} - masterCount: 1 + masterCount: {{ openshift.master.master_count }} masterIP: "" podEvictionTimeout: "" proxyClientInfo: -- cgit v1.2.3 From 18c877db73dcb63b1402322fe8352505006e4985 Mon Sep 17 00:00:00 2001 From: Jason DeTiberus Date: Tue, 25 Aug 2015 08:42:20 -0400 Subject: additional ha related updates --- playbooks/byo/openshift-cluster/config.yml | 1 + playbooks/common/openshift-cluster/config.yml | 8 +++ playbooks/common/openshift-master/config.yml | 49 +++++++++++-- roles/haproxy/defaults/main.yml | 3 +- roles/haproxy/templates/haproxy.cfg.j2 | 25 ++++++- roles/openshift_master/handlers/main.yml | 8 +++ roles/openshift_master/tasks/main.yml | 84 +++++++++++++++++++++- roles/openshift_master/templates/master.yaml.v1.j2 | 18 +++-- 8 files changed, 182 insertions(+), 14 deletions(-) diff --git a/playbooks/byo/openshift-cluster/config.yml b/playbooks/byo/openshift-cluster/config.yml index 9e50a4a18..411c7e660 100644 --- a/playbooks/byo/openshift-cluster/config.yml +++ b/playbooks/byo/openshift-cluster/config.yml @@ -4,6 +4,7 @@ g_etcd_group: "{{ 'etcd' }}" g_masters_group: "{{ 'masters' }}" g_nodes_group: "{{ 'nodes' }}" + g_lb_group: "{{ 'lb' }}" openshift_cluster_id: "{{ cluster_id | default('default') }}" openshift_debug_level: 2 openshift_deployment_type: "{{ deployment_type }}" diff --git a/playbooks/common/openshift-cluster/config.yml b/playbooks/common/openshift-cluster/config.yml index 57de7130b..b66ca4709 100644 --- a/playbooks/common/openshift-cluster/config.yml +++ b/playbooks/common/openshift-cluster/config.yml @@ -1,6 +1,14 @@ --- - include: evaluate_groups.yml + - name: Evaluate oo_lb_to_config + add_host: + name: "{{ item }}" + groups: oo_lb_to_config + ansible_ssh_user: "{{ g_ssh_user | default(omit) }}" + ansible_sudo: "{{ g_sudo | default(omit) }}" + with_items: groups[g_lb_group] | default(groups[g_masters_group]) | default([]) + - include: ../openshift-etcd/config.yml - include: ../openshift-master/config.yml diff --git a/playbooks/common/openshift-master/config.yml b/playbooks/common/openshift-master/config.yml index e5357f6e3..e223e3d57 100644 --- a/playbooks/common/openshift-master/config.yml +++ b/playbooks/common/openshift-master/config.yml @@ -209,7 +209,24 @@ parsed_named_certificates: "{{ openshift_master_named_certificates | oo_parse_certificate_names(master_cert_config_dir, openshift.common.internal_hostnames) }}" when: openshift_master_named_certificates is defined -- name: Compute haproxy_backend_servers +- name: Fetch master server certificate for load balancer + hosts: oo_first_master + vars: + sync_tmpdir: "{{ hostvars.localhost.g_master_mktemp.stdout }}" + tasks: + - file: + path: "{{ sync_tmpdir }}/haproxy_cert" + state: directory + - fetch: + src: /etc/origin/master/master.server.crt + dest: "{{ sync_tmpdir }}/haproxy_cert/server.crt" + flat: yes + - fetch: + src: /etc/origin/master/master.server.key + dest: "{{ sync_tmpdir }}/haproxy_cert/server.key" + flat: yes + +- name: Compute haproxy_backend_servers and combine certificate hosts: localhost connection: local sudo: false @@ -217,24 +234,44 @@ tasks: - set_fact: haproxy_backend_servers: "{{ hostvars | oo_select_keys(groups['oo_masters_to_config']) | oo_haproxy_backend_masters }}" + - shell: cat server.crt server.key > server.pem + args: + chdir: "{{ g_master_mktemp.stdout }}/haproxy_cert" + creates: "{{ g_master_mktemp.stdout }}/haproxy_cert/server.pem" + - name: Configure load balancers - hosts: oo_first_master + hosts: oo_lb_to_config vars: + sync_tmpdir: "{{ hostvars.localhost.g_master_mktemp.stdout }}" haproxy_frontends: - - name: atomic-openshift - bind: "*:80" - default_backend: atomic-openshift + - name: atomic-openshift-api + options: + - tcplog + binds: + - "*:{{ hostvars[groups.oo_first_master.0].openshift.master.api_port }} ssl crt /etc/haproxy/server.pem" + default_backend: atomic-openshift-api haproxy_backends: - - name: atomic-openshift + - name: atomic-openshift-api balance: roundrobin servers: "{{ hostvars.localhost.haproxy_backend_servers }}" + pre_tasks: + - file: + path: /etc/haproxy + state: directory + - copy: + src: "{{ sync_tmpdir }}/haproxy_cert/server.pem" + dest: /etc/haproxy/server.pem + mode: 0600 + owner: root + group: root roles: - role: haproxy when: groups.oo_masters_to_config | length > 1 - name: Configure master instances hosts: oo_masters_to_config + serial: 1 vars: named_certificates: "{{ hostvars[groups['oo_first_master'][0]]['parsed_named_certificates'] | default([])}}" sync_tmpdir: "{{ hostvars.localhost.g_master_mktemp.stdout }}" diff --git a/roles/haproxy/defaults/main.yml b/roles/haproxy/defaults/main.yml index c002efdbc..16e9af4d1 100644 --- a/roles/haproxy/defaults/main.yml +++ b/roles/haproxy/defaults/main.yml @@ -1,7 +1,8 @@ --- haproxy_frontends: - name: main - bind: "*:80" + binds: + - "*:80" default_backend: default haproxy_backends: diff --git a/roles/haproxy/templates/haproxy.cfg.j2 b/roles/haproxy/templates/haproxy.cfg.j2 index bfcdcfdb1..fddf0ede1 100644 --- a/roles/haproxy/templates/haproxy.cfg.j2 +++ b/roles/haproxy/templates/haproxy.cfg.j2 @@ -35,13 +35,36 @@ defaults {% for frontend in haproxy_frontends %} frontend {{ frontend.name }} - bind {{ frontend.bind }} +{% for bind in frontend.binds %} + bind {{ bind }} +{% endfor %} default_backend {{ frontend.default_backend }} +{% if 'mode' in frontend %} + mode {{ frontend.mode }} +{% endif %} +{% if 'options' in frontend %} +{% for option in frontend.options %} + option {{ option }} +{% endfor %} +{% endif %} +{% if 'redirects' in frontend %} +{% for redirect in frontend.redirects %} + redirect {{ redirect }} +{% endfor %} +{% endif %} {% endfor %} {% for backend in haproxy_backends %} backend {{ backend.name }} balance {{ backend.balance }} +{% if 'mode' in backend %} + mode {{ backend.mode }} +{% endif %} +{% if 'options' in backend %} +{% for option in backend.options %} + option {{ option }} +{% endfor %} +{% endif %} {% for server in backend.servers %} server {{ server.name }} {{ server.address }} {{ server.opts }} {% endfor %} diff --git a/roles/openshift_master/handlers/main.yml b/roles/openshift_master/handlers/main.yml index 37028e0f6..9ce4f512b 100644 --- a/roles/openshift_master/handlers/main.yml +++ b/roles/openshift_master/handlers/main.yml @@ -2,3 +2,11 @@ - name: restart master service: name={{ openshift.common.service_type }}-master state=restarted when: (not openshift_master_ha | bool) and (not master_service_status_changed | default(false)) + +- name: restart master api + service: name={{ openshift.common.service_type }}-master-api state=restarted + when: openshift_master_ha | bool + +- name: restart master controllers + service: name={{ openshift.common.service_type }}-master-controllers state=restarted + when: openshift_master_ha | bool diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml index f11582ce7..b23c19d37 100644 --- a/roles/openshift_master/tasks/main.yml +++ b/roles/openshift_master/tasks/main.yml @@ -91,6 +91,8 @@ creates: "{{ openshift_master_policy }}" notify: - restart master + - restart master api + - restart master controllers - name: Create the scheduler config template: @@ -99,6 +101,8 @@ backup: true notify: - restart master + - restart master api + - restart master controllers - name: Install httpd-tools if needed yum: pkg=httpd-tools state=present @@ -121,6 +125,30 @@ when: item.kind == 'HTPasswdPasswordIdentityProvider' with_items: openshift.master.identity_providers +# workaround for missing systemd unit files for controllers/api +- name: Create the api service file + copy: + src: atomic-openshift-master-api.service + dest: /usr/lib/systemd/system/atomic-openshift-master-api.service + force: no +- name: Create the controllers service file + copy: + src: atomic-openshift-master-controllers.service + dest: /usr/lib/systemd/system/atomic-openshift-master-controllers.service + force: no +- name: Create the api env file + copy: + src: atomic-openshift-master-api + dest: /etc/sysconfig/atomic-openshift-master-api + force: no +- name: Create the controllers env file + copy: + src: atomic-openshift-master-controllers + dest: /etc/sysconfig/atomic-openshift-master-controllers + force: no +- command: systemctl daemon-reload +# end workaround for missing systemd unit files + # TODO: add the validate parameter when there is a validation command to run - name: Create master config template: @@ -129,6 +157,8 @@ backup: true notify: - restart master + - restart master api + - restart master controllers - name: Configure master settings lineinfile: @@ -143,9 +173,61 @@ notify: - restart master +- name: Configure master api settings + lineinfile: + dest: /etc/sysconfig/{{ openshift.common.service_type }}-master-api + regexp: "{{ item.regex }}" + line: "{{ item.line }}" + with_items: + - regex: '^OPTIONS=' + line: "OPTIONS=--loglevel={{ openshift.master.debug_level }} --listen=https://0.0.0.0:8443 --master=https://{{ openshift.common.ip }}:8443" + - regex: '^CONFIG_FILE=' + line: "CONFIG_FILE={{ openshift_master_config_file }}" + notify: + - restart master api + +- name: Configure master controller settings + lineinfile: + dest: /etc/sysconfig/{{ openshift.common.service_type }}-master-controllers + regexp: "{{ item.regex }}" + line: "{{ item.line }}" + with_items: + - regex: '^OPTIONS=' + line: "OPTIONS=--loglevel={{ openshift.master.debug_level }} --listen=https://0.0.0.0:8444" + - regex: '^CONFIG_FILE=' + line: "CONFIG_FILE={{ openshift_master_config_file }}" + notify: + - restart master controllers + - name: Start and enable master service: name={{ openshift.common.service_type }}-master enabled=yes state=started -# when: not openshift_master_ha | bool + when: not openshift_master_ha | bool + register: start_result + +# workaround for start bug when configuring ha +- name: Start master for ha workaround + service: name={{ openshift.common.service_type }}-master state=started + when: openshift_master_ha | bool and inventory_hostname in groups.oo_first_master + +- name: pause for 30 seconds to let master finish starting up for ha workaround + pause: seconds=30 + when: openshift_master_ha | bool and inventory_hostname in groups.oo_first_master + +- name: Stop master for ha workaround + service: name={{ openshift.common.service_type }}-master state=stopped + when: openshift_master_ha | bool and inventory_hostname in groups.oo_first_master +# end workaround for start bug when configuring ha + +- fail: + +- name: Start and enable master api + service: name={{ openshift.common.service_type }}-master-api enabled=yes state=started + when: openshift_master_ha | bool + register: start_result + +- name: Start and enable master controller + service: name={{ openshift.common.service_type }}-master-controllers enabled=yes state=started + when: openshift_master_ha | bool register: start_result - set_fact: diff --git a/roles/openshift_master/templates/master.yaml.v1.j2 b/roles/openshift_master/templates/master.yaml.v1.j2 index 877c44772..3f2c51417 100644 --- a/roles/openshift_master/templates/master.yaml.v1.j2 +++ b/roles/openshift_master/templates/master.yaml.v1.j2 @@ -10,13 +10,16 @@ assetConfig: publicURL: {{ openshift.master.public_console_url }}/ servingInfo: bindAddress: {{ openshift.master.bind_addr }}:{{ openshift.master.console_port }} + bindNetwork: tcp4 certFile: master.server.crt clientCA: "" keyFile: master.server.key maxRequestsInFlight: 0 requestTimeoutSeconds: 0 +controllerLeaseTTL: 0 +controllers: '*' corsAllowedOrigins: -{% for origin in ['127.0.0.1', 'localhost', openshift.common.hostname, openshift.common.ip, openshift.common.public_hostname, openshift.common.public_ip] | unique %} +{% for origin in ['127.0.0.1', 'localhost', openshift.common.ip, openshift.common.public_ip] | union(openshift.common.all_hostnames) | unique %} - {{ origin }} {% endfor %} {% for custom_origin in openshift.master.custom_cors_origins | default("") %} @@ -29,8 +32,10 @@ corsAllowedOrigins: disabledFeatures: {{ openshift.master.disabled_features | to_json }} {% endif %} {% if openshift.master.embedded_dns | bool %} +disabledFeatures: null dnsConfig: bindAddress: {{ openshift.master.bind_addr }}:{{ openshift.master.dns_port }} + bindNetwork: tcp4 {% endif %} etcdClientInfo: ca: {{ "ca.crt" if (openshift.master.embedded_etcd | bool) else "master.etcd-ca.crt" }} @@ -81,13 +86,13 @@ kubernetesMasterConfig: apiServerArguments: {{ api_server_args if api_server_args is defined else 'null' }} controllerArguments: {{ controller_args if controller_args is defined else 'null' }} masterCount: {{ openshift.master.master_count }} - masterIP: "" - podEvictionTimeout: "" + masterIP: {{ openshift.common.ip }} + podEvictionTimeout: 5m proxyClientInfo: certFile: master.proxy-client.crt keyFile: master.proxy-client.key schedulerConfigFile: {{ openshift_master_scheduler_conf }} - servicesNodePortRange: "" + servicesNodePortRange: 30000-32767 servicesSubnet: {{ openshift.master.portal_net }} staticNodeNames: {{ openshift_node_ips | default([], true) }} {% endif %} @@ -105,6 +110,7 @@ networkConfig: # serviceNetworkCIDR must match kubernetesMasterConfig.servicesSubnet serviceNetworkCIDR: {{ openshift.master.portal_net }} {% include 'v1_partials/oauthConfig.j2' %} +pauseControllers: false policyConfig: bootstrapPolicyFile: {{ openshift_master_policy }} openshiftInfrastructureNamespace: openshift-infra @@ -118,8 +124,9 @@ projectConfig: mcsLabelsPerProject: {{ openshift.master.mcs_labels_per_project }} uidAllocatorRange: "{{ openshift.master.uid_allocator_range }}" routingConfig: - subdomain: "{{ openshift.master.default_subdomain | default("") }}" + subdomain: "{{ openshift.master.default_subdomain | default("router.default.svc.cluster.local") }}" serviceAccountConfig: + limitSecretReferences: false managedNames: - default - builder @@ -130,6 +137,7 @@ serviceAccountConfig: - serviceaccounts.public.key servingInfo: bindAddress: {{ openshift.master.bind_addr }}:{{ openshift.master.api_port }} + bindNetwork: tcp4 certFile: master.server.crt clientCA: ca.crt keyFile: master.server.key -- cgit v1.2.3 From ac0f4cb56e1469e9033e3a218265bc70f774624d Mon Sep 17 00:00:00 2001 From: Jason DeTiberus Date: Tue, 25 Aug 2015 14:40:08 -0400 Subject: more tweaks --- filter_plugins/oo_filters.py | 2 +- playbooks/common/openshift-master/config.yml | 44 +++++----------------- roles/haproxy/defaults/main.yml | 7 ++++ roles/haproxy/meta/main.yml | 4 +- roles/haproxy/templates/haproxy.cfg.j2 | 9 ++++- .../files/atomic-openshift-master-api | 9 +++++ .../files/atomic-openshift-master-api.service | 21 +++++++++++ .../files/atomic-openshift-master-controllers | 9 +++++ .../atomic-openshift-master-controllers.service | 22 +++++++++++ roles/openshift_master/tasks/main.yml | 21 +++-------- roles/openshift_master_ca/tasks/main.yml | 2 +- 11 files changed, 94 insertions(+), 56 deletions(-) create mode 100644 roles/openshift_master/files/atomic-openshift-master-api create mode 100644 roles/openshift_master/files/atomic-openshift-master-api.service create mode 100644 roles/openshift_master/files/atomic-openshift-master-controllers create mode 100644 roles/openshift_master/files/atomic-openshift-master-controllers.service diff --git a/filter_plugins/oo_filters.py b/filter_plugins/oo_filters.py index 80bce80f0..4e4f7507c 100644 --- a/filter_plugins/oo_filters.py +++ b/filter_plugins/oo_filters.py @@ -253,7 +253,7 @@ class FilterModule(object): server_ip = host_info['openshift']['common']['ip'] server_port = host_info['openshift']['master']['api_port'] server['address'] = "%s:%s" % (server_ip, server_port) - server['opts'] = 'check ssl verify none' + server['opts'] = 'check' servers.append(server) return servers diff --git a/playbooks/common/openshift-master/config.yml b/playbooks/common/openshift-master/config.yml index e223e3d57..67068e001 100644 --- a/playbooks/common/openshift-master/config.yml +++ b/playbooks/common/openshift-master/config.yml @@ -170,6 +170,10 @@ masters_needing_certs: "{{ hostvars | oo_select_keys(groups['oo_masters_to_config'] | difference(groups['oo_first_master'])) | oo_filter_list(filter_attr='master_certs_missing') }}" + master_hostnames: "{{ hostvars + | oo_select_keys(groups['oo_masters_to_config']) + | oo_collect('openshift.common.all_hostnames') + | oo_flatten | unique }}" sync_tmpdir: "{{ hostvars.localhost.g_master_mktemp.stdout }}" roles: - openshift_master_certificates @@ -209,24 +213,7 @@ parsed_named_certificates: "{{ openshift_master_named_certificates | oo_parse_certificate_names(master_cert_config_dir, openshift.common.internal_hostnames) }}" when: openshift_master_named_certificates is defined -- name: Fetch master server certificate for load balancer - hosts: oo_first_master - vars: - sync_tmpdir: "{{ hostvars.localhost.g_master_mktemp.stdout }}" - tasks: - - file: - path: "{{ sync_tmpdir }}/haproxy_cert" - state: directory - - fetch: - src: /etc/origin/master/master.server.crt - dest: "{{ sync_tmpdir }}/haproxy_cert/server.crt" - flat: yes - - fetch: - src: /etc/origin/master/master.server.key - dest: "{{ sync_tmpdir }}/haproxy_cert/server.key" - flat: yes - -- name: Compute haproxy_backend_servers and combine certificate +- name: Compute haproxy_backend_servers hosts: localhost connection: local sudo: false @@ -234,11 +221,6 @@ tasks: - set_fact: haproxy_backend_servers: "{{ hostvars | oo_select_keys(groups['oo_masters_to_config']) | oo_haproxy_backend_masters }}" - - shell: cat server.crt server.key > server.pem - args: - chdir: "{{ g_master_mktemp.stdout }}/haproxy_cert" - creates: "{{ g_master_mktemp.stdout }}/haproxy_cert/server.pem" - - name: Configure load balancers hosts: oo_lb_to_config @@ -246,32 +228,24 @@ sync_tmpdir: "{{ hostvars.localhost.g_master_mktemp.stdout }}" haproxy_frontends: - name: atomic-openshift-api + mode: tcp options: - tcplog binds: - - "*:{{ hostvars[groups.oo_first_master.0].openshift.master.api_port }} ssl crt /etc/haproxy/server.pem" + - "*:{{ hostvars[groups.oo_first_master.0].openshift.master.api_port }}" default_backend: atomic-openshift-api haproxy_backends: - name: atomic-openshift-api + mode: tcp + option: tcplog balance: roundrobin servers: "{{ hostvars.localhost.haproxy_backend_servers }}" - pre_tasks: - - file: - path: /etc/haproxy - state: directory - - copy: - src: "{{ sync_tmpdir }}/haproxy_cert/server.pem" - dest: /etc/haproxy/server.pem - mode: 0600 - owner: root - group: root roles: - role: haproxy when: groups.oo_masters_to_config | length > 1 - name: Configure master instances hosts: oo_masters_to_config - serial: 1 vars: named_certificates: "{{ hostvars[groups['oo_first_master'][0]]['parsed_named_certificates'] | default([])}}" sync_tmpdir: "{{ hostvars.localhost.g_master_mktemp.stdout }}" diff --git a/roles/haproxy/defaults/main.yml b/roles/haproxy/defaults/main.yml index 16e9af4d1..7ba5bd485 100644 --- a/roles/haproxy/defaults/main.yml +++ b/roles/haproxy/defaults/main.yml @@ -12,3 +12,10 @@ haproxy_backends: - name: web01 address: 127.0.0.1:9000 opts: check + +os_firewall_use_firewalld: False +os_firewall_allow: +- service: haproxy stats + port: "9000/tcp" +- service: haproxy balance + port: "8443/tcp" diff --git a/roles/haproxy/meta/main.yml b/roles/haproxy/meta/main.yml index e02d8f53c..0fad106a9 100644 --- a/roles/haproxy/meta/main.yml +++ b/roles/haproxy/meta/main.yml @@ -9,4 +9,6 @@ galaxy_info: - name: EL versions: - 7 -dependencies: [] +dependencies: +- { role: os_firewall } +- { role: openshift_repos } diff --git a/roles/haproxy/templates/haproxy.cfg.j2 b/roles/haproxy/templates/haproxy.cfg.j2 index fddf0ede1..c932af72f 100644 --- a/roles/haproxy/templates/haproxy.cfg.j2 +++ b/roles/haproxy/templates/haproxy.cfg.j2 @@ -27,12 +27,17 @@ defaults timeout http-request 10s timeout queue 1m timeout connect 10s - timeout client 1m - timeout server 1m + timeout client 300s + timeout server 300s timeout http-keep-alive 10s timeout check 10s maxconn 3000 +listen stats :9000 + mode http + stats enable + stats uri / + {% for frontend in haproxy_frontends %} frontend {{ frontend.name }} {% for bind in frontend.binds %} diff --git a/roles/openshift_master/files/atomic-openshift-master-api b/roles/openshift_master/files/atomic-openshift-master-api new file mode 100644 index 000000000..ea82468a0 --- /dev/null +++ b/roles/openshift_master/files/atomic-openshift-master-api @@ -0,0 +1,9 @@ +OPTIONS= +CONFIG_FILE=/etc/origin/master/master-config.yaml + +# Proxy configuration +# Origin uses standard HTTP_PROXY environment variables. Be sure to set +# NO_PROXY for your master +#NO_PROXY=master.example.com +#HTTP_PROXY=http://USER:PASSWORD@IPADDR:PORT +#HTTPS_PROXY=https://USER:PASSWORD@IPADDR:PORT diff --git a/roles/openshift_master/files/atomic-openshift-master-api.service b/roles/openshift_master/files/atomic-openshift-master-api.service new file mode 100644 index 000000000..b24b9809e --- /dev/null +++ b/roles/openshift_master/files/atomic-openshift-master-api.service @@ -0,0 +1,21 @@ +[Unit] +Description=Atomic OpenShift Master API +Documentation=https://github.com/openshift/origin +After=network.target +After=etcd.service +Before=atomic-openshift-node.service +Requires=network.target + +[Service] +Type=notify +EnvironmentFile=/etc/sysconfig/atomic-openshift-master-api +Environment=GOTRACEBACK=crash +ExecStart=/usr/bin/atomic-enterprise start master api --config=${CONFIG_FILE} $OPTIONS +LimitNOFILE=131072 +LimitCORE=infinity +WorkingDirectory=/var/lib/origin/ +SyslogIdentifier=atomic-openshift-master-api + +[Install] +WantedBy=multi-user.target +WantedBy=atomic-openshift-node.service diff --git a/roles/openshift_master/files/atomic-openshift-master-controllers b/roles/openshift_master/files/atomic-openshift-master-controllers new file mode 100644 index 000000000..ea82468a0 --- /dev/null +++ b/roles/openshift_master/files/atomic-openshift-master-controllers @@ -0,0 +1,9 @@ +OPTIONS= +CONFIG_FILE=/etc/origin/master/master-config.yaml + +# Proxy configuration +# Origin uses standard HTTP_PROXY environment variables. Be sure to set +# NO_PROXY for your master +#NO_PROXY=master.example.com +#HTTP_PROXY=http://USER:PASSWORD@IPADDR:PORT +#HTTPS_PROXY=https://USER:PASSWORD@IPADDR:PORT diff --git a/roles/openshift_master/files/atomic-openshift-master-controllers.service b/roles/openshift_master/files/atomic-openshift-master-controllers.service new file mode 100644 index 000000000..e84160e5a --- /dev/null +++ b/roles/openshift_master/files/atomic-openshift-master-controllers.service @@ -0,0 +1,22 @@ +[Unit] +Description=Atomic OpenShift Master Controllers +Documentation=https://github.com/openshift/origin +After=network.target +After=atomic-openshift-master-api.service +Before=atomic-openshift-node.service +Requires=network.target + +[Service] +Type=notify +EnvironmentFile=/etc/sysconfig/atomic-openshift-master-controllers +Environment=GOTRACEBACK=crash +ExecStart=/usr/bin/atomic-enterprise start master controllers --config=${CONFIG_FILE} $OPTIONS +LimitNOFILE=131072 +LimitCORE=infinity +WorkingDirectory=/var/lib/origin/ +SyslogIdentifier=atomic-openshift-master-controllers +Restart=on-failure + +[Install] +WantedBy=multi-user.target +WantedBy=atomic-openshift-node.service diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml index b23c19d37..00aaa2e57 100644 --- a/roles/openshift_master/tasks/main.yml +++ b/roles/openshift_master/tasks/main.yml @@ -204,27 +204,16 @@ when: not openshift_master_ha | bool register: start_result -# workaround for start bug when configuring ha -- name: Start master for ha workaround - service: name={{ openshift.common.service_type }}-master state=started - when: openshift_master_ha | bool and inventory_hostname in groups.oo_first_master - -- name: pause for 30 seconds to let master finish starting up for ha workaround - pause: seconds=30 - when: openshift_master_ha | bool and inventory_hostname in groups.oo_first_master - -- name: Stop master for ha workaround - service: name={{ openshift.common.service_type }}-master state=stopped - when: openshift_master_ha | bool and inventory_hostname in groups.oo_first_master -# end workaround for start bug when configuring ha - -- fail: - - name: Start and enable master api service: name={{ openshift.common.service_type }}-master-api enabled=yes state=started when: openshift_master_ha | bool register: start_result +# TODO: work to eliminate this workaround +- name: pause a random interval to avoid startup errors for controller + pause: seconds={{ 60 | random(step=5) }} + when: openshift_master_ha | bool + - name: Start and enable master controller service: name={{ openshift.common.service_type }}-master-controllers enabled=yes state=started when: openshift_master_ha | bool diff --git a/roles/openshift_master_ca/tasks/main.yml b/roles/openshift_master_ca/tasks/main.yml index abb0f8252..0738048d3 100644 --- a/roles/openshift_master_ca/tasks/main.yml +++ b/roles/openshift_master_ca/tasks/main.yml @@ -14,7 +14,7 @@ - name: Create the master certificates if they do not already exist command: > {{ openshift.common.admin_binary }} create-master-certs - --hostnames={{ openshift.common.all_hostnames | join(',') }} + --hostnames={{ master_hostnames | join(',') }} --master={{ openshift.master.api_url }} --public-master={{ openshift.master.public_api_url }} --cert-dir={{ openshift_master_config_dir }} --overwrite=false -- cgit v1.2.3 From 037d77599632faa81f0c6ca1e912a19f04628b55 Mon Sep 17 00:00:00 2001 From: Jason DeTiberus Date: Tue, 25 Aug 2015 15:48:42 -0400 Subject: more tweaks --- playbooks/common/openshift-master/config.yml | 1 + roles/openshift_master/tasks/main.yml | 8 +++++--- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/playbooks/common/openshift-master/config.yml b/playbooks/common/openshift-master/config.yml index 67068e001..9de72fcde 100644 --- a/playbooks/common/openshift-master/config.yml +++ b/playbooks/common/openshift-master/config.yml @@ -246,6 +246,7 @@ - name: Configure master instances hosts: oo_masters_to_config + serial: 1 vars: named_certificates: "{{ hostvars[groups['oo_first_master'][0]]['parsed_named_certificates'] | default([])}}" sync_tmpdir: "{{ hostvars.localhost.g_master_mktemp.stdout }}" diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml index 00aaa2e57..085855750 100644 --- a/roles/openshift_master/tasks/main.yml +++ b/roles/openshift_master/tasks/main.yml @@ -209,15 +209,17 @@ when: openshift_master_ha | bool register: start_result -# TODO: work to eliminate this workaround -- name: pause a random interval to avoid startup errors for controller - pause: seconds={{ 60 | random(step=5) }} +- name: pause to prevent service restart from interfering with bootstrapping + pause: seconds=30 when: openshift_master_ha | bool +# TODO: fix the ugly workaround of setting ignore_errors +# the controllers service tries to start even if it is already started - name: Start and enable master controller service: name={{ openshift.common.service_type }}-master-controllers enabled=yes state=started when: openshift_master_ha | bool register: start_result + ignore_errors: yes - set_fact: master_service_status_changed = start_result | changed -- cgit v1.2.3 From a094ba9c632d9b0f66f49d35f6fed26e4b118a12 Mon Sep 17 00:00:00 2001 From: Jason DeTiberus Date: Tue, 25 Aug 2015 16:28:11 -0400 Subject: hardcode openshift binaries for now --- inventory/byo/hosts.example | 14 +++++++++++--- .../files/atomic-openshift-master-api.service | 2 +- .../files/atomic-openshift-master-controllers.service | 2 +- 3 files changed, 13 insertions(+), 5 deletions(-) diff --git a/inventory/byo/hosts.example b/inventory/byo/hosts.example index 7fd91e284..c445f28b7 100644 --- a/inventory/byo/hosts.example +++ b/inventory/byo/hosts.example @@ -5,6 +5,7 @@ masters nodes etcd +lb # Set variables common for all OSEv3 hosts [OSEv3:vars] @@ -70,6 +71,12 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', #openshift_master_cluster_public_hostname=openshift-ansible.test.example.com #openshift_master_cluster_defer_ha=True +# Native clustering with haproxy as an optional load balancer +#openshift_master_cluster_hostname=openshift-ansible.test.example.com +#openshift_master_cluster_public_hostname=openshift-ansible.test.example.com +#openshift_master_cluster_vip=192.168.133.25 +#openshift_master_cluster_public_vip=192.168.133.25 + # default subdomain to use for exposed routes #osm_default_subdomain=apps.test.example.com @@ -108,9 +115,10 @@ ose3-master[1:3]-ansible.test.example.com [etcd] ose3-etcd[1:3]-ansible.test.example.com -# NOTE: Currently we require that masters be part of the SDN which requires that they also be nodes -# However, in order to ensure that your masters are not burdened with running pods you should -# make them unschedulable by adding openshift_scheduleable=False any node that's also a master. +[lb] +ose3-lb-ansible.test.example.com + +# host group for nodes [nodes] ose3-master[1:3]-ansible.test.example.com ose3-node[1:2]-ansible.test.example.com openshift_node_labels="{'region': 'primary', 'zone': 'default'}" diff --git a/roles/openshift_master/files/atomic-openshift-master-api.service b/roles/openshift_master/files/atomic-openshift-master-api.service index b24b9809e..4663b77f2 100644 --- a/roles/openshift_master/files/atomic-openshift-master-api.service +++ b/roles/openshift_master/files/atomic-openshift-master-api.service @@ -10,7 +10,7 @@ Requires=network.target Type=notify EnvironmentFile=/etc/sysconfig/atomic-openshift-master-api Environment=GOTRACEBACK=crash -ExecStart=/usr/bin/atomic-enterprise start master api --config=${CONFIG_FILE} $OPTIONS +ExecStart=/usr/bin/openshift start master api --config=${CONFIG_FILE} $OPTIONS LimitNOFILE=131072 LimitCORE=infinity WorkingDirectory=/var/lib/origin/ diff --git a/roles/openshift_master/files/atomic-openshift-master-controllers.service b/roles/openshift_master/files/atomic-openshift-master-controllers.service index e84160e5a..517f9c908 100644 --- a/roles/openshift_master/files/atomic-openshift-master-controllers.service +++ b/roles/openshift_master/files/atomic-openshift-master-controllers.service @@ -10,7 +10,7 @@ Requires=network.target Type=notify EnvironmentFile=/etc/sysconfig/atomic-openshift-master-controllers Environment=GOTRACEBACK=crash -ExecStart=/usr/bin/atomic-enterprise start master controllers --config=${CONFIG_FILE} $OPTIONS +ExecStart=/usr/bin/openshift start master controllers --config=${CONFIG_FILE} $OPTIONS LimitNOFILE=131072 LimitCORE=infinity WorkingDirectory=/var/lib/origin/ -- cgit v1.2.3 From 16e085b44ba3e3328ec7d8a5dd5e2331c7f633a6 Mon Sep 17 00:00:00 2001 From: Jason DeTiberus Date: Wed, 26 Aug 2015 12:54:29 -0400 Subject: default to source persistence for haproxy --- playbooks/common/openshift-master/config.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/playbooks/common/openshift-master/config.yml b/playbooks/common/openshift-master/config.yml index 9de72fcde..d1aa9c85c 100644 --- a/playbooks/common/openshift-master/config.yml +++ b/playbooks/common/openshift-master/config.yml @@ -238,7 +238,7 @@ - name: atomic-openshift-api mode: tcp option: tcplog - balance: roundrobin + balance: source servers: "{{ hostvars.localhost.haproxy_backend_servers }}" roles: - role: haproxy -- cgit v1.2.3 From a6dd87452379403704fb5cd1d8647ef3cf978e28 Mon Sep 17 00:00:00 2001 From: Jason DeTiberus Date: Wed, 26 Aug 2015 17:07:06 -0400 Subject: fix dueling controllers - without controllerLeaseTTL set in config, multiple controllers will attempt to start --- inventory/byo/hosts.example | 2 ++ roles/openshift_master/handlers/main.yml | 2 ++ roles/openshift_master/tasks/main.yml | 1 + roles/openshift_master/templates/master.yaml.v1.j2 | 4 +++- 4 files changed, 8 insertions(+), 1 deletion(-) diff --git a/inventory/byo/hosts.example b/inventory/byo/hosts.example index c445f28b7..d6c9c3ab6 100644 --- a/inventory/byo/hosts.example +++ b/inventory/byo/hosts.example @@ -76,6 +76,8 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', #openshift_master_cluster_public_hostname=openshift-ansible.test.example.com #openshift_master_cluster_vip=192.168.133.25 #openshift_master_cluster_public_vip=192.168.133.25 +# Override the default controller lease ttl +#osm_controller_lease_ttl=30 # default subdomain to use for exposed routes #osm_default_subdomain=apps.test.example.com diff --git a/roles/openshift_master/handlers/main.yml b/roles/openshift_master/handlers/main.yml index 9ce4f512b..ad3ac5a9f 100644 --- a/roles/openshift_master/handlers/main.yml +++ b/roles/openshift_master/handlers/main.yml @@ -7,6 +7,8 @@ service: name={{ openshift.common.service_type }}-master-api state=restarted when: openshift_master_ha | bool +# TODO: need to fix up ignore_errors here - name: restart master controllers service: name={{ openshift.common.service_type }}-master-controllers state=restarted when: openshift_master_ha | bool + ignore_errors: yes diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml index 085855750..290f22358 100644 --- a/roles/openshift_master/tasks/main.yml +++ b/roles/openshift_master/tasks/main.yml @@ -64,6 +64,7 @@ infra_nodes: "{{ num_infra | default(None) }}" disabled_features: "{{ osm_disabled_features | default(None) }}" master_count: "{{ openshift_master_count | default(None) }}" + controller_lease_ttl: "{{ osm_controller_lease_ttl | default(None) }}" - name: Install Master package yum: pkg={{ openshift.common.service_type }}-master state=present diff --git a/roles/openshift_master/templates/master.yaml.v1.j2 b/roles/openshift_master/templates/master.yaml.v1.j2 index 3f2c51417..9145df479 100644 --- a/roles/openshift_master/templates/master.yaml.v1.j2 +++ b/roles/openshift_master/templates/master.yaml.v1.j2 @@ -16,7 +16,9 @@ assetConfig: keyFile: master.server.key maxRequestsInFlight: 0 requestTimeoutSeconds: 0 -controllerLeaseTTL: 0 +{% if openshift_master_ha | bool %} +controllerLeaseTTL: {{ openshift.master.controller_lease_ttl | default('30') }} +{% endif %} controllers: '*' corsAllowedOrigins: {% for origin in ['127.0.0.1', 'localhost', openshift.common.ip, openshift.common.public_ip] | union(openshift.common.all_hostnames) | unique %} -- cgit v1.2.3 From 6571fd9d220b7cc67ae5738149164104d5662902 Mon Sep 17 00:00:00 2001 From: Jason DeTiberus Date: Wed, 26 Aug 2015 22:15:02 -0400 Subject: Atomic Enterprise/OpenShift Enterprise merge update --- roles/openshift_facts/library/openshift_facts.py | 2 +- roles/openshift_node/tasks/main.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py index 24ae5183e..41c7ff1de 100755 --- a/roles/openshift_facts/library/openshift_facts.py +++ b/roles/openshift_facts/library/openshift_facts.py @@ -407,7 +407,7 @@ def set_identity_providers_if_unset(facts): name='allow_all', challenge=True, login=True, kind='AllowAllPasswordIdentityProvider' ) - if deployment_type == 'enterprise': + if deployment_type in ['enterprise', 'atomic-enterprise', 'openshift-enterprise']: identity_provider = dict( name='deny_all', challenge=True, login=True, kind='DenyAllPasswordIdentityProvider' diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml index fbeba823e..c455a09f1 100644 --- a/roles/openshift_node/tasks/main.yml +++ b/roles/openshift_node/tasks/main.yml @@ -8,7 +8,7 @@ when: osn_cluster_dns_ip is not defined or not osn_cluster_dns_ip - fail: msg: "SELinux is disabled, This deployment type requires that SELinux is enabled." - when: (not ansible_selinux or ansible_selinux.status != 'enabled') and deployment_type in ['enterprise', 'online'] + when: (not ansible_selinux or ansible_selinux.status != 'enabled') and deployment_type in ['enterprise', 'online', 'atomic-enterprise', 'openshift-enterprise'] - name: Set node facts openshift_facts: -- cgit v1.2.3 From f8618fc13af95613de5f022dd1855af7309c7d7c Mon Sep 17 00:00:00 2001 From: Jason DeTiberus Date: Wed, 4 Nov 2015 22:34:39 -0500 Subject: Bug 1277592 - SDN MTU has hardcoded default - Attempt to detect the MTU of the interface associated with the node IP and set the default for sdn_mtu accordingly. The value can still be overriden by users and if detection fails the previous default of 1450 is still used. --- roles/openshift_facts/library/openshift_facts.py | 20 +++++++++++++++----- roles/openshift_node/templates/node.yaml.v1.j2 | 1 + 2 files changed, 16 insertions(+), 5 deletions(-) diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py index 163e67f62..19857cfd2 100755 --- a/roles/openshift_facts/library/openshift_facts.py +++ b/roles/openshift_facts/library/openshift_facts.py @@ -583,11 +583,12 @@ def set_deployment_facts_if_unset(facts): return facts -def set_sdn_facts_if_unset(facts): +def set_sdn_facts_if_unset(facts, system_facts): """ Set sdn facts if not already present in facts dict Args: facts (dict): existing facts + system_facts (dict): ansible_facts Returns: dict: the facts dict updated with the generated sdn facts if they were not already present @@ -606,9 +607,18 @@ def set_sdn_facts_if_unset(facts): if 'sdn_host_subnet_length' not in facts['master']: facts['master']['sdn_host_subnet_length'] = '8' - if 'node' in facts: - if 'sdn_mtu' not in facts['node']: - facts['node']['sdn_mtu'] = '1450' + if 'node' in facts and 'sdn_mtu' not in facts['node']: + node_ip = facts['common']['ip'] + + # default MTU if interface MTU cannot be detected + facts['node']['sdn_mtu'] = '1450' + + for val in system_facts.itervalues(): + if isinstance(val, dict) and 'mtu' in val: + mtu = val['mtu'] + + if 'ipv4' in val and val['ipv4'].get('address') == node_ip: + facts['node']['sdn_mtu'] = str(mtu - 50) return facts @@ -879,7 +889,7 @@ class OpenShiftFacts(object): facts = set_master_selectors(facts) facts = set_metrics_facts_if_unset(facts) facts = set_identity_providers_if_unset(facts) - facts = set_sdn_facts_if_unset(facts) + facts = set_sdn_facts_if_unset(facts, self.system_facts) facts = set_deployment_facts_if_unset(facts) facts = set_aggregate_facts(facts) return dict(openshift=facts) diff --git a/roles/openshift_node/templates/node.yaml.v1.j2 b/roles/openshift_node/templates/node.yaml.v1.j2 index 4931d127e..509cce2e0 100644 --- a/roles/openshift_node/templates/node.yaml.v1.j2 +++ b/roles/openshift_node/templates/node.yaml.v1.j2 @@ -22,6 +22,7 @@ networkConfig: {% if openshift.common.use_openshift_sdn %} networkPluginName: {{ openshift.common.sdn_network_plugin_name }} {% endif %} +nodeIP: {{ openshift.common.ip }} nodeName: {{ openshift.common.hostname | lower }} podManifestConfig: servingInfo: -- cgit v1.2.3 From 82b4209c02c27ab0e9a6d9c016ff06d12f42a9c1 Mon Sep 17 00:00:00 2001 From: Brenton Leanhardt Date: Thu, 5 Nov 2015 08:41:51 -0500 Subject: Bug 1274201 - Fixing sudo non-interactive test https://bugzilla.redhat.com/show_bug.cgi?id=1274201#c13 --- utils/src/ooinstall/openshift_ansible.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/utils/src/ooinstall/openshift_ansible.py b/utils/src/ooinstall/openshift_ansible.py index e33330102..bdb9859a2 100644 --- a/utils/src/ooinstall/openshift_ansible.py +++ b/utils/src/ooinstall/openshift_ansible.py @@ -46,7 +46,7 @@ def generate_inventory(hosts): if any(host.hostname == installer_host or host.public_hostname == installer_host for host in hosts): - no_pwd_sudo = subprocess.call(['sudo', '-v', '--non-interactive']) + no_pwd_sudo = subprocess.call(['sudo', '-v', '-n']) if no_pwd_sudo == 1: print 'The atomic-openshift-installer requires sudo access without a password.' sys.exit(1) -- cgit v1.2.3 From cfca7b9f7894e2b427ae0753477cd13cc537e348 Mon Sep 17 00:00:00 2001 From: Brenton Leanhardt Date: Thu, 5 Nov 2015 09:14:33 -0500 Subject: Bug 1274201 - Fixing non-root installations if using a local connection Previously we were writing out a inventory like this: ~~~ [OSEv3:children] masters nodes [OSEv3:vars] ansible_ssh_user=root deployment_type=openshift-enterprise ansible_connection=local [masters] ose3-master.example.com openshift_hostname=ose3-master.example.com [nodes] ose3-master.example.com openshift_hostname=ose3-master.example.com ose3-node1.example.com openshift_hostname=ose3-node1.example.com ose3-node2.example.com openshift_hostname=ose3-node2.example.com ~~~ The problem with that is now all the hosts are consider local connections. In addition our sudo check wasn't working as expected. We would check that we have sudo, but the playbooks were not running with root privileges. When gathering facts you'd hit: ~~~ __main__.OpenShiftFactsFileWriteError: Could not create fact file: /etc/ansible/facts.d/openshift.fact, error: [Errno 13] Permission denied: '/etc/ansible/facts.d/openshift.fact' ~~~ Instead the test for locale connections needs to be per host. Anytime we're not running as root we need `ansible_become` set: ~~~ ose3-master.example.com openshift_hostname=ose3-master.example.com ansible_connection=local ansible_become=true ~~~ --- utils/src/ooinstall/openshift_ansible.py | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/utils/src/ooinstall/openshift_ansible.py b/utils/src/ooinstall/openshift_ansible.py index bdb9859a2..4b37be278 100644 --- a/utils/src/ooinstall/openshift_ansible.py +++ b/utils/src/ooinstall/openshift_ansible.py @@ -18,7 +18,6 @@ def set_config(cfg): def generate_inventory(hosts): global CFG - installer_host = socket.gethostname() base_inventory_path = CFG.settings['ansible_inventory_path'] base_inventory = open(base_inventory_path, 'w') base_inventory.write('\n[OSEv3:children]\nmasters\nnodes\n') @@ -44,14 +43,6 @@ def generate_inventory(hosts): if 'OO_INSTALL_STAGE_REGISTRY' in os.environ: base_inventory.write('oreg_url=registry.access.stage.redhat.com/openshift3/ose-${component}:${version}\n') - if any(host.hostname == installer_host or host.public_hostname == installer_host - for host in hosts): - no_pwd_sudo = subprocess.call(['sudo', '-v', '-n']) - if no_pwd_sudo == 1: - print 'The atomic-openshift-installer requires sudo access without a password.' - sys.exit(1) - base_inventory.write("ansible_connection=local\n") - base_inventory.write('\n[masters]\n') masters = (host for host in hosts if host.master) for master in masters: @@ -72,6 +63,7 @@ def generate_inventory(hosts): def write_host(host, inventory, scheduleable=True): global CFG + facts = '' if host.ip: facts += ' openshift_ip={}'.format(host.ip) @@ -85,6 +77,16 @@ def write_host(host, inventory, scheduleable=True): # Technically only nodes will ever need this. if not scheduleable: facts += ' openshift_scheduleable=False' + installer_host = socket.gethostname() + if host.hostname == installer_host or host.public_hostname == installer_host: + facts += ' ansible_connection=local' + if os.geteuid() != 0: + no_pwd_sudo = subprocess.call(['sudo', '-v', '-n']) + if no_pwd_sudo == 1: + print 'The atomic-openshift-installer requires sudo access without a password.' + sys.exit(1) + facts += ' ansible_become=true' + inventory.write('{} {}\n'.format(host, facts)) -- cgit v1.2.3 From ca9f4f08fbf14f9edfa7331e327cf92a25cd4401 Mon Sep 17 00:00:00 2001 From: Andrew Butcher Date: Tue, 22 Sep 2015 16:42:36 -0400 Subject: Various HA changes for pacemaker and native methods. --- filter_plugins/oo_filters.py | 2 +- inventory/byo/hosts.example | 53 ++++++++++----- playbooks/common/openshift-cluster/config.yml | 10 +-- .../common/openshift-cluster/evaluate_groups.yml | 8 +++ playbooks/common/openshift-master/config.yml | 54 ++++++++++++++-- playbooks/gce/openshift-cluster/join_node.yml | 2 +- roles/openshift_common/vars/main.yml | 2 - roles/openshift_facts/library/openshift_facts.py | 39 ++++++----- .../files/atomic-openshift-master-api | 9 --- .../files/atomic-openshift-master-api.service | 21 ------ .../files/atomic-openshift-master-controllers | 9 --- .../atomic-openshift-master-controllers.service | 22 ------- roles/openshift_master/handlers/main.yml | 4 +- roles/openshift_master/tasks/main.yml | 75 ++++++++++++++-------- .../templates/atomic-openshift-master-api.j2 | 9 +++ .../atomic-openshift-master-api.service.j2 | 21 ++++++ .../atomic-openshift-master-controllers.j2 | 9 +++ .../atomic-openshift-master-controllers.service.j2 | 22 +++++++ .../templates/sessionSecretsFile.yaml.v1.j2 | 7 ++ roles/openshift_master/vars/main.yml | 1 + .../tasks/configure_deferred.yml | 8 --- roles/openshift_master_cluster/tasks/main.yml | 5 +- roles/openshift_node/meta/main.yml | 1 + roles/openshift_node/tasks/main.yml | 1 + roles/openshift_repos/tasks/main.yaml | 2 +- 25 files changed, 245 insertions(+), 151 deletions(-) delete mode 100644 roles/openshift_master/files/atomic-openshift-master-api delete mode 100644 roles/openshift_master/files/atomic-openshift-master-api.service delete mode 100644 roles/openshift_master/files/atomic-openshift-master-controllers delete mode 100644 roles/openshift_master/files/atomic-openshift-master-controllers.service create mode 100644 roles/openshift_master/templates/atomic-openshift-master-api.j2 create mode 100644 roles/openshift_master/templates/atomic-openshift-master-api.service.j2 create mode 100644 roles/openshift_master/templates/atomic-openshift-master-controllers.j2 create mode 100644 roles/openshift_master/templates/atomic-openshift-master-controllers.service.j2 create mode 100644 roles/openshift_master/templates/sessionSecretsFile.yaml.v1.j2 delete mode 100644 roles/openshift_master_cluster/tasks/configure_deferred.yml diff --git a/filter_plugins/oo_filters.py b/filter_plugins/oo_filters.py index 4e4f7507c..f494c0ae5 100644 --- a/filter_plugins/oo_filters.py +++ b/filter_plugins/oo_filters.py @@ -422,6 +422,6 @@ class FilterModule(object): "oo_split": self.oo_split, "oo_filter_list": self.oo_filter_list, "oo_parse_heat_stack_outputs": self.oo_parse_heat_stack_outputs, - "oo_parse_certificate_names": self.oo_parse_certificate_names + "oo_parse_certificate_names": self.oo_parse_certificate_names, "oo_haproxy_backend_masters": self.oo_haproxy_backend_masters } diff --git a/inventory/byo/hosts.example b/inventory/byo/hosts.example index d6c9c3ab6..11f076a8a 100644 --- a/inventory/byo/hosts.example +++ b/inventory/byo/hosts.example @@ -21,6 +21,9 @@ ansible_ssh_user=root # deployment type valid values are origin, online and enterprise deployment_type=atomic-enterprise +# Enable cluster metrics +#use_cluster_metrics=true + # Pre-release registry URL #oreg_url=example.com/openshift3/ose-${component}:${version} @@ -55,27 +58,27 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', # Set cockpit plugins #osm_cockpit_plugins=['cockpit-kubernetes'] -# master cluster ha variables using pacemaker or RHEL HA -#openshift_master_cluster_password=openshift_cluster -#openshift_master_cluster_vip=192.168.133.25 -#openshift_master_cluster_public_vip=192.168.133.25 +# Native high availbility cluster method with optional load balancer. +# If no lb group is defined installer assumes that a load balancer has +# been preconfigured. For installation the value of +# openshift_master_cluster_hostname must resolve to the load balancer +# or to one or all of the masters defined in the inventory if no load +# balancer is present. +#openshift_master_cluster_method=native #openshift_master_cluster_hostname=openshift-ansible.test.example.com #openshift_master_cluster_public_hostname=openshift-ansible.test.example.com -# master cluster ha variables when using a different HA solution -# For installation the value of openshift_master_cluster_hostname must resolve -# to the first master defined in the inventory. -# The HA solution must be manually configured after installation and must ensure -# that the master is running on a single master host. +# Pacemaker high availability cluster method. +# Pacemaker HA environment must be able to self provision the +# configured VIP. For installation openshift_master_cluster_hostname +# must resolve to the configured VIP. +#openshift_master_cluster_method=pacemaker +#openshift_master_cluster_password=openshift_cluster +#openshift_master_cluster_vip=192.168.133.25 +#openshift_master_cluster_public_vip=192.168.133.25 #openshift_master_cluster_hostname=openshift-ansible.test.example.com #openshift_master_cluster_public_hostname=openshift-ansible.test.example.com -#openshift_master_cluster_defer_ha=True -# Native clustering with haproxy as an optional load balancer -#openshift_master_cluster_hostname=openshift-ansible.test.example.com -#openshift_master_cluster_public_hostname=openshift-ansible.test.example.com -#openshift_master_cluster_vip=192.168.133.25 -#openshift_master_cluster_public_vip=192.168.133.25 # Override the default controller lease ttl #osm_controller_lease_ttl=30 @@ -110,6 +113,22 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', # Detected names may be overridden by specifying the "names" key #openshift_master_named_certificates=[{"certfile": "/path/to/custom1.crt", "keyfile": "/path/to/custom1.key", "names": ["public-master-host.com"]}] +# Session options +#openshift_master_session_name=ssn +#openshift_master_session_max_seconds=3600 + +# An authentication and encryption secret will be generated if secrets +# are not provided. If provided, openshift_master_session_auth_secrets +# and openshift_master_encryption_secrets must be equal length. +# +# Signing secrets, used to authenticate sessions using +# HMAC. Recommended to use secrets with 32 or 64 bytes. +#openshift_master_session_auth_secrets=['DONT+USE+THIS+SECRET+b4NV+pmZNSO'] +# +# Encrypting secrets, used to encrypt sessions. Must be 16, 24, or 32 +# characters long, to select AES-128, AES-192, or AES-256. +#openshift_master_session_encryption_secrets=['DONT+USE+THIS+SECRET+b4NV+pmZNSO'] + # host group for masters [masters] ose3-master[1:3]-ansible.test.example.com @@ -120,7 +139,9 @@ ose3-etcd[1:3]-ansible.test.example.com [lb] ose3-lb-ansible.test.example.com -# host group for nodes +# NOTE: Currently we require that masters be part of the SDN which requires that they also be nodes +# However, in order to ensure that your masters are not burdened with running pods you should +# make them unschedulable by adding openshift_scheduleable=False any node that's also a master. [nodes] ose3-master[1:3]-ansible.test.example.com ose3-node[1:2]-ansible.test.example.com openshift_node_labels="{'region': 'primary', 'zone': 'default'}" diff --git a/playbooks/common/openshift-cluster/config.yml b/playbooks/common/openshift-cluster/config.yml index b66ca4709..a8bd634d3 100644 --- a/playbooks/common/openshift-cluster/config.yml +++ b/playbooks/common/openshift-cluster/config.yml @@ -1,14 +1,6 @@ --- - include: evaluate_groups.yml - - name: Evaluate oo_lb_to_config - add_host: - name: "{{ item }}" - groups: oo_lb_to_config - ansible_ssh_user: "{{ g_ssh_user | default(omit) }}" - ansible_sudo: "{{ g_sudo | default(omit) }}" - with_items: groups[g_lb_group] | default(groups[g_masters_group]) | default([]) - - include: ../openshift-etcd/config.yml - include: ../openshift-master/config.yml @@ -16,4 +8,4 @@ - include: ../openshift-node/config.yml vars: osn_cluster_dns_domain: "{{ hostvars[groups.oo_first_master.0].openshift.dns.domain }}" - osn_cluster_dns_ip: "{{ hostvars[groups.oo_first_master.0].openshift.dns.ip }}" + osn_cluster_dns_ip: "{{ hostvars[groups.oo_first_master.0].cluster_dns_ip }}" diff --git a/playbooks/common/openshift-cluster/evaluate_groups.yml b/playbooks/common/openshift-cluster/evaluate_groups.yml index 1919660dd..a787ba0d3 100644 --- a/playbooks/common/openshift-cluster/evaluate_groups.yml +++ b/playbooks/common/openshift-cluster/evaluate_groups.yml @@ -62,3 +62,11 @@ ansible_ssh_user: "{{ g_ssh_user | default(omit) }}" ansible_sudo: "{{ g_sudo | default(omit) }}" when: g_masters_group in groups and (groups[g_masters_group] | length) > 0 + + - name: Evaluate oo_lb_to_config + add_host: + name: "{{ item }}" + groups: oo_lb_to_config + ansible_ssh_user: "{{ g_ssh_user | default(omit) }}" + ansible_sudo: "{{ g_sudo | default(omit) }}" + with_items: groups[g_lb_group] | default([]) diff --git a/playbooks/common/openshift-master/config.yml b/playbooks/common/openshift-master/config.yml index d1aa9c85c..64376040f 100644 --- a/playbooks/common/openshift-master/config.yml +++ b/playbooks/common/openshift-master/config.yml @@ -46,7 +46,6 @@ public_api_url: "{{ openshift_master_public_api_url | default(None) }}" cluster_hostname: "{{ openshift_master_cluster_hostname | default(None) }}" cluster_public_hostname: "{{ openshift_master_cluster_public_hostname | default(None) }}" - cluster_defer_ha: "{{ openshift_master_cluster_defer_ha | default(None) }}" console_path: "{{ openshift_master_console_path | default(None) }}" console_port: "{{ openshift_master_console_port | default(None) }}" console_url: "{{ openshift_master_console_url | default(None) }}" @@ -244,6 +243,35 @@ - role: haproxy when: groups.oo_masters_to_config | length > 1 +- name: Generate master session keys + hosts: oo_first_master + tasks: + - fail: + msg: "Both openshift_master_session_auth_secrets and openshift_master_session_encryption_secrets must be provided if either variable is set" + when: (openshift_master_session_auth_secrets is defined and openshift_master_session_encryption_secrets is not defined) or (openshift_master_session_encryption_secrets is defined and openshift_master_session_auth_secrets is not defined) + - fail: + msg: "openshift_master_session_auth_secrets and openshift_master_encryption_secrets must be equal length" + when: (openshift_master_session_auth_secrets is defined and openshift_master_session_encryption_secrets is defined) and (openshift_master_session_auth_secrets | length != openshift_master_session_encryption_secrets | length) + - name: Generate session authentication key + command: /usr/bin/openssl rand -base64 24 + register: session_auth_output + with_sequence: count=1 + when: openshift_master_session_auth_secrets is undefined + - name: Generate session encryption key + command: /usr/bin/openssl rand -base64 24 + register: session_encryption_output + with_sequence: count=1 + when: openshift_master_session_encryption_secrets is undefined + - set_fact: + session_auth_secret: "{{ openshift_master_session_auth_secrets + | default(session_auth_output.results + | map(attribute='stdout') + | list) }}" + session_encryption_secret: "{{ openshift_master_session_encryption_secrets + | default(session_encryption_output.results + | map(attribute='stdout') + | list) }}" + - name: Configure master instances hosts: oo_masters_to_config serial: 1 @@ -252,6 +280,8 @@ sync_tmpdir: "{{ hostvars.localhost.g_master_mktemp.stdout }}" openshift_master_ha: "{{ groups.oo_masters_to_config | length > 1 }}" openshift_master_count: "{{ groups.oo_masters_to_config | length }}" + openshift_master_session_auth_secrets: "{{ hostvars[groups['oo_first_master'][0]]['session_auth_secret'] }}" + openshift_master_session_encryption_secrets: "{{ hostvars[groups['oo_first_master'][0]]['session_encryption_secret'] }}" pre_tasks: - name: Ensure certificate directory exists file: @@ -276,15 +306,29 @@ - name: Additional master configuration hosts: oo_first_master vars: - #openshift_master_ha: "{{ groups.oo_masters_to_config | length > 1 }}" - # omc_cluster_hosts: "{{ groups.oo_masters_to_config | join(' ')}}" + openshift_master_ha: "{{ groups.oo_masters_to_config | length > 1 }}" + omc_cluster_hosts: "{{ groups.oo_masters_to_config | join(' ')}}" roles: -# - role: openshift_master_cluster -# when: openshift_master_ha | bool + - role: openshift_master_cluster + when: openshift_master_ha | bool and openshift.master.cluster_method == "pacemaker" - openshift_examples - role: openshift_cluster_metrics when: openshift.common.use_cluster_metrics | bool +- name: Determine cluster dns ip + hosts: oo_first_master + tasks: + - name: Get master service ip + command: "{{ openshift.common.client_binary }} get -o template svc kubernetes --template=\\{\\{.spec.clusterIP\\}\\}" + register: master_service_ip_output + when: openshift.common.version_greater_than_3_1_or_1_1 | bool + - set_fact: + cluster_dns_ip: "{{ hostvars[groups.oo_first_master.0].openshift.dns.ip }}" + when: not openshift.common.version_greater_than_3_1_or_1_1 | bool + - set_fact: + cluster_dns_ip: "{{ master_service_ip_output.stdout }}" + when: openshift.common.version_greater_than_3_1_or_1_1 | bool + - name: Enable cockpit hosts: oo_first_master vars: diff --git a/playbooks/gce/openshift-cluster/join_node.yml b/playbooks/gce/openshift-cluster/join_node.yml index 0dfa3e9d7..c8f6065cd 100644 --- a/playbooks/gce/openshift-cluster/join_node.yml +++ b/playbooks/gce/openshift-cluster/join_node.yml @@ -46,4 +46,4 @@ openshift_node_labels: "{{ lookup('oo_option', 'openshift_node_labels') }} " os_sdn_network_plugin_name: "redhat/openshift-ovs-subnet" osn_cluster_dns_domain: "{{ hostvars[groups.oo_first_master.0].openshift.dns.domain }}" - osn_cluster_dns_ip: "{{ hostvars[groups.oo_first_master.0].openshift.dns.ip }}" + osn_cluster_dns_ip: "{{ hostvars[groups.oo_first_master.0].cluster_dns_ip }}" diff --git a/roles/openshift_common/vars/main.yml b/roles/openshift_common/vars/main.yml index 817fe0a5f..50816d319 100644 --- a/roles/openshift_common/vars/main.yml +++ b/roles/openshift_common/vars/main.yml @@ -5,5 +5,3 @@ # chains with the public zone (or the zone associated with the correct # interfaces) os_firewall_use_firewalld: False - -openshift_data_dir: /var/lib/origin diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py index 41c7ff1de..ae5d99121 100755 --- a/roles/openshift_facts/library/openshift_facts.py +++ b/roles/openshift_facts/library/openshift_facts.py @@ -540,7 +540,7 @@ def set_deployment_facts_if_unset(facts): if 'service_type' not in facts['common']: service_type = 'atomic-openshift' if deployment_type == 'origin': - service_type = 'openshift' + service_type = 'origin' elif deployment_type in ['enterprise', 'online']: service_type = 'openshift' facts['common']['service_type'] = service_type @@ -548,23 +548,10 @@ def set_deployment_facts_if_unset(facts): config_base = '/etc/origin' if deployment_type in ['enterprise', 'online']: config_base = '/etc/openshift' - elif deployment_type == 'origin': - config_base = '/etc/openshift' facts['common']['config_base'] = config_base if 'data_dir' not in facts['common']: data_dir = '/var/lib/origin' - if deployment_type in ['enterprise', 'online']: - data_dir = '/var/lib/openshift' facts['common']['data_dir'] = data_dir - facts['common']['version'] = version = get_openshift_version() - if version is not None: - if deployment_type == 'origin': - version_gt_3_1_or_1_1 = LooseVersion(version) > LooseVersion('1.0.6') - else: - version_gt_3_1_or_1_1 = LooseVersion(version) > LooseVersion('3.0.2.900') - else: - version_gt_3_1_or_1_1 = True - facts['common']['version_greater_than_3_1_or_1_1'] = version_gt_3_1_or_1_1 for role in ('master', 'node'): if role in facts: @@ -598,6 +585,27 @@ def set_deployment_facts_if_unset(facts): return facts +def set_version_facts_if_unset(facts): + """ Set version facts. This currently includes common.version and + common.version_greater_than_3_1_or_1_1. + + Args: + facts (dict): existing facts + Returns: + dict: the facts dict updated with version facts. + """ + if 'common' in facts: + deployment_type = facts['common']['deployment_type'] + facts['common']['version'] = version = get_openshift_version() + if version is not None: + if deployment_type == 'origin': + version_gt_3_1_or_1_1 = LooseVersion(version) > LooseVersion('1.0.6') + else: + version_gt_3_1_or_1_1 = LooseVersion(version) > LooseVersion('3.0.2.900') + else: + version_gt_3_1_or_1_1 = True + facts['common']['version_greater_than_3_1_or_1_1'] = version_gt_3_1_or_1_1 + return facts def set_sdn_facts_if_unset(facts): """ Set sdn facts if not already present in facts dict @@ -897,6 +905,7 @@ class OpenShiftFacts(object): facts = set_identity_providers_if_unset(facts) facts = set_sdn_facts_if_unset(facts) facts = set_deployment_facts_if_unset(facts) + facts = set_version_facts_if_unset(facts) facts = set_aggregate_facts(facts) return dict(openshift=facts) @@ -936,7 +945,7 @@ class OpenShiftFacts(object): session_name='ssn', session_secrets_file='', access_token_max_seconds=86400, auth_token_max_seconds=500, - oauth_grant_method='auto', cluster_defer_ha=False) + oauth_grant_method='auto') defaults['master'] = master if 'node' in roles: diff --git a/roles/openshift_master/files/atomic-openshift-master-api b/roles/openshift_master/files/atomic-openshift-master-api deleted file mode 100644 index ea82468a0..000000000 --- a/roles/openshift_master/files/atomic-openshift-master-api +++ /dev/null @@ -1,9 +0,0 @@ -OPTIONS= -CONFIG_FILE=/etc/origin/master/master-config.yaml - -# Proxy configuration -# Origin uses standard HTTP_PROXY environment variables. Be sure to set -# NO_PROXY for your master -#NO_PROXY=master.example.com -#HTTP_PROXY=http://USER:PASSWORD@IPADDR:PORT -#HTTPS_PROXY=https://USER:PASSWORD@IPADDR:PORT diff --git a/roles/openshift_master/files/atomic-openshift-master-api.service b/roles/openshift_master/files/atomic-openshift-master-api.service deleted file mode 100644 index 4663b77f2..000000000 --- a/roles/openshift_master/files/atomic-openshift-master-api.service +++ /dev/null @@ -1,21 +0,0 @@ -[Unit] -Description=Atomic OpenShift Master API -Documentation=https://github.com/openshift/origin -After=network.target -After=etcd.service -Before=atomic-openshift-node.service -Requires=network.target - -[Service] -Type=notify -EnvironmentFile=/etc/sysconfig/atomic-openshift-master-api -Environment=GOTRACEBACK=crash -ExecStart=/usr/bin/openshift start master api --config=${CONFIG_FILE} $OPTIONS -LimitNOFILE=131072 -LimitCORE=infinity -WorkingDirectory=/var/lib/origin/ -SyslogIdentifier=atomic-openshift-master-api - -[Install] -WantedBy=multi-user.target -WantedBy=atomic-openshift-node.service diff --git a/roles/openshift_master/files/atomic-openshift-master-controllers b/roles/openshift_master/files/atomic-openshift-master-controllers deleted file mode 100644 index ea82468a0..000000000 --- a/roles/openshift_master/files/atomic-openshift-master-controllers +++ /dev/null @@ -1,9 +0,0 @@ -OPTIONS= -CONFIG_FILE=/etc/origin/master/master-config.yaml - -# Proxy configuration -# Origin uses standard HTTP_PROXY environment variables. Be sure to set -# NO_PROXY for your master -#NO_PROXY=master.example.com -#HTTP_PROXY=http://USER:PASSWORD@IPADDR:PORT -#HTTPS_PROXY=https://USER:PASSWORD@IPADDR:PORT diff --git a/roles/openshift_master/files/atomic-openshift-master-controllers.service b/roles/openshift_master/files/atomic-openshift-master-controllers.service deleted file mode 100644 index 517f9c908..000000000 --- a/roles/openshift_master/files/atomic-openshift-master-controllers.service +++ /dev/null @@ -1,22 +0,0 @@ -[Unit] -Description=Atomic OpenShift Master Controllers -Documentation=https://github.com/openshift/origin -After=network.target -After=atomic-openshift-master-api.service -Before=atomic-openshift-node.service -Requires=network.target - -[Service] -Type=notify -EnvironmentFile=/etc/sysconfig/atomic-openshift-master-controllers -Environment=GOTRACEBACK=crash -ExecStart=/usr/bin/openshift start master controllers --config=${CONFIG_FILE} $OPTIONS -LimitNOFILE=131072 -LimitCORE=infinity -WorkingDirectory=/var/lib/origin/ -SyslogIdentifier=atomic-openshift-master-controllers -Restart=on-failure - -[Install] -WantedBy=multi-user.target -WantedBy=atomic-openshift-node.service diff --git a/roles/openshift_master/handlers/main.yml b/roles/openshift_master/handlers/main.yml index ad3ac5a9f..4b9500cbd 100644 --- a/roles/openshift_master/handlers/main.yml +++ b/roles/openshift_master/handlers/main.yml @@ -5,10 +5,10 @@ - name: restart master api service: name={{ openshift.common.service_type }}-master-api state=restarted - when: openshift_master_ha | bool + when: (openshift_master_ha | bool) and (not master_api_service_status_changed | default(false)) and openshift.master.cluster_method == 'native' # TODO: need to fix up ignore_errors here - name: restart master controllers service: name={{ openshift.common.service_type }}-master-controllers state=restarted - when: openshift_master_ha | bool + when: (openshift_master_ha | bool) and (not master_controllers_service_status_changed | default(false)) and openshift.master.cluster_method == 'native' ignore_errors: yes diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml index 290f22358..be77fce4a 100644 --- a/roles/openshift_master/tasks/main.yml +++ b/roles/openshift_master/tasks/main.yml @@ -8,17 +8,23 @@ - openshift_master_oauth_grant_method in openshift_master_valid_grant_methods when: openshift_master_oauth_grant_method is defined -#- fail: -# msg: "openshift_master_cluster_password must be set for multi-master installations" -# when: openshift_master_ha | bool and not openshift.master.cluster_defer_ha | bool and openshift_master_cluster_password is not defined +- fail: + msg: "openshift_master_cluster_method must be set to either 'native' or 'pacemaker' for multi-master installations" + when: openshift_master_ha | bool and ((openshift_master_cluster_method is not defined) or (openshift_master_cluster_method is defined and openshift_master_cluster_method not in ["native", "pacemaker"])) +- fail: + msg: "'native' high availability is not supported for the requested OpenShift version" + when: openshift_master_ha | bool and openshift_master_cluster_method == "native" and not openshift.common.version_greater_than_3_1_or_1_1 | bool +- fail: + msg: "openshift_master_cluster_password must be set for multi-master installations" + when: openshift_master_ha | bool and openshift_master_cluster_method == "pacemaker" and (openshift_master_cluster_password is not defined or not openshift_master_cluster_password) - name: Set master facts openshift_facts: role: master local_facts: + cluster_method: "{{ openshift_master_cluster_method | default(None) }}" cluster_hostname: "{{ openshift_master_cluster_hostname | default(None) }}" cluster_public_hostname: "{{ openshift_master_cluster_public_hostname | default(None) }}" - cluster_defer_ha: "{{ openshift_master_cluster_defer_ha | default(None) }}" debug_level: "{{ openshift_master_debug_level | default(openshift.common.debug_level) }}" api_port: "{{ openshift_master_api_port | default(None) }}" api_url: "{{ openshift_master_api_url | default(None) }}" @@ -41,6 +47,8 @@ portal_net: "{{ openshift_master_portal_net | default(None) }}" session_max_seconds: "{{ openshift_master_session_max_seconds | default(None) }}" session_name: "{{ openshift_master_session_name | default(None) }}" + session_auth_secrets: "{{ openshift_master_session_auth_secrets | default(None) }}" + session_encryption_secrets: "{{ openshift_master_session_encryption_secrets | default(None) }}" session_secrets_file: "{{ openshift_master_session_secrets_file | default(None) }}" access_token_max_seconds: "{{ openshift_master_access_token_max_seconds | default(None) }}" auth_token_max_seconds: "{{ openshift_master_auth_token_max_seconds | default(None) }}" @@ -67,7 +75,7 @@ controller_lease_ttl: "{{ osm_controller_lease_ttl | default(None) }}" - name: Install Master package - yum: pkg={{ openshift.common.service_type }}-master state=present + yum: pkg={{ openshift.common.service_type }}-master{{ openshift_version }} state=present register: install_result # TODO: These values need to be configurable @@ -79,7 +87,7 @@ domain: cluster.local when: openshift.master.embedded_dns -- name: Create config parent directory if it doesn't exist +- name: Create config parent directory if it does not exist file: path: "{{ openshift_master_config_dir }}" state: directory @@ -128,28 +136,37 @@ # workaround for missing systemd unit files for controllers/api - name: Create the api service file - copy: - src: atomic-openshift-master-api.service - dest: /usr/lib/systemd/system/atomic-openshift-master-api.service + template: + src: atomic-openshift-master-api.service.j2 + dest: /usr/lib/systemd/system/{{ openshift.common.service_type }}-master-api.service force: no - name: Create the controllers service file - copy: - src: atomic-openshift-master-controllers.service - dest: /usr/lib/systemd/system/atomic-openshift-master-controllers.service + template: + src: atomic-openshift-master-controllers.service.j2 + dest: /usr/lib/systemd/system/{{ openshift.common.service_type }}-master-controllers.service force: no - name: Create the api env file - copy: - src: atomic-openshift-master-api - dest: /etc/sysconfig/atomic-openshift-master-api + template: + src: atomic-openshift-master-api.j2 + dest: /etc/sysconfig/{{ openshift.common.service_type }}-master-api force: no - name: Create the controllers env file - copy: - src: atomic-openshift-master-controllers - dest: /etc/sysconfig/atomic-openshift-master-controllers + template: + src: atomic-openshift-master-controllers.j2 + dest: /etc/sysconfig/{{ openshift.common.service_type }}-master-controllers force: no - command: systemctl daemon-reload # end workaround for missing systemd unit files +- name: Create session secrets file + template: + dest: "{{ openshift.master.session_secrets_file }}" + src: sessionSecretsFile.yaml.v1.j2 + force: no + notify: + - restart master + - restart master api + # TODO: add the validate parameter when there is a validation command to run - name: Create master config template: @@ -166,6 +183,7 @@ dest: /etc/sysconfig/{{ openshift.common.service_type }}-master regexp: "{{ item.regex }}" line: "{{ item.line }}" + create: yes with_items: - regex: '^OPTIONS=' line: "OPTIONS=--loglevel={{ openshift.master.debug_level }}" @@ -205,34 +223,39 @@ when: not openshift_master_ha | bool register: start_result +- set_fact: + master_service_status_changed = start_result | changed + when: not openshift_master_ha | bool + - name: Start and enable master api service: name={{ openshift.common.service_type }}-master-api enabled=yes state=started - when: openshift_master_ha | bool + when: openshift_master_ha | bool and openshift.master.cluster_method == 'native' register: start_result -- name: pause to prevent service restart from interfering with bootstrapping - pause: seconds=30 - when: openshift_master_ha | bool +- set_fact: + master_api_service_status_changed = start_result | changed + when: openshift_master_ha | bool and openshift.master.cluster_method == 'native' # TODO: fix the ugly workaround of setting ignore_errors # the controllers service tries to start even if it is already started - name: Start and enable master controller service: name={{ openshift.common.service_type }}-master-controllers enabled=yes state=started - when: openshift_master_ha | bool + when: openshift_master_ha | bool and openshift.master.cluster_method == 'native' register: start_result ignore_errors: yes - set_fact: - master_service_status_changed = start_result | changed + master_controllers_service_status_changed = start_result | changed + when: openshift_master_ha | bool and openshift.master.cluster_method == 'native' - name: Install cluster packages yum: pkg=pcs state=present - when: openshift_master_ha | bool and not openshift.master.cluster_defer_ha | bool + when: openshift_master_ha | bool and openshift.master.cluster_method == 'pacemaker' register: install_result - name: Start and enable cluster service service: name=pcsd enabled=yes state=started - when: openshift_master_ha | bool and not openshift.master.cluster_defer_ha | bool + when: openshift_master_ha | bool and openshift.master.cluster_method == 'pacemaker' - name: Set the cluster user password shell: echo {{ openshift_master_cluster_password | quote }} | passwd --stdin hacluster diff --git a/roles/openshift_master/templates/atomic-openshift-master-api.j2 b/roles/openshift_master/templates/atomic-openshift-master-api.j2 new file mode 100644 index 000000000..205934248 --- /dev/null +++ b/roles/openshift_master/templates/atomic-openshift-master-api.j2 @@ -0,0 +1,9 @@ +OPTIONS= +CONFIG_FILE={{ openshift_master_config_dir }}/master-config.yaml + +# Proxy configuration +# Origin uses standard HTTP_PROXY environment variables. Be sure to set +# NO_PROXY for your master +#NO_PROXY=master.example.com +#HTTP_PROXY=http://USER:PASSWORD@IPADDR:PORT +#HTTPS_PROXY=https://USER:PASSWORD@IPADDR:PORT diff --git a/roles/openshift_master/templates/atomic-openshift-master-api.service.j2 b/roles/openshift_master/templates/atomic-openshift-master-api.service.j2 new file mode 100644 index 000000000..ba19fb348 --- /dev/null +++ b/roles/openshift_master/templates/atomic-openshift-master-api.service.j2 @@ -0,0 +1,21 @@ +[Unit] +Description=Atomic OpenShift Master API +Documentation=https://github.com/openshift/origin +After=network.target +After=etcd.service +Before={{ openshift.common.service_type }}-node.service +Requires=network.target + +[Service] +Type=notify +EnvironmentFile=/etc/sysconfig/{{ openshift.common.service_type }}-master-api +Environment=GOTRACEBACK=crash +ExecStart=/usr/bin/openshift start master api --config=${CONFIG_FILE} $OPTIONS +LimitNOFILE=131072 +LimitCORE=infinity +WorkingDirectory={{ openshift.common.data_dir }} +SyslogIdentifier=atomic-openshift-master-api + +[Install] +WantedBy=multi-user.target +WantedBy={{ openshift.common.service_type }}-node.service diff --git a/roles/openshift_master/templates/atomic-openshift-master-controllers.j2 b/roles/openshift_master/templates/atomic-openshift-master-controllers.j2 new file mode 100644 index 000000000..205934248 --- /dev/null +++ b/roles/openshift_master/templates/atomic-openshift-master-controllers.j2 @@ -0,0 +1,9 @@ +OPTIONS= +CONFIG_FILE={{ openshift_master_config_dir }}/master-config.yaml + +# Proxy configuration +# Origin uses standard HTTP_PROXY environment variables. Be sure to set +# NO_PROXY for your master +#NO_PROXY=master.example.com +#HTTP_PROXY=http://USER:PASSWORD@IPADDR:PORT +#HTTPS_PROXY=https://USER:PASSWORD@IPADDR:PORT diff --git a/roles/openshift_master/templates/atomic-openshift-master-controllers.service.j2 b/roles/openshift_master/templates/atomic-openshift-master-controllers.service.j2 new file mode 100644 index 000000000..8952c86ef --- /dev/null +++ b/roles/openshift_master/templates/atomic-openshift-master-controllers.service.j2 @@ -0,0 +1,22 @@ +[Unit] +Description=Atomic OpenShift Master Controllers +Documentation=https://github.com/openshift/origin +After=network.target +After={{ openshift.common.service_type }}-master-api.service +Before={{ openshift.common.service_type }}-node.service +Requires=network.target + +[Service] +Type=notify +EnvironmentFile=/etc/sysconfig/{{ openshift.common.service_type }}-master-controllers +Environment=GOTRACEBACK=crash +ExecStart=/usr/bin/openshift start master controllers --config=${CONFIG_FILE} $OPTIONS +LimitNOFILE=131072 +LimitCORE=infinity +WorkingDirectory={{ openshift.common.data_dir }} +SyslogIdentifier={{ openshift.common.service_type }}-master-controllers +Restart=on-failure + +[Install] +WantedBy=multi-user.target +WantedBy={{ openshift.common.service_type }}-node.service diff --git a/roles/openshift_master/templates/sessionSecretsFile.yaml.v1.j2 b/roles/openshift_master/templates/sessionSecretsFile.yaml.v1.j2 new file mode 100644 index 000000000..d12d9db90 --- /dev/null +++ b/roles/openshift_master/templates/sessionSecretsFile.yaml.v1.j2 @@ -0,0 +1,7 @@ +apiVersion: v1 +kind: SessionSecrets +secrets: +{% for secret in openshift_master_session_auth_secrets %} +- authentication: "{{ openshift_master_session_auth_secrets[loop.index0] }}" + encryption: "{{ openshift_master_session_encryption_secrets[loop.index0] }}" +{% endfor %} diff --git a/roles/openshift_master/vars/main.yml b/roles/openshift_master/vars/main.yml index ecdb4f883..534465451 100644 --- a/roles/openshift_master/vars/main.yml +++ b/roles/openshift_master/vars/main.yml @@ -2,6 +2,7 @@ openshift_master_config_dir: "{{ openshift.common.config_base }}/master" openshift_master_config_file: "{{ openshift_master_config_dir }}/master-config.yaml" openshift_master_scheduler_conf: "{{ openshift_master_config_dir }}/scheduler.json" +openshift_master_session_secrets_file: "{{ openshift_master_config_dir }}/session-secrets.yaml" openshift_master_policy: "{{ openshift_master_config_dir }}/policy.json" openshift_version: "{{ openshift_pkg_version | default('') }}" diff --git a/roles/openshift_master_cluster/tasks/configure_deferred.yml b/roles/openshift_master_cluster/tasks/configure_deferred.yml deleted file mode 100644 index 3b416005b..000000000 --- a/roles/openshift_master_cluster/tasks/configure_deferred.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- -- debug: msg="Deferring config" - -- name: Start and enable the master - service: - name: "{{ openshift.common.service_type }}-master" - state: started - enabled: yes diff --git a/roles/openshift_master_cluster/tasks/main.yml b/roles/openshift_master_cluster/tasks/main.yml index 315947183..6303a6e46 100644 --- a/roles/openshift_master_cluster/tasks/main.yml +++ b/roles/openshift_master_cluster/tasks/main.yml @@ -4,10 +4,7 @@ register: pcs_status changed_when: false failed_when: false - when: not openshift.master.cluster_defer_ha | bool + when: openshift.master.cluster_method == "pacemaker" - include: configure.yml when: "pcs_status | failed and 'Error: cluster is not currently running on this node' in pcs_status.stderr" - -- include: configure_deferred.yml - when: openshift.master.cluster_defer_ha | bool diff --git a/roles/openshift_node/meta/main.yml b/roles/openshift_node/meta/main.yml index c92008a77..9d40ae3b3 100644 --- a/roles/openshift_node/meta/main.yml +++ b/roles/openshift_node/meta/main.yml @@ -13,3 +13,4 @@ galaxy_info: - cloud dependencies: - { role: openshift_common } +- { role: docker } diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml index c455a09f1..6f163f541 100644 --- a/roles/openshift_node/tasks/main.yml +++ b/roles/openshift_node/tasks/main.yml @@ -68,6 +68,7 @@ dest: /etc/sysconfig/{{ openshift.common.service_type }}-node regexp: "{{ item.regex }}" line: "{{ item.line }}" + create: yes with_items: - regex: '^OPTIONS=' line: "OPTIONS=--loglevel={{ openshift.node.debug_level }}" diff --git a/roles/openshift_repos/tasks/main.yaml b/roles/openshift_repos/tasks/main.yaml index 12e98b7a1..aa696ae12 100644 --- a/roles/openshift_repos/tasks/main.yaml +++ b/roles/openshift_repos/tasks/main.yaml @@ -8,7 +8,7 @@ # proper repos correctly. - assert: - that: openshift_deployment_type in known_openshift_deployment_types + that: openshift.common.deployment_type in known_openshift_deployment_types - name: Ensure libselinux-python is installed yum: -- cgit v1.2.3 From af928b32bf978e5257fa4bb326559bea3e6bee08 Mon Sep 17 00:00:00 2001 From: Brenton Leanhardt Date: Thu, 5 Nov 2015 11:57:45 -0500 Subject: The uninstall playbook needs to remove /run/openshift-sdn If this isn't removed lbr0 won't be recreated by the Node after the following install. --- playbooks/adhoc/uninstall.yml | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/playbooks/adhoc/uninstall.yml b/playbooks/adhoc/uninstall.yml index 5b10f856c..e05ab43f8 100644 --- a/playbooks/adhoc/uninstall.yml +++ b/playbooks/adhoc/uninstall.yml @@ -140,10 +140,11 @@ - file: path={{ item }} state=absent with_items: + - "~{{ ansible_ssh_user }}/.kube" - /etc/ansible/facts.d/openshift.fact - /etc/atomic-enterprise - - /etc/etcd - /etc/corosync + - /etc/etcd - /etc/openshift - /etc/openshift-sdn - /etc/origin @@ -156,10 +157,13 @@ - /etc/sysconfig/origin-master - /etc/sysconfig/origin-node - /root/.kube - - "~{{ ansible_ssh_user }}/.kube" + - /run/openshift-sdn - /usr/share/openshift/examples - /var/lib/atomic-enterprise - /var/lib/etcd - /var/lib/openshift - /var/lib/origin - /var/lib/pacemaker + + - name: restart docker + service: name=docker state=restarted -- cgit v1.2.3 From dcd2fb0558c58fb79f9e3dd9ecd5f6687d8bed5d Mon Sep 17 00:00:00 2001 From: Brenton Leanhardt Date: Thu, 5 Nov 2015 09:47:50 -0500 Subject: Making it easier to use pre-release content --- utils/src/ooinstall/openshift_ansible.py | 21 +++++++++++---------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/utils/src/ooinstall/openshift_ansible.py b/utils/src/ooinstall/openshift_ansible.py index 4b37be278..0648df0fa 100644 --- a/utils/src/ooinstall/openshift_ansible.py +++ b/utils/src/ooinstall/openshift_ansible.py @@ -31,17 +31,18 @@ def generate_inventory(hosts): version=CFG.settings.get('variant_version', None))[1] base_inventory.write('deployment_type={}\n'.format(ver.ansible_key)) - if 'OO_INSTALL_DEVEL_REGISTRY' in os.environ: - base_inventory.write('oreg_url=rcm-img-docker01.build.eng.bos.redhat.com:' - '5001/openshift3/ose-${component}:${version}\n') - if 'OO_INSTALL_PUDDLE_REPO_ENABLE' in os.environ: - base_inventory.write("openshift_additional_repos=[{'id': 'ose-devel', " + if 'OO_INSTALL_ADDITIONAL_REGISTRIES' in os.environ: + base_inventory.write('cli_docker_additional_registries={}\n' + .format(os.environ['OO_INSTALL_ADDITIONAL_REGISTRIES'])) + if 'OO_INSTALL_INSECURE_REGISTRIES' in os.environ: + base_inventory.write('cli_docker_insecure_registries={}\n' + .format(os.environ['OO_INSTALL_INSECURE_REGISTRIES'])) + if 'OO_INSTALL_PUDDLE_REPO' in os.environ: + # We have to double the '{' here for literals + base_inventory.write("openshift_additional_repos=[{{'id': 'ose-devel', " "'name': 'ose-devel', " - "'baseurl': 'http://buildvm-devops.usersys.redhat.com" - "/puddle/build/AtomicOpenShift/3.1/latest/RH7-RHAOS-3.1/$basearch/os', " - "'enabled': 1, 'gpgcheck': 0}]\n") - if 'OO_INSTALL_STAGE_REGISTRY' in os.environ: - base_inventory.write('oreg_url=registry.access.stage.redhat.com/openshift3/ose-${component}:${version}\n') + "'baseurl': '{}', " + "'enabled': 1, 'gpgcheck': 0}}]\n".format(os.environ['OO_INSTALL_PUDDLE_REPO'])) base_inventory.write('\n[masters]\n') masters = (host for host in hosts if host.master) -- cgit v1.2.3 From ae7757195a4230b561b14353a7024d964b5d9664 Mon Sep 17 00:00:00 2001 From: Brenton Leanhardt Date: Thu, 5 Nov 2015 12:49:42 -0500 Subject: atomic-openshift-installer's unattended mode wasn't work with --force for all cases --- utils/src/ooinstall/cli_installer.py | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/utils/src/ooinstall/cli_installer.py b/utils/src/ooinstall/cli_installer.py index e4fda2813..f675efead 100644 --- a/utils/src/ooinstall/cli_installer.py +++ b/utils/src/ooinstall/cli_installer.py @@ -339,7 +339,10 @@ def get_hosts_to_run_on(oo_cfg, callback_facts, unattended, force): # new nodes. elif host.node: click.echo("{} is already an OpenShift Node".format(host)) - hosts_to_run_on.remove(host) + # force is only used for reinstalls so we don't want to remove + # anything. + if not force: + hosts_to_run_on.remove(host) # for unattended either continue if they force install or exit if they didn't if unattended: if not force: -- cgit v1.2.3 From a552645b05d4af2180596fb01837d0f1062b3ac5 Mon Sep 17 00:00:00 2001 From: Brenton Leanhardt Date: Thu, 5 Nov 2015 13:11:42 -0500 Subject: Bug 1278244 - Incorrect node information gathered by atomic-openshift-installer Previously the output was a little confusing. We didn't display anything about the uninstalled hosts. --- utils/src/ooinstall/cli_installer.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/utils/src/ooinstall/cli_installer.py b/utils/src/ooinstall/cli_installer.py index f675efead..ff740e426 100644 --- a/utils/src/ooinstall/cli_installer.py +++ b/utils/src/ooinstall/cli_installer.py @@ -343,6 +343,8 @@ def get_hosts_to_run_on(oo_cfg, callback_facts, unattended, force): # anything. if not force: hosts_to_run_on.remove(host) + for new_host in set(hosts_to_run_on) - set(installed_hosts): + click.echo("{} is currently uninstalled".format(new_host)) # for unattended either continue if they force install or exit if they didn't if unattended: if not force: -- cgit v1.2.3 From 11e7783d4b4177f100ecea8a8ffafbfb07ec47ee Mon Sep 17 00:00:00 2001 From: Andrew Butcher Date: Thu, 5 Nov 2015 14:06:42 -0500 Subject: Revert to defaults --- roles/openshift_master/templates/master.yaml.v1.j2 | 6 +++--- roles/openshift_node/tasks/main.yml | 1 - 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/roles/openshift_master/templates/master.yaml.v1.j2 b/roles/openshift_master/templates/master.yaml.v1.j2 index 9145df479..d4a6590ea 100644 --- a/roles/openshift_master/templates/master.yaml.v1.j2 +++ b/roles/openshift_master/templates/master.yaml.v1.j2 @@ -89,12 +89,12 @@ kubernetesMasterConfig: controllerArguments: {{ controller_args if controller_args is defined else 'null' }} masterCount: {{ openshift.master.master_count }} masterIP: {{ openshift.common.ip }} - podEvictionTimeout: 5m + podEvictionTimeout: "" proxyClientInfo: certFile: master.proxy-client.crt keyFile: master.proxy-client.key schedulerConfigFile: {{ openshift_master_scheduler_conf }} - servicesNodePortRange: 30000-32767 + servicesNodePortRange: "" servicesSubnet: {{ openshift.master.portal_net }} staticNodeNames: {{ openshift_node_ips | default([], true) }} {% endif %} @@ -126,7 +126,7 @@ projectConfig: mcsLabelsPerProject: {{ openshift.master.mcs_labels_per_project }} uidAllocatorRange: "{{ openshift.master.uid_allocator_range }}" routingConfig: - subdomain: "{{ openshift.master.default_subdomain | default("router.default.svc.cluster.local") }}" + subdomain: "{{ openshift.master.default_subdomain | default("") }}" serviceAccountConfig: limitSecretReferences: false managedNames: diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml index 6f163f541..c455a09f1 100644 --- a/roles/openshift_node/tasks/main.yml +++ b/roles/openshift_node/tasks/main.yml @@ -68,7 +68,6 @@ dest: /etc/sysconfig/{{ openshift.common.service_type }}-node regexp: "{{ item.regex }}" line: "{{ item.line }}" - create: yes with_items: - regex: '^OPTIONS=' line: "OPTIONS=--loglevel={{ openshift.node.debug_level }}" -- cgit v1.2.3 From 837ea49bba342aa1fa87736947979ee5235da727 Mon Sep 17 00:00:00 2001 From: Brenton Leanhardt Date: Thu, 5 Nov 2015 13:37:51 -0500 Subject: Bug 1278244 - Previously there was no way to add a node in unattended mode TODO: We desparately need tests cases for: - interactive with no config file - interactive with config file and all installed hosts - interactive with config file and no installed hosts - interactive with config file and some installed some uninstalled hosts - unattended with config file and all installed hosts (with and without --force) - unattended with config file and no installed hosts (with and without --force) - unattended with config file and some installed some uninstalled hosts (with and without --force) --- utils/src/ooinstall/cli_installer.py | 69 +++++++++++++++++++++++------------- 1 file changed, 44 insertions(+), 25 deletions(-) diff --git a/utils/src/ooinstall/cli_installer.py b/utils/src/ooinstall/cli_installer.py index ff740e426..9bf3bc714 100644 --- a/utils/src/ooinstall/cli_installer.py +++ b/utils/src/ooinstall/cli_installer.py @@ -331,7 +331,22 @@ def get_hosts_to_run_on(oo_cfg, callback_facts, unattended, force): # Check if master or nodes already have something installed installed_hosts = get_installed_hosts(oo_cfg.hosts, callback_facts) if len(installed_hosts) > 0: - # present a message listing already installed hosts + click.echo('Installed environment detected.') + # This check has to happen before we start removing hosts later in this method + if not force: + if not unattended: + click.echo('By default the installer only adds new nodes to an installed environment.') + response = click.prompt('Do you want to (1) only add additional nodes or ' \ + '(2) perform a clean install?', type=int) + # TODO: this should be reworked with error handling. + # Click can certainly do this for us. + # This should be refactored as soon as we add a 3rd option. + if response == 1: + force = False + if response == 2: + force = True + + # present a message listing already installed hosts and remove hosts if needed for host in installed_hosts: if host.master: click.echo("{} is already an OpenShift Master".format(host)) @@ -343,33 +358,37 @@ def get_hosts_to_run_on(oo_cfg, callback_facts, unattended, force): # anything. if not force: hosts_to_run_on.remove(host) - for new_host in set(hosts_to_run_on) - set(installed_hosts): - click.echo("{} is currently uninstalled".format(new_host)) - # for unattended either continue if they force install or exit if they didn't - if unattended: - if not force: - click.echo('Installed environment detected and no additional nodes specified: ' \ - 'aborting. If you want a fresh install, use --force') - sys.exit(1) - # for attended ask the user what to do + + # Handle the cases where we know about uninstalled systems + new_hosts = set(hosts_to_run_on) - set(installed_hosts) + if len(new_hosts) > 0: + for new_host in new_hosts: + click.echo("{} is currently uninstalled".format(new_host)) + + # Fall through + click.echo('Adding additional nodes...') else: - click.echo('Installed environment detected and no additional nodes specified. ') - response = click.prompt('Do you want to (1) add more nodes or ' \ - '(2) perform a clean install?', type=int) - if response == 1: # add more nodes - new_nodes = collect_new_nodes() - - hosts_to_run_on.extend(new_nodes) - oo_cfg.hosts.extend(new_nodes) - - openshift_ansible.set_config(oo_cfg) - callback_facts, error = openshift_ansible.default_facts(oo_cfg.hosts) - if error: - click.echo("There was a problem fetching the required information. " \ - "See {} for details.".format(oo_cfg.settings['ansible_log_path'])) + if unattended: + if not force: + click.echo('Installed environment detected and no additional nodes specified: ' \ + 'aborting. If you want a fresh install, use --force') sys.exit(1) else: - pass # proceeding as normal should do a clean install + if not force: + new_nodes = collect_new_nodes() + + hosts_to_run_on.extend(new_nodes) + oo_cfg.hosts.extend(new_nodes) + + openshift_ansible.set_config(oo_cfg) + click.echo('Gathering information from hosts...') + callback_facts, error = openshift_ansible.default_facts(oo_cfg.hosts) + if error: + click.echo("There was a problem fetching the required information. " \ + "See {} for details.".format(oo_cfg.settings['ansible_log_path'])) + sys.exit(1) + else: + pass # proceeding as normal should do a clean install return hosts_to_run_on, callback_facts -- cgit v1.2.3 From a2d19f85a1e501cf7be64236b851eda898f3f51b Mon Sep 17 00:00:00 2001 From: Brenton Leanhardt Date: Thu, 5 Nov 2015 15:33:33 -0500 Subject: Bug 1278243 - Confusing prompt from atomic-openshift-installer --- utils/src/ooinstall/cli_installer.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/utils/src/ooinstall/cli_installer.py b/utils/src/ooinstall/cli_installer.py index 9bf3bc714..8bee99f90 100644 --- a/utils/src/ooinstall/cli_installer.py +++ b/utils/src/ooinstall/cli_installer.py @@ -371,7 +371,8 @@ def get_hosts_to_run_on(oo_cfg, callback_facts, unattended, force): if unattended: if not force: click.echo('Installed environment detected and no additional nodes specified: ' \ - 'aborting. If you want a fresh install, use --force') + 'aborting. If you want a fresh install, use ' \ + '`atomic-openshift-installer install --force`') sys.exit(1) else: if not force: -- cgit v1.2.3 From fe4e9a4ca7028aa877fdd3895225a67b026aea11 Mon Sep 17 00:00:00 2001 From: Devan Goodwin Date: Thu, 5 Nov 2015 08:35:53 -0400 Subject: Upgrade improvements - Push config dir logic out of module and use host variables instead. - Backup master config with ansible utility. - Add error handling for the upgrade config module. - Add verbose option to installer. - Return details on what we changed when upgrading config. - Cleanup use of first master. - Don't install upgrade rpms to check what version we'll upgrade to. --- .../upgrades/library/openshift_upgrade_config.py | 53 +++++++-------- playbooks/adhoc/upgrades/upgrade.yml | 78 +++++++++------------- utils/src/ooinstall/cli_installer.py | 22 ++++-- utils/src/ooinstall/openshift_ansible.py | 41 ++++++------ 4 files changed, 93 insertions(+), 101 deletions(-) diff --git a/playbooks/adhoc/upgrades/library/openshift_upgrade_config.py b/playbooks/adhoc/upgrades/library/openshift_upgrade_config.py index 60f4fd8b8..0894efa52 100755 --- a/playbooks/adhoc/upgrades/library/openshift_upgrade_config.py +++ b/playbooks/adhoc/upgrades/library/openshift_upgrade_config.py @@ -5,11 +5,8 @@ """Ansible module for modifying OpenShift configs during an upgrade""" import os -import shutil import yaml -from datetime import datetime - DOCUMENTATION = ''' --- module: openshift_upgrade_config @@ -20,21 +17,14 @@ requirements: [ ] EXAMPLES = ''' ''' -def get_cfg_dir(): - """Return the correct config directory to use.""" - cfg_path = '/etc/origin/' - if not os.path.exists(cfg_path): - cfg_path = '/etc/openshift/' - return cfg_path - -def upgrade_master_3_0_to_3_1(backup): +def upgrade_master_3_0_to_3_1(module, config_base, backup): """Main upgrade method for 3.0 to 3.1.""" - changed = False + changes = [] # Facts do not get transferred to the hosts where custom modules run, # need to make some assumptions here. - master_config = os.path.join(get_cfg_dir(), 'master/master-config.yaml') + master_config = os.path.join(config_base, 'master/master-config.yaml') master_cfg_file = open(master_config, 'r') config = yaml.safe_load(master_cfg_file.read()) @@ -45,6 +35,7 @@ def upgrade_master_3_0_to_3_1(backup): 'v1beta3' in config['apiLevels']: config['apiLevels'].remove('v1beta3') changed = True + changes.append("master-config.yaml: removed v1beta3 from apiLevels") if 'apiLevels' in config['kubernetesMasterConfig'] and \ 'v1beta3' in config['kubernetesMasterConfig']['apiLevels']: config['kubernetesMasterConfig']['apiLevels'].remove('v1beta3') @@ -57,27 +48,26 @@ def upgrade_master_3_0_to_3_1(backup): # 'certFile': 'master.proxy-client.crt', # 'keyFile': 'master.proxy-client.key' # } +# changes.append("master-config.yaml: added proxyClientInfo") - if changed: + if len(changes) > 0: if backup: - timestamp = datetime.now().strftime('%Y%m%d%H%M%S') - basedir = os.path.split(master_config)[0] - backup_file = os.path.join(basedir, 'master-config.yaml.bak-%s' - % timestamp) - shutil.copyfile(master_config, backup_file) + # TODO: Check success: + module.backup_local(master_config) + # Write the modified config: out_file = open(master_config, 'w') out_file.write(yaml.safe_dump(config, default_flow_style=False)) out_file.close() - return changed + return changes -def upgrade_master(from_version, to_version, backup): +def upgrade_master(module, config_base, from_version, to_version, backup): """Upgrade entry point.""" if from_version == '3.0': if to_version == '3.1': - return upgrade_master_3_0_to_3_1(backup) + return upgrade_master_3_0_to_3_1(module, config_base, backup) def main(): @@ -89,6 +79,7 @@ def main(): module = AnsibleModule( argument_spec=dict( + config_base=dict(required=True), from_version=dict(required=True, choices=['3.0']), to_version=dict(required=True, choices=['3.1']), role=dict(required=True, choices=['master']), @@ -101,12 +92,18 @@ def main(): to_version = module.params['to_version'] role = module.params['role'] backup = module.params['backup'] - - changed = False - if role == 'master': - changed = upgrade_master(from_version, to_version, backup) - - return module.exit_json(changed=changed) + config_base = module.params['config_base'] + + try: + changes = [] + if role == 'master': + changes = upgrade_master(module, config_base, from_version, + to_version, backup) + + changed = len(changes) > 0 + return module.exit_json(changed=changed, changes=changes) + except Exception, e: + return module.fail_json(msg=str(e)) # ignore pylint errors related to the module_utils import # pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import diff --git a/playbooks/adhoc/upgrades/upgrade.yml b/playbooks/adhoc/upgrades/upgrade.yml index 09f991b1d..c113c7ab2 100644 --- a/playbooks/adhoc/upgrades/upgrade.yml +++ b/playbooks/adhoc/upgrades/upgrade.yml @@ -1,4 +1,12 @@ --- +- name: Verify upgrade can proceed + hosts: masters + tasks: + # Checking the global deployment type rather than host facts, this is about + # what the user is requesting. + - fail: msg="Deployment type enterprise not supported for upgrade" + when: deployment_type == "enterprise" + - name: Update deployment type hosts: OSEv3 roles: @@ -9,14 +17,6 @@ local_facts: deployment_type: "{{ deployment_type }}" -- name: Verify upgrade can proceed - hosts: masters - tasks: - # Checking the global deployment type rather than host facts, this is about - # what the user is requesting. - - fail: msg="Deployment type enterprise not supported for upgrade" - when: deployment_type == "enterprise" - - name: Backup etcd hosts: masters vars: @@ -52,48 +52,35 @@ - name: Display location of etcd backup debug: msg="Etcd backup created in {{ openshift.common.data_dir }}/etcd-backup-{{ timestamp }}" -- name: Upgrade base package on masters - hosts: masters - roles: - - openshift_facts - vars: - openshift_version: "{{ openshift_pkg_version | default('') }}" - tasks: - - name: Upgrade base package - yum: pkg={{ openshift.common.service_type }}{{ openshift_version }} state=latest - -- name: Evaluate oo_first_master - hosts: localhost - vars: - g_masters_group: "{{ 'masters' }}" - tasks: - - name: Evaluate oo_first_master - add_host: - name: "{{ groups[g_masters_group][0] }}" - groups: oo_first_master - ansible_ssh_user: "{{ g_ssh_user | default(omit) }}" - ansible_sudo: "{{ g_sudo | default(omit) }}" - when: g_masters_group in groups and (groups[g_masters_group] | length) > 0 - -# TODO: ideally we would check the new version, without installing it. (some -# kind of yum repoquery? would need to handle openshift -> atomic-openshift -# package rename) - name: Perform upgrade version checking - hosts: oo_first_master + hosts: masters[0] tasks: - - name: Determine new version + - name: Determine available version + shell: > + yum list available {{ openshift.common.service_type }} | tail -n 1 | cut -f 2 -d " " | cut -f 1 -d "-" + register: _new_version + - debug: var=_new_version + # The above check will return nothing if the package is already installed, + # and we may be re-running upgrade due to a failure. + - name: Determine installed version command: > rpm -q --queryformat '%{version}' {{ openshift.common.service_type }} register: _new_version + when: _new_version.stdout == "" + # Fail if we still don't know: + - debug: var=_new_version + - name: Verify upgrade version + fail: Unable to determine upgrade version for {{ openshift.common.service_type }} + when: _new_version.stdout == "" - name: Ensure AOS 3.0.2 or Origin 1.0.6 - hosts: oo_first_master + hosts: masters[0] tasks: fail: This playbook requires Origin 1.0.6 or Atomic OpenShift 3.0.2 or later when: _new_version.stdout | version_compare('1.0.6','<') or ( _new_version.stdout | version_compare('3.0','>=' and _new_version.stdout | version_compare('3.0.2','<') ) - name: Verify upgrade can proceed - hosts: oo_first_master + hosts: masters[0] tasks: # Checking the global deployment type rather than host facts, this is about # what the user is requesting. @@ -107,13 +94,10 @@ tasks: - name: Upgrade to latest available kernel yum: pkg=kernel state=latest - - name: display just the deployment_type variable for the current host - debug: - var: hostvars[inventory_hostname] - name: Upgrade master packages command: yum update -y {{ openshift.common.service_type }}-master{{ openshift_version }} - name: Upgrade master configuration. - openshift_upgrade_config: from_version=3.0 to_version=3.1 role=master + openshift_upgrade_config: from_version=3.0 to_version=3.1 role=master config_base={{ hostvars[inventory_hostname].openshift.common.config_base }} - name: Restart master services service: name="{{ openshift.common.service_type}}-master" state=restarted @@ -130,7 +114,7 @@ service: name="{{ openshift.common.service_type }}-node" state=restarted - name: Update cluster policy - hosts: oo_first_master + hosts: masters[0] tasks: - name: oadm policy reconcile-cluster-roles --confirm command: > @@ -138,7 +122,7 @@ policy reconcile-cluster-roles --confirm - name: Update cluster policy bindings - hosts: oo_first_master + hosts: masters[0] tasks: - name: oadm policy reconcile-cluster-role-bindings --confirm command: > @@ -151,7 +135,7 @@ when: ( _new_version.stdout | version_compare('1.0.6', '>') and _new_version.stdout | version_compare('3.0','<') ) or _new_version.stdout | version_compare('3.0.2','>') - name: Upgrade default router - hosts: oo_first_master + hosts: masters[0] vars: - router_image: "{{ openshift.master.registry_url | replace( '${component}', 'haproxy-router' ) | replace ( '${version}', 'v' + _new_version.stdout ) }}" - oc_cmd: "{{ openshift.common.client_binary }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig" @@ -189,7 +173,7 @@ '{"spec":{"template":{"spec":{"containers":[{"name":"router","image":"{{ router_image }}"}]}}}}' - name: Upgrade default - hosts: oo_first_master + hosts: masters[0] vars: - registry_image: "{{ openshift.master.registry_url | replace( '${component}', 'docker-registry' ) | replace ( '${version}', 'v' + _new_version.stdout ) }}" - oc_cmd: "{{ openshift.common.client_binary }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig" @@ -207,7 +191,7 @@ '{"spec":{"template":{"spec":{"containers":[{"name":"registry","image":"{{ registry_image }}"}]}}}}' - name: Update image streams and templates - hosts: oo_first_master + hosts: masters[0] vars: openshift_examples_import_command: "update" openshift_deployment_type: "{{ deployment_type }}" diff --git a/utils/src/ooinstall/cli_installer.py b/utils/src/ooinstall/cli_installer.py index 8bee99f90..9f0861b77 100644 --- a/utils/src/ooinstall/cli_installer.py +++ b/utils/src/ooinstall/cli_installer.py @@ -323,7 +323,7 @@ def get_installed_hosts(hosts, callback_facts): installed_hosts.append(host) return installed_hosts -def get_hosts_to_run_on(oo_cfg, callback_facts, unattended, force): +def get_hosts_to_run_on(oo_cfg, callback_facts, unattended, force, verbose): # Copy the list of existing hosts so we can remove any already installed nodes. hosts_to_run_on = list(oo_cfg.hosts) @@ -424,9 +424,11 @@ def get_hosts_to_run_on(oo_cfg, callback_facts, unattended, force): writable=True, readable=True), default="/tmp/ansible.log") +@click.option('-v', '--verbose', + is_flag=True, default=False) #pylint: disable=too-many-arguments # Main CLI entrypoint, not much we can do about too many arguments. -def cli(ctx, unattended, configuration, ansible_playbook_directory, ansible_config, ansible_log_path): +def cli(ctx, unattended, configuration, ansible_playbook_directory, ansible_config, ansible_log_path, verbose): """ The main click CLI module. Responsible for handling most common CLI options, assigning any defaults and adding to the context for the sub-commands. @@ -436,6 +438,7 @@ def cli(ctx, unattended, configuration, ansible_playbook_directory, ansible_conf ctx.obj['configuration'] = configuration ctx.obj['ansible_config'] = ansible_config ctx.obj['ansible_log_path'] = ansible_log_path + ctx.obj['verbose'] = verbose oo_cfg = OOConfig(ctx.obj['configuration']) @@ -466,6 +469,7 @@ def cli(ctx, unattended, configuration, ansible_playbook_directory, ansible_conf @click.pass_context def uninstall(ctx): oo_cfg = ctx.obj['oo_cfg'] + verbose = ctx.obj['verbose'] if len(oo_cfg.hosts) == 0: click.echo("No hosts defined in: %s" % oo_cfg['configuration']) @@ -481,13 +485,14 @@ def uninstall(ctx): click.echo("Uninstall cancelled.") sys.exit(0) - openshift_ansible.run_uninstall_playbook() + openshift_ansible.run_uninstall_playbook(verbose) @click.command() @click.pass_context def upgrade(ctx): oo_cfg = ctx.obj['oo_cfg'] + verbose = ctx.obj['verbose'] if len(oo_cfg.hosts) == 0: click.echo("No hosts defined in: %s" % oo_cfg['configuration']) @@ -514,7 +519,7 @@ def upgrade(ctx): click.echo("Upgrade cancelled.") sys.exit(0) - retcode = openshift_ansible.run_upgrade_playbook() + retcode = openshift_ansible.run_upgrade_playbook(verbose) if retcode > 0: click.echo("Errors encountered during upgrade, please check %s." % oo_cfg.settings['ansible_log_path']) @@ -527,6 +532,7 @@ def upgrade(ctx): @click.pass_context def install(ctx, force): oo_cfg = ctx.obj['oo_cfg'] + verbose = ctx.obj['verbose'] if ctx.obj['unattended']: error_if_missing_info(oo_cfg) @@ -534,13 +540,15 @@ def install(ctx, force): oo_cfg = get_missing_info_from_user(oo_cfg) click.echo('Gathering information from hosts...') - callback_facts, error = openshift_ansible.default_facts(oo_cfg.hosts) + callback_facts, error = openshift_ansible.default_facts(oo_cfg.hosts, + verbose) if error: click.echo("There was a problem fetching the required information. " \ "Please see {} for details.".format(oo_cfg.settings['ansible_log_path'])) sys.exit(1) - hosts_to_run_on, callback_facts = get_hosts_to_run_on(oo_cfg, callback_facts, ctx.obj['unattended'], force) + hosts_to_run_on, callback_facts = get_hosts_to_run_on( + oo_cfg, callback_facts, ctx.obj['unattended'], force, verbose) click.echo('Writing config to: %s' % oo_cfg.config_path) @@ -562,7 +570,7 @@ If changes are needed to the values recorded by the installer please update {}. confirm_continue(message) error = openshift_ansible.run_main_playbook(oo_cfg.hosts, - hosts_to_run_on) + hosts_to_run_on, verbose) if error: # The bootstrap script will print out the log location. message = """ diff --git a/utils/src/ooinstall/openshift_ansible.py b/utils/src/ooinstall/openshift_ansible.py index 0648df0fa..153415e8c 100644 --- a/utils/src/ooinstall/openshift_ansible.py +++ b/utils/src/ooinstall/openshift_ansible.py @@ -91,16 +91,17 @@ def write_host(host, inventory, scheduleable=True): inventory.write('{} {}\n'.format(host, facts)) -def load_system_facts(inventory_file, os_facts_path, env_vars): +def load_system_facts(inventory_file, os_facts_path, env_vars, verbose=False): """ Retrieves system facts from the remote systems. """ FNULL = open(os.devnull, 'w') - status = subprocess.call(['ansible-playbook', - '--inventory-file={}'.format(inventory_file), - os_facts_path], - env=env_vars, - stdout=FNULL) + args = ['ansible-playbook', '-v'] if verbose \ + else ['ansible-playbook'] + args.extend([ + '--inventory-file={}'.format(inventory_file), + os_facts_path]) + status = subprocess.call(args, env=env_vars, stdout=FNULL) if not status == 0: return [], 1 callback_facts_file = open(CFG.settings['ansible_callback_facts_yaml'], 'r') @@ -109,7 +110,7 @@ def load_system_facts(inventory_file, os_facts_path, env_vars): return callback_facts, 0 -def default_facts(hosts): +def default_facts(hosts, verbose=False): global CFG inventory_file = generate_inventory(hosts) os_facts_path = '{}/playbooks/byo/openshift_facts.yml'.format(CFG.ansible_playbook_directory) @@ -121,10 +122,10 @@ def default_facts(hosts): facts_env["ANSIBLE_LOG_PATH"] = CFG.settings['ansible_log_path'] if 'ansible_config' in CFG.settings: facts_env['ANSIBLE_CONFIG'] = CFG.settings['ansible_config'] - return load_system_facts(inventory_file, os_facts_path, facts_env) + return load_system_facts(inventory_file, os_facts_path, facts_env, verbose) -def run_main_playbook(hosts, hosts_to_run_on): +def run_main_playbook(hosts, hosts_to_run_on, verbose=False): global CFG inventory_file = generate_inventory(hosts) if len(hosts_to_run_on) != len(hosts): @@ -138,17 +139,19 @@ def run_main_playbook(hosts, hosts_to_run_on): facts_env['ANSIBLE_LOG_PATH'] = CFG.settings['ansible_log_path'] if 'ansible_config' in CFG.settings: facts_env['ANSIBLE_CONFIG'] = CFG.settings['ansible_config'] - return run_ansible(main_playbook_path, inventory_file, facts_env) + return run_ansible(main_playbook_path, inventory_file, facts_env, verbose) -def run_ansible(playbook, inventory, env_vars): - return subprocess.call(['ansible-playbook', - '--inventory-file={}'.format(inventory), - playbook], - env=env_vars) +def run_ansible(playbook, inventory, env_vars, verbose=False): + args = ['ansible-playbook', '-v'] if verbose \ + else ['ansible-playbook'] + args.extend([ + '--inventory-file={}'.format(inventory), + playbook]) + return subprocess.call(args, env=env_vars) -def run_uninstall_playbook(): +def run_uninstall_playbook(verbose=False): playbook = os.path.join(CFG.settings['ansible_playbook_directory'], 'playbooks/adhoc/uninstall.yml') inventory_file = generate_inventory(CFG.hosts) @@ -157,10 +160,10 @@ def run_uninstall_playbook(): facts_env['ANSIBLE_LOG_PATH'] = CFG.settings['ansible_log_path'] if 'ansible_config' in CFG.settings: facts_env['ANSIBLE_CONFIG'] = CFG.settings['ansible_config'] - return run_ansible(playbook, inventory_file, facts_env) + return run_ansible(playbook, inventory_file, facts_env, verbose) -def run_upgrade_playbook(): +def run_upgrade_playbook(verbose=False): playbook = os.path.join(CFG.settings['ansible_playbook_directory'], 'playbooks/adhoc/upgrades/upgrade.yml') # TODO: Upgrade inventory for upgrade? @@ -170,5 +173,5 @@ def run_upgrade_playbook(): facts_env['ANSIBLE_LOG_PATH'] = CFG.settings['ansible_log_path'] if 'ansible_config' in CFG.settings: facts_env['ANSIBLE_CONFIG'] = CFG.settings['ansible_config'] - return run_ansible(playbook, inventory_file, facts_env) + return run_ansible(playbook, inventory_file, facts_env, verbose) -- cgit v1.2.3 From b65403b8ac3cd0eea46179d4758f6f0be5929728 Mon Sep 17 00:00:00 2001 From: Jason DeTiberus Date: Wed, 4 Nov 2015 22:55:25 -0500 Subject: Further upgrade improvements - Restart masters post reconcile - generate missing master certs and sync to masters --- playbooks/adhoc/upgrades/upgrade.yml | 214 +++++++++++++++++++++++++++-------- 1 file changed, 168 insertions(+), 46 deletions(-) diff --git a/playbooks/adhoc/upgrades/upgrade.yml b/playbooks/adhoc/upgrades/upgrade.yml index c113c7ab2..7433dc9c0 100644 --- a/playbooks/adhoc/upgrades/upgrade.yml +++ b/playbooks/adhoc/upgrades/upgrade.yml @@ -1,22 +1,17 @@ --- - name: Verify upgrade can proceed - hosts: masters + hosts: masters[0] + gather_facts: no tasks: - # Checking the global deployment type rather than host facts, this is about - # what the user is requesting. + # Checking the global deployment type rather than host facts, this is about + # what the user is requesting. - fail: msg="Deployment type enterprise not supported for upgrade" when: deployment_type == "enterprise" -- name: Update deployment type - hosts: OSEv3 - roles: - - openshift_facts - post_tasks: # technically tasks are run after roles, but post_tasks is a bit more explicit. - - openshift_facts: - role: common - local_facts: - deployment_type: "{{ deployment_type }}" - +# TODO: etcd is only guaranteed to be run on the master if embedded etcd is +# used, we should have a task to create a new group consisting of the single +# master running embedded etcd or an external etcd cluster specified by the +# etcd group in the inventory (which could also be the masters) - name: Backup etcd hosts: masters vars: @@ -27,9 +22,11 @@ tasks: - stat: path=/var/lib/openshift register: var_lib_openshift + - name: Create origin symlink if necessary file: src=/var/lib/openshift/ dest=/var/lib/origin state=link when: var_lib_openshift.stat.exists == True + - name: Check available disk space for etcd backup # We assume to be using the data dir for all backups. shell: > @@ -43,14 +40,51 @@ when: embedded_etcd | bool - name: Abort if insufficient disk space for etcd backup - fail: msg="{{ etcd_disk_usage.stdout }} Kb disk space required for etcd backup, {{ avail_disk.stdout }} Kb available." + fail: + msg: > + {{ etcd_disk_usage.stdout }} Kb disk space required for etcd backup, + {{ avail_disk.stdout }} Kb available. when: (embedded_etcd | bool) and (etcd_disk_usage.stdout|int > avail_disk.stdout|int) + - name: Install etcd (for etcdctl) - yum: pkg=etcd state=latest + yum: + pkg: etcd + state: latest + - name: Generate etcd backup - command: etcdctl backup --data-dir={{ openshift.master.etcd_data_dir }} --backup-dir={{ openshift.common.data_dir }}/etcd-backup-{{ timestamp }} + command: > + etcdctl backup --data-dir={{ openshift.master.etcd_data_dir }} + --backup-dir={{ openshift.common.data_dir }}/etcd-backup-{{ timestamp }} + - name: Display location of etcd backup - debug: msg="Etcd backup created in {{ openshift.common.data_dir }}/etcd-backup-{{ timestamp }}" + debug: + msg: "Etcd backup created in {{ openshift.common.data_dir }}/etcd-backup-{{ timestamp }}" + +- name: Update deployment type + hosts: OSEv3 + roles: + - openshift_facts + post_tasks: + - openshift_facts: + role: common + local_facts: + deployment_type: "{{ deployment_type }}" + +- name: Upgrade base package on masters + hosts: masters + roles: + - openshift_facts + vars: + openshift_version: "{{ openshift_pkg_version | default('') }}" + tasks: + - name: Upgrade base package + yum: + pkg: "{{ openshift.common.service_type }}{{ openshift_version }}" + state: latest + +# TODO: ideally we would check the new version, without installing it. (some +# kind of yum repoquery? would need to handle openshift -> atomic-openshift +# package rename) - name: Perform upgrade version checking hosts: masters[0] @@ -73,19 +107,13 @@ fail: Unable to determine upgrade version for {{ openshift.common.service_type }} when: _new_version.stdout == "" -- name: Ensure AOS 3.0.2 or Origin 1.0.6 - hosts: masters[0] - tasks: - fail: This playbook requires Origin 1.0.6 or Atomic OpenShift 3.0.2 or later - when: _new_version.stdout | version_compare('1.0.6','<') or ( _new_version.stdout | version_compare('3.0','>=' and _new_version.stdout | version_compare('3.0.2','<') ) + - fail: + msg: This playbook requires Atomic OpenShift 3.0.2 or later + when: deployment_type in ['openshift_enterprise', 'atomic-enterprise'] and g_new_version.stdout | version_compare('3.0','>=') and g_new_version.stdout | version_compare('3.0.2','<') -- name: Verify upgrade can proceed - hosts: masters[0] - tasks: - # Checking the global deployment type rather than host facts, this is about - # what the user is requesting. - - fail: msg="Deployment type 'enterprise' must be updated to 'openshift-enterprise' for upgrade to proceed" - when: deployment_type == "enterprise" and (_new_version.stdout | version_compare('1.0.7', '>=') or _new_version.stdout | version_compare('3.1', '>=')) + - fail: + msg: This playbook requires Origin 1.0.6 or later + when: deployment_type == 'origin' - name: Upgrade masters hosts: masters @@ -93,13 +121,104 @@ openshift_version: "{{ openshift_pkg_version | default('') }}" tasks: - name: Upgrade to latest available kernel - yum: pkg=kernel state=latest + yum: + pkg: kernel + state: latest + + - name: display just the deployment_type variable for the current host + debug: + var: hostvars[inventory_hostname].openshift.common.deployment_type + - name: Upgrade master packages command: yum update -y {{ openshift.common.service_type }}-master{{ openshift_version }} - - name: Upgrade master configuration. - openshift_upgrade_config: from_version=3.0 to_version=3.1 role=master config_base={{ hostvars[inventory_hostname].openshift.common.config_base }} - - name: Restart master services - service: name="{{ openshift.common.service_type}}-master" state=restarted + + - name: Ensure python-yaml present for config upgrade + yum: + pkg: python-yaml + state: installed + + - name: Upgrade master configuration + openshift_upgrade_config: + from_version: '3.0' + to_version: '3.1' + role: master + + - set_fact: + master_certs_missing: True + master_cert_subdir: master-{{ openshift.common.hostname }} + master_cert_config_dir: "{{ openshift.common.config_base }}/master" + +- name: Create temp directory for syncing certs + hosts: localhost + gather_facts: no + tasks: + - name: Create local temp directory for syncing certs + local_action: command mktemp -d /tmp/openshift-ansible-XXXXXXX + register: g_master_mktemp + changed_when: False + +- name: Generate missing master certificates + hosts: masters[0] + vars: + master_generated_certs_dir: "{{ openshift.common.config_base }}/generated-configs" + masters_needing_certs: "{{ hostvars + | oo_select_keys(groups.masters) + | difference([groups.masters.0]) }}" + sync_tmpdir: "{{ hostvars.localhost.g_master_mktemp.stdout }}" + openshift_deployment_type: "{{ deployment_type }}" + roles: + - openshift_master_certificates + post_tasks: + - name: Remove generated etcd client certs when using external etcd + file: + path: "{{ master_generated_certs_dir }}/{{ item.0.master_cert_subdir }}/{{ item.1 }}" + state: absent + when: groups.oo_etcd_to_config is defined and groups.oo_etcd_to_config + with_nested: + - masters_needing_certs + - - master.etcd-client.crt + - master.etcd-client.key + + - name: Create a tarball of the master certs + command: > + tar -czvf {{ master_generated_certs_dir }}/{{ item.master_cert_subdir }}.tgz + -C {{ master_generated_certs_dir }}/{{ item.master_cert_subdir }} . + args: + creates: "{{ master_generated_certs_dir }}/{{ item.master_cert_subdir }}.tgz" + with_items: masters_needing_certs + + - name: Retrieve the master cert tarball from the master + fetch: + src: "{{ master_generated_certs_dir }}/{{ item.master_cert_subdir }}.tgz" + dest: "{{ sync_tmpdir }}/" + flat: yes + fail_on_missing: yes + validate_checksum: yes + with_items: masters_needing_certs + + +- name: Sync certs and restart masters post configuration change + hosts: masters + vars: + sync_tmpdir: "{{ hostvars.localhost.g_master_mktemp.stdout }}" + tasks: + - name: Unarchive the tarball on the master + unarchive: + src: "{{ sync_tmpdir }}/{{ master_cert_subdir }}.tgz" + dest: "{{ master_cert_config_dir }}" + when: inventory_hostname != groups.masters.0 + + - name: Restart master services + service: name="{{ openshift.common.service_type}}-master" state=restarted + + +- name: Delete temporary directory on localhost + hosts: localhost + gather_facts: no + tasks: + - file: name={{ g_master_mktemp.stdout }} state=absent + changed_when: False + - name: Upgrade nodes hosts: nodes @@ -113,17 +232,17 @@ - name: Restart node services service: name="{{ openshift.common.service_type }}-node" state=restarted -- name: Update cluster policy +- name: Update cluster policy and policy bindings hosts: masters[0] + vars: + origin_reconcile_bindings: "{{ deployment_type == 'origin' and g_new_version.stdout | version_compare('1.0.6', '>') }}" + ent_reconcile_bindings: "{{ deployment_type in ['openshift-enterprise', 'atomic-enterprise'] and g_new_version.stdout | version_compare('3.0.2','>') }}" tasks: - name: oadm policy reconcile-cluster-roles --confirm command: > {{ openshift.common.admin_binary}} --config={{ openshift.common.config_base }}/master/admin.kubeconfig policy reconcile-cluster-roles --confirm -- name: Update cluster policy bindings - hosts: masters[0] - tasks: - name: oadm policy reconcile-cluster-role-bindings --confirm command: > {{ openshift.common.admin_binary}} --config={{ openshift.common.config_base }}/master/admin.kubeconfig @@ -132,11 +251,20 @@ --exclude-groups=system:unauthenticated --exclude-users=system:anonymous --additive-only=true --confirm - when: ( _new_version.stdout | version_compare('1.0.6', '>') and _new_version.stdout | version_compare('3.0','<') ) or _new_version.stdout | version_compare('3.0.2','>') + when: origin_reconcile_bindings | bool or ent_reconcile_bindings | bool + + +- name: Restart masters post reconcile + hosts: masters + tasks: + - name: Restart master services + service: name="{{ openshift.common.service_type}}-master" state=restarted -- name: Upgrade default router + +- name: Upgrade default router and registry hosts: masters[0] vars: + - registry_image: "{{ openshift.master.registry_url | replace( '${component}', 'docker-registry' ) | replace ( '${version}', 'v' + _new_version.stdout ) }}" - router_image: "{{ openshift.master.registry_url | replace( '${component}', 'haproxy-router' ) | replace ( '${version}', 'v' + _new_version.stdout ) }}" - oc_cmd: "{{ openshift.common.client_binary }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig" tasks: @@ -172,12 +300,6 @@ {{ oc_cmd }} patch dc/router -p '{"spec":{"template":{"spec":{"containers":[{"name":"router","image":"{{ router_image }}"}]}}}}' -- name: Upgrade default - hosts: masters[0] - vars: - - registry_image: "{{ openshift.master.registry_url | replace( '${component}', 'docker-registry' ) | replace ( '${version}', 'v' + _new_version.stdout ) }}" - - oc_cmd: "{{ openshift.common.client_binary }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig" - tasks: - name: Check for default registry command: > {{ oc_cmd }} get -n default dc/docker-registry -- cgit v1.2.3 From eb4cfd5702e675219ae0d36df667e0029b353921 Mon Sep 17 00:00:00 2001 From: Devan Goodwin Date: Thu, 5 Nov 2015 14:22:13 -0400 Subject: Handle backups for separate etcd hosts if necessary. --- playbooks/adhoc/upgrades/upgrade.yml | 36 +++++++++++++++++++++++++++--------- 1 file changed, 27 insertions(+), 9 deletions(-) diff --git a/playbooks/adhoc/upgrades/upgrade.yml b/playbooks/adhoc/upgrades/upgrade.yml index 7433dc9c0..d9abff040 100644 --- a/playbooks/adhoc/upgrades/upgrade.yml +++ b/playbooks/adhoc/upgrades/upgrade.yml @@ -1,4 +1,9 @@ --- +- name: Load master facts + hosts: masters + roles: + - openshift_facts + - name: Verify upgrade can proceed hosts: masters[0] gather_facts: no @@ -8,18 +13,30 @@ - fail: msg="Deployment type enterprise not supported for upgrade" when: deployment_type == "enterprise" -# TODO: etcd is only guaranteed to be run on the master if embedded etcd is -# used, we should have a task to create a new group consisting of the single -# master running embedded etcd or an external etcd cluster specified by the -# etcd group in the inventory (which could also be the masters) +- name: Evaluate etcd_hosts + hosts: localhost + tasks: + - name: Evaluate etcd hosts + add_host: + name: "{{ groups.masters.0 }}" + groups: etcd_hosts + when: hostvars[groups.masters.0].openshift.master.embedded_etcd | bool + - name: Evaluate etcd hosts + add_host: + name: "{{ item }}" + groups: etcd_hosts + with_items: groups.etcd + when: not hostvars[groups.masters.0].openshift.master.embedded_etcd | bool + - name: Backup etcd - hosts: masters + hosts: etcd_hosts vars: embedded_etcd: "{{ openshift.master.embedded_etcd }}" timestamp: "{{ lookup('pipe', 'date +%Y%m%d%H%M%S') }}" roles: - openshift_facts tasks: + - stat: path=/var/lib/openshift register: var_lib_openshift @@ -142,6 +159,7 @@ from_version: '3.0' to_version: '3.1' role: master + config_base: "{{ hostvars[inventory_hostname].openshift.common.config_base }}" - set_fact: master_certs_missing: True @@ -235,8 +253,8 @@ - name: Update cluster policy and policy bindings hosts: masters[0] vars: - origin_reconcile_bindings: "{{ deployment_type == 'origin' and g_new_version.stdout | version_compare('1.0.6', '>') }}" - ent_reconcile_bindings: "{{ deployment_type in ['openshift-enterprise', 'atomic-enterprise'] and g_new_version.stdout | version_compare('3.0.2','>') }}" + origin_reconcile_bindings: "{{ deployment_type == 'origin' and gg_new_version.stdout | version_compare('1.0.6', '>') }}" + ent_reconcile_bindings: "{{ deployment_type in ['openshift-enterprise', 'atomic-enterprise'] and gg_new_version.stdout | version_compare('3.0.2','>') }}" tasks: - name: oadm policy reconcile-cluster-roles --confirm command: > @@ -264,8 +282,8 @@ - name: Upgrade default router and registry hosts: masters[0] vars: - - registry_image: "{{ openshift.master.registry_url | replace( '${component}', 'docker-registry' ) | replace ( '${version}', 'v' + _new_version.stdout ) }}" - - router_image: "{{ openshift.master.registry_url | replace( '${component}', 'haproxy-router' ) | replace ( '${version}', 'v' + _new_version.stdout ) }}" + - registry_image: "{{ openshift.master.registry_url | replace( '${component}', 'docker-registry' ) | replace ( '${version}', 'v' + g_new_version.stdout ) }}" + - router_image: "{{ openshift.master.registry_url | replace( '${component}', 'haproxy-router' ) | replace ( '${version}', 'v' + g_new_version.stdout ) }}" - oc_cmd: "{{ openshift.common.client_binary }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig" tasks: - name: Check for default router -- cgit v1.2.3 From e9680cc1020f9c54221993b3ae816b046d92bafc Mon Sep 17 00:00:00 2001 From: Jason DeTiberus Date: Thu, 5 Nov 2015 15:42:30 -0500 Subject: Additional upgrade enhancements - rework the version checking - provide better safety if the apiLevel attributes are missing - ensure a list of api levels are present - remove a list of api levels - pylint fixes --- playbooks/adhoc/upgrades/files/versions.sh | 8 ++ .../upgrades/library/openshift_upgrade_config.py | 92 ++++++++++++++++------ playbooks/adhoc/upgrades/upgrade.yml | 73 ++++++----------- 3 files changed, 101 insertions(+), 72 deletions(-) create mode 100644 playbooks/adhoc/upgrades/files/versions.sh diff --git a/playbooks/adhoc/upgrades/files/versions.sh b/playbooks/adhoc/upgrades/files/versions.sh new file mode 100644 index 000000000..01ea1d91a --- /dev/null +++ b/playbooks/adhoc/upgrades/files/versions.sh @@ -0,0 +1,8 @@ +#!/bin/bash + +yum_installed=$(yum list installed "$@" | tail -n +2 | grep -v 'Installed Packages' | grep -v 'Red Hat Subscription Management' | awk '{ print $2 }' | tr '\n' ' ') +yum_available=$(yum list available "$@" | tail -n +2 | grep -v 'Available Packages' | grep -v 'Red Hat Subscription Management' | grep -v 'el7ose' | awk '{ print $2 }' | tr '\n' ' ') + +echo "---" +echo "curr_version: ${yum_installed}" +echo "avail_version: ${yum_available}" diff --git a/playbooks/adhoc/upgrades/library/openshift_upgrade_config.py b/playbooks/adhoc/upgrades/library/openshift_upgrade_config.py index 0894efa52..33eb40d7d 100755 --- a/playbooks/adhoc/upgrades/library/openshift_upgrade_config.py +++ b/playbooks/adhoc/upgrades/library/openshift_upgrade_config.py @@ -17,8 +17,40 @@ requirements: [ ] EXAMPLES = ''' ''' +def modify_api_levels(level_list, remove, ensure, msg_prepend='', + msg_append=''): + """ modify_api_levels """ + changed = False + changes = [] + + if not isinstance(remove, list): + remove = [] + + if not isinstance(ensure, list): + ensure = [] + + if not isinstance(level_list, list): + new_list = [] + changed = True + changes.append("%s created missing %s" % (msg_prepend, msg_append)) + else: + new_list = level_list + for level in remove: + if level in new_list: + new_list.remove(level) + changed = True + changes.append("%s removed %s %s" % (msg_prepend, level, msg_append)) + + for level in ensure: + if level not in new_list: + new_list.append(level) + changed = True + changes.append("%s added %s %s" % (msg_prepend, level, msg_append)) -def upgrade_master_3_0_to_3_1(module, config_base, backup): + return {'new_list': new_list, 'changed': changed, 'changes': changes} + + +def upgrade_master_3_0_to_3_1(ansible_module, config_base, backup): """Main upgrade method for 3.0 to 3.1.""" changes = [] @@ -30,30 +62,38 @@ def upgrade_master_3_0_to_3_1(module, config_base, backup): config = yaml.safe_load(master_cfg_file.read()) master_cfg_file.close() - # Remove v1beta3 from apiLevels: - if 'apiLevels' in config and \ - 'v1beta3' in config['apiLevels']: - config['apiLevels'].remove('v1beta3') - changed = True - changes.append("master-config.yaml: removed v1beta3 from apiLevels") - if 'apiLevels' in config['kubernetesMasterConfig'] and \ - 'v1beta3' in config['kubernetesMasterConfig']['apiLevels']: - config['kubernetesMasterConfig']['apiLevels'].remove('v1beta3') - changed = True - # Add the new master proxy client certs: - # TODO: re-enable this once these certs are generated during upgrade: -# if 'proxyClientInfo' not in config['kubernetesMasterConfig']: -# config['kubernetesMasterConfig']['proxyClientInfo'] = { -# 'certFile': 'master.proxy-client.crt', -# 'keyFile': 'master.proxy-client.key' -# } -# changes.append("master-config.yaml: added proxyClientInfo") + # Remove unsupported api versions and ensure supported api versions from + # master config + unsupported_levels = ['v1beta1', 'v1beta2', 'v1beta3'] + supported_levels = ['v1'] + + result = modify_api_levels(config.get('apiLevels'), unsupported_levels, + supported_levels, 'master-config.yaml:', 'from apiLevels') + if result['changed']: + config['apiLevels'] = result['new_list'] + changes.append(result['changes']) + + if 'kubernetesMasterConfig' in config: + result = modify_api_levels(config['kubernetesMasterConfig'].get('apiLevels'), + unsupported_levels, supported_levels, 'master-config.yaml:', + 'from apiLevels') + if result['changed']: + config['kubernetesMasterConfig']['apiLevels'] = result['new_list'] + changes.append(result['changes']) + + # Add proxyClientInfo to master-config + if 'proxyClientInfo' not in config['kubernetesMasterConfig']: + config['kubernetesMasterConfig']['proxyClientInfo'] = { + 'certFile': 'master.proxy-client.crt', + 'keyFile': 'master.proxy-client.key' + } + changes.append("master-config.yaml: added proxyClientInfo") if len(changes) > 0: if backup: # TODO: Check success: - module.backup_local(master_config) + ansible_module.backup_local(master_config) # Write the modified config: out_file = open(master_config, 'w') @@ -63,18 +103,19 @@ def upgrade_master_3_0_to_3_1(module, config_base, backup): return changes -def upgrade_master(module, config_base, from_version, to_version, backup): +def upgrade_master(ansible_module, config_base, from_version, to_version, backup): """Upgrade entry point.""" if from_version == '3.0': if to_version == '3.1': - return upgrade_master_3_0_to_3_1(module, config_base, backup) + return upgrade_master_3_0_to_3_1(ansible_module, config_base, backup) def main(): """ main """ # disabling pylint errors for global-variable-undefined and invalid-name # for 'global module' usage, since it is required to use ansible_facts - # pylint: disable=global-variable-undefined, invalid-name + # pylint: disable=global-variable-undefined, invalid-name, + # redefined-outer-name global module module = AnsibleModule( @@ -98,10 +139,13 @@ def main(): changes = [] if role == 'master': changes = upgrade_master(module, config_base, from_version, - to_version, backup) + to_version, backup) changed = len(changes) > 0 return module.exit_json(changed=changed, changes=changes) + + # ignore broad-except error to avoid stack trace to ansible user + # pylint: disable=broad-except except Exception, e: return module.fail_json(msg=str(e)) diff --git a/playbooks/adhoc/upgrades/upgrade.yml b/playbooks/adhoc/upgrades/upgrade.yml index d9abff040..3b3609dca 100644 --- a/playbooks/adhoc/upgrades/upgrade.yml +++ b/playbooks/adhoc/upgrades/upgrade.yml @@ -87,50 +87,29 @@ local_facts: deployment_type: "{{ deployment_type }}" -- name: Upgrade base package on masters - hosts: masters - roles: - - openshift_facts - vars: - openshift_version: "{{ openshift_pkg_version | default('') }}" - tasks: - - name: Upgrade base package - yum: - pkg: "{{ openshift.common.service_type }}{{ openshift_version }}" - state: latest - -# TODO: ideally we would check the new version, without installing it. (some -# kind of yum repoquery? would need to handle openshift -> atomic-openshift -# package rename) - name: Perform upgrade version checking hosts: masters[0] tasks: - - name: Determine available version - shell: > - yum list available {{ openshift.common.service_type }} | tail -n 1 | cut -f 2 -d " " | cut -f 1 -d "-" - register: _new_version - - debug: var=_new_version - # The above check will return nothing if the package is already installed, - # and we may be re-running upgrade due to a failure. - - name: Determine installed version - command: > - rpm -q --queryformat '%{version}' {{ openshift.common.service_type }} - register: _new_version - when: _new_version.stdout == "" - # Fail if we still don't know: - - debug: var=_new_version - - name: Verify upgrade version - fail: Unable to determine upgrade version for {{ openshift.common.service_type }} - when: _new_version.stdout == "" - - - fail: - msg: This playbook requires Atomic OpenShift 3.0.2 or later - when: deployment_type in ['openshift_enterprise', 'atomic-enterprise'] and g_new_version.stdout | version_compare('3.0','>=') and g_new_version.stdout | version_compare('3.0.2','<') - - - fail: - msg: This playbook requires Origin 1.0.6 or later - when: deployment_type == 'origin' + - name: Clean yum cache + command: yum clean all + + - name: Determine available versions + script: files/versions.sh {{ openshift.common.service_type }} openshift + register: g_versions_result + + - set_fact: + g_aos_versions: "{{ g_versions_result.stdout | from_yaml }}" + + - set_fact: + g_new_version: "{{ g_aos_versions.curr_version.split('-', 1).0 if g_aos_versions.avail_version is none else g_aos_versions.avail_version.split('-', 1).0 }}" + + - fail: This playbook requires Origin 1.0.6 or later + when: deployment_type == 'origin' and g_aos_versions.curr_version | version_compare('1.0.6','<') + + - fail: This playbook requires Atomic OpenShift 3.0.2 or later + when: deployment_type in ['openshift-enterprise', 'atomic-openshift'] and g_aos_versions.curr_version | version_compare('3.0.2','<') + - name: Upgrade masters hosts: masters @@ -142,10 +121,6 @@ pkg: kernel state: latest - - name: display just the deployment_type variable for the current host - debug: - var: hostvars[inventory_hostname].openshift.common.deployment_type - - name: Upgrade master packages command: yum update -y {{ openshift.common.service_type }}-master{{ openshift_version }} @@ -154,6 +129,8 @@ pkg: python-yaml state: installed + - debug: var=hostvars[inventory_hostname].openshift.common.config_base + - name: Upgrade master configuration openshift_upgrade_config: from_version: '3.0' @@ -253,8 +230,8 @@ - name: Update cluster policy and policy bindings hosts: masters[0] vars: - origin_reconcile_bindings: "{{ deployment_type == 'origin' and gg_new_version.stdout | version_compare('1.0.6', '>') }}" - ent_reconcile_bindings: "{{ deployment_type in ['openshift-enterprise', 'atomic-enterprise'] and gg_new_version.stdout | version_compare('3.0.2','>') }}" + origin_reconcile_bindings: "{{ deployment_type == 'origin' and g_new_version | version_compare('1.0.6', '>') }}" + ent_reconcile_bindings: "{{ deployment_type in ['openshift-enterprise', 'atomic-enterprise'] and g_new_version | version_compare('3.0.2','>') }}" tasks: - name: oadm policy reconcile-cluster-roles --confirm command: > @@ -282,8 +259,8 @@ - name: Upgrade default router and registry hosts: masters[0] vars: - - registry_image: "{{ openshift.master.registry_url | replace( '${component}', 'docker-registry' ) | replace ( '${version}', 'v' + g_new_version.stdout ) }}" - - router_image: "{{ openshift.master.registry_url | replace( '${component}', 'haproxy-router' ) | replace ( '${version}', 'v' + g_new_version.stdout ) }}" + - registry_image: "{{ openshift.master.registry_url | replace( '${component}', 'docker-registry' ) | replace ( '${version}', 'v' + g_new_version ) }}" + - router_image: "{{ openshift.master.registry_url | replace( '${component}', 'haproxy-router' ) | replace ( '${version}', 'v' + g_new_version ) }}" - oc_cmd: "{{ openshift.common.client_binary }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig" tasks: - name: Check for default router -- cgit v1.2.3 From 7b405f03f75b3c03a6016024ee757c1645bf234c Mon Sep 17 00:00:00 2001 From: Jason DeTiberus Date: Thu, 5 Nov 2015 17:34:12 -0500 Subject: add master_hostnames definition for upgrade --- playbooks/adhoc/upgrades/upgrade.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/playbooks/adhoc/upgrades/upgrade.yml b/playbooks/adhoc/upgrades/upgrade.yml index 3b3609dca..e63add4d1 100644 --- a/playbooks/adhoc/upgrades/upgrade.yml +++ b/playbooks/adhoc/upgrades/upgrade.yml @@ -155,6 +155,10 @@ - name: Generate missing master certificates hosts: masters[0] vars: + master_hostnames: "{{ hostvars + | oo_select_keys(groups.masters) + | oo_collect('openshift.common.all_hostnames') + | oo_flatten | unique }}" master_generated_certs_dir: "{{ openshift.common.config_base }}/generated-configs" masters_needing_certs: "{{ hostvars | oo_select_keys(groups.masters) -- cgit v1.2.3 From a66407b55d3ad76952c14454499f3ea8169987bc Mon Sep 17 00:00:00 2001 From: Troy Dawson Date: Thu, 5 Nov 2015 17:21:53 -0600 Subject: exclude atomic-openshift-installer from bin subpackage --- openshift-ansible.spec | 1 + 1 file changed, 1 insertion(+) diff --git a/openshift-ansible.spec b/openshift-ansible.spec index df3418278..10a53d921 100644 --- a/openshift-ansible.spec +++ b/openshift-ansible.spec @@ -104,6 +104,7 @@ Scripts to make it nicer when working with hosts that are defined only by metada %files bin %{_bindir}/* +%exclude %{_bindir}/atomic-openshift-installer %{python_sitelib}/openshift_ansible/ /etc/bash_completion.d/* %config(noreplace) /etc/openshift_ansible/ -- cgit v1.2.3 From b56907db97edcb85aaf9816c3e603d311fd8f316 Mon Sep 17 00:00:00 2001 From: Andrew Butcher Date: Thu, 5 Nov 2015 07:25:53 -0500 Subject: Don't check for certs in data_dir just raise when they can't be found. Fix typo. --- filter_plugins/oo_filters.py | 9 ++------- roles/openshift_facts/library/openshift_facts.py | 2 +- 2 files changed, 3 insertions(+), 8 deletions(-) diff --git a/filter_plugins/oo_filters.py b/filter_plugins/oo_filters.py index f494c0ae5..44872ba28 100644 --- a/filter_plugins/oo_filters.py +++ b/filter_plugins/oo_filters.py @@ -378,13 +378,8 @@ class FilterModule(object): certificate['names'] = [] if not os.path.isfile(certificate['certfile']) and not os.path.isfile(certificate['keyfile']): - # Unable to find cert/key, try to prepend data_dir to paths - certificate['certfile'] = os.path.join(data_dir, certificate['certfile']) - certificate['keyfile'] = os.path.join(data_dir, certificate['keyfile']) - if not os.path.isfile(certificate['certfile']) and not os.path.isfile(certificate['keyfile']): - # Unable to find cert/key in data_dir - raise errors.AnsibleFilterError("|certificate and/or key does not exist '%s', '%s'" % - (certificate['certfile'], certificate['keyfile'])) + raise errors.AnsibleFilterError("|certificate and/or key does not exist '%s', '%s'" % + (certificate['certfile'], certificate['keyfile'])) try: st_cert = open(certificate['certfile'], 'rt').read() diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py index 134734a65..1b37de08b 100755 --- a/roles/openshift_facts/library/openshift_facts.py +++ b/roles/openshift_facts/library/openshift_facts.py @@ -517,7 +517,7 @@ def set_aggregate_facts(facts): facts['master']['etcd_data_dir'] = '/var/lib/etcd' facts['common']['all_hostnames'] = list(all_hostnames) - facts['common']['internal_hostnames'] = list(all_hostnames) + facts['common']['internal_hostnames'] = list(internal_hostnames) return facts -- cgit v1.2.3 From 753c0e31a9e8adb84f6352aaef47d410abee307c Mon Sep 17 00:00:00 2001 From: Andrew Butcher Date: Thu, 5 Nov 2015 19:54:25 -0500 Subject: Fix file check conditional. --- filter_plugins/oo_filters.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/filter_plugins/oo_filters.py b/filter_plugins/oo_filters.py index 44872ba28..f4643270d 100644 --- a/filter_plugins/oo_filters.py +++ b/filter_plugins/oo_filters.py @@ -377,7 +377,7 @@ class FilterModule(object): else: certificate['names'] = [] - if not os.path.isfile(certificate['certfile']) and not os.path.isfile(certificate['keyfile']): + if not os.path.isfile(certificate['certfile']) or not os.path.isfile(certificate['keyfile']): raise errors.AnsibleFilterError("|certificate and/or key does not exist '%s', '%s'" % (certificate['certfile'], certificate['keyfile'])) -- cgit v1.2.3 From c84677a90bd168b804cae7e511747b7af30ce387 Mon Sep 17 00:00:00 2001 From: Jason DeTiberus Date: Thu, 5 Nov 2015 21:21:37 -0500 Subject: Fix lb group related errors --- playbooks/aws/openshift-cluster/config.yml | 1 + playbooks/common/openshift-cluster/evaluate_groups.yml | 10 +++++++--- playbooks/gce/openshift-cluster/config.yml | 1 + playbooks/libvirt/openshift-cluster/config.yml | 1 + playbooks/openstack/openshift-cluster/config.yml | 1 + 5 files changed, 11 insertions(+), 3 deletions(-) diff --git a/playbooks/aws/openshift-cluster/config.yml b/playbooks/aws/openshift-cluster/config.yml index a8e3e27bb..5aa6b0f9b 100644 --- a/playbooks/aws/openshift-cluster/config.yml +++ b/playbooks/aws/openshift-cluster/config.yml @@ -11,6 +11,7 @@ - include: ../../common/openshift-cluster/config.yml vars: g_etcd_group: "{{ 'tag_env-host-type_' ~ cluster_id ~ '-openshift-etcd' }}" + g_lb_group: "{{ 'tag_env-host-type_' ~ cluster_id ~ '-openshift-lb' }}" g_masters_group: "{{ 'tag_env-host-type_' ~ cluster_id ~ '-openshift-master' }}" g_nodes_group: "{{ 'tag_env-host-type_' ~ cluster_id ~ '-openshift-node' }}" g_ssh_user: "{{ hostvars.localhost.g_ssh_user_tmp }}" diff --git a/playbooks/common/openshift-cluster/evaluate_groups.yml b/playbooks/common/openshift-cluster/evaluate_groups.yml index a787ba0d3..2bb69614f 100644 --- a/playbooks/common/openshift-cluster/evaluate_groups.yml +++ b/playbooks/common/openshift-cluster/evaluate_groups.yml @@ -4,17 +4,21 @@ gather_facts: no tasks: - fail: - msg: This playbook rquires g_etcd_group to be set + msg: This playbook requires g_etcd_group to be set when: g_etcd_group is not defined - fail: - msg: This playbook rquires g_masters_group to be set + msg: This playbook requires g_masters_group to be set when: g_masters_group is not defined - fail: - msg: This playbook rquires g_nodes_group to be set + msg: This playbook requires g_nodes_group to be set when: g_nodes_group is not defined + - fail: + msg: This playbook requires g_lb_group to be set + when: g_lb_group is not defined + - name: Evaluate oo_etcd_to_config add_host: name: "{{ item }}" diff --git a/playbooks/gce/openshift-cluster/config.yml b/playbooks/gce/openshift-cluster/config.yml index 6ca4f7395..745161bcb 100644 --- a/playbooks/gce/openshift-cluster/config.yml +++ b/playbooks/gce/openshift-cluster/config.yml @@ -16,6 +16,7 @@ - include: ../../common/openshift-cluster/config.yml vars: g_etcd_group: "{{ 'tag_env-host-type-' ~ cluster_id ~ '-openshift-etcd' }}" + g_lb_group: "{{ 'tag_env-host-type-' ~ cluster_id ~ '-openshift-lb' }}" g_masters_group: "{{ 'tag_env-host-type-' ~ cluster_id ~ '-openshift-master' }}" g_nodes_group: "{{ 'tag_env-host-type-' ~ cluster_id ~ '-openshift-node' }}" g_ssh_user: "{{ hostvars.localhost.g_ssh_user_tmp }}" diff --git a/playbooks/libvirt/openshift-cluster/config.yml b/playbooks/libvirt/openshift-cluster/config.yml index c208eee81..4d1ae22ff 100644 --- a/playbooks/libvirt/openshift-cluster/config.yml +++ b/playbooks/libvirt/openshift-cluster/config.yml @@ -15,6 +15,7 @@ - include: ../../common/openshift-cluster/config.yml vars: g_etcd_group: "{{ 'tag_env-host-type-' ~ cluster_id ~ '-openshift-etcd' }}" + g_lb_group: "{{ 'tag_env-host-type-' ~ cluster_id ~ '-openshift-lb' }}" g_masters_group: "{{ 'tag_env-host-type-' ~ cluster_id ~ '-openshift-master' }}" g_nodes_group: "{{ 'tag_env-host-type-' ~ cluster_id ~ '-openshift-node' }}" g_ssh_user: "{{ hostvars.localhost.g_ssh_user_tmp }}" diff --git a/playbooks/openstack/openshift-cluster/config.yml b/playbooks/openstack/openshift-cluster/config.yml index a5ee2d6a5..888804e28 100644 --- a/playbooks/openstack/openshift-cluster/config.yml +++ b/playbooks/openstack/openshift-cluster/config.yml @@ -10,6 +10,7 @@ - include: ../../common/openshift-cluster/config.yml vars: g_etcd_group: "{{ 'tag_env-host-type_' ~ cluster_id ~ '-openshift-etcd' }}" + g_lb_group: "{{ 'tag_env-host-type_' ~ cluster_id ~ '-openshift-lb' }}" g_masters_group: "{{ 'tag_env-host-type_' ~ cluster_id ~ '-openshift-master' }}" g_nodes_group: "{{ 'tag_env-host-type_' ~ cluster_id ~ '-openshift-node' }}" g_ssh_user: "{{ hostvars.localhost.g_ssh_user_tmp }}" -- cgit v1.2.3 From d0fbf1598a9ee6e52a4fae4c5922c580df06a78d Mon Sep 17 00:00:00 2001 From: Andrew Butcher Date: Thu, 5 Nov 2015 18:09:00 -0500 Subject: Start to handle pacemaker ha during upgrade --- playbooks/adhoc/upgrades/upgrade.yml | 54 +++++++++++++++++++++++++++++++++-- roles/openshift_master/tasks/main.yml | 5 ++++ 2 files changed, 56 insertions(+), 3 deletions(-) diff --git a/playbooks/adhoc/upgrades/upgrade.yml b/playbooks/adhoc/upgrades/upgrade.yml index e63add4d1..e807d3fa8 100644 --- a/playbooks/adhoc/upgrades/upgrade.yml +++ b/playbooks/adhoc/upgrades/upgrade.yml @@ -6,12 +6,17 @@ - name: Verify upgrade can proceed hosts: masters[0] + vars: + openshift_master_ha: "{{ groups['masters'] | length > 1 }}" gather_facts: no tasks: # Checking the global deployment type rather than host facts, this is about # what the user is requesting. - fail: msg="Deployment type enterprise not supported for upgrade" when: deployment_type == "enterprise" + # Pacemaker is currently the only supported upgrade path for multiple masters + - fail: msg="openshift_master_cluster_method must be set to 'pacemaker'" + when: openshift_master_ha | bool and ((openshift_master_cluster_method is not defined) or (openshift_master_cluster_method is defined and openshift_master_cluster_method != "pacemaker")) - name: Evaluate etcd_hosts hosts: localhost @@ -182,8 +187,6 @@ command: > tar -czvf {{ master_generated_certs_dir }}/{{ item.master_cert_subdir }}.tgz -C {{ master_generated_certs_dir }}/{{ item.master_cert_subdir }} . - args: - creates: "{{ master_generated_certs_dir }}/{{ item.master_cert_subdir }}.tgz" with_items: masters_needing_certs - name: Retrieve the master cert tarball from the master @@ -195,11 +198,11 @@ validate_checksum: yes with_items: masters_needing_certs - - name: Sync certs and restart masters post configuration change hosts: masters vars: sync_tmpdir: "{{ hostvars.localhost.g_master_mktemp.stdout }}" + openshift_master_ha: "{{ groups['masters'] | length > 1 }}" tasks: - name: Unarchive the tarball on the master unarchive: @@ -209,7 +212,41 @@ - name: Restart master services service: name="{{ openshift.common.service_type}}-master" state=restarted + when: not openshift_master_ha | bool +- name: Destroy cluster + hosts: masters[0] + vars: + openshift_master_ha: "{{ groups['masters'] | length > 1 }}" + openshift_deployment_type: "{{ deployment_type }}" + pre_tasks: + - name: Check for configured cluster + stat: + path: /etc/corosync/corosync.conf + register: corosync_conf + when: openshift_master_ha | bool + - name: Destroy cluster + command: pcs cluster destroy --all + when: openshift_master_ha | bool and corosync_conf.stat.exists == true + +- name: Start pcsd on masters + hosts: masters + vars: + openshift_master_ha: "{{ groups['masters'] | length > 1 }}" + tasks: + - name: Start pcsd + service: name=pcsd state=started + when: openshift_master_ha | bool + +- name: Re-create cluster + hosts: masters[0] + vars: + openshift_master_ha: "{{ groups['masters'] | length > 1 }}" + openshift_deployment_type: "{{ deployment_type }}" + omc_cluster_hosts: "{{ groups.masters | join(' ') }}" + roles: + - role: openshift_master_cluster + when: openshift_master_ha | bool - name: Delete temporary directory on localhost hosts: localhost @@ -255,10 +292,21 @@ - name: Restart masters post reconcile hosts: masters + vars: + openshift_master_ha: "{{ groups['masters'] | length > 1 }}" tasks: - name: Restart master services service: name="{{ openshift.common.service_type}}-master" state=restarted + when: not openshift_master_ha | bool +- name: Restart cluster post reconcile + hosts: masters[0] + vars: + openshift_master_ha: "{{ groups['masters'] | length > 1 }}" + tasks: + - name: Restart master cluster + command: pcs resource restart master + when: openshift_master_ha | bool - name: Upgrade default router and registry hosts: masters[0] diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml index be77fce4a..35570923c 100644 --- a/roles/openshift_master/tasks/main.yml +++ b/roles/openshift_master/tasks/main.yml @@ -140,22 +140,27 @@ src: atomic-openshift-master-api.service.j2 dest: /usr/lib/systemd/system/{{ openshift.common.service_type }}-master-api.service force: no + when: openshift_master_ha | bool and openshift_master_cluster_method == "native" - name: Create the controllers service file template: src: atomic-openshift-master-controllers.service.j2 dest: /usr/lib/systemd/system/{{ openshift.common.service_type }}-master-controllers.service force: no + when: openshift_master_ha | bool and openshift_master_cluster_method == "native" - name: Create the api env file template: src: atomic-openshift-master-api.j2 dest: /etc/sysconfig/{{ openshift.common.service_type }}-master-api force: no + when: openshift_master_ha | bool and openshift_master_cluster_method == "native" - name: Create the controllers env file template: src: atomic-openshift-master-controllers.j2 dest: /etc/sysconfig/{{ openshift.common.service_type }}-master-controllers force: no + when: openshift_master_ha | bool and openshift_master_cluster_method == "native" - command: systemctl daemon-reload + when: openshift_master_ha | bool and openshift_master_cluster_method == "native" # end workaround for missing systemd unit files - name: Create session secrets file -- cgit v1.2.3 From 66791fd954731c7d4286d48683b7fe40288d5000 Mon Sep 17 00:00:00 2001 From: Devan Goodwin Date: Fri, 6 Nov 2015 09:49:17 -0400 Subject: Add pre-upgrade script to be run on first master. Script currently just checks for port names that are no longer valid. In theory other checks may be added to this script in the future. Script was originally written by Steve Milner and Andy Goldstein. If the script fails, ansible seems to handle this nicely by default, exiting the upgrade and displaying stderr and stdout, both of which contain useful info on what the problem was. --- playbooks/adhoc/upgrades/files/pre-upgrade-check | 185 +++++++++++++++++++++++ playbooks/adhoc/upgrades/upgrade.yml | 7 + 2 files changed, 192 insertions(+) create mode 100644 playbooks/adhoc/upgrades/files/pre-upgrade-check diff --git a/playbooks/adhoc/upgrades/files/pre-upgrade-check b/playbooks/adhoc/upgrades/files/pre-upgrade-check new file mode 100644 index 000000000..c8ecae399 --- /dev/null +++ b/playbooks/adhoc/upgrades/files/pre-upgrade-check @@ -0,0 +1,185 @@ +#!/usr/bin/env python +""" +Pre-upgrade checks that must be run on a master before proceeding with upgrade. +""" +# This is a script not a python module: +# pylint: disable=invalid-name + +# NOTE: This script should not require any python libs other than what is +# in the standard library. + +__license__ = "ASL 2.0" + +import json +import os +import subprocess +import re + +# The maximum length of container.ports.name +ALLOWED_LENGTH = 15 +# The valid structure of container.ports.name +ALLOWED_CHARS = re.compile('^[a-z0-9][a-z0-9\\-]*[a-z0-9]$') +AT_LEAST_ONE_LETTER = re.compile('[a-z]') +# look at OS_PATH for the full path. Default ot 'oc' +OC_PATH = os.getenv('OC_PATH', 'oc') + + +def validate(value): + """ + validate verifies that value matches required conventions + + Rules of container.ports.name validation: + + * must be less that 16 chars + * at least one letter + * only a-z0-9- + * hyphens can not be leading or trailing or next to each other + + :Parameters: + - `value`: Value to validate + """ + if len(value) > ALLOWED_LENGTH: + return False + + if '--' in value: + return False + + # We search since it can be anywhere + if not AT_LEAST_ONE_LETTER.search(value): + return False + + # We match because it must start at the beginning + if not ALLOWED_CHARS.match(value): + return False + return True + + +def list_items(kind): + """ + list_items returns a list of items from the api + + :Parameters: + - `kind`: Kind of item to access + """ + response = subprocess.check_output([OC_PATH, 'get', '--all-namespaces', '-o', 'json', kind]) + items = json.loads(response) + return items.get("items", []) + + +def get(obj, *paths): + """ + Gets an object + + :Parameters: + - `obj`: A dictionary structure + - `path`: All other non-keyword arguments + """ + ret_obj = obj + for path in paths: + if ret_obj.get(path, None) is None: + return [] + ret_obj = ret_obj[path] + return ret_obj + + +# pylint: disable=too-many-arguments +def pretty_print_errors(namespace, kind, item_name, container_name, port_name, valid): + """ + Prints out results in human friendly way. + + :Parameters: + - `namespace`: Namespace of the resource + - `kind`: Kind of the resource + - `item_name`: Name of the resource + - `container_name`: Name of the container. May be "" when kind=Service. + - `port_name`: Name of the port + - `valid`: True if the port is valid + """ + if not valid: + if len(container_name) > 0: + print('%s/%s -n %s (Container="%s" Port="%s")' % ( + kind, item_name, namespace, container_name, port_name)) + else: + print('%s/%s -n %s (Port="%s")' % ( + kind, item_name, namespace, port_name)) + + +def print_validation_header(): + """ + Prints the error header. Should run on the first error to avoid + overwhelming the user. + """ + print """\ +At least one port name does not validate. Valid port names: + + * must be less that 16 chars + * have at least one letter + * only a-z0-9- + * do not start or end with - + * Dashes may not be next to eachother ('--') +""" + + +def main(): + """ + main is the main entry point to this script + """ + try: + # the comma at the end suppresses the newline + print "Checking for oc ...", + subprocess.check_output([OC_PATH, 'whoami']) + print "found" + except: + print( + 'Can not find oc (%s). Override the path with the ' + 'OC_PATH environment variable. Exiting...' % OC_PATH) + raise SystemExit(1) + + # Where the magic happens + first_error = True + for kind, path in [ + ('replicationcontrollers', ("spec", "template", "spec", "containers")), + ('pods', ("spec", "containers")), + ('deploymentconfigs', ("spec", "template", "spec", "containers"))]: + for item in list_items(kind): + namespace = item["metadata"]["namespace"] + item_name = item["metadata"]["name"] + for container in get(item, *path): + container_name = container["name"] + for port in get(container, "ports"): + port_name = port.get("name", None) + if not port_name: + # Unnamed ports are OK + continue + valid = validate(port_name) + if not valid and first_error: + first_error = False + print_validation_header() + pretty_print_errors( + namespace, kind, item_name, + container_name, port_name, valid) + + # Services follow a different flow + for item in list_items('services'): + namespace = item["metadata"]["namespace"] + item_name = item["metadata"]["name"] + for port in get(item, "spec", "ports"): + port_name = port.get("targetPort", None) + if isinstance(port_name, int) or port_name is None: + # Integer only or unnamed ports are OK + continue + valid = validate(port_name) + if not valid and first_error: + first_error = False + print_validation_header() + pretty_print_errors( + namespace, "services", item_name, "", port_name, valid) + + # If we had at least 1 error then exit with 1 + if not first_error: + raise SystemExit(1) + + +if __name__ == '__main__': + main() + diff --git a/playbooks/adhoc/upgrades/upgrade.yml b/playbooks/adhoc/upgrades/upgrade.yml index e63add4d1..4ca9b94ac 100644 --- a/playbooks/adhoc/upgrades/upgrade.yml +++ b/playbooks/adhoc/upgrades/upgrade.yml @@ -13,6 +13,13 @@ - fail: msg="Deployment type enterprise not supported for upgrade" when: deployment_type == "enterprise" +- name: Run pre-upgrade checks on first master + hosts: masters[0] + tasks: + # If this script errors out ansible will show the default stdout/stderr + # which contains details for the user: + - script: files/pre-upgrade-check + - name: Evaluate etcd_hosts hosts: localhost tasks: -- cgit v1.2.3 From 15ca45191af7c5c2f04f9096922590412e889e17 Mon Sep 17 00:00:00 2001 From: Jason DeTiberus Date: Fri, 6 Nov 2015 10:36:57 -0500 Subject: Remove v1beta3 by default for kube_nfs_volumes --- roles/kube_nfs_volumes/README.md | 3 +++ roles/kube_nfs_volumes/defaults/main.yml | 6 ++++++ roles/kube_nfs_volumes/tasks/main.yml | 13 ++++++------ roles/kube_nfs_volumes/templates/nfs.json.j2 | 23 ---------------------- roles/kube_nfs_volumes/templates/v1/nfs.json.j2 | 1 + .../kube_nfs_volumes/templates/v1beta3/nfs.json.j2 | 23 ++++++++++++++++++++++ 6 files changed, 40 insertions(+), 29 deletions(-) delete mode 100644 roles/kube_nfs_volumes/templates/nfs.json.j2 create mode 120000 roles/kube_nfs_volumes/templates/v1/nfs.json.j2 create mode 100644 roles/kube_nfs_volumes/templates/v1beta3/nfs.json.j2 diff --git a/roles/kube_nfs_volumes/README.md b/roles/kube_nfs_volumes/README.md index 56c69c286..1520f79b2 100644 --- a/roles/kube_nfs_volumes/README.md +++ b/roles/kube_nfs_volumes/README.md @@ -44,6 +44,9 @@ kubernetes_url: https://10.245.1.2:6443 # Token to use for authentication to the API server kubernetes_token: tJdce6Fn3cL1112YoIJ5m2exzAbzcPZX + +# API Version to use for kubernetes +kube_api_version: v1 ``` ## Dependencies diff --git a/roles/kube_nfs_volumes/defaults/main.yml b/roles/kube_nfs_volumes/defaults/main.yml index e296492f9..bdd994d07 100644 --- a/roles/kube_nfs_volumes/defaults/main.yml +++ b/roles/kube_nfs_volumes/defaults/main.yml @@ -1,4 +1,10 @@ --- +kubernetes_url: https://172.30.0.1:443 + +kube_api_version: v1 + +kube_req_template: "../templates/{{ kube_api_version }}/nfs.json.j2" + # Options of NFS exports. nfs_export_options: "*(rw,no_root_squash,insecure,no_subtree_check)" diff --git a/roles/kube_nfs_volumes/tasks/main.yml b/roles/kube_nfs_volumes/tasks/main.yml index f4a506234..d1dcf261a 100644 --- a/roles/kube_nfs_volumes/tasks/main.yml +++ b/roles/kube_nfs_volumes/tasks/main.yml @@ -16,10 +16,11 @@ - include: nfs.yml - name: export physical volumes - uri: url={{ kubernetes_url }}/api/v1beta3/persistentvolumes - method=POST - body='{{ lookup("template", "../templates/nfs.json.j2") }}' - body_format=json - status_code=201 - HEADER_Authorization="Bearer {{ kubernetes_token }}" + uri: + url: "{{ kubernetes_url }}/api/{{ kube_api_version }}/persistentvolumes" + method: POST + body: "{{ lookup('template', kube_req_template) }}" + body_format: json + status_code: 201 + HEADER_Authorization: "Bearer {{ kubernetes_token }}" with_items: partition_pool diff --git a/roles/kube_nfs_volumes/templates/nfs.json.j2 b/roles/kube_nfs_volumes/templates/nfs.json.j2 deleted file mode 100644 index b42886ef1..000000000 --- a/roles/kube_nfs_volumes/templates/nfs.json.j2 +++ /dev/null @@ -1,23 +0,0 @@ -{ - "kind": "PersistentVolume", - "apiVersion": "v1beta3", - "metadata": { - "name": "pv-{{ inventory_hostname | regex_replace("\.", "-") }}-{{ item.name }}", - "labels": { - "type": "nfs" - } - }, - "spec": { - "capacity": { - "storage": "{{ item.size }}" - }, - "accessModes": [ - "ReadWriteOnce" - ], - "NFS": { - "Server": "{{ inventory_hostname }}", - "Path": "{{ mount_dir }}/{{ item.name }}", - "ReadOnly": false - } - } -} diff --git a/roles/kube_nfs_volumes/templates/v1/nfs.json.j2 b/roles/kube_nfs_volumes/templates/v1/nfs.json.j2 new file mode 120000 index 000000000..49c1191bc --- /dev/null +++ b/roles/kube_nfs_volumes/templates/v1/nfs.json.j2 @@ -0,0 +1 @@ +../v1beta3/nfs.json.j2 \ No newline at end of file diff --git a/roles/kube_nfs_volumes/templates/v1beta3/nfs.json.j2 b/roles/kube_nfs_volumes/templates/v1beta3/nfs.json.j2 new file mode 100644 index 000000000..b42886ef1 --- /dev/null +++ b/roles/kube_nfs_volumes/templates/v1beta3/nfs.json.j2 @@ -0,0 +1,23 @@ +{ + "kind": "PersistentVolume", + "apiVersion": "v1beta3", + "metadata": { + "name": "pv-{{ inventory_hostname | regex_replace("\.", "-") }}-{{ item.name }}", + "labels": { + "type": "nfs" + } + }, + "spec": { + "capacity": { + "storage": "{{ item.size }}" + }, + "accessModes": [ + "ReadWriteOnce" + ], + "NFS": { + "Server": "{{ inventory_hostname }}", + "Path": "{{ mount_dir }}/{{ item.name }}", + "ReadOnly": false + } + } +} -- cgit v1.2.3 From 98b69946496d0b214c5bd0d384e1cea0856c4cbb Mon Sep 17 00:00:00 2001 From: Devan Goodwin Date: Fri, 6 Nov 2015 11:43:25 -0400 Subject: Fix pylint errors with getting hosts to run on. --- utils/src/ooinstall/cli_installer.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/utils/src/ooinstall/cli_installer.py b/utils/src/ooinstall/cli_installer.py index 9f0861b77..e63f14816 100644 --- a/utils/src/ooinstall/cli_installer.py +++ b/utils/src/ooinstall/cli_installer.py @@ -323,6 +323,8 @@ def get_installed_hosts(hosts, callback_facts): installed_hosts.append(host) return installed_hosts +# pylint: disable=too-many-branches +# This pylint error will be corrected shortly in separate PR. def get_hosts_to_run_on(oo_cfg, callback_facts, unattended, force, verbose): # Copy the list of existing hosts so we can remove any already installed nodes. @@ -383,7 +385,7 @@ def get_hosts_to_run_on(oo_cfg, callback_facts, unattended, force, verbose): openshift_ansible.set_config(oo_cfg) click.echo('Gathering information from hosts...') - callback_facts, error = openshift_ansible.default_facts(oo_cfg.hosts) + callback_facts, error = openshift_ansible.default_facts(oo_cfg.hosts, verbose) if error: click.echo("There was a problem fetching the required information. " \ "See {} for details.".format(oo_cfg.settings['ansible_log_path'])) -- cgit v1.2.3 From 6955b11fbed1f3d73d814d610b4a6905331406e8 Mon Sep 17 00:00:00 2001 From: Devan Goodwin Date: Fri, 6 Nov 2015 11:52:56 -0400 Subject: Write new config to disk after successful upgrade. --- utils/src/ooinstall/cli_installer.py | 1 + 1 file changed, 1 insertion(+) diff --git a/utils/src/ooinstall/cli_installer.py b/utils/src/ooinstall/cli_installer.py index e63f14816..0d65f2053 100644 --- a/utils/src/ooinstall/cli_installer.py +++ b/utils/src/ooinstall/cli_installer.py @@ -526,6 +526,7 @@ def upgrade(ctx): click.echo("Errors encountered during upgrade, please check %s." % oo_cfg.settings['ansible_log_path']) else: + oo_cfg.save_to_disk() click.echo("Upgrade completed! Rebooting all hosts is recommended.") -- cgit v1.2.3 From 66573cc1e39f3c71dfb393298cc743490a8f240c Mon Sep 17 00:00:00 2001 From: Jason DeTiberus Date: Fri, 6 Nov 2015 11:07:00 -0500 Subject: apiLevel changes - remove kubernetesMasterConfig.apiLevels if >= 3.1/1.1 - change apiLevels conditional from using deployment_type to version_greater_than_3_1_or_1_1 --- roles/openshift_master/templates/master.yaml.v1.j2 | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/openshift_master/templates/master.yaml.v1.j2 b/roles/openshift_master/templates/master.yaml.v1.j2 index 9547a6945..725151bed 100644 --- a/roles/openshift_master/templates/master.yaml.v1.j2 +++ b/roles/openshift_master/templates/master.yaml.v1.j2 @@ -1,5 +1,5 @@ apiLevels: -{% if openshift.common.deployment_type == "enterprise" %} +{% if not openshift.common.version_greater_than_3_1_or_1_1 | bool %} - v1beta3 {% endif %} - v1 @@ -73,11 +73,11 @@ kubeletClientInfo: port: 10250 {% if openshift.master.embedded_kube | bool %} kubernetesMasterConfig: +{% if not openshift.common.version_greater_than_3_1_or_1_1 | bool %} apiLevels: -{% if openshift.common.deployment_type == "enterprise" %} - v1beta3 -{% endif %} - v1 +{% endif %} apiServerArguments: {{ api_server_args if api_server_args is defined else 'null' }} controllerArguments: {{ controller_args if controller_args is defined else 'null' }} {# TODO: support overriding masterCount #} -- cgit v1.2.3 From afb03bb7e30cb46bc3fd55fa58888b13171db299 Mon Sep 17 00:00:00 2001 From: Devan Goodwin Date: Fri, 6 Nov 2015 12:32:11 -0400 Subject: Fix creation of origin symlink when dir already exists. --- playbooks/adhoc/upgrades/upgrade.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/playbooks/adhoc/upgrades/upgrade.yml b/playbooks/adhoc/upgrades/upgrade.yml index 4ca9b94ac..890a51241 100644 --- a/playbooks/adhoc/upgrades/upgrade.yml +++ b/playbooks/adhoc/upgrades/upgrade.yml @@ -47,9 +47,12 @@ - stat: path=/var/lib/openshift register: var_lib_openshift + - stat: path=/var/lib/origin + register: var_lib_origin + - name: Create origin symlink if necessary file: src=/var/lib/openshift/ dest=/var/lib/origin state=link - when: var_lib_openshift.stat.exists == True + when: var_lib_openshift.stat.exists == True and var_lib_origin.stat.exists == False - name: Check available disk space for etcd backup # We assume to be using the data dir for all backups. -- cgit v1.2.3 From 941246584a95cc4b5d5619e2b31f75923888f2f6 Mon Sep 17 00:00:00 2001 From: Jason DeTiberus Date: Fri, 6 Nov 2015 11:36:17 -0500 Subject: Fix apiLevels modifications --- playbooks/adhoc/upgrades/library/openshift_upgrade_config.py | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/playbooks/adhoc/upgrades/library/openshift_upgrade_config.py b/playbooks/adhoc/upgrades/library/openshift_upgrade_config.py index 33eb40d7d..f9ee5b254 100755 --- a/playbooks/adhoc/upgrades/library/openshift_upgrade_config.py +++ b/playbooks/adhoc/upgrades/library/openshift_upgrade_config.py @@ -74,13 +74,9 @@ def upgrade_master_3_0_to_3_1(ansible_module, config_base, backup): config['apiLevels'] = result['new_list'] changes.append(result['changes']) - if 'kubernetesMasterConfig' in config: - result = modify_api_levels(config['kubernetesMasterConfig'].get('apiLevels'), - unsupported_levels, supported_levels, 'master-config.yaml:', - 'from apiLevels') - if result['changed']: - config['kubernetesMasterConfig']['apiLevels'] = result['new_list'] - changes.append(result['changes']) + if 'kubernetesMasterConfig' in config and 'apiLevels' in config['kubernetesMasterConfig']: + config['kubernetesMasterConfig'].remove('apiLevels') + changes.append('master-config.yaml: removed kubernetesMasterConfig.apiLevels') # Add proxyClientInfo to master-config if 'proxyClientInfo' not in config['kubernetesMasterConfig']: -- cgit v1.2.3 From 9e1bfdda7746db342d62920212784d07289bc437 Mon Sep 17 00:00:00 2001 From: Jason DeTiberus Date: Fri, 6 Nov 2015 11:42:53 -0500 Subject: Fix data_dir for 3.0 deployments --- roles/openshift_facts/library/openshift_facts.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py index 134734a65..1ba5fc13b 100755 --- a/roles/openshift_facts/library/openshift_facts.py +++ b/roles/openshift_facts/library/openshift_facts.py @@ -551,6 +551,8 @@ def set_deployment_facts_if_unset(facts): facts['common']['config_base'] = config_base if 'data_dir' not in facts['common']: data_dir = '/var/lib/origin' + if deployment_type in ['enterprise', 'online']: + data_dir = '/var/lib/openshift' facts['common']['data_dir'] = data_dir for role in ('master', 'node'): -- cgit v1.2.3 From ae06c06c4b3584e5891c806b690f5ac1fa283124 Mon Sep 17 00:00:00 2001 From: Matt Woodson Date: Fri, 6 Nov 2015 12:47:15 -0500 Subject: added network checks. also updated item prototype code to support more --- roles/lib_zabbix/library/zbx_itemprototype.py | 39 ++++++++++++++++++++++++--- roles/lib_zabbix/tasks/create_template.yml | 4 +++ roles/os_zabbix/vars/template_os_linux.yml | 25 +++++++++++++++++ 3 files changed, 64 insertions(+), 4 deletions(-) diff --git a/roles/lib_zabbix/library/zbx_itemprototype.py b/roles/lib_zabbix/library/zbx_itemprototype.py index e7fd6fa21..43498c015 100644 --- a/roles/lib_zabbix/library/zbx_itemprototype.py +++ b/roles/lib_zabbix/library/zbx_itemprototype.py @@ -67,7 +67,24 @@ def get_template(zapi, template_name): return None return content['result'][0] -def get_type(ztype): +def get_multiplier(inval): + ''' Determine the multiplier + ''' + if inval == None or inval == '': + return None, 0 + + rval = None + try: + rval = int(inval) + except ValueError: + pass + + if rval: + return rval, 1 + + return rval, 0 + +def get_zabbix_type(ztype): ''' Determine which type of discoverrule this is ''' @@ -87,6 +104,7 @@ def get_type(ztype): 'telnet': 14, 'calculated': 15, 'JMX': 16, + 'SNMP trap': 17, } for typ in _types.keys(): @@ -153,16 +171,21 @@ def main(): name=dict(default=None, type='str'), key=dict(default=None, type='str'), description=dict(default=None, type='str'), + template_name=dict(default=None, type='str'), interfaceid=dict(default=None, type='int'), - ztype=dict(default='trapper', type='str'), + zabbix_type=dict(default='trapper', type='str'), value_type=dict(default='float', type='str'), delay=dict(default=60, type='int'), lifetime=dict(default=30, type='int'), state=dict(default='present', type='str'), status=dict(default='enabled', type='str'), applications=dict(default=[], type='list'), - template_name=dict(default=None, type='str'), discoveryrule_key=dict(default=None, type='str'), + interval=dict(default=60, type='int'), + delta=dict(default=0, type='int'), + multiplier=dict(default=None, type='str'), + units=dict(default=None, type='str'), + ), #supports_check_mode=True ) @@ -205,15 +228,23 @@ def main(): # Create and Update if state == 'present': + + formula, use_multiplier = get_multiplier(module.params['multiplier']) + params = {'name': module.params['name'], 'key_': module.params['key'], 'hostid': template['templateid'], 'interfaceid': module.params['interfaceid'], 'ruleid': get_rule_id(zapi, module.params['discoveryrule_key'], template['templateid']), - 'type': get_type(module.params['ztype']), + 'type': get_zabbix_type(module.params['zabbix_type']), 'value_type': get_value_type(module.params['value_type']), 'applications': get_app_ids(zapi, module.params['applications'], template['templateid']), + 'formula': formula, + 'multiplier': use_multiplier, 'description': module.params['description'], + 'units': module.params['units'], + 'delay': module.params['interval'], + 'delta': module.params['delta'], } if params['type'] in [2, 5, 7, 8, 11, 15]: diff --git a/roles/lib_zabbix/tasks/create_template.yml b/roles/lib_zabbix/tasks/create_template.yml index ac9cf756b..44c4e6766 100644 --- a/roles/lib_zabbix/tasks/create_template.yml +++ b/roles/lib_zabbix/tasks/create_template.yml @@ -84,6 +84,10 @@ template_name: "{{ template.name }}" applications: "{{ item.applications }}" description: "{{ item.description | default('', True) }}" + multiplier: "{{ item.multiplier | default('', True) }}" + units: "{{ item.units | default('', True) }}" + interval: "{{ item.interval | default(60, True) }}" + delta: "{{ item.delta | default(0, True) }}" with_items: template.zitemprototypes when: template.zitemprototypes is defined diff --git a/roles/os_zabbix/vars/template_os_linux.yml b/roles/os_zabbix/vars/template_os_linux.yml index fbc20cd63..2f1b85f30 100644 --- a/roles/os_zabbix/vars/template_os_linux.yml +++ b/roles/os_zabbix/vars/template_os_linux.yml @@ -199,6 +199,11 @@ g_template_os_linux: lifetime: 1 description: "Dynamically register disks on a node" + - name: disc.network + key: disc.network + lifetime: 1 + description: "Dynamically register network interfaces on a node" + zitemprototypes: - discoveryrule_key: disc.filesys name: "disc.filesys.full.{#OSO_FILESYS}" @@ -232,6 +237,26 @@ g_template_os_linux: applications: - Disk + - discoveryrule_key: disc.network + name: "Byte in for network interface {#OSO_NET_INTERFACE}" + key: "disc.network.in.bytes[{#OSO_NET_INTERFACE}]" + value_type: int + units: B + delta: 1 + description: "PCP network.interface.in.bytes metric. This is setup as a delta in Zabbix to measure the speed per second" + applications: + - Network + + - discoveryrule_key: disc.network + name: "Byte out for network interface {#OSO_NET_INTERFACE}" + key: "disc.network.out.bytes[{#OSO_NET_INTERFACE}]" + value_type: int + units: B + delta: 1 + description: "PCP network.interface.out.bytes metric. This is setup as a delta in Zabbix to measure the speed per second" + applications: + - Network + ztriggerprototypes: - name: 'Filesystem: {#OSO_FILESYS} has less than 15% free disk space on {HOST.NAME}' expression: '{Template OS Linux:disc.filesys.full[{#OSO_FILESYS}].last()}>85' -- cgit v1.2.3 From 050209f3c86a9dccefdf8b9f05898d1503254a2c Mon Sep 17 00:00:00 2001 From: Jason DeTiberus Date: Fri, 6 Nov 2015 13:21:54 -0500 Subject: Fix issues related to upgrade packages being unavailable --- playbooks/adhoc/upgrades/files/versions.sh | 6 ++++-- playbooks/adhoc/upgrades/upgrade.yml | 16 ++++++++++++---- 2 files changed, 16 insertions(+), 6 deletions(-) diff --git a/playbooks/adhoc/upgrades/files/versions.sh b/playbooks/adhoc/upgrades/files/versions.sh index 01ea1d91a..f90719cab 100644 --- a/playbooks/adhoc/upgrades/files/versions.sh +++ b/playbooks/adhoc/upgrades/files/versions.sh @@ -1,7 +1,9 @@ #!/bin/bash -yum_installed=$(yum list installed "$@" | tail -n +2 | grep -v 'Installed Packages' | grep -v 'Red Hat Subscription Management' | awk '{ print $2 }' | tr '\n' ' ') -yum_available=$(yum list available "$@" | tail -n +2 | grep -v 'Available Packages' | grep -v 'Red Hat Subscription Management' | grep -v 'el7ose' | awk '{ print $2 }' | tr '\n' ' ') +yum_installed=$(yum list installed "$@" 2>&1 | tail -n +2 | grep -v 'Installed Packages' | grep -v 'Red Hat Subscription Management' | grep -v 'Error:' | awk '{ print $2 }' | tr '\n' ' ') + +yum_available=$(yum list available "$@" 2>&1 | tail -n +2 | grep -v 'Available Packages' | grep -v 'Red Hat Subscription Management' | grep -v 'el7ose' | grep -v 'Error:' | awk '{ print $2 }' | tr '\n' ' ') + echo "---" echo "curr_version: ${yum_installed}" diff --git a/playbooks/adhoc/upgrades/upgrade.yml b/playbooks/adhoc/upgrades/upgrade.yml index c0fdab027..d854bf913 100644 --- a/playbooks/adhoc/upgrades/upgrade.yml +++ b/playbooks/adhoc/upgrades/upgrade.yml @@ -12,10 +12,12 @@ tasks: # Checking the global deployment type rather than host facts, this is about # what the user is requesting. - - fail: msg="Deployment type enterprise not supported for upgrade" + - fail: + msg: "Deployment type enterprise not supported for upgrade" when: deployment_type == "enterprise" # Pacemaker is currently the only supported upgrade path for multiple masters - - fail: msg="openshift_master_cluster_method must be set to 'pacemaker'" + - fail: + msg: "openshift_master_cluster_method must be set to 'pacemaker'" when: openshift_master_ha | bool and ((openshift_master_cluster_method is not defined) or (openshift_master_cluster_method is defined and openshift_master_cluster_method != "pacemaker")) - name: Run pre-upgrade checks on first master @@ -119,12 +121,18 @@ - set_fact: g_new_version: "{{ g_aos_versions.curr_version.split('-', 1).0 if g_aos_versions.avail_version is none else g_aos_versions.avail_version.split('-', 1).0 }}" - - fail: This playbook requires Origin 1.0.6 or later + - fail: + msg: This playbook requires Origin 1.0.6 or later when: deployment_type == 'origin' and g_aos_versions.curr_version | version_compare('1.0.6','<') - - fail: This playbook requires Atomic OpenShift 3.0.2 or later + - fail: + msg: This playbook requires Atomic OpenShift 3.0.2 or later when: deployment_type in ['openshift-enterprise', 'atomic-openshift'] and g_aos_versions.curr_version | version_compare('3.0.2','<') + - fail: + msg: Atomic OpenShift 3.1 packages not found + when: deployment_type in ['openshift-enterprise', 'atomic-openshift'] and g_aos_versions.curr_version | version_compare('3.0.2.900','<') and (g_aos_versions.avail_version is none or g_aos_versions.avail_version | version_compare('3.0.2.900','<')) + - name: Upgrade masters hosts: masters -- cgit v1.2.3 From eb136c6d84c762a2692ef62f0e15d4b98c723edf Mon Sep 17 00:00:00 2001 From: Samuel Munilla Date: Thu, 5 Nov 2015 13:28:24 -0500 Subject: atomic-openshift-installer: Better specification of ansible connection point Changes to installer.cfg.yaml to allow for better defaults in unattended mode. Update example in the docs. --- utils/docs/config.md | 3 +++ utils/src/ooinstall/cli_installer.py | 38 ++++++++++++++------------------ utils/src/ooinstall/oo_config.py | 22 ++++++++---------- utils/src/ooinstall/openshift_ansible.py | 2 +- 4 files changed, 29 insertions(+), 36 deletions(-) diff --git a/utils/docs/config.md b/utils/docs/config.md index ee4b157c9..2729f8d37 100644 --- a/utils/docs/config.md +++ b/utils/docs/config.md @@ -19,16 +19,19 @@ hosts: master: true node: true containerized: true + connect_to: 24.222.0.1 - ip: 10.0.0.2 hostname: node1-private.example.com public_ip: 24.222.0.2 public_hostname: node1.example.com node: true + connect_to: 10.0.0.2 - ip: 10.0.0.3 hostname: node2-private.example.com public_ip: 24.222.0.3 public_hostname: node2.example.com node: true + connect_to: 10.0.0.3 ``` ## Primary Settings diff --git a/utils/src/ooinstall/cli_installer.py b/utils/src/ooinstall/cli_installer.py index 8bee99f90..8c2421183 100644 --- a/utils/src/ooinstall/cli_installer.py +++ b/utils/src/ooinstall/cli_installer.py @@ -101,18 +101,13 @@ http://docs.openshift.com/enterprise/latest/architecture/infrastructure_componen hosts = [] more_hosts = True - ip_regex = re.compile(r'^\d{1,3}.\d{1,3}.\d{1,3}.\d{1,3}$') - while more_hosts: host_props = {} hostname_or_ip = click.prompt('Enter hostname or IP address:', default='', value_proc=validate_prompt_hostname) - if ip_regex.match(hostname_or_ip): - host_props['ip'] = hostname_or_ip - else: - host_props['hostname'] = hostname_or_ip + host_props['connect_to'] = hostname_or_ip host_props['master'] = click.confirm('Will this host be an OpenShift Master?') host_props['node'] = True @@ -150,7 +145,7 @@ Plese confirm that they are correct before moving forward. notes = """ Format: -IP,public IP,hostname,public hostname +connect_to,IP,public IP,hostname,public hostname Notes: * The installation host is the hostname from the installer's perspective. @@ -168,16 +163,15 @@ Notes: default_facts_lines = [] default_facts = {} - validated_facts = {} for h in hosts: - default_facts[h] = {} - h.ip = callback_facts[str(h)]["common"]["ip"] - h.public_ip = callback_facts[str(h)]["common"]["public_ip"] - h.hostname = callback_facts[str(h)]["common"]["hostname"] - h.public_hostname = callback_facts[str(h)]["common"]["public_hostname"] - - validated_facts[h] = {} - default_facts_lines.append(",".join([h.ip, + default_facts[h.connect_to] = {} + h.ip = callback_facts[h.connect_to]["common"]["ip"] + h.public_ip = callback_facts[h.connect_to]["common"]["public_ip"] + h.hostname = callback_facts[h.connect_to]["common"]["hostname"] + h.public_hostname = callback_facts[h.connect_to]["common"]["public_hostname"] + + default_facts_lines.append(",".join([h.connect_to, + h.ip, h.public_ip, h.hostname, h.public_hostname])) @@ -316,10 +310,10 @@ Add new nodes here def get_installed_hosts(hosts, callback_facts): installed_hosts = [] for host in hosts: - if(host.name in callback_facts.keys() - and 'common' in callback_facts[host.name].keys() - and callback_facts[host.name]['common'].get('version', '') - and callback_facts[host.name]['common'].get('version', '') != 'None'): + if(host.connect_to in callback_facts.keys() + and 'common' in callback_facts[host.connect_to].keys() + and callback_facts[host.connect_to]['common'].get('version', '') + and callback_facts[host.connect_to]['common'].get('version', '') != 'None'): installed_hosts.append(host) return installed_hosts @@ -475,7 +469,7 @@ def uninstall(ctx): if not ctx.obj['unattended']: # Prompt interactively to confirm: for host in oo_cfg.hosts: - click.echo(" * %s" % host.name) + click.echo(" * %s" % host.connect_to) proceed = click.confirm("\nDo you wish to proceed?") if not proceed: click.echo("Uninstall cancelled.") @@ -505,7 +499,7 @@ def upgrade(ctx): old_variant, old_version, oo_cfg.settings['variant'], oo_cfg.settings['variant_version'])) for host in oo_cfg.hosts: - click.echo(" * %s" % host.name) + click.echo(" * %s" % host.connect_to) if not ctx.obj['unattended']: # Prompt interactively to confirm: diff --git a/utils/src/ooinstall/oo_config.py b/utils/src/ooinstall/oo_config.py index 4281947f1..f35a8f51b 100644 --- a/utils/src/ooinstall/oo_config.py +++ b/utils/src/ooinstall/oo_config.py @@ -35,6 +35,7 @@ class Host(object): self.hostname = kwargs.get('hostname', None) self.public_ip = kwargs.get('public_ip', None) self.public_hostname = kwargs.get('public_hostname', None) + self.connect_to = kwargs.get('connect_to', None) # Should this host run as an OpenShift master: self.master = kwargs.get('master', False) @@ -43,30 +44,25 @@ class Host(object): self.node = kwargs.get('node', False) self.containerized = kwargs.get('containerized', False) - if self.ip is None and self.hostname is None: - raise OOConfigInvalidHostError("You must specify either 'ip' or 'hostname'") + if self.connect_to is None: + raise OOConfigInvalidHostError("You must specify either and 'ip' " \ + "or 'hostname' to connect to.") if self.master is False and self.node is False: raise OOConfigInvalidHostError( "You must specify each host as either a master or a node.") - # Hosts can be specified with an ip, hostname, or both. However we need - # something authoritative we can connect to and refer to the host by. - # Preference given to the IP if specified as this is more specific. - # We know one must be set by this point. - self.name = self.ip if self.ip is not None else self.hostname - def __str__(self): - return self.name + return self.connect_to def __repr__(self): - return self.name + return self.connect_to def to_dict(self): """ Used when exporting to yaml. """ d = {} for prop in ['ip', 'hostname', 'public_ip', 'public_hostname', - 'master', 'node', 'containerized']: + 'master', 'node', 'containerized', 'connect_to']: # If the property is defined (not None or False), export it: if getattr(self, prop): d[prop] = getattr(self, prop) @@ -182,7 +178,7 @@ class OOConfig(object): if not getattr(host, required_fact): missing_facts.append(required_fact) if len(missing_facts) > 0: - result[host.name] = missing_facts + result[host.connect_to] = missing_facts return result def save_to_disk(self): @@ -214,6 +210,6 @@ class OOConfig(object): def get_host(self, name): for host in self.hosts: - if host.name == name: + if host.connect_to == name: return host return None diff --git a/utils/src/ooinstall/openshift_ansible.py b/utils/src/ooinstall/openshift_ansible.py index 0648df0fa..d2399df5c 100644 --- a/utils/src/ooinstall/openshift_ansible.py +++ b/utils/src/ooinstall/openshift_ansible.py @@ -88,7 +88,7 @@ def write_host(host, inventory, scheduleable=True): sys.exit(1) facts += ' ansible_become=true' - inventory.write('{} {}\n'.format(host, facts)) + inventory.write('{} {}\n'.format(host.connect_to, facts)) def load_system_facts(inventory_file, os_facts_path, env_vars): -- cgit v1.2.3 From 8a665c2f3fae20116f0b21bcb7ba644d23ec0376 Mon Sep 17 00:00:00 2001 From: Jason DeTiberus Date: Fri, 6 Nov 2015 13:41:05 -0500 Subject: Fix removal of kubernetesMasterConfig.apiLevels --- playbooks/adhoc/upgrades/library/openshift_upgrade_config.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/playbooks/adhoc/upgrades/library/openshift_upgrade_config.py b/playbooks/adhoc/upgrades/library/openshift_upgrade_config.py index f9ee5b254..a6721bb92 100755 --- a/playbooks/adhoc/upgrades/library/openshift_upgrade_config.py +++ b/playbooks/adhoc/upgrades/library/openshift_upgrade_config.py @@ -75,7 +75,7 @@ def upgrade_master_3_0_to_3_1(ansible_module, config_base, backup): changes.append(result['changes']) if 'kubernetesMasterConfig' in config and 'apiLevels' in config['kubernetesMasterConfig']: - config['kubernetesMasterConfig'].remove('apiLevels') + config['kubernetesMasterConfig'].pop('apiLevels') changes.append('master-config.yaml: removed kubernetesMasterConfig.apiLevels') # Add proxyClientInfo to master-config -- cgit v1.2.3 From e250f4712eecace09ee37bcfa116206e765d0076 Mon Sep 17 00:00:00 2001 From: Jason DeTiberus Date: Fri, 6 Nov 2015 13:44:44 -0500 Subject: remove debug statement --- playbooks/adhoc/upgrades/upgrade.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/playbooks/adhoc/upgrades/upgrade.yml b/playbooks/adhoc/upgrades/upgrade.yml index d854bf913..003e8f397 100644 --- a/playbooks/adhoc/upgrades/upgrade.yml +++ b/playbooks/adhoc/upgrades/upgrade.yml @@ -152,8 +152,6 @@ pkg: python-yaml state: installed - - debug: var=hostvars[inventory_hostname].openshift.common.config_base - - name: Upgrade master configuration openshift_upgrade_config: from_version: '3.0' -- cgit v1.2.3 From c20c024d9729f83607e600d304272398c394652b Mon Sep 17 00:00:00 2001 From: Brenton Leanhardt Date: Fri, 6 Nov 2015 09:31:24 -0500 Subject: Bug 1278245 - Failed to add node to existing env using atomic-openshift-installer --- playbooks/common/openshift-cluster/scaleup.yml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/playbooks/common/openshift-cluster/scaleup.yml b/playbooks/common/openshift-cluster/scaleup.yml index 201320de8..6d2777732 100644 --- a/playbooks/common/openshift-cluster/scaleup.yml +++ b/playbooks/common/openshift-cluster/scaleup.yml @@ -1,7 +1,16 @@ --- - include: evaluate_groups.yml + vars: + g_etcd_group: "{{ 'etcd' }}" + g_masters_group: "{{ 'masters' }}" + g_nodes_group: "{{ 'nodes' }}" + g_lb_group: "{{ 'lb' }}" + openshift_cluster_id: "{{ cluster_id | default('default') }}" + openshift_debug_level: 2 + openshift_deployment_type: "{{ deployment_type }}" - include: ../openshift-node/config.yml vars: osn_cluster_dns_domain: "{{ hostvars[groups.oo_first_master.0].openshift.dns.domain }}" osn_cluster_dns_ip: "{{ hostvars[groups.oo_first_master.0].openshift.dns.ip }}" + openshift_deployment_type: "{{ deployment_type }}" -- cgit v1.2.3 From e1aa8fb073349f44cc9b3f2b6133969b01f63c5b Mon Sep 17 00:00:00 2001 From: Andrew Butcher Date: Fri, 6 Nov 2015 14:20:52 -0500 Subject: Wait for cluster to recover after pcs resource restart. --- playbooks/adhoc/upgrades/upgrade.yml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/playbooks/adhoc/upgrades/upgrade.yml b/playbooks/adhoc/upgrades/upgrade.yml index 003e8f397..02847eab3 100644 --- a/playbooks/adhoc/upgrades/upgrade.yml +++ b/playbooks/adhoc/upgrades/upgrade.yml @@ -323,6 +323,14 @@ - name: Restart master cluster command: pcs resource restart master when: openshift_master_ha | bool + - name: Wait for the clustered master service to be available + wait_for: + host: "{{ openshift_master_cluster_vip }}" + port: 8443 + state: started + timeout: 180 + delay: 90 + when: openshift_master_ha | bool - name: Upgrade default router and registry hosts: masters[0] -- cgit v1.2.3 From 0cfb416780b9e86c26eafd62ee6b99cd2a46b7cd Mon Sep 17 00:00:00 2001 From: Devan Goodwin Date: Fri, 6 Nov 2015 14:33:17 -0400 Subject: Minor upgrade improvements. Skip some 3.1 checks if doing a 3.0.x to 3.0.2 upgrade. Improve error message when oc whoami fails (i.e. openshift is down) during pre-upgrade checks, rather than assuming the binary doesn't exist. --- playbooks/adhoc/upgrades/files/pre-upgrade-check | 7 +++++-- playbooks/adhoc/upgrades/upgrade.yml | 12 +++++++----- 2 files changed, 12 insertions(+), 7 deletions(-) diff --git a/playbooks/adhoc/upgrades/files/pre-upgrade-check b/playbooks/adhoc/upgrades/files/pre-upgrade-check index c8ecae399..ed4ab6d1b 100644 --- a/playbooks/adhoc/upgrades/files/pre-upgrade-check +++ b/playbooks/adhoc/upgrades/files/pre-upgrade-check @@ -131,8 +131,11 @@ def main(): print "found" except: print( - 'Can not find oc (%s). Override the path with the ' - 'OC_PATH environment variable. Exiting...' % OC_PATH) + 'Unable to run "%s whoami"\n' + 'Please ensure OpenShift is running, and "oc" is on your system ' + 'path.\n' + 'You can override the path with the OC_PATH environment variable.' + % OC_PATH) raise SystemExit(1) # Where the magic happens diff --git a/playbooks/adhoc/upgrades/upgrade.yml b/playbooks/adhoc/upgrades/upgrade.yml index 003e8f397..7377cbd85 100644 --- a/playbooks/adhoc/upgrades/upgrade.yml +++ b/playbooks/adhoc/upgrades/upgrade.yml @@ -10,11 +10,6 @@ openshift_master_ha: "{{ groups['masters'] | length > 1 }}" gather_facts: no tasks: - # Checking the global deployment type rather than host facts, this is about - # what the user is requesting. - - fail: - msg: "Deployment type enterprise not supported for upgrade" - when: deployment_type == "enterprise" # Pacemaker is currently the only supported upgrade path for multiple masters - fail: msg: "openshift_master_cluster_method must be set to 'pacemaker'" @@ -132,6 +127,12 @@ - fail: msg: Atomic OpenShift 3.1 packages not found when: deployment_type in ['openshift-enterprise', 'atomic-openshift'] and g_aos_versions.curr_version | version_compare('3.0.2.900','<') and (g_aos_versions.avail_version is none or g_aos_versions.avail_version | version_compare('3.0.2.900','<')) + # Deployment type 'enterprise' is no longer valid if we're upgrading to 3.1 or beyond. + # (still valid for 3.0.x to 3.0.y however) Using the global deployment_type here as + # we're checking what was requested by the upgrade, not the current type on the system. + - fail: + msg: "Deployment type enterprise not supported for upgrade" + when: deployment_type == "enterprise" and g_aos_versions.curr_version | version_compare('3.1', '>=') - name: Upgrade masters @@ -158,6 +159,7 @@ to_version: '3.1' role: master config_base: "{{ hostvars[inventory_hostname].openshift.common.config_base }}" + when: deployment_type in ['openshift-enterprise', 'atomic-enterprise'] and g_aos_versions.curr_version | version_compare('3.1', '>=') - set_fact: master_certs_missing: True -- cgit v1.2.3 From e224c56d78f7e7855de37dc17b45a34547e67860 Mon Sep 17 00:00:00 2001 From: Matt Woodson Date: Fri, 6 Nov 2015 15:13:11 -0500 Subject: cleaned up network checks --- roles/os_zabbix/vars/template_os_linux.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/os_zabbix/vars/template_os_linux.yml b/roles/os_zabbix/vars/template_os_linux.yml index 2f1b85f30..958358516 100644 --- a/roles/os_zabbix/vars/template_os_linux.yml +++ b/roles/os_zabbix/vars/template_os_linux.yml @@ -238,7 +238,7 @@ g_template_os_linux: - Disk - discoveryrule_key: disc.network - name: "Byte in for network interface {#OSO_NET_INTERFACE}" + name: "Bytes per second on network interface {#OSO_NET_INTERFACE}" key: "disc.network.in.bytes[{#OSO_NET_INTERFACE}]" value_type: int units: B @@ -248,7 +248,7 @@ g_template_os_linux: - Network - discoveryrule_key: disc.network - name: "Byte out for network interface {#OSO_NET_INTERFACE}" + name: "Bytes per second on network interface {#OSO_NET_INTERFACE}" key: "disc.network.out.bytes[{#OSO_NET_INTERFACE}]" value_type: int units: B -- cgit v1.2.3 From 0ab85bfb33a141d5b23ae85fd495cf7b487f99d4 Mon Sep 17 00:00:00 2001 From: Brenton Leanhardt Date: Fri, 6 Nov 2015 15:47:46 -0500 Subject: Updating the atomic-openshift-isntaller local connection logic for the connect_to addition. --- utils/src/ooinstall/openshift_ansible.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/utils/src/ooinstall/openshift_ansible.py b/utils/src/ooinstall/openshift_ansible.py index d2399df5c..0b2000a0a 100644 --- a/utils/src/ooinstall/openshift_ansible.py +++ b/utils/src/ooinstall/openshift_ansible.py @@ -79,7 +79,7 @@ def write_host(host, inventory, scheduleable=True): if not scheduleable: facts += ' openshift_scheduleable=False' installer_host = socket.gethostname() - if host.hostname == installer_host or host.public_hostname == installer_host: + if installer_host in [host.connect_to, host.hostname, host.public_hostname]: facts += ' ansible_connection=local' if os.geteuid() != 0: no_pwd_sudo = subprocess.call(['sudo', '-v', '-n']) -- cgit v1.2.3 From aa0746600ed64b2b2f61eb83f634bccdfa4c5be2 Mon Sep 17 00:00:00 2001 From: Andrew Butcher Date: Fri, 6 Nov 2015 15:47:54 -0500 Subject: Missing conditionals for api/controller sysconfig. --- roles/openshift_master/tasks/main.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml index 35570923c..185bfb8f3 100644 --- a/roles/openshift_master/tasks/main.yml +++ b/roles/openshift_master/tasks/main.yml @@ -207,6 +207,7 @@ line: "OPTIONS=--loglevel={{ openshift.master.debug_level }} --listen=https://0.0.0.0:8443 --master=https://{{ openshift.common.ip }}:8443" - regex: '^CONFIG_FILE=' line: "CONFIG_FILE={{ openshift_master_config_file }}" + when: openshift_master_ha | bool and openshift_master_cluster_method == "native" notify: - restart master api @@ -220,6 +221,7 @@ line: "OPTIONS=--loglevel={{ openshift.master.debug_level }} --listen=https://0.0.0.0:8444" - regex: '^CONFIG_FILE=' line: "CONFIG_FILE={{ openshift_master_config_file }}" + when: openshift_master_ha | bool and openshift_master_cluster_method == "native" notify: - restart master controllers -- cgit v1.2.3 From c802664db4e7f8de0f750ce45c0a4cd8e2b4616d Mon Sep 17 00:00:00 2001 From: Matt Woodson Date: Fri, 6 Nov 2015 16:06:10 -0500 Subject: more cleanup of names --- roles/os_zabbix/vars/template_os_linux.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/os_zabbix/vars/template_os_linux.yml b/roles/os_zabbix/vars/template_os_linux.yml index 958358516..04665be62 100644 --- a/roles/os_zabbix/vars/template_os_linux.yml +++ b/roles/os_zabbix/vars/template_os_linux.yml @@ -238,7 +238,7 @@ g_template_os_linux: - Disk - discoveryrule_key: disc.network - name: "Bytes per second on network interface {#OSO_NET_INTERFACE}" + name: "Bytes per second IN on network interface {#OSO_NET_INTERFACE}" key: "disc.network.in.bytes[{#OSO_NET_INTERFACE}]" value_type: int units: B @@ -248,7 +248,7 @@ g_template_os_linux: - Network - discoveryrule_key: disc.network - name: "Bytes per second on network interface {#OSO_NET_INTERFACE}" + name: "Bytes per second OUT on network interface {#OSO_NET_INTERFACE}" key: "disc.network.out.bytes[{#OSO_NET_INTERFACE}]" value_type: int units: B -- cgit v1.2.3 From e6fc9323f0549419d52294bd41b87daae8a74298 Mon Sep 17 00:00:00 2001 From: Jason DeTiberus Date: Fri, 6 Nov 2015 16:16:03 -0500 Subject: Bug 1278863 - Error using openshift_pkg_version - Install correct version of package in openshift_master_ca - Remove duplicate yum tasks in openshift_node --- roles/openshift_master_ca/tasks/main.yml | 2 +- roles/openshift_node/tasks/main.yml | 9 --------- 2 files changed, 1 insertion(+), 10 deletions(-) diff --git a/roles/openshift_master_ca/tasks/main.yml b/roles/openshift_master_ca/tasks/main.yml index 0738048d3..314f068e7 100644 --- a/roles/openshift_master_ca/tasks/main.yml +++ b/roles/openshift_master_ca/tasks/main.yml @@ -1,6 +1,6 @@ --- - name: Install the base package for admin tooling - yum: pkg={{ openshift.common.service_type }} state=present + yum: pkg={{ openshift.common.service_type }}{{ openshift_version }} state=present register: install_result - name: Reload generated facts diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml index c455a09f1..7525c12f6 100644 --- a/roles/openshift_node/tasks/main.yml +++ b/roles/openshift_node/tasks/main.yml @@ -45,15 +45,6 @@ register: sdn_install_result when: openshift.common.use_openshift_sdn -- name: Install Node package - yum: pkg={{ openshift.common.service_type }}-node state=present - register: node_install_result - -- name: Install sdn-ovs package - yum: pkg={{ openshift.common.service_type }}-sdn-ovs state=present - register: sdn_install_result - when: openshift.common.use_openshift_sdn - # TODO: add the validate parameter when there is a validation command to run - name: Create the Node config template: -- cgit v1.2.3 From 5e62f5590f0c478da8b11b3d41b563b87cc385dd Mon Sep 17 00:00:00 2001 From: Jason DeTiberus Date: Fri, 6 Nov 2015 16:32:00 -0500 Subject: Fix indentation on when --- playbooks/adhoc/upgrades/upgrade.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/playbooks/adhoc/upgrades/upgrade.yml b/playbooks/adhoc/upgrades/upgrade.yml index 09c472e58..1b6b5757c 100644 --- a/playbooks/adhoc/upgrades/upgrade.yml +++ b/playbooks/adhoc/upgrades/upgrade.yml @@ -159,7 +159,7 @@ to_version: '3.1' role: master config_base: "{{ hostvars[inventory_hostname].openshift.common.config_base }}" - when: deployment_type in ['openshift-enterprise', 'atomic-enterprise'] and g_aos_versions.curr_version | version_compare('3.1', '>=') + when: deployment_type in ['openshift-enterprise', 'atomic-enterprise'] and g_aos_versions.curr_version | version_compare('3.1', '>=') - set_fact: master_certs_missing: True -- cgit v1.2.3 From 3d87d37f53712fbc7cadbf0829743d9a97e93ad1 Mon Sep 17 00:00:00 2001 From: Andrew Butcher Date: Mon, 26 Oct 2015 15:20:35 -0400 Subject: New `iptablesSyncPeriod` field in node configuration --- inventory/byo/hosts.example | 3 +++ roles/openshift_facts/library/openshift_facts.py | 3 ++- roles/openshift_node/tasks/main.yml | 13 +++++++------ roles/openshift_node/templates/node.yaml.v1.j2 | 1 + 4 files changed, 13 insertions(+), 7 deletions(-) diff --git a/inventory/byo/hosts.example b/inventory/byo/hosts.example index 11f076a8a..f124be368 100644 --- a/inventory/byo/hosts.example +++ b/inventory/byo/hosts.example @@ -129,6 +129,9 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', # characters long, to select AES-128, AES-192, or AES-256. #openshift_master_session_encryption_secrets=['DONT+USE+THIS+SECRET+b4NV+pmZNSO'] +# configure how often node iptables rules are refreshed +#openshift_node_iptables_sync_period=5s + # host group for masters [masters] ose3-master[1:3]-ansible.test.example.com diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py index 33aca987d..ea2c45e6c 100755 --- a/roles/openshift_facts/library/openshift_facts.py +++ b/roles/openshift_facts/library/openshift_facts.py @@ -961,7 +961,8 @@ class OpenShiftFacts(object): defaults['master'] = master if 'node' in roles: - node = dict(labels={}, annotations={}, portal_net='172.30.0.0/16') + node = dict(labels={}, annotations={}, portal_net='172.30.0.0/16', + iptables_sync_period='5s') defaults['node'] = node return defaults diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml index 7525c12f6..d11bc5123 100644 --- a/roles/openshift_node/tasks/main.yml +++ b/roles/openshift_node/tasks/main.yml @@ -22,16 +22,17 @@ deployment_type: "{{ openshift_deployment_type }}" - role: node local_facts: - labels: "{{ lookup('oo_option', 'openshift_node_labels') | default( openshift_node_labels | default(none), true) }}" annotations: "{{ openshift_node_annotations | default(none) }}" - registry_url: "{{ oreg_url | default(none) }}" debug_level: "{{ openshift_node_debug_level | default(openshift.common.debug_level) }}" - portal_net: "{{ openshift_master_portal_net | default(None) }}" - kubelet_args: "{{ openshift_node_kubelet_args | default(None) }}" - sdn_mtu: "{{ openshift_node_sdn_mtu | default(None) }}" - schedulable: "{{ openshift_schedulable | default(openshift_scheduleable) | default(None) }}" docker_log_driver: "{{ lookup( 'oo_option' , 'docker_log_driver' ) | default('',True) }}" docker_log_options: "{{ lookup( 'oo_option' , 'docker_log_options' ) | default('',True) }}" + iptables_sync_period: "{{ openshift_node_iptables_sync_period | default(None) }}" + kubelet_args: "{{ openshift_node_kubelet_args | default(None) }}" + labels: "{{ lookup('oo_option', 'openshift_node_labels') | default( openshift_node_labels | default(none), true) }}" + portal_net: "{{ openshift_master_portal_net | default(None) }}" + registry_url: "{{ oreg_url | default(none) }}" + schedulable: "{{ openshift_schedulable | default(openshift_scheduleable) | default(None) }}" + sdn_mtu: "{{ openshift_node_sdn_mtu | default(None) }}" storage_plugin_deps: "{{ osn_storage_plugin_deps | default(None) }}" # We have to add tuned-profiles in the same transaction otherwise we run into depsolving diff --git a/roles/openshift_node/templates/node.yaml.v1.j2 b/roles/openshift_node/templates/node.yaml.v1.j2 index 509cce2e0..7d2f506e3 100644 --- a/roles/openshift_node/templates/node.yaml.v1.j2 +++ b/roles/openshift_node/templates/node.yaml.v1.j2 @@ -4,6 +4,7 @@ dnsDomain: {{ osn_cluster_dns_domain }} dnsIP: {{ osn_cluster_dns_ip }} dockerConfig: execHandlerName: "" +iptablesSyncPeriod: "{{ openshift.node.iptables_sync_period }}" imageConfig: format: {{ openshift.node.registry_url }} latest: false -- cgit v1.2.3 From 53988dfe57a2c061f111cdb3bfe464796a49dba0 Mon Sep 17 00:00:00 2001 From: Andrew Butcher Date: Sun, 8 Nov 2015 12:34:23 -0500 Subject: Conditionals for flannel etcd client certs. --- playbooks/common/openshift-node/config.yml | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/playbooks/common/openshift-node/config.yml b/playbooks/common/openshift-node/config.yml index ba96b4a78..8da9e231f 100644 --- a/playbooks/common/openshift-node/config.yml +++ b/playbooks/common/openshift-node/config.yml @@ -45,6 +45,7 @@ - node.etcd-client.crt - node.etcd-ca.crt register: g_external_etcd_flannel_cert_stat_result + when: groups.oo_etcd_to_config is defined and groups.oo_etcd_to_config and (openshift.common.use_flannel | bool) - set_fact: etcd_client_flannel_certs_missing: "{{ g_external_etcd_flannel_cert_stat_result.results | map(attribute='stat.exists') @@ -69,11 +70,13 @@ hosts: oo_first_etcd vars: etcd_generated_certs_dir: /etc/etcd/generated_certs - etcd_needing_client_certs: "{{ hostvars - | oo_select_keys(groups['oo_nodes_to_config']) - | oo_filter_list(filter_attr='etcd_client_flannel_certs_missing') }}" sync_tmpdir: "{{ hostvars.localhost.mktemp.stdout }}" pre_tasks: + - set_fact: + etcd_needing_client_certs: "{{ hostvars + | oo_select_keys(groups['oo_nodes_to_config']) + | oo_filter_list(filter_attr='etcd_client_flannel_certs_missing') | default([]) }}" + when: etcd_client_flannel_certs_missing is defined and etcd_client_flannel_certs_missing roles: - role: etcd_certificates post_tasks: @@ -84,6 +87,7 @@ args: creates: "{{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}.tgz" with_items: etcd_needing_client_certs + when: etcd_client_flannel_certs_missing is defined and etcd_client_flannel_certs_missing - name: Retrieve the etcd cert tarballs fetch: src: "{{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}.tgz" @@ -92,6 +96,7 @@ fail_on_missing: yes validate_checksum: yes with_items: etcd_needing_client_certs + when: etcd_client_flannel_certs_missing is defined and etcd_client_flannel_certs_missing - name: Copy the external etcd flannel certs to the nodes hosts: oo_nodes_to_config -- cgit v1.2.3 From eba9772a02c1c228c2720e7c298c30c7dc078049 Mon Sep 17 00:00:00 2001 From: Devan Goodwin Date: Mon, 9 Nov 2015 10:25:45 -0400 Subject: Remove upgrade playbook restriction on 3.0.2. This is blocking 3.0.1 upgrades to 3.1 incorrectly, which is a scenario we should support. --- playbooks/adhoc/upgrades/upgrade.yml | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/playbooks/adhoc/upgrades/upgrade.yml b/playbooks/adhoc/upgrades/upgrade.yml index 1b6b5757c..42fbd3cf8 100644 --- a/playbooks/adhoc/upgrades/upgrade.yml +++ b/playbooks/adhoc/upgrades/upgrade.yml @@ -120,10 +120,7 @@ msg: This playbook requires Origin 1.0.6 or later when: deployment_type == 'origin' and g_aos_versions.curr_version | version_compare('1.0.6','<') - - fail: - msg: This playbook requires Atomic OpenShift 3.0.2 or later - when: deployment_type in ['openshift-enterprise', 'atomic-openshift'] and g_aos_versions.curr_version | version_compare('3.0.2','<') - + # TODO: This should be specific to the 3.1 upgrade playbook (coming in future refactor), otherwise we are blocking 3.0.1 to 3.0.2 here. - fail: msg: Atomic OpenShift 3.1 packages not found when: deployment_type in ['openshift-enterprise', 'atomic-openshift'] and g_aos_versions.curr_version | version_compare('3.0.2.900','<') and (g_aos_versions.avail_version is none or g_aos_versions.avail_version | version_compare('3.0.2.900','<')) -- cgit v1.2.3 From 96464d04a5b88e7fb090b286b10838a183a2758a Mon Sep 17 00:00:00 2001 From: Brenton Leanhardt Date: Mon, 9 Nov 2015 10:38:07 -0500 Subject: Various fixes related to connect_to There the tests didn't know anything about connect_to and we had a case where we weren't handling the migration from the 3.0 installer config format to 3.1 --- utils/src/ooinstall/oo_config.py | 1 + utils/test/cli_installer_tests.py | 9 ++++++--- utils/test/oo_config_tests.py | 22 ++++++++++++++-------- 3 files changed, 21 insertions(+), 11 deletions(-) diff --git a/utils/src/ooinstall/oo_config.py b/utils/src/ooinstall/oo_config.py index f35a8f51b..cf51bb404 100644 --- a/utils/src/ooinstall/oo_config.py +++ b/utils/src/ooinstall/oo_config.py @@ -118,6 +118,7 @@ class OOConfig(object): new_hosts = [] if 'validated_facts' in self.settings: for key, value in self.settings['validated_facts'].iteritems(): + value['connect_to'] = key if 'masters' in self.settings and key in self.settings['masters']: value['master'] = True if 'nodes' in self.settings and key in self.settings['nodes']: diff --git a/utils/test/cli_installer_tests.py b/utils/test/cli_installer_tests.py index b183f0acb..fcefcdff3 100644 --- a/utils/test/cli_installer_tests.py +++ b/utils/test/cli_installer_tests.py @@ -46,18 +46,21 @@ SAMPLE_CONFIG = """ variant: %s ansible_ssh_user: root hosts: - - ip: 10.0.0.1 + - connect_to: master-private.example.com + ip: 10.0.0.1 hostname: master-private.example.com public_ip: 24.222.0.1 public_hostname: master.example.com master: true node: true - - ip: 10.0.0.2 + - connect_to: node1-private.example.com + ip: 10.0.0.2 hostname: node1-private.example.com public_ip: 24.222.0.2 public_hostname: node1.example.com node: true - - ip: 10.0.0.3 + - connect_to: node2-private.example.com + ip: 10.0.0.3 hostname: node2-private.example.com public_ip: 24.222.0.3 public_hostname: node2.example.com diff --git a/utils/test/oo_config_tests.py b/utils/test/oo_config_tests.py index 6dc335a0e..0dd4a30e9 100644 --- a/utils/test/oo_config_tests.py +++ b/utils/test/oo_config_tests.py @@ -14,18 +14,21 @@ SAMPLE_CONFIG = """ variant: openshift-enterprise ansible_ssh_user: root hosts: - - ip: 10.0.0.1 + - connect_to: master-private.example.com + ip: 10.0.0.1 hostname: master-private.example.com public_ip: 24.222.0.1 public_hostname: master.example.com master: true node: true - - ip: 10.0.0.2 + - connect_to: node1-private.example.com + ip: 10.0.0.2 hostname: node1-private.example.com public_ip: 24.222.0.2 public_hostname: node1.example.com node: true - - ip: 10.0.0.3 + - connect_to: node2-private.example.com + ip: 10.0.0.3 hostname: node2-private.example.com public_ip: 24.222.0.3 public_hostname: node2.example.com @@ -54,16 +57,19 @@ validated_facts: CONFIG_INCOMPLETE_FACTS = """ hosts: - - ip: 10.0.0.1 + - connect_to: 10.0.0.1 + ip: 10.0.0.1 hostname: master-private.example.com public_ip: 24.222.0.1 public_hostname: master.example.com master: true - - ip: 10.0.0.2 - hostname: node1-private.example.com + - connect_to: 10.0.0.2 + ip: 10.0.0.2 + hostname: 24.222.0.2 public_ip: 24.222.0.2 node: true - - ip: 10.0.0.3 + - connect_to: 10.0.0.3 + ip: 10.0.0.3 node: true """ @@ -145,7 +151,7 @@ class OOConfigTests(OOInstallFixture): ooconfig = OOConfig(cfg_path) self.assertEquals(3, len(ooconfig.hosts)) - self.assertEquals("10.0.0.1", ooconfig.hosts[0].name) + self.assertEquals("master-private.example.com", ooconfig.hosts[0].connect_to) self.assertEquals("10.0.0.1", ooconfig.hosts[0].ip) self.assertEquals("master-private.example.com", ooconfig.hosts[0].hostname) -- cgit v1.2.3 From e109335a205a31a96611a5206947aa090a963241 Mon Sep 17 00:00:00 2001 From: Samuel Munilla Date: Mon, 9 Nov 2015 10:25:12 -0500 Subject: atomic-openshift-installer: Generate inventory off hosts_to_run_on This generates the ansible inventory based on the pruned list of non-installed hosts we've created rather than the full host list provided in installer.cfg.yaml --- utils/src/ooinstall/openshift_ansible.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/utils/src/ooinstall/openshift_ansible.py b/utils/src/ooinstall/openshift_ansible.py index bac4951d5..489a0f7c1 100644 --- a/utils/src/ooinstall/openshift_ansible.py +++ b/utils/src/ooinstall/openshift_ansible.py @@ -127,7 +127,7 @@ def default_facts(hosts, verbose=False): def run_main_playbook(hosts, hosts_to_run_on, verbose=False): global CFG - inventory_file = generate_inventory(hosts) + inventory_file = generate_inventory(hosts_to_run_on) if len(hosts_to_run_on) != len(hosts): main_playbook_path = os.path.join(CFG.ansible_playbook_directory, 'playbooks/common/openshift-cluster/scaleup.yml') -- cgit v1.2.3 From ca8a5abf71bd885a80f15f3d743eddfc6371af13 Mon Sep 17 00:00:00 2001 From: Devan Goodwin Date: Mon, 9 Nov 2015 13:01:30 -0400 Subject: Read etcd data dir from appropriate config file. Rather than assuming the etcd data dir, we now read if from master-config.yaml if using embedded etcd, otherwise from etcd.conf. Doing so now required use of PyYAML to parse config file when gathering facts. Fixed discrepancy with data_dir fact and openshift-enterprise deployment_type. --- playbooks/adhoc/upgrades/upgrade.yml | 2 +- roles/openshift_facts/library/openshift_facts.py | 51 +++++++++++++++++++++--- roles/openshift_facts/tasks/main.yml | 7 +++- 3 files changed, 51 insertions(+), 9 deletions(-) diff --git a/playbooks/adhoc/upgrades/upgrade.yml b/playbooks/adhoc/upgrades/upgrade.yml index 1b6b5757c..03b9193c0 100644 --- a/playbooks/adhoc/upgrades/upgrade.yml +++ b/playbooks/adhoc/upgrades/upgrade.yml @@ -150,7 +150,7 @@ - name: Ensure python-yaml present for config upgrade yum: - pkg: python-yaml + pkg: PyYAML state: installed - name: Upgrade master configuration diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py index 6d6c99c97..932bfd441 100755 --- a/roles/openshift_facts/library/openshift_facts.py +++ b/roles/openshift_facts/library/openshift_facts.py @@ -20,6 +20,8 @@ EXAMPLES = ''' import ConfigParser import copy import os +import StringIO +import yaml from distutils.util import strtobool from distutils.version import LooseVersion from netaddr import IPNetwork @@ -526,18 +528,55 @@ def set_aggregate_facts(facts): first_svc_ip = str(IPNetwork(facts['master']['portal_net'])[1]) all_hostnames.add(first_svc_ip) internal_hostnames.add(first_svc_ip) - - if facts['master']['embedded_etcd']: - facts['master']['etcd_data_dir'] = os.path.join( - facts['common']['data_dir'], 'openshift.local.etcd') - else: - facts['master']['etcd_data_dir'] = '/var/lib/etcd' + _add_etcd_data_dir_fact(facts) facts['common']['all_hostnames'] = list(all_hostnames) facts['common']['internal_hostnames'] = list(internal_hostnames) return facts + +def _add_etcd_data_dir_fact(facts): + """ + If using embedded etcd, loads the data directory from master-config.yaml. + + If using standalone etcd, loads ETCD_DATA_DIR from etcd.conf. + + If anything goes wrong parsing these, the fact will not be set. + """ + if facts['master']['embedded_etcd']: + try: + # Parse master config to find actual etcd data dir: + master_cfg_path = os.path.join(facts['common']['config_base'], + 'master/master-config.yaml') + master_cfg_f = open(master_cfg_path, 'r') + config = yaml.safe_load(master_cfg_f.read()) + master_cfg_f.close() + + facts['master']['etcd_data_dir'] = \ + config['etcdConfig']['storageDirectory'] + # We don't want exceptions bubbling up here: + # pylint: disable=broad-except + except Exception: + pass + else: + # Read ETCD_DATA_DIR from /etc/etcd/etcd.conf: + try: + # Add a fake section for parsing: + ini_str = '[root]\n' + open('/etc/etcd/etcd.conf', 'r').read() + ini_fp = StringIO.StringIO(ini_str) + config = ConfigParser.RawConfigParser() + config.readfp(ini_fp) + etcd_data_dir = config.get('root', 'ETCD_DATA_DIR') + if etcd_data_dir.startswith('"') and etcd_data_dir.endswith('"'): + etcd_data_dir = etcd_data_dir[1:-1] + facts['master']['etcd_data_dir'] = etcd_data_dir + # We don't want exceptions bubbling up here: + # pylint: disable=broad-except + except Exception: + pass + + def set_deployment_facts_if_unset(facts): """ Set Facts that vary based on deployment_type. This currently includes common.service_type, common.config_base, master.registry_url, diff --git a/roles/openshift_facts/tasks/main.yml b/roles/openshift_facts/tasks/main.yml index a46b45b8c..a28aa7ba2 100644 --- a/roles/openshift_facts/tasks/main.yml +++ b/roles/openshift_facts/tasks/main.yml @@ -6,8 +6,11 @@ - ansible_version | version_compare('1.9.0', 'ne') - ansible_version | version_compare('1.9.0.1', 'ne') -- name: Ensure python-netaddr is installed - yum: pkg=python-netaddr state=installed +- name: Ensure python-netaddr and PyYaml are installed + yum: pkg={{ item }} state=installed + with_items: + - python-netaddr + - PyYAML - name: Gather Cluster facts openshift_facts: -- cgit v1.2.3 From ac984b64622dbee0489c0e5a8061f013fa770bf9 Mon Sep 17 00:00:00 2001 From: Andrew Butcher Date: Mon, 9 Nov 2015 15:31:40 -0500 Subject: Add ldap auth identity provider to example inventory. --- inventory/byo/hosts.example | 3 +++ 1 file changed, 3 insertions(+) diff --git a/inventory/byo/hosts.example b/inventory/byo/hosts.example index f124be368..56bbb9612 100644 --- a/inventory/byo/hosts.example +++ b/inventory/byo/hosts.example @@ -42,6 +42,9 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', # Allow all auth #openshift_master_identity_providers=[{'name': 'allow_all', 'login': 'true', 'challenge': 'true', 'kind': 'AllowAllPasswordIdentityProvider'}] +# LDAP auth +#openshift_master_identity_providers=[{'name': 'my_ldap_provider', 'challenge': 'true', 'login': 'true', 'kind': 'LDAPPasswordIdentityProvider', 'attributes': {'id': ['dn'], 'email': ['mail'], 'name': ['cn'], 'preferredUsername': ['uid']}, 'bindDN': '', 'bindPassword': '', 'ca': '', 'insecure': 'false', 'url': 'ldap://ldap.example.com:389/ou=users,dc=example,dc=com?uid'}] + # Project Configuration #osm_project_request_message='' #osm_project_request_template='' -- cgit v1.2.3 From c2f3f81d926aacbd1fe973c36931dc5ad2ebe7c5 Mon Sep 17 00:00:00 2001 From: Devan Goodwin Date: Tue, 10 Nov 2015 08:20:24 -0400 Subject: Package the default ansible.cfg with atomic-openshift-utils. If this file exists on disk, the installer will use it if the user didn't specify an ansible config file on the CLI. Rename share directory to match the rpm name. (utils vs util) --- openshift-ansible.spec | 3 +++ utils/src/ooinstall/cli_installer.py | 2 +- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/openshift-ansible.spec b/openshift-ansible.spec index 10a53d921..646352961 100644 --- a/openshift-ansible.spec +++ b/openshift-ansible.spec @@ -82,6 +82,8 @@ pushd utils %{__python} setup.py install --skip-build --root %{buildroot} # Remove this line once the name change has happened mv -f %{buildroot}%{_bindir}/oo-install %{buildroot}%{_bindir}/atomic-openshift-installer +mkdir -p %{buildroot}%{_datadir}/atomic-openshift-utils/ +cp etc/ansible.cfg %{buildroot}%{_datadir}/atomic-openshift-utils/ansible.cfg popd # Base openshift-ansible files @@ -252,6 +254,7 @@ Atomic OpenShift Utilities includes %files -n atomic-openshift-utils %{python_sitelib}/ooinstall* %{_bindir}/atomic-openshift-installer +%{_datadir}/atomic-openshift-utils/ansible.cfg %changelog diff --git a/utils/src/ooinstall/cli_installer.py b/utils/src/ooinstall/cli_installer.py index a40ff5cfc..08c2439f7 100644 --- a/utils/src/ooinstall/cli_installer.py +++ b/utils/src/ooinstall/cli_installer.py @@ -11,7 +11,7 @@ from ooinstall import OOConfig from ooinstall.oo_config import Host from ooinstall.variants import find_variant, get_variant_version_combos -DEFAULT_ANSIBLE_CONFIG = '/usr/share/atomic-openshift-util/ansible.cfg' +DEFAULT_ANSIBLE_CONFIG = '/usr/share/atomic-openshift-utils/ansible.cfg' DEFAULT_PLAYBOOK_DIR = '/usr/share/ansible/openshift-ansible/' def validate_ansible_dir(path): -- cgit v1.2.3 From b0955d50b2beaa2b1e3937185f6d5e5337e1e87f Mon Sep 17 00:00:00 2001 From: Devan Goodwin Date: Tue, 10 Nov 2015 09:10:58 -0400 Subject: Fix missing etcd_data_dir bug. A late change to original PR was not properly tested, there is a problem in the facts when upgrading where the deployment type is openshift-enterprise, and the system facts start reporting data_dir and config_base as referencing origin directories, which are not yet symlinked to their previous openshift variants. To correct we watch for a scenario where we evaluate these to origin directories, which don't exist, but the openshift ones do. (to allow for installation to still point at the origin variety) --- roles/openshift_facts/library/openshift_facts.py | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py index 932bfd441..c108cd422 100755 --- a/roles/openshift_facts/library/openshift_facts.py +++ b/roles/openshift_facts/library/openshift_facts.py @@ -604,11 +604,17 @@ def set_deployment_facts_if_unset(facts): config_base = '/etc/origin' if deployment_type in ['enterprise', 'online']: config_base = '/etc/openshift' + # Handle upgrade scenarios when symlinks don't yet exist: + if not os.path.exists(config_base) and os.path.exists('/etc/openshift'): + config_base = '/etc/openshift' facts['common']['config_base'] = config_base if 'data_dir' not in facts['common']: data_dir = '/var/lib/origin' if deployment_type in ['enterprise', 'online']: data_dir = '/var/lib/openshift' + # Handle upgrade scenarios when symlinks don't yet exist: + if not os.path.exists(data_dir) and os.path.exists('/var/lib/openshift'): + data_dir = '/var/lib/openshift' facts['common']['data_dir'] = data_dir for role in ('master', 'node'): -- cgit v1.2.3 From fa67d37245d53f4ea7222b0d4d970ede48fee94b Mon Sep 17 00:00:00 2001 From: Devan Goodwin Date: Tue, 10 Nov 2015 09:46:13 -0400 Subject: 1279734: Ensure services are enabled after upgrade. With the openshift to atomic-openshift renames, some services were not enabled after upgrade. Added enabled directives to all service restart lines in the upgrade playbook. --- playbooks/adhoc/upgrades/upgrade.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/playbooks/adhoc/upgrades/upgrade.yml b/playbooks/adhoc/upgrades/upgrade.yml index 7ce2698db..30f911f6f 100644 --- a/playbooks/adhoc/upgrades/upgrade.yml +++ b/playbooks/adhoc/upgrades/upgrade.yml @@ -226,7 +226,7 @@ when: inventory_hostname != groups.masters.0 - name: Restart master services - service: name="{{ openshift.common.service_type}}-master" state=restarted + service: name="{{ openshift.common.service_type}}-master" enabled=yes state=restarted when: not openshift_master_ha | bool - name: Destroy cluster @@ -250,7 +250,7 @@ openshift_master_ha: "{{ groups['masters'] | length > 1 }}" tasks: - name: Start pcsd - service: name=pcsd state=started + service: name=pcsd enabled=yes state=started when: openshift_master_ha | bool - name: Re-create cluster @@ -281,7 +281,7 @@ - name: Upgrade node packages command: yum update -y {{ openshift.common.service_type }}-node{{ openshift_version }} - name: Restart node services - service: name="{{ openshift.common.service_type }}-node" state=restarted + service: name="{{ openshift.common.service_type }}-node" enabled=yes state=restarted - name: Update cluster policy and policy bindings hosts: masters[0] @@ -311,7 +311,7 @@ openshift_master_ha: "{{ groups['masters'] | length > 1 }}" tasks: - name: Restart master services - service: name="{{ openshift.common.service_type}}-master" state=restarted + service: name="{{ openshift.common.service_type}}-master" enabled=yes state=restarted when: not openshift_master_ha | bool - name: Restart cluster post reconcile -- cgit v1.2.3 From d9e8e0ea821a87c3eb924dc89f5cd8de40ce34c8 Mon Sep 17 00:00:00 2001 From: Devan Goodwin Date: Tue, 10 Nov 2015 09:51:02 -0400 Subject: 1279746: Fix leftover disabled features line in config template. --- roles/openshift_master/templates/master.yaml.v1.j2 | 1 - 1 file changed, 1 deletion(-) diff --git a/roles/openshift_master/templates/master.yaml.v1.j2 b/roles/openshift_master/templates/master.yaml.v1.j2 index faf625e3c..bb12a0a0f 100644 --- a/roles/openshift_master/templates/master.yaml.v1.j2 +++ b/roles/openshift_master/templates/master.yaml.v1.j2 @@ -34,7 +34,6 @@ corsAllowedOrigins: disabledFeatures: {{ openshift.master.disabled_features | to_json }} {% endif %} {% if openshift.master.embedded_dns | bool %} -disabledFeatures: null dnsConfig: bindAddress: {{ openshift.master.bind_addr }}:{{ openshift.master.dns_port }} bindNetwork: tcp4 -- cgit v1.2.3 From f95d425c42e5eab69ede0f8a826810f428b57ffc Mon Sep 17 00:00:00 2001 From: Jason DeTiberus Date: Tue, 10 Nov 2015 12:39:00 -0500 Subject: Remove references to multi_ec2.py --- .gitignore | 1 + bin/openshift_ansible/multi_ec2.py | 1 - bin/openshift_ansible/multi_inventory.py | 1 + 3 files changed, 2 insertions(+), 1 deletion(-) delete mode 120000 bin/openshift_ansible/multi_ec2.py create mode 120000 bin/openshift_ansible/multi_inventory.py diff --git a/.gitignore b/.gitignore index cacc711a1..8f46c269f 100644 --- a/.gitignore +++ b/.gitignore @@ -15,4 +15,5 @@ .DS_Store gce.ini multi_ec2.yaml +multi_inventory.yaml .vagrant diff --git a/bin/openshift_ansible/multi_ec2.py b/bin/openshift_ansible/multi_ec2.py deleted file mode 120000 index 660a0418e..000000000 --- a/bin/openshift_ansible/multi_ec2.py +++ /dev/null @@ -1 +0,0 @@ -../../inventory/multi_ec2.py \ No newline at end of file diff --git a/bin/openshift_ansible/multi_inventory.py b/bin/openshift_ansible/multi_inventory.py new file mode 120000 index 000000000..b40feec07 --- /dev/null +++ b/bin/openshift_ansible/multi_inventory.py @@ -0,0 +1 @@ +../../inventory/multi_inventory.py \ No newline at end of file -- cgit v1.2.3 From 1e28190e374aac4677394bc9b8f3e8428b15dc5a Mon Sep 17 00:00:00 2001 From: Samuel Munilla Date: Tue, 10 Nov 2015 13:35:13 -0500 Subject: atomic-openshift-installer: Remove question for container install Removing the option for a container-based install from the quick installer with it is in tech preview. --- utils/src/ooinstall/cli_installer.py | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/utils/src/ooinstall/cli_installer.py b/utils/src/ooinstall/cli_installer.py index a40ff5cfc..3322a1e62 100644 --- a/utils/src/ooinstall/cli_installer.py +++ b/utils/src/ooinstall/cli_installer.py @@ -112,13 +112,15 @@ http://docs.openshift.com/enterprise/latest/architecture/infrastructure_componen host_props['master'] = click.confirm('Will this host be an OpenShift Master?') host_props['node'] = True - rpm_or_container = click.prompt('Will this host be RPM or Container based (rpm/container)?', - type=click.Choice(['rpm', 'container']), - default='rpm') - if rpm_or_container == 'container': - host_props['containerized'] = True - else: - host_props['containerized'] = False + #TODO: Reenable this option once container installs are out of tech preview + #rpm_or_container = click.prompt('Will this host be RPM or Container based (rpm/container)?', + # type=click.Choice(['rpm', 'container']), + # default='rpm') + #if rpm_or_container == 'container': + # host_props['containerized'] = True + #else: + # host_props['containerized'] = False + host_props['containerized'] = False host = Host(**host_props) -- cgit v1.2.3 From 7f4cafed723058ab7e79d11a826fca031d1d2aae Mon Sep 17 00:00:00 2001 From: Samuel Munilla Date: Tue, 10 Nov 2015 13:58:24 -0500 Subject: Update tests now that cli is not asking for rpm/container install --- utils/test/cli_installer_tests.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/utils/test/cli_installer_tests.py b/utils/test/cli_installer_tests.py index fcefcdff3..d58539b18 100644 --- a/utils/test/cli_installer_tests.py +++ b/utils/test/cli_installer_tests.py @@ -332,7 +332,7 @@ class AttendedCliTests(OOCliFixture): for (host, is_master) in hosts: inputs.append(host) inputs.append('y' if is_master else 'n') - inputs.append('rpm') + #inputs.append('rpm') if i < len(hosts) - 1: inputs.append('y') # Add more hosts else: @@ -349,7 +349,7 @@ class AttendedCliTests(OOCliFixture): for (host, is_master) in add_nodes: inputs.append(host) inputs.append('y' if is_master else 'n') - inputs.append('rpm') + #inputs.append('rpm') if i < len(add_nodes) - 1: inputs.append('y') # Add more hosts else: -- cgit v1.2.3 From 28d601beeebaacd5e79b3fec336a283c8bf20e68 Mon Sep 17 00:00:00 2001 From: Devan Goodwin Date: Tue, 10 Nov 2015 13:39:04 -0400 Subject: Add separate step to enable services during upgrade. Instead of combining this with tasks to restart services, add a separate started+enabled play for masters and nodes at the end of the playbook. --- playbooks/adhoc/upgrades/upgrade.yml | 22 +++++++++++++++++++--- 1 file changed, 19 insertions(+), 3 deletions(-) diff --git a/playbooks/adhoc/upgrades/upgrade.yml b/playbooks/adhoc/upgrades/upgrade.yml index 30f911f6f..324f5fba3 100644 --- a/playbooks/adhoc/upgrades/upgrade.yml +++ b/playbooks/adhoc/upgrades/upgrade.yml @@ -226,7 +226,7 @@ when: inventory_hostname != groups.masters.0 - name: Restart master services - service: name="{{ openshift.common.service_type}}-master" enabled=yes state=restarted + service: name="{{ openshift.common.service_type}}-master" state=restarted when: not openshift_master_ha | bool - name: Destroy cluster @@ -281,7 +281,7 @@ - name: Upgrade node packages command: yum update -y {{ openshift.common.service_type }}-node{{ openshift_version }} - name: Restart node services - service: name="{{ openshift.common.service_type }}-node" enabled=yes state=restarted + service: name="{{ openshift.common.service_type }}-node" state=restarted - name: Update cluster policy and policy bindings hosts: masters[0] @@ -311,7 +311,7 @@ openshift_master_ha: "{{ groups['masters'] | length > 1 }}" tasks: - name: Restart master services - service: name="{{ openshift.common.service_type}}-master" enabled=yes state=restarted + service: name="{{ openshift.common.service_type}}-master" state=restarted when: not openshift_master_ha | bool - name: Restart cluster post reconcile @@ -389,3 +389,19 @@ openshift_deployment_type: "{{ deployment_type }}" roles: - openshift_examples + +- name: Ensure master services enabled + hosts: masters + vars: + openshift_master_ha: "{{ groups['masters'] | length > 1 }}" + tasks: + - name: Enable master services + service: name="{{ openshift.common.service_type}}-master" state=started enabled=yes + when: not openshift_master_ha | bool + +- name: Ensure node services enabled + hosts: nodes + tasks: + - name: Restart node services + service: name="{{ openshift.common.service_type }}-node" state=started enabled=yes + -- cgit v1.2.3 From 36d44c4b8bb2e3059b67dea7ddb67f7bbaf921e4 Mon Sep 17 00:00:00 2001 From: Luke Meyer Date: Tue, 10 Nov 2015 09:56:54 -0500 Subject: examples: include logging and metrics infrastructure --- roles/openshift_examples/defaults/main.yml | 2 + roles/openshift_examples/examples-sync.sh | 8 ++ .../enterprise/logging-deployer.yaml | 151 +++++++++++++++++++++ .../enterprise/metrics-deployer.yaml | 116 ++++++++++++++++ .../origin/logging-deployer.yaml | 151 +++++++++++++++++++++ .../origin/metrics-deployer.yaml | 116 ++++++++++++++++ roles/openshift_examples/tasks/main.yml | 16 +++ 7 files changed, 560 insertions(+) create mode 100644 roles/openshift_examples/files/examples/infrastructure-templates/enterprise/logging-deployer.yaml create mode 100644 roles/openshift_examples/files/examples/infrastructure-templates/enterprise/metrics-deployer.yaml create mode 100644 roles/openshift_examples/files/examples/infrastructure-templates/origin/logging-deployer.yaml create mode 100644 roles/openshift_examples/files/examples/infrastructure-templates/origin/metrics-deployer.yaml diff --git a/roles/openshift_examples/defaults/main.yml b/roles/openshift_examples/defaults/main.yml index 2043985ec..8e8bc6868 100644 --- a/roles/openshift_examples/defaults/main.yml +++ b/roles/openshift_examples/defaults/main.yml @@ -14,5 +14,7 @@ db_templates_base: "{{ examples_base }}/db-templates" xpaas_image_streams: "{{ examples_base }}/xpaas-streams/jboss-image-streams.json" xpaas_templates_base: "{{ examples_base }}/xpaas-templates" quickstarts_base: "{{ examples_base }}/quickstart-templates" +infrastructure_origin_base: "{{ examples_base }}/infrastructure-templates/origin" +infrastructure_enterprise_base: "{{ examples_base }}/infrastructure-templates/enterprise" openshift_examples_import_command: "create" diff --git a/roles/openshift_examples/examples-sync.sh b/roles/openshift_examples/examples-sync.sh index 21137e31b..3fda86907 100755 --- a/roles/openshift_examples/examples-sync.sh +++ b/roles/openshift_examples/examples-sync.sh @@ -7,8 +7,10 @@ EXAMPLES_BASE=$(pwd)/files/examples find files/examples -name '*.json' -delete +find files/examples -name '*.yaml' -delete TEMP=`mktemp -d` pushd $TEMP + wget https://github.com/openshift/origin/archive/master.zip -O origin-master.zip wget https://github.com/openshift/django-ex/archive/master.zip -O django-ex-master.zip wget https://github.com/openshift/rails-ex/archive/master.zip -O rails-ex-master.zip @@ -33,5 +35,11 @@ cp dancer-ex-master/openshift/templates/* ${EXAMPLES_BASE}/quickstart-templates/ cp cakephp-ex-master/openshift/templates/* ${EXAMPLES_BASE}/quickstart-templates/ mv application-templates-master/jboss-image-streams.json ${EXAMPLES_BASE}/xpaas-streams/ find application-templates-master/ -name '*.json' ! -wholename '*secret*' -exec mv {} ${EXAMPLES_BASE}/xpaas-templates/ \; + +wget https://raw.githubusercontent.com/openshift/origin-metrics/master/metrics.yaml -O ${EXAMPLES_BASE}/infrastructure-templates/origin/metrics-deployer.yaml +cp ${EXAMPLES_BASE}/infrastructure-templates/origin/metrics-*.yaml ${EXAMPLES_BASE}/infrastructure-templates/enterprise/ +wget https://raw.githubusercontent.com/openshift/origin-aggregated-logging/master/deployment/deployer.yaml -O ${EXAMPLES_BASE}/infrastructure-templates/origin/logging-deployer.yaml +wget https://raw.githubusercontent.com/openshift/origin-aggregated-logging/enterprise/deployment/deployer.yaml -O ${EXAMPLES_BASE}/infrastructure-templates/enterprise/logging-deployer.yaml + popd git diff files/examples diff --git a/roles/openshift_examples/files/examples/infrastructure-templates/enterprise/logging-deployer.yaml b/roles/openshift_examples/files/examples/infrastructure-templates/enterprise/logging-deployer.yaml new file mode 100644 index 000000000..b3b60bf9b --- /dev/null +++ b/roles/openshift_examples/files/examples/infrastructure-templates/enterprise/logging-deployer.yaml @@ -0,0 +1,151 @@ +apiVersion: "v1" +kind: "Template" +metadata: + name: logging-deployer-template + annotations: + description: "Template for deploying everything needed for aggregated logging. Requires cluster-admin 'logging-deployer' service account and 'logging-deployer' secret." + tags: "infrastructure" +labels: + logging-infra: deployer + provider: openshift + component: deployer +objects: +- + apiVersion: v1 + kind: Pod + metadata: + generateName: logging-deployer- + spec: + containers: + - image: ${IMAGE_PREFIX}logging-deployment:${IMAGE_VERSION} + imagePullPolicy: Always + name: deployer + volumeMounts: + - name: secret + mountPath: /secret + readOnly: true + - name: empty + mountPath: /etc/deploy + env: + - name: PROJECT + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: IMAGE_PREFIX + value: ${IMAGE_PREFIX} + - name: IMAGE_VERSION + value: ${IMAGE_VERSION} + - name: ENABLE_OPS_CLUSTER + value: ${ENABLE_OPS_CLUSTER} + - name: KIBANA_HOSTNAME + value: ${KIBANA_HOSTNAME} + - name: KIBANA_OPS_HOSTNAME + value: ${KIBANA_OPS_HOSTNAME} + - name: PUBLIC_MASTER_URL + value: ${PUBLIC_MASTER_URL} + - name: MASTER_URL + value: ${MASTER_URL} + - name: ES_INSTANCE_RAM + value: ${ES_INSTANCE_RAM} + - name: ES_CLUSTER_SIZE + value: ${ES_CLUSTER_SIZE} + - name: ES_NODE_QUORUM + value: ${ES_NODE_QUORUM} + - name: ES_RECOVER_AFTER_NODES + value: ${ES_RECOVER_AFTER_NODES} + - name: ES_RECOVER_EXPECTED_NODES + value: ${ES_RECOVER_EXPECTED_NODES} + - name: ES_RECOVER_AFTER_TIME + value: ${ES_RECOVER_AFTER_TIME} + - name: ES_OPS_INSTANCE_RAM + value: ${ES_OPS_INSTANCE_RAM} + - name: ES_OPS_CLUSTER_SIZE + value: ${ES_OPS_CLUSTER_SIZE} + - name: ES_OPS_NODE_QUORUM + value: ${ES_OPS_NODE_QUORUM} + - name: ES_OPS_RECOVER_AFTER_NODES + value: ${ES_OPS_RECOVER_AFTER_NODES} + - name: ES_OPS_RECOVER_EXPECTED_NODES + value: ${ES_OPS_RECOVER_EXPECTED_NODES} + - name: ES_OPS_RECOVER_AFTER_TIME + value: ${ES_OPS_RECOVER_AFTER_TIME} + dnsPolicy: ClusterFirst + restartPolicy: Never + serviceAccount: logging-deployer + volumes: + - name: empty + emptyDir: {} + - name: secret + secret: + secretName: logging-deployer +parameters: +- + description: 'Specify prefix for logging components; e.g. for "openshift/origin-logging-deployer:v1.1", set prefix "openshift/origin-"' + name: IMAGE_PREFIX + value: "registry.access.redhat.com/openshift3/" +- + description: 'Specify version for logging components; e.g. for "openshift/origin-logging-deployer:v1.1", set version "v1.1"' + name: IMAGE_VERSION + value: "3.1.0" +- + description: "If true, set up to use a second ES cluster for ops logs." + name: ENABLE_OPS_CLUSTER + value: "false" +- + description: "External hostname where clients will reach kibana" + name: KIBANA_HOSTNAME + required: true +- + description: "External hostname at which admins will visit the ops Kibana." + name: KIBANA_OPS_HOSTNAME + value: kibana-ops.example.com +- + description: "External URL for the master, for OAuth purposes" + name: PUBLIC_MASTER_URL + required: true +- + description: "Internal URL for the master, for authentication retrieval" + name: MASTER_URL + value: "https://kubernetes.default.svc.cluster.local" +- + description: "Amount of RAM to reserve per ElasticSearch instance." + name: ES_INSTANCE_RAM + value: "8G" +- + description: "How many instances of ElasticSearch to deploy." + name: ES_CLUSTER_SIZE + required: true +- + description: "Number of nodes required to elect a master (ES minimum_master_nodes). By default, derived from ES_CLUSTER_SIZE / 2 + 1." + name: ES_NODE_QUORUM +- + description: "Number of nodes required to be present before the cluster will recover from a full restart. By default, one fewer than ES_CLUSTER_SIZE." + name: ES_RECOVER_AFTER_NODES +- + description: "Number of nodes desired to be present before the cluster will recover from a full restart. By default, ES_CLUSTER_SIZE." + name: ES_RECOVER_EXPECTED_NODES +- + description: "Timeout for *expected* nodes to be present when cluster is recovering from a full restart." + name: ES_RECOVER_AFTER_TIME + value: "5m" +- + description: "Amount of RAM to reserve per ops ElasticSearch instance." + name: ES_OPS_INSTANCE_RAM + value: "8G" +- + description: "How many ops instances of ElasticSearch to deploy. By default, ES_CLUSTER_SIZE." + name: ES_OPS_CLUSTER_SIZE +- + description: "Number of ops nodes required to elect a master (ES minimum_master_nodes). By default, derived from ES_CLUSTER_SIZE / 2 + 1." + name: ES_OPS_NODE_QUORUM +- + description: "Number of ops nodes required to be present before the cluster will recover from a full restart. By default, one fewer than ES_OPS_CLUSTER_SIZE." + name: ES_OPS_RECOVER_AFTER_NODES +- + description: "Number of ops nodes desired to be present before the cluster will recover from a full restart. By default, ES_OPS_CLUSTER_SIZE." + name: ES_OPS_RECOVER_EXPECTED_NODES +- + description: "Timeout for *expected* ops nodes to be present when cluster is recovering from a full restart." + name: ES_OPS_RECOVER_AFTER_TIME + value: "5m" + diff --git a/roles/openshift_examples/files/examples/infrastructure-templates/enterprise/metrics-deployer.yaml b/roles/openshift_examples/files/examples/infrastructure-templates/enterprise/metrics-deployer.yaml new file mode 100644 index 000000000..d823b2587 --- /dev/null +++ b/roles/openshift_examples/files/examples/infrastructure-templates/enterprise/metrics-deployer.yaml @@ -0,0 +1,116 @@ +#!/bin/bash +# +# Copyright 2014-2015 Red Hat, Inc. and/or its affiliates +# and other contributors as indicated by the @author tags. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +apiVersion: "v1" +kind: "Template" +metadata: + name: metrics-deployer-template + annotations: + description: "Template for deploying the required Metrics integration. Requires cluster-admin 'metrics-deployer' service account and 'metrics-deployer' secret." + tags: "infrastructure" +labels: + metrics-infra: deployer + provider: openshift + component: deployer +objects: +- + apiVersion: v1 + kind: Pod + metadata: + generateName: metrics-deployer- + spec: + containers: + - image: ${IMAGE_PREFIX}metrics-deployer:${IMAGE_VERSION} + name: deployer + volumeMounts: + - name: secret + mountPath: /secret + readOnly: true + - name: empty + mountPath: /etc/deploy + env: + - name: PROJECT + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: IMAGE_PREFIX + value: ${IMAGE_PREFIX} + - name: IMAGE_VERSION + value: ${IMAGE_VERSION} + - name: PUBLIC_MASTER_URL + value: ${PUBLIC_MASTER_URL} + - name: MASTER_URL + value: ${MASTER_URL} + - name: REDEPLOY + value: ${REDEPLOY} + - name: USE_PERSISTENT_STORAGE + value: ${USE_PERSISTENT_STORAGE} + - name: HAWKULAR_METRICS_HOSTNAME + value: ${HAWKULAR_METRICS_HOSTNAME} + - name: CASSANDRA_NODES + value: ${CASSANDRA_NODES} + - name: CASSANDRA_PV_SIZE + value: ${CASSANDRA_PV_SIZE} + - name: METRIC_DURATION + value: ${METRIC_DURATION} + dnsPolicy: ClusterFirst + restartPolicy: Never + serviceAccount: metrics-deployer + volumes: + - name: empty + emptyDir: {} + - name: secret + secret: + secretName: metrics-deployer +parameters: +- + description: 'Specify prefix for metrics components; e.g. for "openshift/origin-metrics-deployer:v1.1", set prefix "openshift/origin-"' + name: IMAGE_PREFIX + value: "hawkular/" +- + description: 'Specify version for metrics components; e.g. for "openshift/origin-metrics-deployer:v1.1", set version "v1.1"' + name: IMAGE_VERSION + value: "0.7.0-SNAPSHOT" +- + description: "Internal URL for the master, for authentication retrieval" + name: MASTER_URL + value: "https://kubernetes.default.svc:443" +- + description: "External hostname where clients will reach Hawkular Metrics" + name: HAWKULAR_METRICS_HOSTNAME + required: true +- + description: "If set to true the deployer will try and delete all the existing components before trying to redeploy." + name: REDEPLOY + value: "false" +- + description: "Set to true for persistent storage, set to false to use non persistent storage" + name: USE_PERSISTENT_STORAGE + value: "true" +- + description: "The number of Cassandra Nodes to deploy for the initial cluster" + name: CASSANDRA_NODES + value: "1" +- + description: "The persistent volume size for each of the Cassandra nodes" + name: CASSANDRA_PV_SIZE + value: "1Gi" +- + description: "How many days metrics should be stored for." + name: METRIC_DURATION + value: "7" diff --git a/roles/openshift_examples/files/examples/infrastructure-templates/origin/logging-deployer.yaml b/roles/openshift_examples/files/examples/infrastructure-templates/origin/logging-deployer.yaml new file mode 100644 index 000000000..4c798e148 --- /dev/null +++ b/roles/openshift_examples/files/examples/infrastructure-templates/origin/logging-deployer.yaml @@ -0,0 +1,151 @@ +apiVersion: "v1" +kind: "Template" +metadata: + name: logging-deployer-template + annotations: + description: "Template for deploying everything needed for aggregated logging. Requires cluster-admin 'logging-deployer' service account and 'logging-deployer' secret." + tags: "infrastructure" +labels: + logging-infra: deployer + provider: openshift + component: deployer +objects: +- + apiVersion: v1 + kind: Pod + metadata: + generateName: logging-deployer- + spec: + containers: + - image: ${IMAGE_PREFIX}logging-deployment:${IMAGE_VERSION} + imagePullPolicy: Always + name: deployer + volumeMounts: + - name: secret + mountPath: /secret + readOnly: true + - name: empty + mountPath: /etc/deploy + env: + - name: PROJECT + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: IMAGE_PREFIX + value: ${IMAGE_PREFIX} + - name: IMAGE_VERSION + value: ${IMAGE_VERSION} + - name: ENABLE_OPS_CLUSTER + value: ${ENABLE_OPS_CLUSTER} + - name: KIBANA_HOSTNAME + value: ${KIBANA_HOSTNAME} + - name: KIBANA_OPS_HOSTNAME + value: ${KIBANA_OPS_HOSTNAME} + - name: PUBLIC_MASTER_URL + value: ${PUBLIC_MASTER_URL} + - name: MASTER_URL + value: ${MASTER_URL} + - name: ES_INSTANCE_RAM + value: ${ES_INSTANCE_RAM} + - name: ES_CLUSTER_SIZE + value: ${ES_CLUSTER_SIZE} + - name: ES_NODE_QUORUM + value: ${ES_NODE_QUORUM} + - name: ES_RECOVER_AFTER_NODES + value: ${ES_RECOVER_AFTER_NODES} + - name: ES_RECOVER_EXPECTED_NODES + value: ${ES_RECOVER_EXPECTED_NODES} + - name: ES_RECOVER_AFTER_TIME + value: ${ES_RECOVER_AFTER_TIME} + - name: ES_OPS_INSTANCE_RAM + value: ${ES_OPS_INSTANCE_RAM} + - name: ES_OPS_CLUSTER_SIZE + value: ${ES_OPS_CLUSTER_SIZE} + - name: ES_OPS_NODE_QUORUM + value: ${ES_OPS_NODE_QUORUM} + - name: ES_OPS_RECOVER_AFTER_NODES + value: ${ES_OPS_RECOVER_AFTER_NODES} + - name: ES_OPS_RECOVER_EXPECTED_NODES + value: ${ES_OPS_RECOVER_EXPECTED_NODES} + - name: ES_OPS_RECOVER_AFTER_TIME + value: ${ES_OPS_RECOVER_AFTER_TIME} + dnsPolicy: ClusterFirst + restartPolicy: Never + serviceAccount: logging-deployer + volumes: + - name: empty + emptyDir: {} + - name: secret + secret: + secretName: logging-deployer +parameters: +- + description: 'Specify prefix for logging components; e.g. for "openshift/origin-logging-deployer:v1.1", set prefix "openshift/origin-"' + name: IMAGE_PREFIX + value: "docker.io/openshift/origin-" +- + description: 'Specify version for logging components; e.g. for "openshift/origin-logging-deployer:v1.1", set version "v1.1"' + name: IMAGE_VERSION + value: "latest" +- + description: "If true, set up to use a second ES cluster for ops logs." + name: ENABLE_OPS_CLUSTER + value: "false" +- + description: "External hostname where clients will reach kibana" + name: KIBANA_HOSTNAME + required: true +- + description: "External hostname at which admins will visit the ops Kibana." + name: KIBANA_OPS_HOSTNAME + value: kibana-ops.example.com +- + description: "External URL for the master, for OAuth purposes" + name: PUBLIC_MASTER_URL + required: true +- + description: "Internal URL for the master, for authentication retrieval" + name: MASTER_URL + value: "https://kubernetes.default.svc.cluster.local" +- + description: "Amount of RAM to reserve per ElasticSearch instance." + name: ES_INSTANCE_RAM + value: "8G" +- + description: "How many instances of ElasticSearch to deploy." + name: ES_CLUSTER_SIZE + required: true +- + description: "Number of nodes required to elect a master (ES minimum_master_nodes). By default, derived from ES_CLUSTER_SIZE / 2 + 1." + name: ES_NODE_QUORUM +- + description: "Number of nodes required to be present before the cluster will recover from a full restart. By default, one fewer than ES_CLUSTER_SIZE." + name: ES_RECOVER_AFTER_NODES +- + description: "Number of nodes desired to be present before the cluster will recover from a full restart. By default, ES_CLUSTER_SIZE." + name: ES_RECOVER_EXPECTED_NODES +- + description: "Timeout for *expected* nodes to be present when cluster is recovering from a full restart." + name: ES_RECOVER_AFTER_TIME + value: "5m" +- + description: "Amount of RAM to reserve per ops ElasticSearch instance." + name: ES_OPS_INSTANCE_RAM + value: "8G" +- + description: "How many ops instances of ElasticSearch to deploy. By default, ES_CLUSTER_SIZE." + name: ES_OPS_CLUSTER_SIZE +- + description: "Number of ops nodes required to elect a master (ES minimum_master_nodes). By default, derived from ES_CLUSTER_SIZE / 2 + 1." + name: ES_OPS_NODE_QUORUM +- + description: "Number of ops nodes required to be present before the cluster will recover from a full restart. By default, one fewer than ES_OPS_CLUSTER_SIZE." + name: ES_OPS_RECOVER_AFTER_NODES +- + description: "Number of ops nodes desired to be present before the cluster will recover from a full restart. By default, ES_OPS_CLUSTER_SIZE." + name: ES_OPS_RECOVER_EXPECTED_NODES +- + description: "Timeout for *expected* ops nodes to be present when cluster is recovering from a full restart." + name: ES_OPS_RECOVER_AFTER_TIME + value: "5m" + diff --git a/roles/openshift_examples/files/examples/infrastructure-templates/origin/metrics-deployer.yaml b/roles/openshift_examples/files/examples/infrastructure-templates/origin/metrics-deployer.yaml new file mode 100644 index 000000000..d823b2587 --- /dev/null +++ b/roles/openshift_examples/files/examples/infrastructure-templates/origin/metrics-deployer.yaml @@ -0,0 +1,116 @@ +#!/bin/bash +# +# Copyright 2014-2015 Red Hat, Inc. and/or its affiliates +# and other contributors as indicated by the @author tags. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +apiVersion: "v1" +kind: "Template" +metadata: + name: metrics-deployer-template + annotations: + description: "Template for deploying the required Metrics integration. Requires cluster-admin 'metrics-deployer' service account and 'metrics-deployer' secret." + tags: "infrastructure" +labels: + metrics-infra: deployer + provider: openshift + component: deployer +objects: +- + apiVersion: v1 + kind: Pod + metadata: + generateName: metrics-deployer- + spec: + containers: + - image: ${IMAGE_PREFIX}metrics-deployer:${IMAGE_VERSION} + name: deployer + volumeMounts: + - name: secret + mountPath: /secret + readOnly: true + - name: empty + mountPath: /etc/deploy + env: + - name: PROJECT + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: IMAGE_PREFIX + value: ${IMAGE_PREFIX} + - name: IMAGE_VERSION + value: ${IMAGE_VERSION} + - name: PUBLIC_MASTER_URL + value: ${PUBLIC_MASTER_URL} + - name: MASTER_URL + value: ${MASTER_URL} + - name: REDEPLOY + value: ${REDEPLOY} + - name: USE_PERSISTENT_STORAGE + value: ${USE_PERSISTENT_STORAGE} + - name: HAWKULAR_METRICS_HOSTNAME + value: ${HAWKULAR_METRICS_HOSTNAME} + - name: CASSANDRA_NODES + value: ${CASSANDRA_NODES} + - name: CASSANDRA_PV_SIZE + value: ${CASSANDRA_PV_SIZE} + - name: METRIC_DURATION + value: ${METRIC_DURATION} + dnsPolicy: ClusterFirst + restartPolicy: Never + serviceAccount: metrics-deployer + volumes: + - name: empty + emptyDir: {} + - name: secret + secret: + secretName: metrics-deployer +parameters: +- + description: 'Specify prefix for metrics components; e.g. for "openshift/origin-metrics-deployer:v1.1", set prefix "openshift/origin-"' + name: IMAGE_PREFIX + value: "hawkular/" +- + description: 'Specify version for metrics components; e.g. for "openshift/origin-metrics-deployer:v1.1", set version "v1.1"' + name: IMAGE_VERSION + value: "0.7.0-SNAPSHOT" +- + description: "Internal URL for the master, for authentication retrieval" + name: MASTER_URL + value: "https://kubernetes.default.svc:443" +- + description: "External hostname where clients will reach Hawkular Metrics" + name: HAWKULAR_METRICS_HOSTNAME + required: true +- + description: "If set to true the deployer will try and delete all the existing components before trying to redeploy." + name: REDEPLOY + value: "false" +- + description: "Set to true for persistent storage, set to false to use non persistent storage" + name: USE_PERSISTENT_STORAGE + value: "true" +- + description: "The number of Cassandra Nodes to deploy for the initial cluster" + name: CASSANDRA_NODES + value: "1" +- + description: "The persistent volume size for each of the Cassandra nodes" + name: CASSANDRA_PV_SIZE + value: "1Gi" +- + description: "How many days metrics should be stored for." + name: METRIC_DURATION + value: "7" diff --git a/roles/openshift_examples/tasks/main.yml b/roles/openshift_examples/tasks/main.yml index 40b7a5d6e..f48e207e7 100644 --- a/roles/openshift_examples/tasks/main.yml +++ b/roles/openshift_examples/tasks/main.yml @@ -37,6 +37,22 @@ failed_when: "'already exists' not in oex_import_quickstarts.stderr and oex_import_quickstarts.rc != 0" changed_when: false +- name: Import origin infrastructure-templates + command: > + {{ openshift.common.client_binary }} {{ openshift_examples_import_command }} -n openshift -f {{ infrastructure_origin_base }} + when: openshift_examples_load_centos | bool + register: oex_import_infrastructure + failed_when: "'already exists' not in oex_import_infrastructure.stderr and oex_import_infrastructure.rc != 0" + changed_when: false + +- name: Import enterprise infrastructure-templates + command: > + {{ openshift.common.client_binary }} {{ openshift_examples_import_command }} -n openshift -f {{ infrastructure_enterprise_base }} + when: openshift_examples_load_rhel | bool + register: oex_import_infrastructure + failed_when: "'already exists' not in oex_import_infrastructure.stderr and oex_import_infrastructure.rc != 0" + changed_when: false + - name: Import xPaas image streams command: > -- cgit v1.2.3 From 2a7cb7936318c4cf8a94d36748f7356349234ded Mon Sep 17 00:00:00 2001 From: Andrew Butcher Date: Tue, 10 Nov 2015 16:22:20 -0500 Subject: Add origin-clients to uninstall playbook. --- playbooks/adhoc/uninstall.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/playbooks/adhoc/uninstall.yml b/playbooks/adhoc/uninstall.yml index e05ab43f8..e0dbad900 100644 --- a/playbooks/adhoc/uninstall.yml +++ b/playbooks/adhoc/uninstall.yml @@ -59,8 +59,8 @@ - atomic-openshift-master - atomic-openshift-node - atomic-openshift-sdn-ovs - - etcd - corosync + - etcd - openshift - openshift-master - openshift-node @@ -68,6 +68,7 @@ - openshift-sdn-ovs - openvswitch - origin + - origin-clients - origin-master - origin-node - origin-sdn-ovs -- cgit v1.2.3 From 59ae79cf25fa23134b9787ce6248e797d23fbb34 Mon Sep 17 00:00:00 2001 From: Scott Dodson Date: Tue, 10 Nov 2015 21:08:20 -0500 Subject: Automatic commit of package [openshift-ansible] release [3.0.8-1]. --- .tito/packages/openshift-ansible | 2 +- openshift-ansible.spec | 161 ++++++++++++++++++++++++++++++++++++++- 2 files changed, 161 insertions(+), 2 deletions(-) diff --git a/.tito/packages/openshift-ansible b/.tito/packages/openshift-ansible index 6046a1a86..b6aa80de5 100644 --- a/.tito/packages/openshift-ansible +++ b/.tito/packages/openshift-ansible @@ -1 +1 @@ -3.0.7-1 ./ +3.0.8-1 ./ diff --git a/openshift-ansible.spec b/openshift-ansible.spec index 646352961..01146ed1d 100644 --- a/openshift-ansible.spec +++ b/openshift-ansible.spec @@ -5,7 +5,7 @@ } Name: openshift-ansible -Version: 3.0.7 +Version: 3.0.8 Release: 1%{?dist} Summary: Openshift and Atomic Enterprise Ansible License: ASL 2.0 @@ -258,6 +258,165 @@ Atomic OpenShift Utilities includes %changelog +* Tue Nov 10 2015 Scott Dodson 3.0.8-1 +- Add origin-clients to uninstall playbook. (abutcher@redhat.com) +- examples: include logging and metrics infrastructure (lmeyer@redhat.com) +- Add separate step to enable services during upgrade. (dgoodwin@redhat.com) +- Update tests now that cli is not asking for rpm/container install + (smunilla@redhat.com) +- atomic-openshift-installer: Remove question for container install + (smunilla@redhat.com) +- Remove references to multi_ec2.py (jdetiber@redhat.com) +- 1279746: Fix leftover disabled features line in config template. + (dgoodwin@redhat.com) +- 1279734: Ensure services are enabled after upgrade. (dgoodwin@redhat.com) +- Fix missing etcd_data_dir bug. (dgoodwin@redhat.com) +- Package the default ansible.cfg with atomic-openshift-utils. + (dgoodwin@redhat.com) +- Add ldap auth identity provider to example inventory. (abutcher@redhat.com) +- Read etcd data dir from appropriate config file. (dgoodwin@redhat.com) +- atomic-openshift-installer: Generate inventory off hosts_to_run_on + (smunilla@redhat.com) +- Various fixes related to connect_to (bleanhar@redhat.com) +- Remove upgrade playbook restriction on 3.0.2. (dgoodwin@redhat.com) +- Conditionals for flannel etcd client certs. (abutcher@redhat.com) +- New `iptablesSyncPeriod` field in node configuration (abutcher@redhat.com) +- Fix indentation on when (jdetiber@redhat.com) +- Bug 1278863 - Error using openshift_pkg_version (jdetiber@redhat.com) +- more cleanup of names (mwoodson@redhat.com) +- Missing conditionals for api/controller sysconfig. (abutcher@redhat.com) +- Updating the atomic-openshift-isntaller local connection logic for the + connect_to addition. (bleanhar@redhat.com) +- cleaned up network checks (mwoodson@redhat.com) +- Minor upgrade improvements. (dgoodwin@redhat.com) +- Wait for cluster to recover after pcs resource restart. (abutcher@redhat.com) +- Bug 1278245 - Failed to add node to existing env using atomic-openshift- + installer (bleanhar@redhat.com) +- remove debug statement (jdetiber@redhat.com) +- Fix removal of kubernetesMasterConfig.apiLevels (jdetiber@redhat.com) +- atomic-openshift-installer: Better specification of ansible connection point + (smunilla@redhat.com) +- Fix issues related to upgrade packages being unavailable + (jdetiber@redhat.com) +- added network checks. also updated item prototype code to support more + (mwoodson@redhat.com) +- Fix data_dir for 3.0 deployments (jdetiber@redhat.com) +- Fix apiLevels modifications (jdetiber@redhat.com) +- Fix creation of origin symlink when dir already exists. (dgoodwin@redhat.com) +- apiLevel changes (jdetiber@redhat.com) +- Write new config to disk after successful upgrade. (dgoodwin@redhat.com) +- Fix pylint errors with getting hosts to run on. (dgoodwin@redhat.com) +- Remove v1beta3 by default for kube_nfs_volumes (jdetiber@redhat.com) +- Add pre-upgrade script to be run on first master. (dgoodwin@redhat.com) +- Start to handle pacemaker ha during upgrade (abutcher@redhat.com) +- Fix lb group related errors (jdetiber@redhat.com) +- Fix file check conditional. (abutcher@redhat.com) +- Don't check for certs in data_dir just raise when they can't be found. Fix + typo. (abutcher@redhat.com) +- exclude atomic-openshift-installer from bin subpackage (tdawson@redhat.com) +- add master_hostnames definition for upgrade (jdetiber@redhat.com) +- Additional upgrade enhancements (jdetiber@redhat.com) +- Handle backups for separate etcd hosts if necessary. (dgoodwin@redhat.com) +- Further upgrade improvements (jdetiber@redhat.com) +- Upgrade improvements (dgoodwin@redhat.com) +- Bug 1278243 - Confusing prompt from atomic-openshift-installer + (bleanhar@redhat.com) +- Bug 1278244 - Previously there was no way to add a node in unattended mode + (bleanhar@redhat.com) +- Revert to defaults (abutcher@redhat.com) +- Bug 1278244 - Incorrect node information gathered by atomic-openshift- + installer (bleanhar@redhat.com) +- atomic-openshift-installer's unattended mode wasn't work with --force for all + cases (bleanhar@redhat.com) +- Making it easier to use pre-release content (bleanhar@redhat.com) +- The uninstall playbook needs to remove /run/openshift-sdn + (bleanhar@redhat.com) +- Various HA changes for pacemaker and native methods. (abutcher@redhat.com) +- Bug 1274201 - Fixing non-root installations if using a local connection + (bleanhar@redhat.com) +- Bug 1274201 - Fixing sudo non-interactive test (bleanhar@redhat.com) +- Bug 1277592 - SDN MTU has hardcoded default (jdetiber@redhat.com) +- Atomic Enterprise/OpenShift Enterprise merge update (jdetiber@redhat.com) +- fix dueling controllers - without controllerLeaseTTL set in config, multiple + controllers will attempt to start (jdetiber@redhat.com) +- default to source persistence for haproxy (jdetiber@redhat.com) +- hardcode openshift binaries for now (jdetiber@redhat.com) +- more tweaks (jdetiber@redhat.com) +- more tweaks (jdetiber@redhat.com) +- additional ha related updates (jdetiber@redhat.com) +- additional native ha changes (abutcher@redhat.com) +- Start of true master ha (jdetiber@redhat.com) +- Atomic Enterprise related changes. (avagarwa@redhat.com) +- Remove pacemaker bits. (abutcher@redhat.com) +- Override hosts deployment_type fact for version we're upgrading to. + (dgoodwin@redhat.com) +- Pylint fixes for config upgrade module. (dgoodwin@redhat.com) +- Disable proxy cert config upgrade until certs being generated. + (dgoodwin@redhat.com) +- remove debug line (florian.lambert@enovance.com) +- [roles/openshift_master_certificates/tasks/main.yml] Fix variable + openshift.master.all_hostnames to openshift.common.all_hostnames + (florian.lambert@enovance.com) +- Fix bug with not upgrading openshift-master to atomic-openshift-master. + (dgoodwin@redhat.com) +- Adding aws and gce packages to ansible-inventory (kwoodson@redhat.com) +- Fix subpackage dependencies (jdetiber@redhat.com) +- Refactor common group evaluation to avoid duplication (jdetiber@redhat.com) +- common/openshift-cluster: Scaleup playbook (smunilla@redhat.com) +- Fix bug from module rename. (dgoodwin@redhat.com) +- Fix bug with default ansible playbook dir. (dgoodwin@redhat.com) +- Use the base package upgrade version so we can check things earlier. + (dgoodwin@redhat.com) +- Skip fail if enterprise deployment type depending on version. + (dgoodwin@redhat.com) +- Add debug output for location of etcd backup. (dgoodwin@redhat.com) +- Filter internal hostnames from the list of parsed names. + (abutcher@redhat.com) +- Move config upgrade to correct place, fix node facts. (dgoodwin@redhat.com) +- Add custom certificates to serving info in master configuration. + (abutcher@redhat.com) +- Add in proxyClientInfo if missing during config upgrade. + (dgoodwin@redhat.com) +- Implement master-config.yaml upgrade for v1beta3 apiLevel removal. + (dgoodwin@redhat.com) +- Fix installer upgrade bug following pylint fix. (dgoodwin@redhat.com) +- Document the new version field for installer config. (dgoodwin@redhat.com) +- Remove my username from some test data. (dgoodwin@redhat.com) +- Add a simple version for the installer config file. (dgoodwin@redhat.com) +- Pylint fix. (dgoodwin@redhat.com) +- Fix issue with master.proxy-client.{crt,key} and omit. (abutcher@redhat.com) +- initial module framework (jdetiber@redhat.com) +- Better info prior to initiating upgrade. (dgoodwin@redhat.com) +- Fix etcd backup bug with not-yet-created /var/lib/origin symlink + (dgoodwin@redhat.com) +- Print info after upgrade completes. (dgoodwin@redhat.com) +- Automatically upgrade legacy config files. (dgoodwin@redhat.com) +- Remove devel fail and let upgrade proceed. (dgoodwin@redhat.com) +- Add utils subpackage missing dep on openshift-ansible-roles. + (dgoodwin@redhat.com) +- Generate timestamped etcd backups. (dgoodwin@redhat.com) +- Add etcd_data_dir fact. (dgoodwin@redhat.com) +- Functional disk space checking for etcd backup. (dgoodwin@redhat.com) +- First cut at checking available disk space for etcd backup. + (dgoodwin@redhat.com) +- Block upgrade if targetting enterprise deployment type. (dgoodwin@redhat.com) +- Change flannel registration default values (sbaubeau@redhat.com) +- Remove empty notify section (sbaubeau@redhat.com) +- Check etcd certs exist for flannel when its support is enabled + (sbaubeau@redhat.com) +- Fix when neither use_openshift_sdn nor use_flannel are specified + (sbaubeau@redhat.com) +- Generate etcd certificats for flannel when is not embedded + (sbaubeau@redhat.com) +- Add missing 2nd true parameters to default Jinja filter (sbaubeau@redhat.com) +- Use 'command' module instead of 'shell' (sbaubeau@redhat.com) +- Add flannel modules documentation (sbaubeau@redhat.com) +- Only remove IPv4 address from docker bridge (sbaubeau@redhat.com) +- Remove multiple use_flannel fact definition (sbaubeau@redhat.com) +- Ensure openshift-sdn and flannel can't be used at the same time + (sbaubeau@redhat.com) +- Add flannel support (sbaubeau@redhat.com) + * Wed Nov 04 2015 Kenny Woodson 3.0.7-1 - added the %%util in zabbix (mwoodson@redhat.com) - atomic-openshift-installer: Correct default playbook directory -- cgit v1.2.3 From 4c1b0dd4ab8f3a5d4fcfa4ba1501ed374793e77a Mon Sep 17 00:00:00 2001 From: Jason DeTiberus Date: Fri, 6 Nov 2015 16:56:37 -0500 Subject: Refactor upgrade playbook(s) - Split playbooks into two, one for 3.0 minor upgrades and one for 3.0 to 3.1 upgrades - Move upgrade playbooks to common/openshift/cluster/upgrades from adhoc - Added a byo wrapper playbooks to set the groups based on the byo conventions, other providers will need similar playbooks added eventually - installer wrapper updates for refactored upgrade playbooks - call new 3.0 to 3.1 upgrade playbook - various fixes for edge cases I hit with a really old config laying around. - fix output of host facts to show connect_to value. --- playbooks/adhoc/upgrades/README.md | 21 -- playbooks/adhoc/upgrades/files/pre-upgrade-check | 188 ---------- playbooks/adhoc/upgrades/files/versions.sh | 10 - playbooks/adhoc/upgrades/filter_plugins | 1 - .../upgrades/library/openshift_upgrade_config.py | 154 -------- playbooks/adhoc/upgrades/lookup_plugins | 1 - playbooks/adhoc/upgrades/roles | 1 - playbooks/adhoc/upgrades/upgrade.yml | 407 --------------------- playbooks/byo/openshift-cluster/upgrades/README.md | 8 + .../upgrades/v3_0_minor/README.md | 21 ++ .../upgrades/v3_0_minor/upgrade.yml | 9 + .../upgrades/v3_0_to_v3_1/README.md | 17 + .../upgrades/v3_0_to_v3_1/upgrade.yml | 9 + .../upgrades/files/pre-upgrade-check | 188 ++++++++++ .../openshift-cluster/upgrades/files/versions.sh | 10 + .../openshift-cluster/upgrades/filter_plugins | 1 + .../upgrades/library/openshift_upgrade_config.py | 154 ++++++++ .../openshift-cluster/upgrades/lookup_plugins | 1 + playbooks/common/openshift-cluster/upgrades/roles | 1 + .../upgrades/v3_0_minor/filter_plugins | 1 + .../openshift-cluster/upgrades/v3_0_minor/library | 1 + .../upgrades/v3_0_minor/lookup_plugins | 1 + .../openshift-cluster/upgrades/v3_0_minor/roles | 1 + .../upgrades/v3_0_minor/upgrade.yml | 112 ++++++ .../upgrades/v3_0_to_v3_1/filter_plugins | 1 + .../upgrades/v3_0_to_v3_1/library | 1 + .../upgrades/v3_0_to_v3_1/lookup_plugins | 1 + .../openshift-cluster/upgrades/v3_0_to_v3_1/roles | 1 + .../upgrades/v3_0_to_v3_1/upgrade.yml | 407 +++++++++++++++++++++ playbooks/common/openshift-etcd/config.yml | 2 + playbooks/common/openshift-master/config.yml | 3 + roles/openshift_facts/library/openshift_facts.py | 71 ++-- utils/src/ooinstall/cli_installer.py | 5 +- utils/src/ooinstall/oo_config.py | 8 +- utils/src/ooinstall/openshift_ansible.py | 4 +- 35 files changed, 998 insertions(+), 824 deletions(-) delete mode 100644 playbooks/adhoc/upgrades/README.md delete mode 100644 playbooks/adhoc/upgrades/files/pre-upgrade-check delete mode 100644 playbooks/adhoc/upgrades/files/versions.sh delete mode 120000 playbooks/adhoc/upgrades/filter_plugins delete mode 100755 playbooks/adhoc/upgrades/library/openshift_upgrade_config.py delete mode 120000 playbooks/adhoc/upgrades/lookup_plugins delete mode 120000 playbooks/adhoc/upgrades/roles delete mode 100644 playbooks/adhoc/upgrades/upgrade.yml create mode 100644 playbooks/byo/openshift-cluster/upgrades/README.md create mode 100644 playbooks/byo/openshift-cluster/upgrades/v3_0_minor/README.md create mode 100644 playbooks/byo/openshift-cluster/upgrades/v3_0_minor/upgrade.yml create mode 100644 playbooks/byo/openshift-cluster/upgrades/v3_0_to_v3_1/README.md create mode 100644 playbooks/byo/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml create mode 100644 playbooks/common/openshift-cluster/upgrades/files/pre-upgrade-check create mode 100644 playbooks/common/openshift-cluster/upgrades/files/versions.sh create mode 120000 playbooks/common/openshift-cluster/upgrades/filter_plugins create mode 100755 playbooks/common/openshift-cluster/upgrades/library/openshift_upgrade_config.py create mode 120000 playbooks/common/openshift-cluster/upgrades/lookup_plugins create mode 120000 playbooks/common/openshift-cluster/upgrades/roles create mode 120000 playbooks/common/openshift-cluster/upgrades/v3_0_minor/filter_plugins create mode 120000 playbooks/common/openshift-cluster/upgrades/v3_0_minor/library create mode 120000 playbooks/common/openshift-cluster/upgrades/v3_0_minor/lookup_plugins create mode 120000 playbooks/common/openshift-cluster/upgrades/v3_0_minor/roles create mode 100644 playbooks/common/openshift-cluster/upgrades/v3_0_minor/upgrade.yml create mode 120000 playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/filter_plugins create mode 120000 playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/library create mode 120000 playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/lookup_plugins create mode 120000 playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/roles create mode 100644 playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml diff --git a/playbooks/adhoc/upgrades/README.md b/playbooks/adhoc/upgrades/README.md deleted file mode 100644 index 6de8a970f..000000000 --- a/playbooks/adhoc/upgrades/README.md +++ /dev/null @@ -1,21 +0,0 @@ -# [NOTE] -This playbook will re-run installation steps overwriting any local -modifications. You should ensure that your inventory has been updated with any -modifications you've made after your initial installation. If you find any items -that cannot be configured via ansible please open an issue at -https://github.com/openshift/openshift-ansible - -# Overview -This playbook is available as a technical preview. It currently performs the -following steps. - - * Upgrade and restart master services - * Upgrade and restart node services - * Applies latest configuration by re-running the installation playbook - * Applies the latest cluster policies - * Updates the default router if one exists - * Updates the default registry if one exists - * Updates image streams and quickstarts - -# Usage -ansible-playbook -i ~/ansible-inventory openshift-ansible/playbooks/adhoc/upgrades/upgrade.yml diff --git a/playbooks/adhoc/upgrades/files/pre-upgrade-check b/playbooks/adhoc/upgrades/files/pre-upgrade-check deleted file mode 100644 index ed4ab6d1b..000000000 --- a/playbooks/adhoc/upgrades/files/pre-upgrade-check +++ /dev/null @@ -1,188 +0,0 @@ -#!/usr/bin/env python -""" -Pre-upgrade checks that must be run on a master before proceeding with upgrade. -""" -# This is a script not a python module: -# pylint: disable=invalid-name - -# NOTE: This script should not require any python libs other than what is -# in the standard library. - -__license__ = "ASL 2.0" - -import json -import os -import subprocess -import re - -# The maximum length of container.ports.name -ALLOWED_LENGTH = 15 -# The valid structure of container.ports.name -ALLOWED_CHARS = re.compile('^[a-z0-9][a-z0-9\\-]*[a-z0-9]$') -AT_LEAST_ONE_LETTER = re.compile('[a-z]') -# look at OS_PATH for the full path. Default ot 'oc' -OC_PATH = os.getenv('OC_PATH', 'oc') - - -def validate(value): - """ - validate verifies that value matches required conventions - - Rules of container.ports.name validation: - - * must be less that 16 chars - * at least one letter - * only a-z0-9- - * hyphens can not be leading or trailing or next to each other - - :Parameters: - - `value`: Value to validate - """ - if len(value) > ALLOWED_LENGTH: - return False - - if '--' in value: - return False - - # We search since it can be anywhere - if not AT_LEAST_ONE_LETTER.search(value): - return False - - # We match because it must start at the beginning - if not ALLOWED_CHARS.match(value): - return False - return True - - -def list_items(kind): - """ - list_items returns a list of items from the api - - :Parameters: - - `kind`: Kind of item to access - """ - response = subprocess.check_output([OC_PATH, 'get', '--all-namespaces', '-o', 'json', kind]) - items = json.loads(response) - return items.get("items", []) - - -def get(obj, *paths): - """ - Gets an object - - :Parameters: - - `obj`: A dictionary structure - - `path`: All other non-keyword arguments - """ - ret_obj = obj - for path in paths: - if ret_obj.get(path, None) is None: - return [] - ret_obj = ret_obj[path] - return ret_obj - - -# pylint: disable=too-many-arguments -def pretty_print_errors(namespace, kind, item_name, container_name, port_name, valid): - """ - Prints out results in human friendly way. - - :Parameters: - - `namespace`: Namespace of the resource - - `kind`: Kind of the resource - - `item_name`: Name of the resource - - `container_name`: Name of the container. May be "" when kind=Service. - - `port_name`: Name of the port - - `valid`: True if the port is valid - """ - if not valid: - if len(container_name) > 0: - print('%s/%s -n %s (Container="%s" Port="%s")' % ( - kind, item_name, namespace, container_name, port_name)) - else: - print('%s/%s -n %s (Port="%s")' % ( - kind, item_name, namespace, port_name)) - - -def print_validation_header(): - """ - Prints the error header. Should run on the first error to avoid - overwhelming the user. - """ - print """\ -At least one port name does not validate. Valid port names: - - * must be less that 16 chars - * have at least one letter - * only a-z0-9- - * do not start or end with - - * Dashes may not be next to eachother ('--') -""" - - -def main(): - """ - main is the main entry point to this script - """ - try: - # the comma at the end suppresses the newline - print "Checking for oc ...", - subprocess.check_output([OC_PATH, 'whoami']) - print "found" - except: - print( - 'Unable to run "%s whoami"\n' - 'Please ensure OpenShift is running, and "oc" is on your system ' - 'path.\n' - 'You can override the path with the OC_PATH environment variable.' - % OC_PATH) - raise SystemExit(1) - - # Where the magic happens - first_error = True - for kind, path in [ - ('replicationcontrollers', ("spec", "template", "spec", "containers")), - ('pods', ("spec", "containers")), - ('deploymentconfigs', ("spec", "template", "spec", "containers"))]: - for item in list_items(kind): - namespace = item["metadata"]["namespace"] - item_name = item["metadata"]["name"] - for container in get(item, *path): - container_name = container["name"] - for port in get(container, "ports"): - port_name = port.get("name", None) - if not port_name: - # Unnamed ports are OK - continue - valid = validate(port_name) - if not valid and first_error: - first_error = False - print_validation_header() - pretty_print_errors( - namespace, kind, item_name, - container_name, port_name, valid) - - # Services follow a different flow - for item in list_items('services'): - namespace = item["metadata"]["namespace"] - item_name = item["metadata"]["name"] - for port in get(item, "spec", "ports"): - port_name = port.get("targetPort", None) - if isinstance(port_name, int) or port_name is None: - # Integer only or unnamed ports are OK - continue - valid = validate(port_name) - if not valid and first_error: - first_error = False - print_validation_header() - pretty_print_errors( - namespace, "services", item_name, "", port_name, valid) - - # If we had at least 1 error then exit with 1 - if not first_error: - raise SystemExit(1) - - -if __name__ == '__main__': - main() - diff --git a/playbooks/adhoc/upgrades/files/versions.sh b/playbooks/adhoc/upgrades/files/versions.sh deleted file mode 100644 index f90719cab..000000000 --- a/playbooks/adhoc/upgrades/files/versions.sh +++ /dev/null @@ -1,10 +0,0 @@ -#!/bin/bash - -yum_installed=$(yum list installed "$@" 2>&1 | tail -n +2 | grep -v 'Installed Packages' | grep -v 'Red Hat Subscription Management' | grep -v 'Error:' | awk '{ print $2 }' | tr '\n' ' ') - -yum_available=$(yum list available "$@" 2>&1 | tail -n +2 | grep -v 'Available Packages' | grep -v 'Red Hat Subscription Management' | grep -v 'el7ose' | grep -v 'Error:' | awk '{ print $2 }' | tr '\n' ' ') - - -echo "---" -echo "curr_version: ${yum_installed}" -echo "avail_version: ${yum_available}" diff --git a/playbooks/adhoc/upgrades/filter_plugins b/playbooks/adhoc/upgrades/filter_plugins deleted file mode 120000 index b0b7a3414..000000000 --- a/playbooks/adhoc/upgrades/filter_plugins +++ /dev/null @@ -1 +0,0 @@ -../../../filter_plugins/ \ No newline at end of file diff --git a/playbooks/adhoc/upgrades/library/openshift_upgrade_config.py b/playbooks/adhoc/upgrades/library/openshift_upgrade_config.py deleted file mode 100755 index a6721bb92..000000000 --- a/playbooks/adhoc/upgrades/library/openshift_upgrade_config.py +++ /dev/null @@ -1,154 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# vim: expandtab:tabstop=4:shiftwidth=4 - -"""Ansible module for modifying OpenShift configs during an upgrade""" - -import os -import yaml - -DOCUMENTATION = ''' ---- -module: openshift_upgrade_config -short_description: OpenShift Upgrade Config -author: Jason DeTiberus -requirements: [ ] -''' -EXAMPLES = ''' -''' - -def modify_api_levels(level_list, remove, ensure, msg_prepend='', - msg_append=''): - """ modify_api_levels """ - changed = False - changes = [] - - if not isinstance(remove, list): - remove = [] - - if not isinstance(ensure, list): - ensure = [] - - if not isinstance(level_list, list): - new_list = [] - changed = True - changes.append("%s created missing %s" % (msg_prepend, msg_append)) - else: - new_list = level_list - for level in remove: - if level in new_list: - new_list.remove(level) - changed = True - changes.append("%s removed %s %s" % (msg_prepend, level, msg_append)) - - for level in ensure: - if level not in new_list: - new_list.append(level) - changed = True - changes.append("%s added %s %s" % (msg_prepend, level, msg_append)) - - return {'new_list': new_list, 'changed': changed, 'changes': changes} - - -def upgrade_master_3_0_to_3_1(ansible_module, config_base, backup): - """Main upgrade method for 3.0 to 3.1.""" - changes = [] - - # Facts do not get transferred to the hosts where custom modules run, - # need to make some assumptions here. - master_config = os.path.join(config_base, 'master/master-config.yaml') - - master_cfg_file = open(master_config, 'r') - config = yaml.safe_load(master_cfg_file.read()) - master_cfg_file.close() - - - # Remove unsupported api versions and ensure supported api versions from - # master config - unsupported_levels = ['v1beta1', 'v1beta2', 'v1beta3'] - supported_levels = ['v1'] - - result = modify_api_levels(config.get('apiLevels'), unsupported_levels, - supported_levels, 'master-config.yaml:', 'from apiLevels') - if result['changed']: - config['apiLevels'] = result['new_list'] - changes.append(result['changes']) - - if 'kubernetesMasterConfig' in config and 'apiLevels' in config['kubernetesMasterConfig']: - config['kubernetesMasterConfig'].pop('apiLevels') - changes.append('master-config.yaml: removed kubernetesMasterConfig.apiLevels') - - # Add proxyClientInfo to master-config - if 'proxyClientInfo' not in config['kubernetesMasterConfig']: - config['kubernetesMasterConfig']['proxyClientInfo'] = { - 'certFile': 'master.proxy-client.crt', - 'keyFile': 'master.proxy-client.key' - } - changes.append("master-config.yaml: added proxyClientInfo") - - if len(changes) > 0: - if backup: - # TODO: Check success: - ansible_module.backup_local(master_config) - - # Write the modified config: - out_file = open(master_config, 'w') - out_file.write(yaml.safe_dump(config, default_flow_style=False)) - out_file.close() - - return changes - - -def upgrade_master(ansible_module, config_base, from_version, to_version, backup): - """Upgrade entry point.""" - if from_version == '3.0': - if to_version == '3.1': - return upgrade_master_3_0_to_3_1(ansible_module, config_base, backup) - - -def main(): - """ main """ - # disabling pylint errors for global-variable-undefined and invalid-name - # for 'global module' usage, since it is required to use ansible_facts - # pylint: disable=global-variable-undefined, invalid-name, - # redefined-outer-name - global module - - module = AnsibleModule( - argument_spec=dict( - config_base=dict(required=True), - from_version=dict(required=True, choices=['3.0']), - to_version=dict(required=True, choices=['3.1']), - role=dict(required=True, choices=['master']), - backup=dict(required=False, default=True, type='bool') - ), - supports_check_mode=True, - ) - - from_version = module.params['from_version'] - to_version = module.params['to_version'] - role = module.params['role'] - backup = module.params['backup'] - config_base = module.params['config_base'] - - try: - changes = [] - if role == 'master': - changes = upgrade_master(module, config_base, from_version, - to_version, backup) - - changed = len(changes) > 0 - return module.exit_json(changed=changed, changes=changes) - - # ignore broad-except error to avoid stack trace to ansible user - # pylint: disable=broad-except - except Exception, e: - return module.fail_json(msg=str(e)) - -# ignore pylint errors related to the module_utils import -# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import -# import module snippets -from ansible.module_utils.basic import * - -if __name__ == '__main__': - main() diff --git a/playbooks/adhoc/upgrades/lookup_plugins b/playbooks/adhoc/upgrades/lookup_plugins deleted file mode 120000 index 73cafffe5..000000000 --- a/playbooks/adhoc/upgrades/lookup_plugins +++ /dev/null @@ -1 +0,0 @@ -../../../lookup_plugins/ \ No newline at end of file diff --git a/playbooks/adhoc/upgrades/roles b/playbooks/adhoc/upgrades/roles deleted file mode 120000 index e2b799b9d..000000000 --- a/playbooks/adhoc/upgrades/roles +++ /dev/null @@ -1 +0,0 @@ -../../../roles/ \ No newline at end of file diff --git a/playbooks/adhoc/upgrades/upgrade.yml b/playbooks/adhoc/upgrades/upgrade.yml deleted file mode 100644 index 324f5fba3..000000000 --- a/playbooks/adhoc/upgrades/upgrade.yml +++ /dev/null @@ -1,407 +0,0 @@ ---- -- name: Load master facts - hosts: masters - roles: - - openshift_facts - -- name: Verify upgrade can proceed - hosts: masters[0] - vars: - openshift_master_ha: "{{ groups['masters'] | length > 1 }}" - gather_facts: no - tasks: - # Pacemaker is currently the only supported upgrade path for multiple masters - - fail: - msg: "openshift_master_cluster_method must be set to 'pacemaker'" - when: openshift_master_ha | bool and ((openshift_master_cluster_method is not defined) or (openshift_master_cluster_method is defined and openshift_master_cluster_method != "pacemaker")) - -- name: Run pre-upgrade checks on first master - hosts: masters[0] - tasks: - # If this script errors out ansible will show the default stdout/stderr - # which contains details for the user: - - script: files/pre-upgrade-check - -- name: Evaluate etcd_hosts - hosts: localhost - tasks: - - name: Evaluate etcd hosts - add_host: - name: "{{ groups.masters.0 }}" - groups: etcd_hosts - when: hostvars[groups.masters.0].openshift.master.embedded_etcd | bool - - name: Evaluate etcd hosts - add_host: - name: "{{ item }}" - groups: etcd_hosts - with_items: groups.etcd - when: not hostvars[groups.masters.0].openshift.master.embedded_etcd | bool - -- name: Backup etcd - hosts: etcd_hosts - vars: - embedded_etcd: "{{ openshift.master.embedded_etcd }}" - timestamp: "{{ lookup('pipe', 'date +%Y%m%d%H%M%S') }}" - roles: - - openshift_facts - tasks: - - - stat: path=/var/lib/openshift - register: var_lib_openshift - - - stat: path=/var/lib/origin - register: var_lib_origin - - - name: Create origin symlink if necessary - file: src=/var/lib/openshift/ dest=/var/lib/origin state=link - when: var_lib_openshift.stat.exists == True and var_lib_origin.stat.exists == False - - - name: Check available disk space for etcd backup - # We assume to be using the data dir for all backups. - shell: > - df --output=avail -k {{ openshift.common.data_dir }} | tail -n 1 - register: avail_disk - - - name: Check current embedded etcd disk usage - shell: > - du -k {{ openshift.master.etcd_data_dir }} | tail -n 1 | cut -f1 - register: etcd_disk_usage - when: embedded_etcd | bool - - - name: Abort if insufficient disk space for etcd backup - fail: - msg: > - {{ etcd_disk_usage.stdout }} Kb disk space required for etcd backup, - {{ avail_disk.stdout }} Kb available. - when: (embedded_etcd | bool) and (etcd_disk_usage.stdout|int > avail_disk.stdout|int) - - - name: Install etcd (for etcdctl) - yum: - pkg: etcd - state: latest - - - name: Generate etcd backup - command: > - etcdctl backup --data-dir={{ openshift.master.etcd_data_dir }} - --backup-dir={{ openshift.common.data_dir }}/etcd-backup-{{ timestamp }} - - - name: Display location of etcd backup - debug: - msg: "Etcd backup created in {{ openshift.common.data_dir }}/etcd-backup-{{ timestamp }}" - -- name: Update deployment type - hosts: OSEv3 - roles: - - openshift_facts - post_tasks: - - openshift_facts: - role: common - local_facts: - deployment_type: "{{ deployment_type }}" - - -- name: Perform upgrade version checking - hosts: masters[0] - tasks: - - name: Clean yum cache - command: yum clean all - - - name: Determine available versions - script: files/versions.sh {{ openshift.common.service_type }} openshift - register: g_versions_result - - - set_fact: - g_aos_versions: "{{ g_versions_result.stdout | from_yaml }}" - - - set_fact: - g_new_version: "{{ g_aos_versions.curr_version.split('-', 1).0 if g_aos_versions.avail_version is none else g_aos_versions.avail_version.split('-', 1).0 }}" - - - fail: - msg: This playbook requires Origin 1.0.6 or later - when: deployment_type == 'origin' and g_aos_versions.curr_version | version_compare('1.0.6','<') - - # TODO: This should be specific to the 3.1 upgrade playbook (coming in future refactor), otherwise we are blocking 3.0.1 to 3.0.2 here. - - fail: - msg: Atomic OpenShift 3.1 packages not found - when: deployment_type in ['openshift-enterprise', 'atomic-openshift'] and g_aos_versions.curr_version | version_compare('3.0.2.900','<') and (g_aos_versions.avail_version is none or g_aos_versions.avail_version | version_compare('3.0.2.900','<')) - # Deployment type 'enterprise' is no longer valid if we're upgrading to 3.1 or beyond. - # (still valid for 3.0.x to 3.0.y however) Using the global deployment_type here as - # we're checking what was requested by the upgrade, not the current type on the system. - - fail: - msg: "Deployment type enterprise not supported for upgrade" - when: deployment_type == "enterprise" and g_aos_versions.curr_version | version_compare('3.1', '>=') - - -- name: Upgrade masters - hosts: masters - vars: - openshift_version: "{{ openshift_pkg_version | default('') }}" - tasks: - - name: Upgrade to latest available kernel - yum: - pkg: kernel - state: latest - - - name: Upgrade master packages - command: yum update -y {{ openshift.common.service_type }}-master{{ openshift_version }} - - - name: Ensure python-yaml present for config upgrade - yum: - pkg: PyYAML - state: installed - - - name: Upgrade master configuration - openshift_upgrade_config: - from_version: '3.0' - to_version: '3.1' - role: master - config_base: "{{ hostvars[inventory_hostname].openshift.common.config_base }}" - when: deployment_type in ['openshift-enterprise', 'atomic-enterprise'] and g_aos_versions.curr_version | version_compare('3.1', '>=') - - - set_fact: - master_certs_missing: True - master_cert_subdir: master-{{ openshift.common.hostname }} - master_cert_config_dir: "{{ openshift.common.config_base }}/master" - -- name: Create temp directory for syncing certs - hosts: localhost - gather_facts: no - tasks: - - name: Create local temp directory for syncing certs - local_action: command mktemp -d /tmp/openshift-ansible-XXXXXXX - register: g_master_mktemp - changed_when: False - -- name: Generate missing master certificates - hosts: masters[0] - vars: - master_hostnames: "{{ hostvars - | oo_select_keys(groups.masters) - | oo_collect('openshift.common.all_hostnames') - | oo_flatten | unique }}" - master_generated_certs_dir: "{{ openshift.common.config_base }}/generated-configs" - masters_needing_certs: "{{ hostvars - | oo_select_keys(groups.masters) - | difference([groups.masters.0]) }}" - sync_tmpdir: "{{ hostvars.localhost.g_master_mktemp.stdout }}" - openshift_deployment_type: "{{ deployment_type }}" - roles: - - openshift_master_certificates - post_tasks: - - name: Remove generated etcd client certs when using external etcd - file: - path: "{{ master_generated_certs_dir }}/{{ item.0.master_cert_subdir }}/{{ item.1 }}" - state: absent - when: groups.oo_etcd_to_config is defined and groups.oo_etcd_to_config - with_nested: - - masters_needing_certs - - - master.etcd-client.crt - - master.etcd-client.key - - - name: Create a tarball of the master certs - command: > - tar -czvf {{ master_generated_certs_dir }}/{{ item.master_cert_subdir }}.tgz - -C {{ master_generated_certs_dir }}/{{ item.master_cert_subdir }} . - with_items: masters_needing_certs - - - name: Retrieve the master cert tarball from the master - fetch: - src: "{{ master_generated_certs_dir }}/{{ item.master_cert_subdir }}.tgz" - dest: "{{ sync_tmpdir }}/" - flat: yes - fail_on_missing: yes - validate_checksum: yes - with_items: masters_needing_certs - -- name: Sync certs and restart masters post configuration change - hosts: masters - vars: - sync_tmpdir: "{{ hostvars.localhost.g_master_mktemp.stdout }}" - openshift_master_ha: "{{ groups['masters'] | length > 1 }}" - tasks: - - name: Unarchive the tarball on the master - unarchive: - src: "{{ sync_tmpdir }}/{{ master_cert_subdir }}.tgz" - dest: "{{ master_cert_config_dir }}" - when: inventory_hostname != groups.masters.0 - - - name: Restart master services - service: name="{{ openshift.common.service_type}}-master" state=restarted - when: not openshift_master_ha | bool - -- name: Destroy cluster - hosts: masters[0] - vars: - openshift_master_ha: "{{ groups['masters'] | length > 1 }}" - openshift_deployment_type: "{{ deployment_type }}" - pre_tasks: - - name: Check for configured cluster - stat: - path: /etc/corosync/corosync.conf - register: corosync_conf - when: openshift_master_ha | bool - - name: Destroy cluster - command: pcs cluster destroy --all - when: openshift_master_ha | bool and corosync_conf.stat.exists == true - -- name: Start pcsd on masters - hosts: masters - vars: - openshift_master_ha: "{{ groups['masters'] | length > 1 }}" - tasks: - - name: Start pcsd - service: name=pcsd enabled=yes state=started - when: openshift_master_ha | bool - -- name: Re-create cluster - hosts: masters[0] - vars: - openshift_master_ha: "{{ groups['masters'] | length > 1 }}" - openshift_deployment_type: "{{ deployment_type }}" - omc_cluster_hosts: "{{ groups.masters | join(' ') }}" - roles: - - role: openshift_master_cluster - when: openshift_master_ha | bool - -- name: Delete temporary directory on localhost - hosts: localhost - gather_facts: no - tasks: - - file: name={{ g_master_mktemp.stdout }} state=absent - changed_when: False - - -- name: Upgrade nodes - hosts: nodes - vars: - openshift_version: "{{ openshift_pkg_version | default('') }}" - roles: - - openshift_facts - tasks: - - name: Upgrade node packages - command: yum update -y {{ openshift.common.service_type }}-node{{ openshift_version }} - - name: Restart node services - service: name="{{ openshift.common.service_type }}-node" state=restarted - -- name: Update cluster policy and policy bindings - hosts: masters[0] - vars: - origin_reconcile_bindings: "{{ deployment_type == 'origin' and g_new_version | version_compare('1.0.6', '>') }}" - ent_reconcile_bindings: "{{ deployment_type in ['openshift-enterprise', 'atomic-enterprise'] and g_new_version | version_compare('3.0.2','>') }}" - tasks: - - name: oadm policy reconcile-cluster-roles --confirm - command: > - {{ openshift.common.admin_binary}} --config={{ openshift.common.config_base }}/master/admin.kubeconfig - policy reconcile-cluster-roles --confirm - - - name: oadm policy reconcile-cluster-role-bindings --confirm - command: > - {{ openshift.common.admin_binary}} --config={{ openshift.common.config_base }}/master/admin.kubeconfig - policy reconcile-cluster-role-bindings - --exclude-groups=system:authenticated - --exclude-groups=system:unauthenticated - --exclude-users=system:anonymous - --additive-only=true --confirm - when: origin_reconcile_bindings | bool or ent_reconcile_bindings | bool - - -- name: Restart masters post reconcile - hosts: masters - vars: - openshift_master_ha: "{{ groups['masters'] | length > 1 }}" - tasks: - - name: Restart master services - service: name="{{ openshift.common.service_type}}-master" state=restarted - when: not openshift_master_ha | bool - -- name: Restart cluster post reconcile - hosts: masters[0] - vars: - openshift_master_ha: "{{ groups['masters'] | length > 1 }}" - tasks: - - name: Restart master cluster - command: pcs resource restart master - when: openshift_master_ha | bool - - name: Wait for the clustered master service to be available - wait_for: - host: "{{ openshift_master_cluster_vip }}" - port: 8443 - state: started - timeout: 180 - delay: 90 - when: openshift_master_ha | bool - -- name: Upgrade default router and registry - hosts: masters[0] - vars: - - registry_image: "{{ openshift.master.registry_url | replace( '${component}', 'docker-registry' ) | replace ( '${version}', 'v' + g_new_version ) }}" - - router_image: "{{ openshift.master.registry_url | replace( '${component}', 'haproxy-router' ) | replace ( '${version}', 'v' + g_new_version ) }}" - - oc_cmd: "{{ openshift.common.client_binary }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig" - tasks: - - name: Check for default router - command: > - {{ oc_cmd }} get -n default dc/router - register: _default_router - failed_when: false - changed_when: false - - name: Check for allowHostNetwork and allowHostPorts - when: _default_router.rc == 0 - shell: > - {{ oc_cmd }} get -o yaml scc/privileged | /usr/bin/grep -e allowHostPorts -e allowHostNetwork - register: _scc - - name: Grant allowHostNetwork and allowHostPorts - when: - - _default_router.rc == 0 - - "'false' in _scc.stdout" - command: > - {{ oc_cmd }} patch scc/privileged -p '{"allowHostPorts":true,"allowHostNetwork":true}' --loglevel=9 - - name: Update deployment config to 1.0.4/3.0.1 spec - when: _default_router.rc == 0 - command: > - {{ oc_cmd }} patch dc/router -p - '{"spec":{"strategy":{"rollingParams":{"updatePercent":-10},"spec":{"serviceAccount":"router","serviceAccountName":"router"}}}}' - - name: Switch to hostNetwork=true - when: _default_router.rc == 0 - command: > - {{ oc_cmd }} patch dc/router -p '{"spec":{"template":{"spec":{"hostNetwork":true}}}}' - - name: Update router image to current version - when: _default_router.rc == 0 - command: > - {{ oc_cmd }} patch dc/router -p - '{"spec":{"template":{"spec":{"containers":[{"name":"router","image":"{{ router_image }}"}]}}}}' - - - name: Check for default registry - command: > - {{ oc_cmd }} get -n default dc/docker-registry - register: _default_registry - failed_when: false - changed_when: false - - name: Update registry image to current version - when: _default_registry.rc == 0 - command: > - {{ oc_cmd }} patch dc/docker-registry -p - '{"spec":{"template":{"spec":{"containers":[{"name":"registry","image":"{{ registry_image }}"}]}}}}' - -- name: Update image streams and templates - hosts: masters[0] - vars: - openshift_examples_import_command: "update" - openshift_deployment_type: "{{ deployment_type }}" - roles: - - openshift_examples - -- name: Ensure master services enabled - hosts: masters - vars: - openshift_master_ha: "{{ groups['masters'] | length > 1 }}" - tasks: - - name: Enable master services - service: name="{{ openshift.common.service_type}}-master" state=started enabled=yes - when: not openshift_master_ha | bool - -- name: Ensure node services enabled - hosts: nodes - tasks: - - name: Restart node services - service: name="{{ openshift.common.service_type }}-node" state=started enabled=yes - diff --git a/playbooks/byo/openshift-cluster/upgrades/README.md b/playbooks/byo/openshift-cluster/upgrades/README.md new file mode 100644 index 000000000..ce7aebf8e --- /dev/null +++ b/playbooks/byo/openshift-cluster/upgrades/README.md @@ -0,0 +1,8 @@ +# Upgrade playbooks +The playbooks provided in this directory can be used for upgrading an existing +environment. Additional notes for the associated upgrade playbooks are +provided in their respective directories. + +# Upgrades available +- [OpenShift Enterprise 3.0 to latest minor release](v3_0_minor/README.md) +- [OpenShift Enterprise 3.0 to 3.1](v3_0_to_v3_1/README.md) diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_0_minor/README.md b/playbooks/byo/openshift-cluster/upgrades/v3_0_minor/README.md new file mode 100644 index 000000000..c91a6cb96 --- /dev/null +++ b/playbooks/byo/openshift-cluster/upgrades/v3_0_minor/README.md @@ -0,0 +1,21 @@ +# v3.0 minor upgrade playbook +**Note:** This playbook will re-run installation steps overwriting any local +modifications. You should ensure that your inventory has been updated with any +modifications you've made after your initial installation. If you find any items +that cannot be configured via ansible please open an issue at +https://github.com/openshift/openshift-ansible + +## Overview +This playbook is available as a technical preview. It currently performs the +following steps. + + * Upgrade and restart master services + * Upgrade and restart node services + * Applies latest configuration by re-running the installation playbook + * Applies the latest cluster policies + * Updates the default router if one exists + * Updates the default registry if one exists + * Updates image streams and quickstarts + +## Usage +ansible-playbook -i ~/ansible-inventory openshift-ansible/playbooks/byo/openshift-cluster/upgrades/v3_0_minor/upgrade.yml diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_0_minor/upgrade.yml b/playbooks/byo/openshift-cluster/upgrades/v3_0_minor/upgrade.yml new file mode 100644 index 000000000..76fa9ba22 --- /dev/null +++ b/playbooks/byo/openshift-cluster/upgrades/v3_0_minor/upgrade.yml @@ -0,0 +1,9 @@ +--- +- include: ../../../../common/openshift-cluster/upgrades/v3_0_minor/upgrade.yml + vars: + g_etcd_group: "{{ 'etcd' }}" + g_masters_group: "{{ 'masters' }}" + g_nodes_group: "{{ 'nodes' }}" + g_lb_group: "{{ 'lb' }}" + openshift_cluster_id: "{{ cluster_id | default('default') }}" + openshift_deployment_type: "{{ deployment_type }}" diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_0_to_v3_1/README.md b/playbooks/byo/openshift-cluster/upgrades/v3_0_to_v3_1/README.md new file mode 100644 index 000000000..c434be5b7 --- /dev/null +++ b/playbooks/byo/openshift-cluster/upgrades/v3_0_to_v3_1/README.md @@ -0,0 +1,17 @@ +# v3.0 to v3.1 upgrade playbook + +## Overview +This playbook currently performs the +following steps. + +**TODO: update for current steps** + * Upgrade and restart master services + * Upgrade and restart node services + * Modifies the subset of the configuration necessary + * Applies the latest cluster policies + * Updates the default router if one exists + * Updates the default registry if one exists + * Updates image streams and quickstarts + +## Usage +ansible-playbook -i ~/ansible-inventory openshift-ansible/playbooks/byo/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml b/playbooks/byo/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml new file mode 100644 index 000000000..b06442366 --- /dev/null +++ b/playbooks/byo/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml @@ -0,0 +1,9 @@ +--- +- include: ../../../../common/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml + vars: + g_etcd_group: "{{ 'etcd' }}" + g_masters_group: "{{ 'masters' }}" + g_nodes_group: "{{ 'nodes' }}" + g_lb_group: "{{ 'lb' }}" + openshift_cluster_id: "{{ cluster_id | default('default') }}" + openshift_deployment_type: "{{ deployment_type }}" diff --git a/playbooks/common/openshift-cluster/upgrades/files/pre-upgrade-check b/playbooks/common/openshift-cluster/upgrades/files/pre-upgrade-check new file mode 100644 index 000000000..ed4ab6d1b --- /dev/null +++ b/playbooks/common/openshift-cluster/upgrades/files/pre-upgrade-check @@ -0,0 +1,188 @@ +#!/usr/bin/env python +""" +Pre-upgrade checks that must be run on a master before proceeding with upgrade. +""" +# This is a script not a python module: +# pylint: disable=invalid-name + +# NOTE: This script should not require any python libs other than what is +# in the standard library. + +__license__ = "ASL 2.0" + +import json +import os +import subprocess +import re + +# The maximum length of container.ports.name +ALLOWED_LENGTH = 15 +# The valid structure of container.ports.name +ALLOWED_CHARS = re.compile('^[a-z0-9][a-z0-9\\-]*[a-z0-9]$') +AT_LEAST_ONE_LETTER = re.compile('[a-z]') +# look at OS_PATH for the full path. Default ot 'oc' +OC_PATH = os.getenv('OC_PATH', 'oc') + + +def validate(value): + """ + validate verifies that value matches required conventions + + Rules of container.ports.name validation: + + * must be less that 16 chars + * at least one letter + * only a-z0-9- + * hyphens can not be leading or trailing or next to each other + + :Parameters: + - `value`: Value to validate + """ + if len(value) > ALLOWED_LENGTH: + return False + + if '--' in value: + return False + + # We search since it can be anywhere + if not AT_LEAST_ONE_LETTER.search(value): + return False + + # We match because it must start at the beginning + if not ALLOWED_CHARS.match(value): + return False + return True + + +def list_items(kind): + """ + list_items returns a list of items from the api + + :Parameters: + - `kind`: Kind of item to access + """ + response = subprocess.check_output([OC_PATH, 'get', '--all-namespaces', '-o', 'json', kind]) + items = json.loads(response) + return items.get("items", []) + + +def get(obj, *paths): + """ + Gets an object + + :Parameters: + - `obj`: A dictionary structure + - `path`: All other non-keyword arguments + """ + ret_obj = obj + for path in paths: + if ret_obj.get(path, None) is None: + return [] + ret_obj = ret_obj[path] + return ret_obj + + +# pylint: disable=too-many-arguments +def pretty_print_errors(namespace, kind, item_name, container_name, port_name, valid): + """ + Prints out results in human friendly way. + + :Parameters: + - `namespace`: Namespace of the resource + - `kind`: Kind of the resource + - `item_name`: Name of the resource + - `container_name`: Name of the container. May be "" when kind=Service. + - `port_name`: Name of the port + - `valid`: True if the port is valid + """ + if not valid: + if len(container_name) > 0: + print('%s/%s -n %s (Container="%s" Port="%s")' % ( + kind, item_name, namespace, container_name, port_name)) + else: + print('%s/%s -n %s (Port="%s")' % ( + kind, item_name, namespace, port_name)) + + +def print_validation_header(): + """ + Prints the error header. Should run on the first error to avoid + overwhelming the user. + """ + print """\ +At least one port name does not validate. Valid port names: + + * must be less that 16 chars + * have at least one letter + * only a-z0-9- + * do not start or end with - + * Dashes may not be next to eachother ('--') +""" + + +def main(): + """ + main is the main entry point to this script + """ + try: + # the comma at the end suppresses the newline + print "Checking for oc ...", + subprocess.check_output([OC_PATH, 'whoami']) + print "found" + except: + print( + 'Unable to run "%s whoami"\n' + 'Please ensure OpenShift is running, and "oc" is on your system ' + 'path.\n' + 'You can override the path with the OC_PATH environment variable.' + % OC_PATH) + raise SystemExit(1) + + # Where the magic happens + first_error = True + for kind, path in [ + ('replicationcontrollers', ("spec", "template", "spec", "containers")), + ('pods', ("spec", "containers")), + ('deploymentconfigs', ("spec", "template", "spec", "containers"))]: + for item in list_items(kind): + namespace = item["metadata"]["namespace"] + item_name = item["metadata"]["name"] + for container in get(item, *path): + container_name = container["name"] + for port in get(container, "ports"): + port_name = port.get("name", None) + if not port_name: + # Unnamed ports are OK + continue + valid = validate(port_name) + if not valid and first_error: + first_error = False + print_validation_header() + pretty_print_errors( + namespace, kind, item_name, + container_name, port_name, valid) + + # Services follow a different flow + for item in list_items('services'): + namespace = item["metadata"]["namespace"] + item_name = item["metadata"]["name"] + for port in get(item, "spec", "ports"): + port_name = port.get("targetPort", None) + if isinstance(port_name, int) or port_name is None: + # Integer only or unnamed ports are OK + continue + valid = validate(port_name) + if not valid and first_error: + first_error = False + print_validation_header() + pretty_print_errors( + namespace, "services", item_name, "", port_name, valid) + + # If we had at least 1 error then exit with 1 + if not first_error: + raise SystemExit(1) + + +if __name__ == '__main__': + main() + diff --git a/playbooks/common/openshift-cluster/upgrades/files/versions.sh b/playbooks/common/openshift-cluster/upgrades/files/versions.sh new file mode 100644 index 000000000..f90719cab --- /dev/null +++ b/playbooks/common/openshift-cluster/upgrades/files/versions.sh @@ -0,0 +1,10 @@ +#!/bin/bash + +yum_installed=$(yum list installed "$@" 2>&1 | tail -n +2 | grep -v 'Installed Packages' | grep -v 'Red Hat Subscription Management' | grep -v 'Error:' | awk '{ print $2 }' | tr '\n' ' ') + +yum_available=$(yum list available "$@" 2>&1 | tail -n +2 | grep -v 'Available Packages' | grep -v 'Red Hat Subscription Management' | grep -v 'el7ose' | grep -v 'Error:' | awk '{ print $2 }' | tr '\n' ' ') + + +echo "---" +echo "curr_version: ${yum_installed}" +echo "avail_version: ${yum_available}" diff --git a/playbooks/common/openshift-cluster/upgrades/filter_plugins b/playbooks/common/openshift-cluster/upgrades/filter_plugins new file mode 120000 index 000000000..b1213dedb --- /dev/null +++ b/playbooks/common/openshift-cluster/upgrades/filter_plugins @@ -0,0 +1 @@ +../../../../filter_plugins \ No newline at end of file diff --git a/playbooks/common/openshift-cluster/upgrades/library/openshift_upgrade_config.py b/playbooks/common/openshift-cluster/upgrades/library/openshift_upgrade_config.py new file mode 100755 index 000000000..a6721bb92 --- /dev/null +++ b/playbooks/common/openshift-cluster/upgrades/library/openshift_upgrade_config.py @@ -0,0 +1,154 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# vim: expandtab:tabstop=4:shiftwidth=4 + +"""Ansible module for modifying OpenShift configs during an upgrade""" + +import os +import yaml + +DOCUMENTATION = ''' +--- +module: openshift_upgrade_config +short_description: OpenShift Upgrade Config +author: Jason DeTiberus +requirements: [ ] +''' +EXAMPLES = ''' +''' + +def modify_api_levels(level_list, remove, ensure, msg_prepend='', + msg_append=''): + """ modify_api_levels """ + changed = False + changes = [] + + if not isinstance(remove, list): + remove = [] + + if not isinstance(ensure, list): + ensure = [] + + if not isinstance(level_list, list): + new_list = [] + changed = True + changes.append("%s created missing %s" % (msg_prepend, msg_append)) + else: + new_list = level_list + for level in remove: + if level in new_list: + new_list.remove(level) + changed = True + changes.append("%s removed %s %s" % (msg_prepend, level, msg_append)) + + for level in ensure: + if level not in new_list: + new_list.append(level) + changed = True + changes.append("%s added %s %s" % (msg_prepend, level, msg_append)) + + return {'new_list': new_list, 'changed': changed, 'changes': changes} + + +def upgrade_master_3_0_to_3_1(ansible_module, config_base, backup): + """Main upgrade method for 3.0 to 3.1.""" + changes = [] + + # Facts do not get transferred to the hosts where custom modules run, + # need to make some assumptions here. + master_config = os.path.join(config_base, 'master/master-config.yaml') + + master_cfg_file = open(master_config, 'r') + config = yaml.safe_load(master_cfg_file.read()) + master_cfg_file.close() + + + # Remove unsupported api versions and ensure supported api versions from + # master config + unsupported_levels = ['v1beta1', 'v1beta2', 'v1beta3'] + supported_levels = ['v1'] + + result = modify_api_levels(config.get('apiLevels'), unsupported_levels, + supported_levels, 'master-config.yaml:', 'from apiLevels') + if result['changed']: + config['apiLevels'] = result['new_list'] + changes.append(result['changes']) + + if 'kubernetesMasterConfig' in config and 'apiLevels' in config['kubernetesMasterConfig']: + config['kubernetesMasterConfig'].pop('apiLevels') + changes.append('master-config.yaml: removed kubernetesMasterConfig.apiLevels') + + # Add proxyClientInfo to master-config + if 'proxyClientInfo' not in config['kubernetesMasterConfig']: + config['kubernetesMasterConfig']['proxyClientInfo'] = { + 'certFile': 'master.proxy-client.crt', + 'keyFile': 'master.proxy-client.key' + } + changes.append("master-config.yaml: added proxyClientInfo") + + if len(changes) > 0: + if backup: + # TODO: Check success: + ansible_module.backup_local(master_config) + + # Write the modified config: + out_file = open(master_config, 'w') + out_file.write(yaml.safe_dump(config, default_flow_style=False)) + out_file.close() + + return changes + + +def upgrade_master(ansible_module, config_base, from_version, to_version, backup): + """Upgrade entry point.""" + if from_version == '3.0': + if to_version == '3.1': + return upgrade_master_3_0_to_3_1(ansible_module, config_base, backup) + + +def main(): + """ main """ + # disabling pylint errors for global-variable-undefined and invalid-name + # for 'global module' usage, since it is required to use ansible_facts + # pylint: disable=global-variable-undefined, invalid-name, + # redefined-outer-name + global module + + module = AnsibleModule( + argument_spec=dict( + config_base=dict(required=True), + from_version=dict(required=True, choices=['3.0']), + to_version=dict(required=True, choices=['3.1']), + role=dict(required=True, choices=['master']), + backup=dict(required=False, default=True, type='bool') + ), + supports_check_mode=True, + ) + + from_version = module.params['from_version'] + to_version = module.params['to_version'] + role = module.params['role'] + backup = module.params['backup'] + config_base = module.params['config_base'] + + try: + changes = [] + if role == 'master': + changes = upgrade_master(module, config_base, from_version, + to_version, backup) + + changed = len(changes) > 0 + return module.exit_json(changed=changed, changes=changes) + + # ignore broad-except error to avoid stack trace to ansible user + # pylint: disable=broad-except + except Exception, e: + return module.fail_json(msg=str(e)) + +# ignore pylint errors related to the module_utils import +# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import +# import module snippets +from ansible.module_utils.basic import * + +if __name__ == '__main__': + main() diff --git a/playbooks/common/openshift-cluster/upgrades/lookup_plugins b/playbooks/common/openshift-cluster/upgrades/lookup_plugins new file mode 120000 index 000000000..aff753026 --- /dev/null +++ b/playbooks/common/openshift-cluster/upgrades/lookup_plugins @@ -0,0 +1 @@ +../../../../lookup_plugins \ No newline at end of file diff --git a/playbooks/common/openshift-cluster/upgrades/roles b/playbooks/common/openshift-cluster/upgrades/roles new file mode 120000 index 000000000..4bdbcbad3 --- /dev/null +++ b/playbooks/common/openshift-cluster/upgrades/roles @@ -0,0 +1 @@ +../../../../roles \ No newline at end of file diff --git a/playbooks/common/openshift-cluster/upgrades/v3_0_minor/filter_plugins b/playbooks/common/openshift-cluster/upgrades/v3_0_minor/filter_plugins new file mode 120000 index 000000000..27ddaa18b --- /dev/null +++ b/playbooks/common/openshift-cluster/upgrades/v3_0_minor/filter_plugins @@ -0,0 +1 @@ +../../../../../filter_plugins \ No newline at end of file diff --git a/playbooks/common/openshift-cluster/upgrades/v3_0_minor/library b/playbooks/common/openshift-cluster/upgrades/v3_0_minor/library new file mode 120000 index 000000000..53bed9684 --- /dev/null +++ b/playbooks/common/openshift-cluster/upgrades/v3_0_minor/library @@ -0,0 +1 @@ +../library \ No newline at end of file diff --git a/playbooks/common/openshift-cluster/upgrades/v3_0_minor/lookup_plugins b/playbooks/common/openshift-cluster/upgrades/v3_0_minor/lookup_plugins new file mode 120000 index 000000000..cf407f69b --- /dev/null +++ b/playbooks/common/openshift-cluster/upgrades/v3_0_minor/lookup_plugins @@ -0,0 +1 @@ +../../../../../lookup_plugins \ No newline at end of file diff --git a/playbooks/common/openshift-cluster/upgrades/v3_0_minor/roles b/playbooks/common/openshift-cluster/upgrades/v3_0_minor/roles new file mode 120000 index 000000000..6bc1a7aef --- /dev/null +++ b/playbooks/common/openshift-cluster/upgrades/v3_0_minor/roles @@ -0,0 +1 @@ +../../../../../roles \ No newline at end of file diff --git a/playbooks/common/openshift-cluster/upgrades/v3_0_minor/upgrade.yml b/playbooks/common/openshift-cluster/upgrades/v3_0_minor/upgrade.yml new file mode 100644 index 000000000..9f7e49b93 --- /dev/null +++ b/playbooks/common/openshift-cluster/upgrades/v3_0_minor/upgrade.yml @@ -0,0 +1,112 @@ +--- +- name: Evaluate groups + include: ../../evaluate_groups.yml + +- name: Re-Run cluster configuration to apply latest configuration changes + include: ../../config.yml + +- name: Upgrade masters + hosts: oo_masters_to_config + vars: + openshift_version: "{{ openshift_pkg_version | default('') }}" + tasks: + - name: Upgrade master packages + yum: pkg={{ openshift.common.service_type }}-master{{ openshift_version }} state=latest + - name: Restart master services + service: name="{{ openshift.common.service_type}}-master" state=restarted + +- name: Upgrade nodes + hosts: oo_nodes_to_config + vars: + openshift_version: "{{ openshift_pkg_version | default('') }}" + tasks: + - name: Upgrade node packages + yum: pkg={{ openshift.common.service_type }}-node{{ openshift_version }} state=latest + - name: Restart node services + service: name="{{ openshift.common.service_type }}-node" state=restarted + +- name: Determine new master version + hosts: oo_first_master + tasks: + - name: Determine new version + command: > + rpm -q --queryformat '%{version}' {{ openshift.common.service_type }}-master + register: _new_version + +- name: Ensure AOS 3.0.2 or Origin 1.0.6 + hosts: oo_first_master + tasks: + fail: This playbook requires Origin 1.0.6 or Atomic OpenShift 3.0.2 or later + when: _new_version.stdout | version_compare('1.0.6','<') or ( _new_version.stdout | version_compare('3.0','>=' and _new_version.stdout | version_compare('3.0.2','<') ) + +- name: Update cluster policy + hosts: oo_first_master + tasks: + - name: oadm policy reconcile-cluster-roles --confirm + command: > + {{ openshift.common.admin_binary}} --config={{ openshift.common.config_base }}/master/admin.kubeconfig + policy reconcile-cluster-roles --confirm + +- name: Upgrade default router + hosts: oo_first_master + vars: + - router_image: "{{ openshift.master.registry_url | replace( '${component}', 'haproxy-router' ) | replace ( '${version}', 'v' + _new_version.stdout ) }}" + - oc_cmd: "{{ openshift.common.client_binary }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig" + tasks: + - name: Check for default router + command: > + {{ oc_cmd }} get -n default dc/router + register: _default_router + failed_when: false + changed_when: false + - name: Check for allowHostNetwork and allowHostPorts + when: _default_router.rc == 0 + shell: > + {{ oc_cmd }} get -o yaml scc/privileged | /usr/bin/grep -e allowHostPorts -e allowHostNetwork + register: _scc + - name: Grant allowHostNetwork and allowHostPorts + when: + - _default_router.rc == 0 + - "'false' in _scc.stdout" + command: > + {{ oc_cmd }} patch scc/privileged -p '{"allowHostPorts":true,"allowHostNetwork":true}' --loglevel=9 + - name: Update deployment config to 1.0.4/3.0.1 spec + when: _default_router.rc == 0 + command: > + {{ oc_cmd }} patch dc/router -p + '{"spec":{"strategy":{"rollingParams":{"updatePercent":-10},"spec":{"serviceAccount":"router","serviceAccountName":"router"}}}}' + - name: Switch to hostNetwork=true + when: _default_router.rc == 0 + command: > + {{ oc_cmd }} patch dc/router -p '{"spec":{"template":{"spec":{"hostNetwork":true}}}}' + - name: Update router image to current version + when: _default_router.rc == 0 + command: > + {{ oc_cmd }} patch dc/router -p + '{"spec":{"template":{"spec":{"containers":[{"name":"router","image":"{{ router_image }}"}]}}}}' + +- name: Upgrade default + hosts: oo_first_master + vars: + - registry_image: "{{ openshift.master.registry_url | replace( '${component}', 'docker-registry' ) | replace ( '${version}', 'v' + _new_version.stdout ) }}" + - oc_cmd: "{{ openshift.common.client_binary }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig" + tasks: + - name: Check for default registry + command: > + {{ oc_cmd }} get -n default dc/docker-registry + register: _default_registry + failed_when: false + changed_when: false + - name: Update registry image to current version + when: _default_registry.rc == 0 + command: > + {{ oc_cmd }} patch dc/docker-registry -p + '{"spec":{"template":{"spec":{"containers":[{"name":"registry","image":"{{ registry_image }}"}]}}}}' + +- name: Update image streams and templates + hosts: oo_first_master + vars: + openshift_examples_import_command: "update" + openshift_deployment_type: "{{ deployment_type }}" + roles: + - openshift_examples diff --git a/playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/filter_plugins b/playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/filter_plugins new file mode 120000 index 000000000..27ddaa18b --- /dev/null +++ b/playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/filter_plugins @@ -0,0 +1 @@ +../../../../../filter_plugins \ No newline at end of file diff --git a/playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/library b/playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/library new file mode 120000 index 000000000..53bed9684 --- /dev/null +++ b/playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/library @@ -0,0 +1 @@ +../library \ No newline at end of file diff --git a/playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/lookup_plugins b/playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/lookup_plugins new file mode 120000 index 000000000..cf407f69b --- /dev/null +++ b/playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/lookup_plugins @@ -0,0 +1 @@ +../../../../../lookup_plugins \ No newline at end of file diff --git a/playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/roles b/playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/roles new file mode 120000 index 000000000..6bc1a7aef --- /dev/null +++ b/playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/roles @@ -0,0 +1 @@ +../../../../../roles \ No newline at end of file diff --git a/playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml b/playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml new file mode 100644 index 000000000..dd6979ab7 --- /dev/null +++ b/playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml @@ -0,0 +1,407 @@ +--- +- name: Evaluate host groups + include: ../../evaluate_groups.yml + +- name: Load openshift_facts from the environment + hosts: oo_masters_to_config oo_nodes_to_config oo_etcd_to_config oo_lb_to_config + roles: + - openshift_facts + +- name: Verify upgrade can proceed + hosts: oo_first_master + vars: + openshift_master_ha: "{{ groups['masters'] | length > 1 }}" + gather_facts: no + tasks: + # Pacemaker is currently the only supported upgrade path for multiple masters + - fail: + msg: "openshift_master_cluster_method must be set to 'pacemaker'" + when: openshift_master_ha | bool and ((openshift_master_cluster_method is not defined) or (openshift_master_cluster_method is defined and openshift_master_cluster_method != "pacemaker")) + - fail: + msg: > + This upgrade is only supported for origin and openshift-enterprise + deployment types + when: deployment_type not in ['origin','openshift-enterprise'] + - fail: + msg: > + openshift_pkg_version is {{ openshift_pkg_version }} which is not a + valid version for a 3.1 upgrade + when: openshift_pkg_version is defined and openshift_pkg_version.split('-',1).1 | version_compare('3.0.2.900','<') + + # If this script errors out ansible will show the default stdout/stderr + # which contains details for the user: + - script: ../files/pre-upgrade-check + +- name: Evaluate etcd_hosts_to_backup + hosts: localhost + tasks: + - name: Evaluate etcd_hosts_to_backup + add_host: + name: "{{ item }}" + groups: etcd_hosts_to_backup + with_items: groups.oo_etcd_to_config if groups.oo_etcd_to_config is defined and groups.oo_etcd_to_config | length > 0 else groups.oo_first_master + +- name: Backup etcd + hosts: etcd_hosts_to_backup + vars: + embedded_etcd: "{{ openshift.master.embedded_etcd }}" + timestamp: "{{ lookup('pipe', 'date +%Y%m%d%H%M%S') }}" + roles: + - openshift_facts + tasks: + - openshift_facts: + role: etcd + local_facts: {} + when: "'etcd' not in openshift" + + - stat: path=/var/lib/openshift + register: var_lib_openshift + + - stat: path=/var/lib/origin + register: var_lib_origin + + - name: Create origin symlink if necessary + file: src=/var/lib/openshift/ dest=/var/lib/origin state=link + when: var_lib_openshift.stat.exists == True and var_lib_origin.stat.exists == False + + - name: Check available disk space for etcd backup + # We assume to be using the data dir for all backups. + shell: > + df --output=avail -k {{ openshift.common.data_dir }} | tail -n 1 + register: avail_disk + + - name: Check current embedded etcd disk usage + shell: > + du -k {{ openshift.etcd.etcd_data_dir }} | tail -n 1 | cut -f1 + register: etcd_disk_usage + when: embedded_etcd | bool + + - name: Abort if insufficient disk space for etcd backup + fail: + msg: > + {{ etcd_disk_usage.stdout }} Kb disk space required for etcd backup, + {{ avail_disk.stdout }} Kb available. + when: (embedded_etcd | bool) and (etcd_disk_usage.stdout|int > avail_disk.stdout|int) + + - name: Install etcd (for etcdctl) + yum: + pkg: etcd + state: latest + + - name: Generate etcd backup + command: > + etcdctl backup --data-dir={{ openshift.etcd.etcd_data_dir }} + --backup-dir={{ openshift.common.data_dir }}/etcd-backup-{{ timestamp }} + + - name: Display location of etcd backup + debug: + msg: "Etcd backup created in {{ openshift.common.data_dir }}/etcd-backup-{{ timestamp }}" + + +- name: Update deployment type + hosts: OSEv3 + roles: + - openshift_facts + post_tasks: + - openshift_facts: + role: common + local_facts: + deployment_type: "{{ deployment_type }}" + + +- name: Perform upgrade version checking + hosts: masters[0] + tasks: + - name: Clean yum cache + command: yum clean all + + - name: Determine available versions + script: ../files/versions.sh {{ openshift.common.service_type }} openshift + register: g_versions_result + + - set_fact: + g_aos_versions: "{{ g_versions_result.stdout | from_yaml }}" + + - set_fact: + g_new_version: "{{ g_aos_versions.curr_version.split('-', 1).0 if g_aos_versions.avail_version is none else g_aos_versions.avail_version.split('-', 1).0 }}" + + - fail: + msg: This playbook requires Origin 1.0.6 or later + when: deployment_type == 'origin' and g_aos_versions.curr_version | version_compare('1.0.6','<') + + - fail: + msg: Atomic OpenShift 3.1 packages not found + when: g_aos_versions.curr_version | version_compare('3.0.2.900','<') and (g_aos_versions.avail_version is none or g_aos_versions.avail_version | version_compare('3.0.2.900','<')) + +- name: Upgrade masters + hosts: masters + vars: + openshift_version: "{{ openshift_pkg_version | default('') }}" + tasks: + - name: Upgrade to latest available kernel + yum: + pkg: kernel + state: latest + + - name: Upgrade master packages + command: yum update -y {{ openshift.common.service_type }}-master{{ openshift_version }} + + - name: Ensure python-yaml present for config upgrade + yum: + pkg: PyYAML + state: installed + + - name: Upgrade master configuration + openshift_upgrade_config: + from_version: '3.0' + to_version: '3.1' + role: master + config_base: "{{ hostvars[inventory_hostname].openshift.common.config_base }}" + + - set_fact: + master_certs_missing: True + master_cert_subdir: master-{{ openshift.common.hostname }} + master_cert_config_dir: "{{ openshift.common.config_base }}/master" + +- name: Create temp directory for syncing certs + hosts: localhost + gather_facts: no + tasks: + - name: Create local temp directory for syncing certs + local_action: command mktemp -d /tmp/openshift-ansible-XXXXXXX + register: g_master_mktemp + changed_when: False + +- name: Generate missing master certificates + hosts: masters[0] + vars: + master_hostnames: "{{ hostvars + | oo_select_keys(groups.masters) + | oo_collect('openshift.common.all_hostnames') + | oo_flatten | unique }}" + master_generated_certs_dir: "{{ openshift.common.config_base }}/generated-configs" + masters_needing_certs: "{{ hostvars + | oo_select_keys(groups.masters) + | difference([groups.masters.0]) }}" + sync_tmpdir: "{{ hostvars.localhost.g_master_mktemp.stdout }}" + openshift_deployment_type: "{{ deployment_type }}" + roles: + - openshift_master_certificates + post_tasks: + - name: Remove generated etcd client certs when using external etcd + file: + path: "{{ master_generated_certs_dir }}/{{ item.0.master_cert_subdir }}/{{ item.1 }}" + state: absent + when: groups.oo_etcd_to_config is defined and groups.oo_etcd_to_config + with_nested: + - masters_needing_certs + - - master.etcd-client.crt + - master.etcd-client.key + + - name: Create a tarball of the master certs + command: > + tar -czvf {{ master_generated_certs_dir }}/{{ item.master_cert_subdir }}.tgz + -C {{ master_generated_certs_dir }}/{{ item.master_cert_subdir }} . + with_items: masters_needing_certs + + - name: Retrieve the master cert tarball from the master + fetch: + src: "{{ master_generated_certs_dir }}/{{ item.master_cert_subdir }}.tgz" + dest: "{{ sync_tmpdir }}/" + flat: yes + fail_on_missing: yes + validate_checksum: yes + with_items: masters_needing_certs + +- name: Sync certs and restart masters post configuration change + hosts: masters + vars: + sync_tmpdir: "{{ hostvars.localhost.g_master_mktemp.stdout }}" + openshift_master_ha: "{{ groups['masters'] | length > 1 }}" + tasks: + - name: Unarchive the tarball on the master + unarchive: + src: "{{ sync_tmpdir }}/{{ master_cert_subdir }}.tgz" + dest: "{{ master_cert_config_dir }}" + when: inventory_hostname != groups.masters.0 + + - name: Restart master services + service: name="{{ openshift.common.service_type}}-master" state=restarted + when: not openshift_master_ha | bool + +- name: Destroy cluster + hosts: masters[0] + vars: + openshift_master_ha: "{{ groups['masters'] | length > 1 }}" + openshift_deployment_type: "{{ deployment_type }}" + pre_tasks: + - name: Check for configured cluster + stat: + path: /etc/corosync/corosync.conf + register: corosync_conf + when: openshift_master_ha | bool + - name: Destroy cluster + command: pcs cluster destroy --all + when: openshift_master_ha | bool and corosync_conf.stat.exists == true + +- name: Start pcsd on masters + hosts: masters + vars: + openshift_master_ha: "{{ groups['masters'] | length > 1 }}" + tasks: + - name: Start pcsd + service: name=pcsd enabled=yes state=started + when: openshift_master_ha | bool + +- name: Re-create cluster + hosts: masters[0] + vars: + openshift_master_ha: "{{ groups['masters'] | length > 1 }}" + openshift_deployment_type: "{{ deployment_type }}" + omc_cluster_hosts: "{{ groups.masters | join(' ') }}" + roles: + - role: openshift_master_cluster + when: openshift_master_ha | bool + +- name: Delete temporary directory on localhost + hosts: localhost + gather_facts: no + tasks: + - file: name={{ g_master_mktemp.stdout }} state=absent + changed_when: False + + +- name: Upgrade nodes + hosts: nodes + vars: + openshift_version: "{{ openshift_pkg_version | default('') }}" + roles: + - openshift_facts + tasks: + - name: Upgrade node packages + command: yum update -y {{ openshift.common.service_type }}-node{{ openshift_version }} + - name: Restart node services + service: name="{{ openshift.common.service_type }}-node" state=restarted + +- name: Update cluster policy and policy bindings + hosts: masters[0] + vars: + origin_reconcile_bindings: "{{ deployment_type == 'origin' and g_new_version | version_compare('1.0.6', '>') }}" + ent_reconcile_bindings: true + tasks: + - name: oadm policy reconcile-cluster-roles --confirm + command: > + {{ openshift.common.admin_binary}} --config={{ openshift.common.config_base }}/master/admin.kubeconfig + policy reconcile-cluster-roles --confirm + + - name: oadm policy reconcile-cluster-role-bindings --confirm + command: > + {{ openshift.common.admin_binary}} --config={{ openshift.common.config_base }}/master/admin.kubeconfig + policy reconcile-cluster-role-bindings + --exclude-groups=system:authenticated + --exclude-groups=system:unauthenticated + --exclude-users=system:anonymous + --additive-only=true --confirm + when: origin_reconcile_bindings | bool or ent_reconcile_bindings | bool + + +- name: Restart masters post reconcile + hosts: masters + vars: + openshift_master_ha: "{{ groups['masters'] | length > 1 }}" + tasks: + - name: Restart master services + service: name="{{ openshift.common.service_type}}-master" state=restarted + when: not openshift_master_ha | bool + +- name: Restart cluster post reconcile + hosts: masters[0] + vars: + openshift_master_ha: "{{ groups['masters'] | length > 1 }}" + tasks: + - name: Restart master cluster + command: pcs resource restart master + when: openshift_master_ha | bool + - name: Wait for the clustered master service to be available + wait_for: + host: "{{ openshift_master_cluster_vip }}" + port: 8443 + state: started + timeout: 180 + delay: 90 + when: openshift_master_ha | bool + +- name: Upgrade default router and registry + hosts: masters[0] + vars: + - registry_image: "{{ openshift.master.registry_url | replace( '${component}', 'docker-registry' ) | replace ( '${version}', 'v' + g_new_version ) }}" + - router_image: "{{ openshift.master.registry_url | replace( '${component}', 'haproxy-router' ) | replace ( '${version}', 'v' + g_new_version ) }}" + - oc_cmd: "{{ openshift.common.client_binary }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig" + tasks: + - name: Check for default router + command: > + {{ oc_cmd }} get -n default dc/router + register: _default_router + failed_when: false + changed_when: false + - name: Check for allowHostNetwork and allowHostPorts + when: _default_router.rc == 0 + shell: > + {{ oc_cmd }} get -o yaml scc/privileged | /usr/bin/grep -e allowHostPorts -e allowHostNetwork + register: _scc + - name: Grant allowHostNetwork and allowHostPorts + when: + - _default_router.rc == 0 + - "'false' in _scc.stdout" + command: > + {{ oc_cmd }} patch scc/privileged -p '{"allowHostPorts":true,"allowHostNetwork":true}' --loglevel=9 + - name: Update deployment config to 1.0.4/3.0.1 spec + when: _default_router.rc == 0 + command: > + {{ oc_cmd }} patch dc/router -p + '{"spec":{"strategy":{"rollingParams":{"updatePercent":-10},"spec":{"serviceAccount":"router","serviceAccountName":"router"}}}}' + - name: Switch to hostNetwork=true + when: _default_router.rc == 0 + command: > + {{ oc_cmd }} patch dc/router -p '{"spec":{"template":{"spec":{"hostNetwork":true}}}}' + - name: Update router image to current version + when: _default_router.rc == 0 + command: > + {{ oc_cmd }} patch dc/router -p + '{"spec":{"template":{"spec":{"containers":[{"name":"router","image":"{{ router_image }}"}]}}}}' + + - name: Check for default registry + command: > + {{ oc_cmd }} get -n default dc/docker-registry + register: _default_registry + failed_when: false + changed_when: false + - name: Update registry image to current version + when: _default_registry.rc == 0 + command: > + {{ oc_cmd }} patch dc/docker-registry -p + '{"spec":{"template":{"spec":{"containers":[{"name":"registry","image":"{{ registry_image }}"}]}}}}' + +- name: Update image streams and templates + hosts: masters[0] + vars: + openshift_examples_import_command: "update" + openshift_deployment_type: "{{ deployment_type }}" + roles: + - openshift_examples + +- name: Ensure master services enabled + hosts: masters + vars: + openshift_master_ha: "{{ groups['masters'] | length > 1 }}" + tasks: + - name: Enable master services + service: name="{{ openshift.common.service_type}}-master" state=started enabled=yes + when: not openshift_master_ha | bool + +- name: Ensure node services enabled + hosts: nodes + tasks: + - name: Restart node services + service: name="{{ openshift.common.service_type }}-node" state=started enabled=yes + diff --git a/playbooks/common/openshift-etcd/config.yml b/playbooks/common/openshift-etcd/config.yml index 952960652..ed23ada88 100644 --- a/playbooks/common/openshift-etcd/config.yml +++ b/playbooks/common/openshift-etcd/config.yml @@ -13,6 +13,8 @@ hostname: "{{ openshift_hostname | default(None) }}" public_hostname: "{{ openshift_public_hostname | default(None) }}" deployment_type: "{{ openshift_deployment_type }}" + - role: etcd + local_facts: {} - name: Check status of etcd certificates stat: path: "{{ item }}" diff --git a/playbooks/common/openshift-master/config.yml b/playbooks/common/openshift-master/config.yml index b1da85d5d..1b3fba3aa 100644 --- a/playbooks/common/openshift-master/config.yml +++ b/playbooks/common/openshift-master/config.yml @@ -51,6 +51,9 @@ console_url: "{{ openshift_master_console_url | default(None) }}" console_use_ssl: "{{ openshift_master_console_use_ssl | default(None) }}" public_console_url: "{{ openshift_master_public_console_url | default(None) }}" + - role: etcd + local_facts: {} + when: openshift.master.embedded_etcd | bool - name: Check status of external etcd certificatees stat: path: "{{ openshift.common.config_base }}/master/{{ item }}" diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py index c108cd422..2e1075aca 100755 --- a/roles/openshift_facts/library/openshift_facts.py +++ b/roles/openshift_facts/library/openshift_facts.py @@ -528,7 +528,6 @@ def set_aggregate_facts(facts): first_svc_ip = str(IPNetwork(facts['master']['portal_net'])[1]) all_hostnames.add(first_svc_ip) internal_hostnames.add(first_svc_ip) - _add_etcd_data_dir_fact(facts) facts['common']['all_hostnames'] = list(all_hostnames) facts['common']['internal_hostnames'] = list(internal_hostnames) @@ -536,7 +535,7 @@ def set_aggregate_facts(facts): return facts -def _add_etcd_data_dir_fact(facts): +def set_etcd_facts_if_unset(facts): """ If using embedded etcd, loads the data directory from master-config.yaml. @@ -544,38 +543,39 @@ def _add_etcd_data_dir_fact(facts): If anything goes wrong parsing these, the fact will not be set. """ - if facts['master']['embedded_etcd']: - try: - # Parse master config to find actual etcd data dir: - master_cfg_path = os.path.join(facts['common']['config_base'], - 'master/master-config.yaml') - master_cfg_f = open(master_cfg_path, 'r') - config = yaml.safe_load(master_cfg_f.read()) - master_cfg_f.close() - - facts['master']['etcd_data_dir'] = \ - config['etcdConfig']['storageDirectory'] - # We don't want exceptions bubbling up here: - # pylint: disable=broad-except - except Exception: - pass - else: - # Read ETCD_DATA_DIR from /etc/etcd/etcd.conf: - try: - # Add a fake section for parsing: - ini_str = '[root]\n' + open('/etc/etcd/etcd.conf', 'r').read() - ini_fp = StringIO.StringIO(ini_str) - config = ConfigParser.RawConfigParser() - config.readfp(ini_fp) - etcd_data_dir = config.get('root', 'ETCD_DATA_DIR') - if etcd_data_dir.startswith('"') and etcd_data_dir.endswith('"'): - etcd_data_dir = etcd_data_dir[1:-1] - facts['master']['etcd_data_dir'] = etcd_data_dir - # We don't want exceptions bubbling up here: - # pylint: disable=broad-except - except Exception: - pass - + if 'etcd' in facts: + if 'master' in facts and facts['master']['embedded_etcd']: + try: + # Parse master config to find actual etcd data dir: + master_cfg_path = os.path.join(facts['common']['config_base'], + 'master/master-config.yaml') + master_cfg_f = open(master_cfg_path, 'r') + config = yaml.safe_load(master_cfg_f.read()) + master_cfg_f.close() + + facts['etcd']['etcd_data_dir'] = \ + config['etcdConfig']['storageDirectory'] + # We don't want exceptions bubbling up here: + # pylint: disable=broad-except + except Exception: + pass + else: + # Read ETCD_DATA_DIR from /etc/etcd/etcd.conf: + try: + # Add a fake section for parsing: + ini_str = '[root]\n' + open('/etc/etcd/etcd.conf', 'r').read() + ini_fp = StringIO.StringIO(ini_str) + config = ConfigParser.RawConfigParser() + config.readfp(ini_fp) + etcd_data_dir = config.get('root', 'ETCD_DATA_DIR') + if etcd_data_dir.startswith('"') and etcd_data_dir.endswith('"'): + etcd_data_dir = etcd_data_dir[1:-1] + facts['etcd']['etcd_data_dir'] = etcd_data_dir + # We don't want exceptions bubbling up here: + # pylint: disable=broad-except + except Exception: + pass + return facts def set_deployment_facts_if_unset(facts): """ Set Facts that vary based on deployment_type. This currently @@ -939,7 +939,7 @@ class OpenShiftFacts(object): Raises: OpenShiftFactsUnsupportedRoleError: """ - known_roles = ['common', 'master', 'node', 'master_sdn', 'node_sdn', 'dns'] + known_roles = ['common', 'master', 'node', 'master_sdn', 'node_sdn', 'dns', 'etcd'] def __init__(self, role, filename, local_facts): self.changed = False @@ -982,6 +982,7 @@ class OpenShiftFacts(object): facts = set_deployment_facts_if_unset(facts) facts = set_version_facts_if_unset(facts) facts = set_aggregate_facts(facts) + facts = set_etcd_facts_if_unset(facts) return dict(openshift=facts) def get_defaults(self, roles): diff --git a/utils/src/ooinstall/cli_installer.py b/utils/src/ooinstall/cli_installer.py index 4c55002fb..6cdc19f20 100644 --- a/utils/src/ooinstall/cli_installer.py +++ b/utils/src/ooinstall/cli_installer.py @@ -177,7 +177,8 @@ Notes: h.public_ip, h.hostname, h.public_hostname])) - output = "%s\n%s" % (output, ",".join([h.ip, + output = "%s\n%s" % (output, ",".join([h.connect_to, + h.ip, h.public_ip, h.hostname, h.public_hostname])) @@ -493,7 +494,7 @@ def upgrade(ctx): verbose = ctx.obj['verbose'] if len(oo_cfg.hosts) == 0: - click.echo("No hosts defined in: %s" % oo_cfg['configuration']) + click.echo("No hosts defined in: %s" % oo_cfg.config_path) sys.exit(1) # Update config to reflect the version we're targetting, we'll write diff --git a/utils/src/ooinstall/oo_config.py b/utils/src/ooinstall/oo_config.py index cf51bb404..9c97e6e93 100644 --- a/utils/src/ooinstall/oo_config.py +++ b/utils/src/ooinstall/oo_config.py @@ -116,6 +116,9 @@ class OOConfig(object): def _upgrade_legacy_config(self): new_hosts = [] + remove_settings = ['validated_facts', 'Description', 'Name', + 'Subscription', 'Vendor', 'Version', 'masters', 'nodes'] + if 'validated_facts' in self.settings: for key, value in self.settings['validated_facts'].iteritems(): value['connect_to'] = key @@ -126,10 +129,9 @@ class OOConfig(object): new_hosts.append(value) self.settings['hosts'] = new_hosts - remove_settings = ['validated_facts', 'Description', 'Name', - 'Subscription', 'Vendor', 'Version', 'masters', 'nodes'] for s in remove_settings: - del self.settings[s] + if s in self.settings: + del self.settings[s] # A legacy config implies openshift-enterprise 3.0: self.settings['variant'] = 'openshift-enterprise' diff --git a/utils/src/ooinstall/openshift_ansible.py b/utils/src/ooinstall/openshift_ansible.py index 489a0f7c1..e4c808e85 100644 --- a/utils/src/ooinstall/openshift_ansible.py +++ b/utils/src/ooinstall/openshift_ansible.py @@ -164,8 +164,10 @@ def run_uninstall_playbook(verbose=False): def run_upgrade_playbook(verbose=False): + # TODO: do not hardcode the upgrade playbook, add ability to select the + # right playbook depending on the type of upgrade. playbook = os.path.join(CFG.settings['ansible_playbook_directory'], - 'playbooks/adhoc/upgrades/upgrade.yml') + 'playbooks/byo/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml') # TODO: Upgrade inventory for upgrade? inventory_file = generate_inventory(CFG.hosts) facts_env = os.environ.copy() -- cgit v1.2.3 From d312f8115d6a46b65e413a4db07cba2bae565cfb Mon Sep 17 00:00:00 2001 From: Tobias Florek Date: Wed, 11 Nov 2015 09:19:42 +0100 Subject: oo_filter: don't fail when attribute is not defined --- filter_plugins/oo_filters.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/filter_plugins/oo_filters.py b/filter_plugins/oo_filters.py index f4643270d..9a17913c4 100644 --- a/filter_plugins/oo_filters.py +++ b/filter_plugins/oo_filters.py @@ -275,7 +275,7 @@ class FilterModule(object): raise errors.AnsibleFilterError("|failed expects filter_attr is a str") # Gather up the values for the list of keys passed in - return [x for x in data if x[filter_attr]] + return [x for x in data if x.has_key(filter_attr) and x[filter_attr]] @staticmethod def oo_parse_heat_stack_outputs(data): -- cgit v1.2.3 From 9f972931bb4de191a72a74cced5181a413979564 Mon Sep 17 00:00:00 2001 From: Brenton Leanhardt Date: Wed, 11 Nov 2015 10:49:15 -0500 Subject: Automatic commit of package [openshift-ansible] release [3.0.9-1]. --- .tito/packages/openshift-ansible | 2 +- openshift-ansible.spec | 5 ++++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/.tito/packages/openshift-ansible b/.tito/packages/openshift-ansible index b6aa80de5..abeaa06a3 100644 --- a/.tito/packages/openshift-ansible +++ b/.tito/packages/openshift-ansible @@ -1 +1 @@ -3.0.8-1 ./ +3.0.9-1 ./ diff --git a/openshift-ansible.spec b/openshift-ansible.spec index 01146ed1d..8b69c4926 100644 --- a/openshift-ansible.spec +++ b/openshift-ansible.spec @@ -5,7 +5,7 @@ } Name: openshift-ansible -Version: 3.0.8 +Version: 3.0.9 Release: 1%{?dist} Summary: Openshift and Atomic Enterprise Ansible License: ASL 2.0 @@ -258,6 +258,9 @@ Atomic OpenShift Utilities includes %changelog +* Wed Nov 11 2015 Brenton Leanhardt 3.0.9-1 +- Refactor upgrade playbook(s) (jdetiber@redhat.com) + * Tue Nov 10 2015 Scott Dodson 3.0.8-1 - Add origin-clients to uninstall playbook. (abutcher@redhat.com) - examples: include logging and metrics infrastructure (lmeyer@redhat.com) -- cgit v1.2.3 From a3f9656ee561c6ab133c509b0ade2c9a389e4bdf Mon Sep 17 00:00:00 2001 From: Jason DeTiberus Date: Wed, 11 Nov 2015 11:23:36 -0500 Subject: add ansible dep to vagrant doc --- README_vagrant.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README_vagrant.md b/README_vagrant.md index 5f87d6633..f3e4cfc18 100644 --- a/README_vagrant.md +++ b/README_vagrant.md @@ -1,5 +1,6 @@ Requirements ------------ +- ansible (the latest 1.9 release is preferred, but any version greater than 1.9.1 should be sufficient). - vagrant (tested against version 1.7.2) - vagrant-hostmanager plugin (tested against version 1.5.0) - vagrant-registration plugin (only required for enterprise deployment type) -- cgit v1.2.3 From 260989b6caa58c871399bf164d3b71de9048c0b6 Mon Sep 17 00:00:00 2001 From: Scott Dodson Date: Mon, 2 Nov 2015 09:12:18 -0500 Subject: Import latest xpaas templates and image streams --- roles/openshift_examples/examples-sync.sh | 7 +- .../xpaas-streams/jboss-image-streams.json | 63 +- .../examples/xpaas-templates/amq6-persistent.json | 439 ------------- .../files/examples/xpaas-templates/amq6.json | 410 ------------- .../examples/xpaas-templates/amq62-basic.json | 325 ++++++++++ .../xpaas-templates/amq62-persistent-ssl.json | 521 ++++++++++++++++ .../examples/xpaas-templates/amq62-persistent.json | 343 +++++++++++ .../files/examples/xpaas-templates/amq62-ssl.json | 507 ++++++++++++++++ .../xpaas-templates/eap6-amq-persistent-sti.json | 646 -------------------- .../examples/xpaas-templates/eap6-amq-sti.json | 609 ------------------- .../examples/xpaas-templates/eap6-basic-sti.json | 304 --------- .../examples/xpaas-templates/eap6-https-sti.json | 408 ------------- .../eap6-mongodb-persistent-sti.json | 645 -------------------- .../examples/xpaas-templates/eap6-mongodb-sti.json | 608 ------------------ .../xpaas-templates/eap6-mysql-persistent-sti.json | 651 -------------------- .../examples/xpaas-templates/eap6-mysql-sti.json | 614 ------------------- .../eap6-postgresql-persistent-sti.json | 627 ------------------- .../xpaas-templates/eap6-postgresql-sti.json | 590 ------------------ .../xpaas-templates/eap64-amq-persistent-s2i.json | 659 ++++++++++++++++++++ .../examples/xpaas-templates/eap64-amq-s2i.json | 619 +++++++++++++++++++ .../examples/xpaas-templates/eap64-basic-s2i.json | 305 ++++++++++ .../examples/xpaas-templates/eap64-https-s2i.json | 413 +++++++++++++ .../eap64-mongodb-persistent-s2i.json | 669 ++++++++++++++++++++ .../xpaas-templates/eap64-mongodb-s2i.json | 629 +++++++++++++++++++ .../eap64-mysql-persistent-s2i.json | 676 +++++++++++++++++++++ .../examples/xpaas-templates/eap64-mysql-s2i.json | 636 +++++++++++++++++++ .../eap64-postgresql-persistent-s2i.json | 649 ++++++++++++++++++++ .../xpaas-templates/eap64-postgresql-s2i.json | 609 +++++++++++++++++++ .../xpaas-templates/jws-tomcat7-basic-sti.json | 257 -------- .../xpaas-templates/jws-tomcat7-https-sti.json | 361 ----------- .../jws-tomcat7-mongodb-persistent-sti.json | 599 ------------------ .../xpaas-templates/jws-tomcat7-mongodb-sti.json | 562 ----------------- .../jws-tomcat7-mysql-persistent-sti.json | 600 ------------------ .../xpaas-templates/jws-tomcat7-mysql-sti.json | 563 ----------------- .../jws-tomcat7-postgresql-persistent-sti.json | 576 ------------------ .../jws-tomcat7-postgresql-sti.json | 539 ---------------- .../xpaas-templates/jws-tomcat8-basic-sti.json | 257 -------- .../xpaas-templates/jws-tomcat8-https-sti.json | 361 ----------- .../jws-tomcat8-mongodb-persistent-sti.json | 599 ------------------ .../xpaas-templates/jws-tomcat8-mongodb-sti.json | 562 ----------------- .../jws-tomcat8-mysql-persistent-sti.json | 600 ------------------ .../xpaas-templates/jws-tomcat8-mysql-sti.json | 563 ----------------- .../jws-tomcat8-postgresql-persistent-sti.json | 576 ------------------ .../jws-tomcat8-postgresql-sti.json | 539 ---------------- .../xpaas-templates/jws30-tomcat7-basic-s2i.json | 279 +++++++++ .../xpaas-templates/jws30-tomcat7-https-s2i.json | 387 ++++++++++++ .../jws30-tomcat7-mongodb-persistent-s2i.json | 643 ++++++++++++++++++++ .../xpaas-templates/jws30-tomcat7-mongodb-s2i.json | 603 ++++++++++++++++++ .../jws30-tomcat7-mysql-persistent-s2i.json | 645 ++++++++++++++++++++ .../xpaas-templates/jws30-tomcat7-mysql-s2i.json | 605 ++++++++++++++++++ .../jws30-tomcat7-postgresql-persistent-s2i.json | 618 +++++++++++++++++++ .../jws30-tomcat7-postgresql-s2i.json | 578 ++++++++++++++++++ .../xpaas-templates/jws30-tomcat8-basic-s2i.json | 279 +++++++++ .../xpaas-templates/jws30-tomcat8-https-s2i.json | 387 ++++++++++++ .../jws30-tomcat8-mongodb-persistent-s2i.json | 643 ++++++++++++++++++++ .../xpaas-templates/jws30-tomcat8-mongodb-s2i.json | 603 ++++++++++++++++++ .../jws30-tomcat8-mysql-persistent-s2i.json | 645 ++++++++++++++++++++ .../xpaas-templates/jws30-tomcat8-mysql-s2i.json | 605 ++++++++++++++++++ .../jws30-tomcat8-postgresql-persistent-s2i.json | 618 +++++++++++++++++++ .../jws30-tomcat8-postgresql-s2i.json | 576 ++++++++++++++++++ 60 files changed, 16313 insertions(+), 14696 deletions(-) delete mode 100644 roles/openshift_examples/files/examples/xpaas-templates/amq6-persistent.json delete mode 100644 roles/openshift_examples/files/examples/xpaas-templates/amq6.json create mode 100644 roles/openshift_examples/files/examples/xpaas-templates/amq62-basic.json create mode 100644 roles/openshift_examples/files/examples/xpaas-templates/amq62-persistent-ssl.json create mode 100644 roles/openshift_examples/files/examples/xpaas-templates/amq62-persistent.json create mode 100644 roles/openshift_examples/files/examples/xpaas-templates/amq62-ssl.json delete mode 100644 roles/openshift_examples/files/examples/xpaas-templates/eap6-amq-persistent-sti.json delete mode 100644 roles/openshift_examples/files/examples/xpaas-templates/eap6-amq-sti.json delete mode 100644 roles/openshift_examples/files/examples/xpaas-templates/eap6-basic-sti.json delete mode 100644 roles/openshift_examples/files/examples/xpaas-templates/eap6-https-sti.json delete mode 100644 roles/openshift_examples/files/examples/xpaas-templates/eap6-mongodb-persistent-sti.json delete mode 100644 roles/openshift_examples/files/examples/xpaas-templates/eap6-mongodb-sti.json delete mode 100644 roles/openshift_examples/files/examples/xpaas-templates/eap6-mysql-persistent-sti.json delete mode 100644 roles/openshift_examples/files/examples/xpaas-templates/eap6-mysql-sti.json delete mode 100644 roles/openshift_examples/files/examples/xpaas-templates/eap6-postgresql-persistent-sti.json delete mode 100644 roles/openshift_examples/files/examples/xpaas-templates/eap6-postgresql-sti.json create mode 100644 roles/openshift_examples/files/examples/xpaas-templates/eap64-amq-persistent-s2i.json create mode 100644 roles/openshift_examples/files/examples/xpaas-templates/eap64-amq-s2i.json create mode 100644 roles/openshift_examples/files/examples/xpaas-templates/eap64-basic-s2i.json create mode 100644 roles/openshift_examples/files/examples/xpaas-templates/eap64-https-s2i.json create mode 100644 roles/openshift_examples/files/examples/xpaas-templates/eap64-mongodb-persistent-s2i.json create mode 100644 roles/openshift_examples/files/examples/xpaas-templates/eap64-mongodb-s2i.json create mode 100644 roles/openshift_examples/files/examples/xpaas-templates/eap64-mysql-persistent-s2i.json create mode 100644 roles/openshift_examples/files/examples/xpaas-templates/eap64-mysql-s2i.json create mode 100644 roles/openshift_examples/files/examples/xpaas-templates/eap64-postgresql-persistent-s2i.json create mode 100644 roles/openshift_examples/files/examples/xpaas-templates/eap64-postgresql-s2i.json delete mode 100644 roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-basic-sti.json delete mode 100644 roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-https-sti.json delete mode 100644 roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-mongodb-persistent-sti.json delete mode 100644 roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-mongodb-sti.json delete mode 100644 roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-mysql-persistent-sti.json delete mode 100644 roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-mysql-sti.json delete mode 100644 roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-postgresql-persistent-sti.json delete mode 100644 roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-postgresql-sti.json delete mode 100644 roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-basic-sti.json delete mode 100644 roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-https-sti.json delete mode 100644 roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-mongodb-persistent-sti.json delete mode 100644 roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-mongodb-sti.json delete mode 100644 roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-mysql-persistent-sti.json delete mode 100644 roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-mysql-sti.json delete mode 100644 roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-postgresql-persistent-sti.json delete mode 100644 roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-postgresql-sti.json create mode 100644 roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat7-basic-s2i.json create mode 100644 roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat7-https-s2i.json create mode 100644 roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat7-mongodb-persistent-s2i.json create mode 100644 roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat7-mongodb-s2i.json create mode 100644 roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat7-mysql-persistent-s2i.json create mode 100644 roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat7-mysql-s2i.json create mode 100644 roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat7-postgresql-persistent-s2i.json create mode 100644 roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat7-postgresql-s2i.json create mode 100644 roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat8-basic-s2i.json create mode 100644 roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat8-https-s2i.json create mode 100644 roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat8-mongodb-persistent-s2i.json create mode 100644 roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat8-mongodb-s2i.json create mode 100644 roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat8-mysql-persistent-s2i.json create mode 100644 roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat8-mysql-s2i.json create mode 100644 roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat8-postgresql-persistent-s2i.json create mode 100644 roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat8-postgresql-s2i.json diff --git a/roles/openshift_examples/examples-sync.sh b/roles/openshift_examples/examples-sync.sh index 3fda86907..a261a6ddd 100755 --- a/roles/openshift_examples/examples-sync.sh +++ b/roles/openshift_examples/examples-sync.sh @@ -5,6 +5,7 @@ # # This script should be run from openshift-ansible/roles/openshift_examples +XPAAS_VERSION=ose-v1.1.0 EXAMPLES_BASE=$(pwd)/files/examples find files/examples -name '*.json' -delete find files/examples -name '*.yaml' -delete @@ -17,7 +18,7 @@ wget https://github.com/openshift/rails-ex/archive/master.zip -O rails-ex-master wget https://github.com/openshift/nodejs-ex/archive/master.zip -O nodejs-ex-master.zip wget https://github.com/openshift/dancer-ex/archive/master.zip -O dancer-ex-master.zip wget https://github.com/openshift/cakephp-ex/archive/master.zip -O cakephp-ex-master.zip -wget https://github.com/jboss-openshift/application-templates/archive/ose-v1.0.2.zip -O application-templates-master.zip +wget https://github.com/jboss-openshift/application-templates/archive/${XPAAS_VERSION}.zip -O application-templates-master.zip unzip origin-master.zip unzip django-ex-master.zip unzip rails-ex-master.zip @@ -33,8 +34,8 @@ cp rails-ex-master/openshift/templates/* ${EXAMPLES_BASE}/quickstart-templates/ cp nodejs-ex-master/openshift/templates/* ${EXAMPLES_BASE}/quickstart-templates/ cp dancer-ex-master/openshift/templates/* ${EXAMPLES_BASE}/quickstart-templates/ cp cakephp-ex-master/openshift/templates/* ${EXAMPLES_BASE}/quickstart-templates/ -mv application-templates-master/jboss-image-streams.json ${EXAMPLES_BASE}/xpaas-streams/ -find application-templates-master/ -name '*.json' ! -wholename '*secret*' -exec mv {} ${EXAMPLES_BASE}/xpaas-templates/ \; +mv application-templates-${XPAAS_VERSION}/jboss-image-streams.json ${EXAMPLES_BASE}/xpaas-streams/ +find application-templates-${XPAAS_VERSION}/ -name '*.json' ! -wholename '*secret*' -exec mv {} ${EXAMPLES_BASE}/xpaas-templates/ \; wget https://raw.githubusercontent.com/openshift/origin-metrics/master/metrics.yaml -O ${EXAMPLES_BASE}/infrastructure-templates/origin/metrics-deployer.yaml cp ${EXAMPLES_BASE}/infrastructure-templates/origin/metrics-*.yaml ${EXAMPLES_BASE}/infrastructure-templates/enterprise/ diff --git a/roles/openshift_examples/files/examples/xpaas-streams/jboss-image-streams.json b/roles/openshift_examples/files/examples/xpaas-streams/jboss-image-streams.json index 37e6269fe..aaf5569ae 100644 --- a/roles/openshift_examples/files/examples/xpaas-streams/jboss-image-streams.json +++ b/roles/openshift_examples/files/examples/xpaas-streams/jboss-image-streams.json @@ -12,19 +12,21 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "jboss-webserver3-tomcat7-openshift" + "name": "jboss-webserver30-tomcat7-openshift" }, "spec": { - "dockerImageRepository": "registry.access.redhat.com/jboss-webserver-3/tomcat7-openshift", + "dockerImageRepository": "registry.access.redhat.com/jboss-webserver-3/webserver30-tomcat7-openshift", "tags": [ { - "name": "3.0", + "name": "1.1", "annotations": { - "description": "JBoss Web Server v3 Tomcat 7 STI images.", + "description": "JBoss Web Server 3.0 Tomcat 7 S2I images.", "iconClass": "icon-jboss", - "tags": "java", - "supports":"tomcat7:3.0,java", - "version": "3.0" + "tags": "builder,tomcat,tomcat7,java,jboss,xpaas", + "supports":"tomcat7:3.0,tomcat:7,java:8,xpaas:1.1", + "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git", + "sampleContextDir": "tomcat-websocket-chat", + "version": "1.1" } } ] @@ -34,19 +36,21 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "jboss-webserver3-tomcat8-openshift" + "name": "jboss-webserver30-tomcat8-openshift" }, "spec": { - "dockerImageRepository": "registry.access.redhat.com/jboss-webserver-3/tomcat8-openshift", + "dockerImageRepository": "registry.access.redhat.com/jboss-webserver-3/webserver30-tomcat8-openshift", "tags": [ { - "name": "3.0", + "name": "1.1", "annotations": { - "description": "JBoss Web Server v3 Tomcat 8 STI images.", + "description": "JBoss Web Server 3.0 Tomcat 8 S2I images.", "iconClass": "icon-jboss", - "tags": "java", - "supports":"tomcat8:3.0,java", - "version": "3.0" + "tags": "builder,tomcat,tomcat8,java,jboss,xpaas", + "supports":"tomcat8:3.0,tomcat:8,java:8,xpaas:1.1", + "sampleRepo": "https://github.com/jboss-openshift/openshift-quickstarts.git", + "sampleContextDir": "tomcat-websocket-chat", + "version": "1.1" } } ] @@ -56,19 +60,22 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "jboss-eap6-openshift" + "name": "jboss-eap64-openshift" }, "spec": { - "dockerImageRepository": "registry.access.redhat.com/jboss-eap-6/eap-openshift", + "dockerImageRepository": "registry.access.redhat.com/jboss-eap-6/eap64-openshift", "tags": [ { - "name": "6.4", + "name": "1.1", "annotations": { - "description": "JBoss EAP 6 STI images.", + "description": "JBoss EAP 6.4 S2I images.", "iconClass": "icon-jboss", - "tags": "javaee", - "supports":"eap:6.4,jee,java", - "version": "6.4" + "tags": "builder,eap,javaee,java,jboss,xpaas", + "supports":"eap:6.4,javaee:6,java:8,xpaas:1.1", + "sampleRepo": "https://github.com/jboss-developer/jboss-eap-quickstarts.git", + "sampleContextDir": "kitchensink", + "sampleRef": "6.4.x", + "version": "1.1" } } ] @@ -78,19 +85,19 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "jboss-amq-6" + "name": "jboss-amq-62" }, "spec": { - "dockerImageRepository": "registry.access.redhat.com/jboss-amq-6/amq-openshift", + "dockerImageRepository": "registry.access.redhat.com/jboss-amq-6/amq62-openshift", "tags": [ { - "name": "6.2", + "name": "1.1", "annotations": { - "description": "JBoss ActiveMQ 6 broker image.", + "description": "JBoss A-MQ 6.2 broker image.", "iconClass": "icon-jboss", - "tags": "javaee", - "supports":"amq:6.2,jee,java", - "version": "6.2" + "tags": "messaging,amq,jboss,xpaas", + "supports":"amq:6.2,messaging,xpaas:1.1", + "version": "1.1" } } ] diff --git a/roles/openshift_examples/files/examples/xpaas-templates/amq6-persistent.json b/roles/openshift_examples/files/examples/xpaas-templates/amq6-persistent.json deleted file mode 100644 index 5cbc7ee7e..000000000 --- a/roles/openshift_examples/files/examples/xpaas-templates/amq6-persistent.json +++ /dev/null @@ -1,439 +0,0 @@ -{ - "kind": "Template", - "apiVersion": "v1", - "metadata": { - "annotations": { - "description": "Application template for ActiveMQ brokers using persistent storage." - }, - "name": "amq6-persistent" - }, - "labels": { - "template": "amq6-persistent" - }, - "parameters": [ - { - "description": "ActiveMQ Release version, e.g. 6.2, etc.", - "name": "AMQ_RELEASE", - "value": "6.2" - }, - { - "description": "The name for the application.", - "name": "APPLICATION_NAME", - "value": "broker" - }, - { - "description": "Protocol to configure. Only openwire is supported by EAP. amqp, amqp+ssl, mqtt, stomp, stomp+ssl, and ssl are not supported by EAP", - "name": "MQ_PROTOCOL", - "value": "openwire" - }, - { - "description": "Queue names", - "name": "MQ_QUEUES", - "value": "" - }, - { - "description": "Topic names", - "name": "MQ_TOPICS", - "value": "" - }, - { - "description": "Size of persistent storage for database volume.", - "name": "VOLUME_CAPACITY", - "value": "512Mi" - }, - { - "description": "Broker user name", - "name": "MQ_USERNAME", - "from": "user[a-zA-Z0-9]{3}", - "generate": "expression" - }, - { - "description": "Broker user password", - "name": "MQ_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "ActiveMQ Admin User", - "name": "AMQ_ADMIN_USERNAME", - "from": "user[a-zA-Z0-9]{3}", - "generate": "expression" - }, - { - "description": "ActiveMQ Admin Password", - "name": "AMQ_ADMIN_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Name of a secret containing SSL related files", - "name": "AMQ_SECRET", - "value": "amq-app-secret" - }, - { - "description": "SSL trust store filename", - "name": "AMQ_TRUSTSTORE", - "value": "broker.ts" - }, - { - "description": "SSL key store filename", - "name": "AMQ_KEYSTORE", - "value": "broker.ks" - } - ], - "objects": [ - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 5672, - "targetPort": 5672 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}-amq" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}-amq-amqp", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The broker's amqp port." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 5671, - "targetPort": 5671 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}-amq" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}-amq-amqp-ssl", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The broker's amqp ssl port." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 1883, - "targetPort": 1883 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}-amq" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}-amq-mqtt", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The broker's mqtt port." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 61613, - "targetPort": 61613 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}-amq" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}-amq-stomp", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The broker's stomp port." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 61612, - "targetPort": 61612 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}-amq" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}-amq-stomp-ssl", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The broker's stomp ssl port." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 61616, - "targetPort": 61616 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}-amq" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}-amq-tcp", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The broker's tcp (openwire) port." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 61617, - "targetPort": 61617 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}-amq" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}-amq-tcp-ssl", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The broker's tcp ssl (openwire) port." - } - } - }, - { - "kind": "DeploymentConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}-amq", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "strategy": { - "type": "Recreate" - }, - "triggers": [ - { - "type": "ImageChange", - "imageChangeParams": { - "automatic": true, - "containerNames": [ - "${APPLICATION_NAME}-amq" - ], - "from": { - "kind": "ImageStreamTag", - "namespace": "openshift", - "name": "jboss-amq-6:${AMQ_RELEASE}" - } - } - } - ], - "replicas": 1, - "selector": { - "deploymentConfig": "${APPLICATION_NAME}-amq" - }, - "template": { - "metadata": { - "name": "${APPLICATION_NAME}-amq", - "labels": { - "deploymentConfig": "${APPLICATION_NAME}-amq", - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "serviceAccount": "amq-service-account", - "containers": [ - { - "name": "${APPLICATION_NAME}-amq", - "image": "jboss-amq-6", - "imagePullPolicy": "Always", - "volumeMounts": [ - { - "name": "broker-secret-volume", - "mountPath": "/etc/amq-secret-volume", - "readOnly": true - }, - { - "mountPath": "/opt/amq/data/kahadb", - "name": "${APPLICATION_NAME}-amq-pvol" - } - ], - "readinessProbe": { - "exec": { - "command": [ - "/bin/bash", - "-c", - "curl -s -L -u ${AMQ_ADMIN_USERNAME}:${AMQ_ADMIN_PASSWORD} 'http://localhost:8161/hawtio/jolokia/read/org.apache.activemq:type=Broker,brokerName=*,service=Health/CurrentStatus' | grep -q '\"CurrentStatus\" *: *\"Good\"'" - ] - } - }, - "ports": [ - { - "name": "amqp", - "containerPort": 5672, - "protocol": "TCP" - }, - { - "name": "amqp-ssl", - "containerPort": 5671, - "protocol": "TCP" - }, - { - "name": "mqtt", - "containerPort": 1883, - "protocol": "TCP" - }, - { - "name": "stomp", - "containerPort": 61613, - "protocol": "TCP" - }, - { - "name": "stomp-ssl", - "containerPort": 61612, - "protocol": "TCP" - }, - { - "name": "tcp", - "containerPort": 61616, - "protocol": "TCP" - }, - { - "name": "tcp-ssl", - "containerPort": 61617, - "protocol": "TCP" - } - ], - "env": [ - { - "name": "AMQ_USER", - "value": "${MQ_USERNAME}" - }, - { - "name": "AMQ_PASSWORD", - "value": "${MQ_PASSWORD}" - }, - { - "name": "AMQ_PROTOCOLS", - "value": "${MQ_PROTOCOL}" - }, - { - "name": "AMQ_QUEUES", - "value": "${MQ_QUEUES}" - }, - { - "name": "AMQ_TOPICS", - "value": "${MQ_TOPICS}" - }, - { - "name": "AMQ_ADMIN_USERNAME", - "value": "${AMQ_ADMIN_USERNAME}" - }, - { - "name": "AMQ_ADMIN_PASSWORD", - "value": "${AMQ_ADMIN_PASSWORD}" - }, - { - "name": "AMQ_KEYSTORE_TRUSTSTORE_DIR", - "value": "/etc/amq-secret-volume" - }, - { - "name": "AMQ_TRUSTSTORE", - "value": "${AMQ_TRUSTSTORE}" - }, - { - "name": "AMQ_KEYSTORE", - "value": "${AMQ_KEYSTORE}" - } - ] - } - ], - "volumes": [ - { - "name": "broker-secret-volume", - "secret": { - "secretName": "${AMQ_SECRET}" - } - }, - { - "name": "${APPLICATION_NAME}-amq-pvol", - "persistentVolumeClaim": { - "claimName": "${APPLICATION_NAME}-amq-claim" - } - } - ] - } - } - } - }, - { - "apiVersion": "v1", - "kind": "PersistentVolumeClaim", - "metadata": { - "name": "${APPLICATION_NAME}-amq-claim", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "accessModes": [ "ReadWriteOnce" ], - "resources": { - "requests": { - "storage": "${VOLUME_CAPACITY}" - } - } - } - } - ] -} diff --git a/roles/openshift_examples/files/examples/xpaas-templates/amq6.json b/roles/openshift_examples/files/examples/xpaas-templates/amq6.json deleted file mode 100644 index 7decdfe52..000000000 --- a/roles/openshift_examples/files/examples/xpaas-templates/amq6.json +++ /dev/null @@ -1,410 +0,0 @@ -{ - "kind": "Template", - "apiVersion": "v1", - "metadata": { - "annotations": { - "description": "Application template for ActiveMQ brokers." - }, - "name": "amq6" - }, - "labels": { - "template": "amq6" - }, - "parameters": [ - { - "description": "ActiveMQ Release version, e.g. 6.2, etc.", - "name": "AMQ_RELEASE", - "value": "6.2" - }, - { - "description": "The name for the application.", - "name": "APPLICATION_NAME", - "value": "broker" - }, - { - "description": "Protocol to configure. Only openwire is supported by EAP. amqp, amqp+ssl, mqtt, stomp, stomp+ssl, and ssl are not supported by EAP", - "name": "MQ_PROTOCOL", - "value": "openwire" - }, - { - "description": "Queue names", - "name": "MQ_QUEUES", - "value": "" - }, - { - "description": "Topic names", - "name": "MQ_TOPICS", - "value": "" - }, - { - "description": "Broker user name", - "name": "MQ_USERNAME", - "from": "user[a-zA-Z0-9]{3}", - "generate": "expression" - }, - { - "description": "Broker user password", - "name": "MQ_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "ActiveMQ Admin User", - "name": "AMQ_ADMIN_USERNAME", - "from": "user[a-zA-Z0-9]{3}", - "generate": "expression" - }, - { - "description": "ActiveMQ Admin Password", - "name": "AMQ_ADMIN_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Name of a secret containing SSL related files", - "name": "AMQ_SECRET", - "value": "amq-app-secret" - }, - { - "description": "SSL trust store filename", - "name": "AMQ_TRUSTSTORE", - "value": "broker.ts" - }, - { - "description": "SSL key store filename", - "name": "AMQ_KEYSTORE", - "value": "broker.ks" - } - ], - "objects": [ - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 5672, - "targetPort": 5672 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}-amq" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}-amq-amqp", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The broker's amqp port." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 5671, - "targetPort": 5671 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}-amq" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}-amq-amqp-ssl", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The broker's amqp ssl port." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 1883, - "targetPort": 1883 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}-amq" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}-amq-mqtt", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The broker's mqtt port." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 61613, - "targetPort": 61613 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}-amq" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}-amq-stomp", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The broker's stomp port." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 61612, - "targetPort": 61612 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}-amq" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}-amq-stomp-ssl", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The broker's stomp ssl port." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 61616, - "targetPort": 61616 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}-amq" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}-amq-tcp", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The broker's tcp (openwire) port." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 61617, - "targetPort": 61617 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}-amq" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}-amq-tcp-ssl", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The broker's tcp ssl (openwire) port." - } - } - }, - { - "kind": "DeploymentConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}-amq", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "strategy": { - "type": "Recreate" - }, - "triggers": [ - { - "type": "ImageChange", - "imageChangeParams": { - "automatic": true, - "containerNames": [ - "${APPLICATION_NAME}-amq" - ], - "from": { - "kind": "ImageStreamTag", - "namespace": "openshift", - "name": "jboss-amq-6:${AMQ_RELEASE}" - } - } - } - ], - "replicas": 1, - "selector": { - "deploymentConfig": "${APPLICATION_NAME}-amq" - }, - "template": { - "metadata": { - "name": "${APPLICATION_NAME}-amq", - "labels": { - "deploymentConfig": "${APPLICATION_NAME}-amq", - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "serviceAccount": "amq-service-account", - "containers": [ - { - "name": "${APPLICATION_NAME}-amq", - "image": "jboss-amq-6", - "imagePullPolicy": "Always", - "volumeMounts": [ - { - "name": "broker-secret-volume", - "mountPath": "/etc/amq-secret-volume", - "readOnly": true - } - ], - "readinessProbe": { - "exec": { - "command": [ - "/bin/bash", - "-c", - "curl -s -L -u ${AMQ_ADMIN_USERNAME}:${AMQ_ADMIN_PASSWORD} 'http://localhost:8161/hawtio/jolokia/read/org.apache.activemq:type=Broker,brokerName=*,service=Health/CurrentStatus' | grep -q '\"CurrentStatus\" *: *\"Good\"'" - ] - } - }, - "ports": [ - { - "name": "amqp", - "containerPort": 5672, - "protocol": "TCP" - }, - { - "name": "amqp-ssl", - "containerPort": 5671, - "protocol": "TCP" - }, - { - "name": "mqtt", - "containerPort": 1883, - "protocol": "TCP" - }, - { - "name": "stomp", - "containerPort": 61613, - "protocol": "TCP" - }, - { - "name": "stomp-ssl", - "containerPort": 61612, - "protocol": "TCP" - }, - { - "name": "tcp", - "containerPort": 61616, - "protocol": "TCP" - }, - { - "name": "tcp-ssl", - "containerPort": 61617, - "protocol": "TCP" - } - ], - "env": [ - { - "name": "AMQ_USER", - "value": "${MQ_USERNAME}" - }, - { - "name": "AMQ_PASSWORD", - "value": "${MQ_PASSWORD}" - }, - { - "name": "AMQ_PROTOCOLS", - "value": "${MQ_PROTOCOL}" - }, - { - "name": "AMQ_QUEUES", - "value": "${MQ_QUEUES}" - }, - { - "name": "AMQ_TOPICS", - "value": "${MQ_TOPICS}" - }, - { - "name": "AMQ_ADMIN_USERNAME", - "value": "${AMQ_ADMIN_USERNAME}" - }, - { - "name": "AMQ_ADMIN_PASSWORD", - "value": "${AMQ_ADMIN_PASSWORD}" - }, - { - "name": "AMQ_MESH_SERVICE_NAME", - "value": "${APPLICATION_NAME}-amq-tcp" - }, - { - "name": "AMQ_KEYSTORE_TRUSTSTORE_DIR", - "value": "/etc/amq-secret-volume" - }, - { - "name": "AMQ_TRUSTSTORE", - "value": "${AMQ_TRUSTSTORE}" - }, - { - "name": "AMQ_KEYSTORE", - "value": "${AMQ_KEYSTORE}" - } - ] - } - ], - "volumes": [ - { - "name": "broker-secret-volume", - "secret": { - "secretName": "${AMQ_SECRET}" - } - } - ] - } - } - } - } - ] -} diff --git a/roles/openshift_examples/files/examples/xpaas-templates/amq62-basic.json b/roles/openshift_examples/files/examples/xpaas-templates/amq62-basic.json new file mode 100644 index 000000000..3fd04c28c --- /dev/null +++ b/roles/openshift_examples/files/examples/xpaas-templates/amq62-basic.json @@ -0,0 +1,325 @@ +{ + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "annotations": { + "description": "Application template for JBoss A-MQ brokers. These can be deployed as standalone or in a mesh. This template doesn't feature SSL support.", + "iconClass": "icon-jboss", + "tags": "messaging,amq,jboss,xpaas", + "version": "1.1.0" + }, + "name": "amq62-basic" + }, + "labels": { + "template": "amq62-basic", + "xpaas": "1.1.0" + }, + "parameters": [ + { + "description": "The name for the application.", + "name": "APPLICATION_NAME", + "value": "broker", + "required": true + }, + { + "description": "Protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`.", + "name": "MQ_PROTOCOL", + "value": "openwire", + "required": false + }, + { + "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. If left empty, queues will be still created dynamically.", + "name": "MQ_QUEUES", + "value": "", + "required": false + }, + { + "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. If left empty, topics will be still created dynamically.", + "name": "MQ_TOPICS", + "value": "", + "required": false + }, + { + "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.", + "name": "MQ_USERNAME", + "from": "user[a-zA-Z0-9]{3}", + "generate": "expression", + "required": false + }, + { + "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.", + "name": "MQ_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": false + }, + { + "description": "User name for admin user. If left empty, it will be generated.", + "name": "AMQ_ADMIN_USERNAME", + "from": "user[a-zA-Z0-9]{3}", + "generate": "expression", + "required": true + }, + { + "description": "Password for admin user. If left empty, it will be generated.", + "name": "AMQ_ADMIN_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount::default' where is the project namespace.", + "name": "AMQ_MESH_DISCOVERY_TYPE", + "value": "kube", + "required": false + }, + { + "description": "The A-MQ storage usage limit", + "name": "AMQ_STORAGE_USAGE_LIMIT", + "value": "100 gb", + "required": false + }, + { + "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.", + "name": "IMAGE_STREAM_NAMESPACE", + "value": "openshift", + "required": true + } + ], + "objects": [ + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 5672, + "targetPort": 5672 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-amq" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-amq-amqp", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The broker's AMQP port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 1883, + "targetPort": 1883 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-amq" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-amq-mqtt", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The broker's MQTT port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 61613, + "targetPort": 61613 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-amq" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-amq-stomp", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The broker's STOMP port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 61616, + "targetPort": 61616 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-amq" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-amq-tcp", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The broker's OpenWire port." + } + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}-amq", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}-amq" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "jboss-amq-62:1.1" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-amq" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}-amq", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}-amq", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}-amq", + "image": "jboss-amq-62", + "imagePullPolicy": "Always", + "readinessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "curl -s -L -u ${AMQ_ADMIN_USERNAME}:${AMQ_ADMIN_PASSWORD} 'http://localhost:8161/hawtio/jolokia/read/org.apache.activemq:type=Broker,brokerName=*,service=Health/CurrentStatus' | grep -q '\"CurrentStatus\" *: *\"Good\"'" + ] + } + }, + "ports": [ + { + "name": "amqp", + "containerPort": 5672, + "protocol": "TCP" + }, + { + "name": "mqtt", + "containerPort": 1883, + "protocol": "TCP" + }, + { + "name": "stomp", + "containerPort": 61613, + "protocol": "TCP" + }, + { + "name": "tcp", + "containerPort": 61616, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "AMQ_USER", + "value": "${MQ_USERNAME}" + }, + { + "name": "AMQ_PASSWORD", + "value": "${MQ_PASSWORD}" + }, + { + "name": "AMQ_TRANSPORTS", + "value": "${MQ_PROTOCOL}" + }, + { + "name": "AMQ_QUEUES", + "value": "${MQ_QUEUES}" + }, + { + "name": "AMQ_TOPICS", + "value": "${MQ_TOPICS}" + }, + { + "name": "AMQ_ADMIN_USERNAME", + "value": "${AMQ_ADMIN_USERNAME}" + }, + { + "name": "AMQ_ADMIN_PASSWORD", + "value": "${AMQ_ADMIN_PASSWORD}" + }, + { + "name": "AMQ_MESH_DISCOVERY_TYPE", + "value": "${AMQ_MESH_DISCOVERY_TYPE}" + }, + { + "name": "AMQ_MESH_SERVICE_NAME", + "value": "${APPLICATION_NAME}-amq-tcp" + }, + { + "name": "AMQ_MESH_SERVICE_NAMESPACE", + "valueFrom": { + "fieldRef": { + "fieldPath": "metadata.namespace" + } + } + }, + { + "name": "AMQ_STORAGE_USAGE_LIMIT", + "value": "${AMQ_STORAGE_USAGE_LIMIT}" + } + ] + } + ] + } + } + } + } + ] +} diff --git a/roles/openshift_examples/files/examples/xpaas-templates/amq62-persistent-ssl.json b/roles/openshift_examples/files/examples/xpaas-templates/amq62-persistent-ssl.json new file mode 100644 index 000000000..aa9e716cf --- /dev/null +++ b/roles/openshift_examples/files/examples/xpaas-templates/amq62-persistent-ssl.json @@ -0,0 +1,521 @@ +{ + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "annotations": { + "description": "Application template for JBoss A-MQ brokers. These are deployed as standalone and use persistent storage for saving messages. This template supports SSL and requires usage of OpenShift secrets.", + "iconClass": "icon-jboss", + "tags": "messaging,amq,jboss,xpaas", + "version": "1.1.0" + }, + "name": "amq62-persistent-ssl" + }, + "labels": { + "template": "amq62-persistent-ssl", + "xpaas": "1.1.0" + }, + "parameters": [ + { + "description": "The name for the application.", + "name": "APPLICATION_NAME", + "value": "broker", + "required": true + }, + { + "description": "Protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. SSL variants of these protocols will be configured automaticaly.", + "name": "MQ_PROTOCOL", + "value": "openwire", + "required": false + }, + { + "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. If left empty, queues will be still created dynamically.", + "name": "MQ_QUEUES", + "value": "", + "required": false + }, + { + "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. If left empty, topics will be still created dynamically.", + "name": "MQ_TOPICS", + "value": "", + "required": false + }, + { + "description": "Size of persistent storage for database volume.", + "name": "VOLUME_CAPACITY", + "value": "512Mi", + "required": true + }, + { + "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.", + "name": "MQ_USERNAME", + "from": "user[a-zA-Z0-9]{3}", + "generate": "expression", + "required": false + }, + { + "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.", + "name": "MQ_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": false + }, + { + "description": "User name for admin user. If left empty, it will be generated.", + "name": "AMQ_ADMIN_USERNAME", + "from": "user[a-zA-Z0-9]{3}", + "generate": "expression", + "required": true + }, + { + "description": "Password for admin user. If left empty, it will be generated.", + "name": "AMQ_ADMIN_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Name of a secret containing SSL related files", + "name": "AMQ_SECRET", + "value": "amq-app-secret", + "required": true + }, + { + "description": "SSL trust store filename", + "name": "AMQ_TRUSTSTORE", + "value": "broker.ts", + "required": true + }, + { + "description": "SSL trust store password", + "name": "AMQ_TRUSTSTORE_PASSWORD", + "value": "", + "required": true + }, + { + "description": "SSL key store filename", + "name": "AMQ_KEYSTORE", + "value": "broker.ks", + "required": true + }, + { + "description": "Password for accessing SSL keystore", + "name": "AMQ_KEYSTORE_PASSWORD", + "value": "", + "required": true + }, + { + "description": "The A-MQ storage usage limit", + "name": "AMQ_STORAGE_USAGE_LIMIT", + "value": "100 gb", + "required": false + }, + { + "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.", + "name": "IMAGE_STREAM_NAMESPACE", + "value": "openshift", + "required": true + } + ], + "objects": [ + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 5672, + "targetPort": 5672 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-amq" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-amq-amqp", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The broker's AMQP port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 5671, + "targetPort": 5671 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-amq" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-amq-amqp-ssl", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The broker's AMQP SSL port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 1883, + "targetPort": 1883 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-amq" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-amq-mqtt", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The broker's MQTT port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8883, + "targetPort": 8883 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-amq" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-amq-mqtt-ssl", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The broker's MQTT SSL port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 61613, + "targetPort": 61613 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-amq" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-amq-stomp", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The broker's STOMP port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 61612, + "targetPort": 61612 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-amq" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-amq-stomp-ssl", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The broker's STOMP SSL port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 61616, + "targetPort": 61616 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-amq" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-amq-tcp", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The broker's OpenWire port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 61617, + "targetPort": 61617 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-amq" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-amq-tcp-ssl", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The broker's OpenWire (SSL) port." + } + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}-amq", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}-amq" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "jboss-amq-62:1.1" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-amq" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}-amq", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}-amq", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "serviceAccount": "amq-service-account", + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}-amq", + "image": "jboss-amq-62", + "imagePullPolicy": "Always", + "volumeMounts": [ + { + "name": "broker-secret-volume", + "mountPath": "/etc/amq-secret-volume", + "readOnly": true + }, + { + "mountPath": "/opt/amq/data/kahadb", + "name": "${APPLICATION_NAME}-amq-pvol" + } + ], + "readinessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "curl -s -L -u ${AMQ_ADMIN_USERNAME}:${AMQ_ADMIN_PASSWORD} 'http://localhost:8161/hawtio/jolokia/read/org.apache.activemq:type=Broker,brokerName=*,service=Health/CurrentStatus' | grep -q '\"CurrentStatus\" *: *\"Good\"'" + ] + } + }, + "ports": [ + { + "name": "amqp", + "containerPort": 5672, + "protocol": "TCP" + }, + { + "name": "amqp-ssl", + "containerPort": 5671, + "protocol": "TCP" + }, + { + "name": "mqtt", + "containerPort": 1883, + "protocol": "TCP" + }, + { + "name": "mqtt-ssl", + "containerPort": 8883, + "protocol": "TCP" + }, + { + "name": "stomp", + "containerPort": 61613, + "protocol": "TCP" + }, + { + "name": "stomp-ssl", + "containerPort": 61612, + "protocol": "TCP" + }, + { + "name": "tcp", + "containerPort": 61616, + "protocol": "TCP" + }, + { + "name": "tcp-ssl", + "containerPort": 61617, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "AMQ_USER", + "value": "${MQ_USERNAME}" + }, + { + "name": "AMQ_PASSWORD", + "value": "${MQ_PASSWORD}" + }, + { + "name": "AMQ_TRANSPORTS", + "value": "${MQ_PROTOCOL}" + }, + { + "name": "AMQ_QUEUES", + "value": "${MQ_QUEUES}" + }, + { + "name": "AMQ_TOPICS", + "value": "${MQ_TOPICS}" + }, + { + "name": "AMQ_ADMIN_USERNAME", + "value": "${AMQ_ADMIN_USERNAME}" + }, + { + "name": "AMQ_ADMIN_PASSWORD", + "value": "${AMQ_ADMIN_PASSWORD}" + }, + { + "name": "AMQ_KEYSTORE_TRUSTSTORE_DIR", + "value": "/etc/amq-secret-volume" + }, + { + "name": "AMQ_TRUSTSTORE", + "value": "${AMQ_TRUSTSTORE}" + }, + { + "name": "AMQ_TRUSTSTORE_PASSWORD", + "value": "${AMQ_TRUSTSTORE_PASSWORD}" + }, + { + "name": "AMQ_KEYSTORE", + "value": "${AMQ_KEYSTORE}" + }, + { + "name": "AMQ_KEYSTORE_PASSWORD", + "value": "${AMQ_KEYSTORE_PASSWORD}" + }, + { + "name": "AMQ_STORAGE_USAGE_LIMIT", + "value": "${AMQ_STORAGE_USAGE_LIMIT}" + } + ] + } + ], + "volumes": [ + { + "name": "broker-secret-volume", + "secret": { + "secretName": "${AMQ_SECRET}" + } + }, + { + "name": "${APPLICATION_NAME}-amq-pvol", + "persistentVolumeClaim": { + "claimName": "${APPLICATION_NAME}-amq-claim" + } + } + ] + } + } + } + }, + { + "apiVersion": "v1", + "kind": "PersistentVolumeClaim", + "metadata": { + "name": "${APPLICATION_NAME}-amq-claim", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "accessModes": [ + "ReadWriteOnce" + ], + "resources": { + "requests": { + "storage": "${VOLUME_CAPACITY}" + } + } + } + } + ] +} diff --git a/roles/openshift_examples/files/examples/xpaas-templates/amq62-persistent.json b/roles/openshift_examples/files/examples/xpaas-templates/amq62-persistent.json new file mode 100644 index 000000000..3a2db3ce9 --- /dev/null +++ b/roles/openshift_examples/files/examples/xpaas-templates/amq62-persistent.json @@ -0,0 +1,343 @@ +{ + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "annotations": { + "description": "Application template for JBoss A-MQ brokers. These can be deployed as standalone and use persistent storage for saving messages. This template doesn't feature SSL support.", + "iconClass": "icon-jboss", + "tags": "messaging,amq,jboss,xpaas", + "version": "1.1.0" + }, + "name": "amq62-persistent" + }, + "labels": { + "template": "amq62-persistent", + "xpaas": "1.1.0" + }, + "parameters": [ + { + "description": "The name for the application.", + "name": "APPLICATION_NAME", + "value": "broker", + "required": true + }, + { + "description": "Protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`.", + "name": "MQ_PROTOCOL", + "value": "openwire", + "required": false + }, + { + "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. If left empty, queues will be still created dynamically.", + "name": "MQ_QUEUES", + "value": "", + "required": false + }, + { + "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. If left empty, topics will be still created dynamically.", + "name": "MQ_TOPICS", + "value": "", + "required": false + }, + { + "description": "Size of persistent storage for database volume.", + "name": "VOLUME_CAPACITY", + "value": "512Mi", + "required": true + }, + { + "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.", + "name": "MQ_USERNAME", + "from": "user[a-zA-Z0-9]{3}", + "generate": "expression", + "required": false + }, + { + "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.", + "name": "MQ_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": false + }, + { + "description": "User name for admin user. If left empty, it will be generated.", + "name": "AMQ_ADMIN_USERNAME", + "from": "user[a-zA-Z0-9]{3}", + "generate": "expression", + "required": true + }, + { + "description": "Password for admin user. If left empty, it will be generated.", + "name": "AMQ_ADMIN_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "The A-MQ storage usage limit", + "name": "AMQ_STORAGE_USAGE_LIMIT", + "value": "100 gb", + "required": false + }, + { + "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.", + "name": "IMAGE_STREAM_NAMESPACE", + "value": "openshift", + "required": true + } + ], + "objects": [ + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 5672, + "targetPort": 5672 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-amq" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-amq-amqp", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The broker's AMQP port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 1883, + "targetPort": 1883 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-amq" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-amq-mqtt", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The broker's MQTT port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 61613, + "targetPort": 61613 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-amq" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-amq-stomp", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The broker's STOMP port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 61616, + "targetPort": 61616 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-amq" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-amq-tcp", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The broker's OpenWire port." + } + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}-amq", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}-amq" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "jboss-amq-62:1.1" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-amq" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}-amq", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}-amq", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}-amq", + "image": "jboss-amq-62", + "imagePullPolicy": "Always", + "volumeMounts": [ + { + "mountPath": "/opt/amq/data/kahadb", + "name": "${APPLICATION_NAME}-amq-pvol" + } + ], + "readinessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "curl -s -L -u ${AMQ_ADMIN_USERNAME}:${AMQ_ADMIN_PASSWORD} 'http://localhost:8161/hawtio/jolokia/read/org.apache.activemq:type=Broker,brokerName=*,service=Health/CurrentStatus' | grep -q '\"CurrentStatus\" *: *\"Good\"'" + ] + } + }, + "ports": [ + { + "name": "amqp", + "containerPort": 5672, + "protocol": "TCP" + }, + { + "name": "mqtt", + "containerPort": 1883, + "protocol": "TCP" + }, + { + "name": "stomp", + "containerPort": 61613, + "protocol": "TCP" + }, + { + "name": "tcp", + "containerPort": 61616, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "AMQ_USER", + "value": "${MQ_USERNAME}" + }, + { + "name": "AMQ_PASSWORD", + "value": "${MQ_PASSWORD}" + }, + { + "name": "AMQ_TRANSPORTS", + "value": "${MQ_PROTOCOL}" + }, + { + "name": "AMQ_QUEUES", + "value": "${MQ_QUEUES}" + }, + { + "name": "AMQ_TOPICS", + "value": "${MQ_TOPICS}" + }, + { + "name": "AMQ_ADMIN_USERNAME", + "value": "${AMQ_ADMIN_USERNAME}" + }, + { + "name": "AMQ_ADMIN_PASSWORD", + "value": "${AMQ_ADMIN_PASSWORD}" + }, + { + "name": "AMQ_STORAGE_USAGE_LIMIT", + "value": "${AMQ_STORAGE_USAGE_LIMIT}" + } + ] + } + ], + "volumes": [ + { + "name": "${APPLICATION_NAME}-amq-pvol", + "persistentVolumeClaim": { + "claimName": "${APPLICATION_NAME}-amq-claim" + } + } + ] + } + } + } + }, + { + "apiVersion": "v1", + "kind": "PersistentVolumeClaim", + "metadata": { + "name": "${APPLICATION_NAME}-amq-claim", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "accessModes": [ + "ReadWriteOnce" + ], + "resources": { + "requests": { + "storage": "${VOLUME_CAPACITY}" + } + } + } + } + ] +} diff --git a/roles/openshift_examples/files/examples/xpaas-templates/amq62-ssl.json b/roles/openshift_examples/files/examples/xpaas-templates/amq62-ssl.json new file mode 100644 index 000000000..f61fb24c2 --- /dev/null +++ b/roles/openshift_examples/files/examples/xpaas-templates/amq62-ssl.json @@ -0,0 +1,507 @@ +{ + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "annotations": { + "description": "Application template for JBoss A-MQ brokers. These can be deployed as standalone or in a mesh. This template supports SSL and requires usage of OpenShift secrets.", + "iconClass": "icon-jboss", + "tags": "messaging,amq,jboss,xpaas", + "version": "1.1.0" + }, + "name": "amq62-ssl" + }, + "labels": { + "template": "amq62-ssl", + "xpaas": "1.1.0" + }, + "parameters": [ + { + "description": "The name for the application.", + "name": "APPLICATION_NAME", + "value": "broker", + "required": true + }, + { + "description": "Protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. SSL variants of these protocols will be configured automaticaly.", + "name": "MQ_PROTOCOL", + "value": "openwire", + "required": false + }, + { + "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. If left empty, queues will be still created dynamically.", + "name": "MQ_QUEUES", + "value": "", + "required": false + }, + { + "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. If left empty, topics will be still created dynamically.", + "name": "MQ_TOPICS", + "value": "", + "required": false + }, + { + "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.", + "name": "MQ_USERNAME", + "from": "user[a-zA-Z0-9]{3}", + "generate": "expression", + "required": false + }, + { + "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.", + "name": "MQ_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": false + }, + { + "description": "User name for admin user. If left empty, it will be generated.", + "name": "AMQ_ADMIN_USERNAME", + "from": "user[a-zA-Z0-9]{3}", + "generate": "expression", + "required": true + }, + { + "description": "Password for admin user. If left empty, it will be generated.", + "name": "AMQ_ADMIN_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Name of a secret containing SSL related files", + "name": "AMQ_SECRET", + "value": "amq-app-secret", + "required": true + }, + { + "description": "SSL trust store filename", + "name": "AMQ_TRUSTSTORE", + "value": "broker.ts", + "required": true + }, + { + "description": "SSL trust store password", + "name": "AMQ_TRUSTSTORE_PASSWORD", + "value": "", + "required": true + }, + { + "description": "SSL key store filename", + "name": "AMQ_KEYSTORE", + "value": "broker.ks", + "required": true + }, + { + "description": "Password for accessing SSL keystore", + "name": "AMQ_KEYSTORE_PASSWORD", + "value": "", + "required": true + }, + { + "description": "The discovery agent type to use for discovering mesh endpoints. 'dns' will use OpenShift's DNS service to resolve endpoints. 'kube' will use Kubernetes REST API to resolve service endpoints. If using 'kube' the service account for the pod must have the 'view' role, which can be added via 'oc policy add-role-to-user view system:serviceaccount::default' where is the project namespace.", + "name": "AMQ_MESH_DISCOVERY_TYPE", + "value": "kube", + "required": false + }, + { + "description": "The A-MQ storage usage limit", + "name": "AMQ_STORAGE_USAGE_LIMIT", + "value": "100 gb", + "required": false + }, + { + "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.", + "name": "IMAGE_STREAM_NAMESPACE", + "value": "openshift", + "required": true + } + ], + "objects": [ + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 5672, + "targetPort": 5672 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-amq" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-amq-amqp", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The broker's AMQP port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 5671, + "targetPort": 5671 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-amq" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-amq-amqp-ssl", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The broker's AMQP SSL port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 1883, + "targetPort": 1883 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-amq" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-amq-mqtt", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The broker's MQTT port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8883, + "targetPort": 8883 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-amq" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-amq-mqtt-ssl", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The broker's MQTT SSL port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 61613, + "targetPort": 61613 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-amq" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-amq-stomp", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The broker's STOMP port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 61612, + "targetPort": 61612 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-amq" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-amq-stomp-ssl", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The broker's STOMP SSL port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 61616, + "targetPort": 61616 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-amq" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-amq-tcp", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The broker's OpenWire port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 61617, + "targetPort": 61617 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-amq" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-amq-tcp-ssl", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The broker's OpenWire (SSL) port." + } + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}-amq", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}-amq" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "jboss-amq-62:1.1" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-amq" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}-amq", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}-amq", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "serviceAccount": "amq-service-account", + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}-amq", + "image": "jboss-amq-62", + "imagePullPolicy": "Always", + "volumeMounts": [ + { + "name": "broker-secret-volume", + "mountPath": "/etc/amq-secret-volume", + "readOnly": true + } + ], + "readinessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "curl -s -L -u ${AMQ_ADMIN_USERNAME}:${AMQ_ADMIN_PASSWORD} 'http://localhost:8161/hawtio/jolokia/read/org.apache.activemq:type=Broker,brokerName=*,service=Health/CurrentStatus' | grep -q '\"CurrentStatus\" *: *\"Good\"'" + ] + } + }, + "ports": [ + { + "name": "amqp", + "containerPort": 5672, + "protocol": "TCP" + }, + { + "name": "amqp-ssl", + "containerPort": 5671, + "protocol": "TCP" + }, + { + "name": "mqtt", + "containerPort": 1883, + "protocol": "TCP" + }, + { + "name": "mqtt-ssl", + "containerPort": 8883, + "protocol": "TCP" + }, + { + "name": "stomp", + "containerPort": 61613, + "protocol": "TCP" + }, + { + "name": "stomp-ssl", + "containerPort": 61612, + "protocol": "TCP" + }, + { + "name": "tcp", + "containerPort": 61616, + "protocol": "TCP" + }, + { + "name": "tcp-ssl", + "containerPort": 61617, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "AMQ_USER", + "value": "${MQ_USERNAME}" + }, + { + "name": "AMQ_PASSWORD", + "value": "${MQ_PASSWORD}" + }, + { + "name": "AMQ_TRANSPORTS", + "value": "${MQ_PROTOCOL}" + }, + { + "name": "AMQ_QUEUES", + "value": "${MQ_QUEUES}" + }, + { + "name": "AMQ_TOPICS", + "value": "${MQ_TOPICS}" + }, + { + "name": "AMQ_ADMIN_USERNAME", + "value": "${AMQ_ADMIN_USERNAME}" + }, + { + "name": "AMQ_ADMIN_PASSWORD", + "value": "${AMQ_ADMIN_PASSWORD}" + }, + { + "name": "AMQ_MESH_DISCOVERY_TYPE", + "value": "${AMQ_MESH_DISCOVERY_TYPE}" + }, + { + "name": "AMQ_MESH_SERVICE_NAME", + "value": "${APPLICATION_NAME}-amq-tcp" + }, + { + "name": "AMQ_MESH_SERVICE_NAMESPACE", + "valueFrom": { + "fieldRef": { + "fieldPath": "metadata.namespace" + } + } + }, + { + "name": "AMQ_KEYSTORE_TRUSTSTORE_DIR", + "value": "/etc/amq-secret-volume" + }, + { + "name": "AMQ_TRUSTSTORE", + "value": "${AMQ_TRUSTSTORE}" + }, + { + "name": "AMQ_TRUSTSTORE_PASSWORD", + "value": "${AMQ_TRUSTSTORE_PASSWORD}" + }, + { + "name": "AMQ_KEYSTORE", + "value": "${AMQ_KEYSTORE}" + }, + { + "name": "AMQ_KEYSTORE_PASSWORD", + "value": "${AMQ_KEYSTORE_PASSWORD}" + }, + { + "name": "AMQ_STORAGE_USAGE_LIMIT", + "value": "${AMQ_STORAGE_USAGE_LIMIT}" + } + ] + } + ], + "volumes": [ + { + "name": "broker-secret-volume", + "secret": { + "secretName": "${AMQ_SECRET}" + } + } + ] + } + } + } + } + ] +} diff --git a/roles/openshift_examples/files/examples/xpaas-templates/eap6-amq-persistent-sti.json b/roles/openshift_examples/files/examples/xpaas-templates/eap6-amq-persistent-sti.json deleted file mode 100644 index b64acae8b..000000000 --- a/roles/openshift_examples/files/examples/xpaas-templates/eap6-amq-persistent-sti.json +++ /dev/null @@ -1,646 +0,0 @@ -{ - "kind": "Template", - "apiVersion": "v1", - "metadata": { - "annotations": { - "description": "Application template for EAP 6 A-MQ applications with persistent storage built using STI.", - "iconClass" : "icon-jboss" - }, - "name": "eap6-amq-persistent-sti" - }, - "labels": { - "template": "eap6-amq-persistent-sti" - }, - "parameters": [ - { - "description": "EAP Release version, e.g. 6.4, etc.", - "name": "EAP_RELEASE", - "value": "6.4" - }, - { - "description": "ActiveMQ Release version, e.g. 6.2, etc.", - "name": "AMQ_RELEASE", - "value": "6.2" - }, - { - "description": "The name for the application.", - "name": "APPLICATION_NAME", - "value": "eap-app" - }, - { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", - "name": "APPLICATION_HOSTNAME", - "value": "" - }, - { - "description": "Git source URI for application", - "name": "GIT_URI" - }, - { - "description": "Git branch/tag reference", - "name": "GIT_REF", - "value": "master" - }, - { - "description": "Path within Git project to build; empty for root project directory.", - "name": "GIT_CONTEXT_DIR", - "value": "" - }, - { - "description": "Size of persistent storage for database volume.", - "name": "VOLUME_CAPACITY", - "value": "512Mi" - }, - { - "description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/ConnectionFactory", - "name": "MQ_JNDI", - "value": "java:/ConnectionFactory" - }, - { - "description": "Protocol to configure. Only openwire is supported by EAP. amqp, amqp+ssl, mqtt, stomp, stomp+ssl, and ssl are not supported by EAP", - "name": "MQ_PROTOCOL", - "value": "openwire" - }, - { - "description": "Queue names", - "name": "MQ_QUEUES", - "value": "" - }, - { - "description": "Topic names", - "name": "MQ_TOPICS", - "value": "" - }, - { - "description": "The name of the secret containing the keystore file", - "name": "EAP_HTTPS_SECRET", - "value": "eap-app-secret" - }, - { - "description": "The name of the keystore file within the secret", - "name": "EAP_HTTPS_KEYSTORE", - "value": "keystore.jks" - }, - { - "description": "The name associated with the server certificate", - "name": "EAP_HTTPS_NAME", - "value": "" - }, - { - "description": "The password for the keystore and certificate", - "name": "EAP_HTTPS_PASSWORD", - "value": "" - }, - { - "description": "Broker user name", - "name": "MQ_USERNAME", - "from": "user[a-zA-Z0-9]{3}", - "generate": "expression" - }, - { - "description": "Broker user password", - "name": "MQ_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "ActiveMQ Admin User", - "name": "AMQ_ADMIN_USERNAME", - "from": "user[a-zA-Z0-9]{3}", - "generate": "expression" - }, - { - "description": "ActiveMQ Admin Password", - "name": "AMQ_ADMIN_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Github trigger secret", - "name": "GITHUB_TRIGGER_SECRET", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Generic build trigger secret", - "name": "GENERIC_TRIGGER_SECRET", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - } - ], - "objects": [ - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 8080, - "targetPort": 8080 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The web server's http port." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 8443, - "targetPort": 8443 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - } - }, - "metadata": { - "name": "secure-${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The web server's https port." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 8888, - "targetPort": 8888 - } - ], - "portalIP": "None", - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}-ping", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "Ping service for clustered applications." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 61616, - "targetPort": 61616 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}-amq" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}-amq-tcp", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The broker's tcp (openwire) port." - } - } - }, - { - "kind": "Route", - "apiVersion": "v1", - "id": "${APPLICATION_NAME}-http-route", - "metadata": { - "name": "${APPLICATION_NAME}-http-route", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "Route for application's http service." - } - }, - "spec": { - "host": "${APPLICATION_HOSTNAME}", - "to": { - "name": "${APPLICATION_NAME}" - } - } - }, - { - "kind": "Route", - "apiVersion": "v1", - "id": "${APPLICATION_NAME}-https-route", - "metadata": { - "name": "${APPLICATION_NAME}-https-route", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "Route for application's https service." - } - }, - "spec": { - "host": "${APPLICATION_HOSTNAME}", - "to": { - "name": "secure-${APPLICATION_NAME}" - }, - "tls": { - "termination" : "passthrough" - } - } - }, - { - "kind": "ImageStream", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - } - }, - { - "kind": "BuildConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "source": { - "type": "Git", - "git": { - "uri": "${GIT_URI}", - "ref": "${GIT_REF}" - }, - "contextDir":"${GIT_CONTEXT_DIR}" - }, - "strategy": { - "type": "Source", - "sourceStrategy": { - "from": { - "kind": "ImageStreamTag", - "namespace": "openshift", - "name": "jboss-eap6-openshift:${EAP_RELEASE}" - } - } - }, - "output": { - "to": { - "kind": "ImageStreamTag", - "name": "${APPLICATION_NAME}:latest" - } - }, - "triggers": [ - { - "type": "GitHub", - "github": { - "secret": "${GITHUB_TRIGGER_SECRET}" - } - }, - { - "type": "Generic", - "generic": { - "secret": "${GENERIC_TRIGGER_SECRET}" - } - }, - { - "type": "ImageChange", - "imageChange": {} - } - ] - } - }, - { - "kind": "DeploymentConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "strategy": { - "type": "Recreate" - }, - "triggers": [ - { - "type": "ImageChange", - "imageChangeParams": { - "automatic": true, - "containerNames": [ - "${APPLICATION_NAME}" - ], - "from": { - "kind": "ImageStream", - "name": "${APPLICATION_NAME}" - } - } - } - ], - "replicas": 1, - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - }, - "template": { - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "deploymentConfig": "${APPLICATION_NAME}", - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "serviceAccount": "eap-service-account", - "containers": [ - { - "name": "${APPLICATION_NAME}", - "image": "${APPLICATION_NAME}", - "imagePullPolicy": "Always", - "volumeMounts": [ - { - "name": "eap-keystore-volume", - "mountPath": "/etc/eap-secret-volume", - "readOnly": true - } - ], - "readinessProbe": { - "exec": { - "command": [ - "/bin/bash", - "-c", - "/opt/eap/bin/readinessProbe.sh" - ] - } - }, - "ports": [ - { - "name": "http", - "containerPort": 8080, - "protocol": "TCP" - }, - { - "name": "https", - "containerPort": 8443, - "protocol": "TCP" - }, - { - "name": "ping", - "containerPort": 8888, - "protocol": "TCP" - } - ], - "env": [ - { - "name": "MQ_SERVICE_PREFIX_MAPPING", - "value": "${APPLICATION_NAME}-amq=MQ" - }, - { - "name": "MQ_JNDI", - "value": "${MQ_JNDI}" - }, - { - "name": "MQ_USERNAME", - "value": "${MQ_USERNAME}" - }, - { - "name": "MQ_PASSWORD", - "value": "${MQ_PASSWORD}" - }, - { - "name": "MQ_PROTOCOL", - "value": "tcp" - }, - { - "name": "MQ_QUEUES", - "value": "${MQ_QUEUES}" - }, - { - "name": "MQ_TOPICS", - "value": "${MQ_TOPICS}" - }, - { - "name": "OPENSHIFT_DNS_PING_SERVICE_NAME", - "value": "${APPLICATION_NAME}-ping" - }, - { - "name": "OPENSHIFT_DNS_PING_SERVICE_PORT", - "value": "8888" - }, - { - "name": "EAP_HTTPS_KEYSTORE_DIR", - "value": "/etc/eap-secret-volume" - }, - { - "name": "EAP_HTTPS_KEYSTORE", - "value": "${EAP_HTTPS_KEYSTORE}" - }, - { - "name": "EAP_HTTPS_NAME", - "value": "${EAP_HTTPS_NAME}" - }, - { - "name": "EAP_HTTPS_PASSWORD", - "value": "${EAP_HTTPS_PASSWORD}" - } - ] - } - ], - "volumes": [ - { - "name": "eap-keystore-volume", - "secret": { - "secretName": "${EAP_HTTPS_SECRET}" - } - } - ] - } - } - } - }, - { - "kind": "DeploymentConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}-amq", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "strategy": { - "type": "Recreate" - }, - "triggers": [ - { - "type": "ImageChange", - "imageChangeParams": { - "automatic": true, - "containerNames": [ - "${APPLICATION_NAME}-amq" - ], - "from": { - "kind": "ImageStreamTag", - "namespace": "openshift", - "name": "jboss-amq-6:${AMQ_RELEASE}" - } - } - } - ], - "replicas": 1, - "selector": { - "deploymentConfig": "${APPLICATION_NAME}-amq" - }, - "template": { - "metadata": { - "name": "${APPLICATION_NAME}-amq", - "labels": { - "deploymentConfig": "${APPLICATION_NAME}-amq", - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "containers": [ - { - "name": "${APPLICATION_NAME}-amq", - "image": "jboss-amq-6", - "imagePullPolicy": "Always", - "readinessProbe": { - "exec": { - "command": [ - "/bin/bash", - "-c", - "curl -s -L -u ${AMQ_ADMIN_USERNAME}:${AMQ_ADMIN_PASSWORD} 'http://localhost:8161/hawtio/jolokia/read/org.apache.activemq:type=Broker,brokerName=*,service=Health/CurrentStatus' | grep -q '\"CurrentStatus\" *: *\"Good\"'" - ] - } - }, - "ports": [ - { - "name": "amqp", - "containerPort": 5672, - "protocol": "TCP" - }, - { - "name": "amqp-ssl", - "containerPort": 5671, - "protocol": "TCP" - }, - { - "name": "mqtt", - "containerPort": 1883, - "protocol": "TCP" - }, - { - "name": "stomp", - "containerPort": 61613, - "protocol": "TCP" - }, - { - "name": "stomp-ssl", - "containerPort": 61612, - "protocol": "TCP" - }, - { - "name": "tcp", - "containerPort": 61616, - "protocol": "TCP" - }, - { - "name": "tcp-ssl", - "containerPort": 61617, - "protocol": "TCP" - } - ], - "volumeMounts": [ - { - "mountPath": "/opt/amq/data/kahadb", - "name": "${APPLICATION_NAME}-amq-pvol" - } - ], - "env": [ - { - "name": "AMQ_USER", - "value": "${MQ_USERNAME}" - }, - { - "name": "AMQ_PASSWORD", - "value": "${MQ_PASSWORD}" - }, - { - "name": "AMQ_PROTOCOLS", - "value": "${MQ_PROTOCOL}" - }, - { - "name": "AMQ_QUEUES", - "value": "${MQ_QUEUES}" - }, - { - "name": "AMQ_TOPICS", - "value": "${MQ_TOPICS}" - }, - { - "name": "AMQ_ADMIN_USERNAME", - "value": "${AMQ_ADMIN_USERNAME}" - }, - { - "name": "AMQ_ADMIN_PASSWORD", - "value": "${AMQ_ADMIN_PASSWORD}" - } - ] - } - ], - "volumes": [ - { - "name": "${APPLICATION_NAME}-amq-pvol", - "persistentVolumeClaim": { - "claimName": "${APPLICATION_NAME}-amq-claim" - } - } - ] - } - } - } - }, - { - "apiVersion": "v1", - "kind": "PersistentVolumeClaim", - "metadata": { - "name": "${APPLICATION_NAME}-amq-claim", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "accessModes": [ "ReadWriteOnce" ], - "resources": { - "requests": { - "storage": "${VOLUME_CAPACITY}" - } - } - } - } - ] -} diff --git a/roles/openshift_examples/files/examples/xpaas-templates/eap6-amq-sti.json b/roles/openshift_examples/files/examples/xpaas-templates/eap6-amq-sti.json deleted file mode 100644 index 20b234bd0..000000000 --- a/roles/openshift_examples/files/examples/xpaas-templates/eap6-amq-sti.json +++ /dev/null @@ -1,609 +0,0 @@ -{ - "kind": "Template", - "apiVersion": "v1", - "metadata": { - "annotations": { - "description": "Application template for EAP 6 A-MQ applications built using STI.", - "iconClass" : "icon-jboss" - }, - "name": "eap6-amq-sti" - }, - "labels": { - "template": "eap6-amq-sti" - }, - "parameters": [ - { - "description": "EAP Release version, e.g. 6.4, etc.", - "name": "EAP_RELEASE", - "value": "6.4" - }, - { - "description": "ActiveMQ Release version, e.g. 6.2, etc.", - "name": "AMQ_RELEASE", - "value": "6.2" - }, - { - "description": "The name for the application.", - "name": "APPLICATION_NAME", - "value": "eap-app" - }, - { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", - "name": "APPLICATION_HOSTNAME", - "value": "" - }, - { - "description": "Git source URI for application", - "name": "GIT_URI" - }, - { - "description": "Git branch/tag reference", - "name": "GIT_REF", - "value": "master" - }, - { - "description": "Path within Git project to build; empty for root project directory.", - "name": "GIT_CONTEXT_DIR", - "value": "" - }, - { - "description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/ConnectionFactory", - "name": "MQ_JNDI", - "value": "java:/ConnectionFactory" - }, - { - "description": "Protocol to configure. Only openwire is supported by EAP. amqp, amqp+ssl, mqtt, stomp, stomp+ssl, and ssl are not supported by EAP", - "name": "MQ_PROTOCOL", - "value": "openwire" - }, - { - "description": "Queue names", - "name": "MQ_QUEUES", - "value": "" - }, - { - "description": "Topic names", - "name": "MQ_TOPICS", - "value": "" - }, - { - "description": "The name of the secret containing the keystore file", - "name": "EAP_HTTPS_SECRET", - "value": "eap-app-secret" - }, - { - "description": "The name of the keystore file within the secret", - "name": "EAP_HTTPS_KEYSTORE", - "value": "keystore.jks" - }, - { - "description": "The name associated with the server certificate", - "name": "EAP_HTTPS_NAME", - "value": "" - }, - { - "description": "The password for the keystore and certificate", - "name": "EAP_HTTPS_PASSWORD", - "value": "" - }, - { - "description": "Broker user name", - "name": "MQ_USERNAME", - "from": "user[a-zA-Z0-9]{3}", - "generate": "expression" - }, - { - "description": "Broker user password", - "name": "MQ_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "ActiveMQ Admin User", - "name": "AMQ_ADMIN_USERNAME", - "from": "user[a-zA-Z0-9]{3}", - "generate": "expression" - }, - { - "description": "ActiveMQ Admin Password", - "name": "AMQ_ADMIN_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Github trigger secret", - "name": "GITHUB_TRIGGER_SECRET", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Generic build trigger secret", - "name": "GENERIC_TRIGGER_SECRET", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - } - ], - "objects": [ - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 8080, - "targetPort": 8080 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The web server's http port." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 8443, - "targetPort": 8443 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - } - }, - "metadata": { - "name": "secure-${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The web server's https port." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 8888, - "targetPort": 8888 - } - ], - "portalIP": "None", - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}-ping", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "Ping service for clustered applications." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 61616, - "targetPort": 61616 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}-amq" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}-amq-tcp", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The broker's tcp (openwire) port." - } - } - }, - { - "kind": "Route", - "apiVersion": "v1", - "id": "${APPLICATION_NAME}-http-route", - "metadata": { - "name": "${APPLICATION_NAME}-http-route", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "Route for application's http service." - } - }, - "spec": { - "host": "${APPLICATION_HOSTNAME}", - "to": { - "name": "${APPLICATION_NAME}" - } - } - }, - { - "kind": "Route", - "apiVersion": "v1", - "id": "${APPLICATION_NAME}-https-route", - "metadata": { - "name": "${APPLICATION_NAME}-https-route", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "Route for application's https service." - } - }, - "spec": { - "host": "${APPLICATION_HOSTNAME}", - "to": { - "name": "secure-${APPLICATION_NAME}" - }, - "tls": { - "termination" : "passthrough" - } - } - }, - { - "kind": "ImageStream", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - } - }, - { - "kind": "BuildConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "source": { - "type": "Git", - "git": { - "uri": "${GIT_URI}", - "ref": "${GIT_REF}" - }, - "contextDir":"${GIT_CONTEXT_DIR}" - }, - "strategy": { - "type": "Source", - "sourceStrategy": { - "from": { - "kind": "ImageStreamTag", - "namespace": "openshift", - "name": "jboss-eap6-openshift:${EAP_RELEASE}" - } - } - }, - "output": { - "to": { - "kind": "ImageStreamTag", - "name": "${APPLICATION_NAME}:latest" - } - }, - "triggers": [ - { - "type": "GitHub", - "github": { - "secret": "${GITHUB_TRIGGER_SECRET}" - } - }, - { - "type": "Generic", - "generic": { - "secret": "${GENERIC_TRIGGER_SECRET}" - } - }, - { - "type": "ImageChange", - "imageChange": {} - } - ] - } - }, - { - "kind": "DeploymentConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "strategy": { - "type": "Recreate" - }, - "triggers": [ - { - "type": "ImageChange", - "imageChangeParams": { - "automatic": true, - "containerNames": [ - "${APPLICATION_NAME}" - ], - "from": { - "kind": "ImageStream", - "name": "${APPLICATION_NAME}" - } - } - } - ], - "replicas": 1, - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - }, - "template": { - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "deploymentConfig": "${APPLICATION_NAME}", - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "serviceAccount": "eap-service-account", - "containers": [ - { - "name": "${APPLICATION_NAME}", - "image": "${APPLICATION_NAME}", - "imagePullPolicy": "Always", - "volumeMounts": [ - { - "name": "eap-keystore-volume", - "mountPath": "/etc/eap-secret-volume", - "readOnly": true - } - ], - "readinessProbe": { - "exec": { - "command": [ - "/bin/bash", - "-c", - "/opt/eap/bin/readinessProbe.sh" - ] - } - }, - "ports": [ - { - "name": "http", - "containerPort": 8080, - "protocol": "TCP" - }, - { - "name": "https", - "containerPort": 8443, - "protocol": "TCP" - }, - { - "name": "ping", - "containerPort": 8888, - "protocol": "TCP" - } - ], - "env": [ - { - "name": "MQ_SERVICE_PREFIX_MAPPING", - "value": "${APPLICATION_NAME}-amq=MQ" - }, - { - "name": "MQ_JNDI", - "value": "${MQ_JNDI}" - }, - { - "name": "MQ_USERNAME", - "value": "${MQ_USERNAME}" - }, - { - "name": "MQ_PASSWORD", - "value": "${MQ_PASSWORD}" - }, - { - "name": "MQ_PROTOCOL", - "value": "tcp" - }, - { - "name": "MQ_QUEUES", - "value": "${MQ_QUEUES}" - }, - { - "name": "MQ_TOPICS", - "value": "${MQ_TOPICS}" - }, - { - "name": "OPENSHIFT_DNS_PING_SERVICE_NAME", - "value": "${APPLICATION_NAME}-ping" - }, - { - "name": "OPENSHIFT_DNS_PING_SERVICE_PORT", - "value": "8888" - }, - { - "name": "EAP_HTTPS_KEYSTORE_DIR", - "value": "/etc/eap-secret-volume" - }, - { - "name": "EAP_HTTPS_KEYSTORE", - "value": "${EAP_HTTPS_KEYSTORE}" - }, - { - "name": "EAP_HTTPS_NAME", - "value": "${EAP_HTTPS_NAME}" - }, - { - "name": "EAP_HTTPS_PASSWORD", - "value": "${EAP_HTTPS_PASSWORD}" - } - ] - } - ], - "volumes": [ - { - "name": "eap-keystore-volume", - "secret": { - "secretName": "${EAP_HTTPS_SECRET}" - } - } - ] - } - } - } - }, - { - "kind": "DeploymentConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}-amq", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "strategy": { - "type": "Recreate" - }, - "triggers": [ - { - "type": "ImageChange", - "imageChangeParams": { - "automatic": true, - "containerNames": [ - "${APPLICATION_NAME}-amq" - ], - "from": { - "kind": "ImageStreamTag", - "namespace": "openshift", - "name": "jboss-amq-6:${AMQ_RELEASE}" - } - } - } - ], - "replicas": 1, - "selector": { - "deploymentConfig": "${APPLICATION_NAME}-amq" - }, - "template": { - "metadata": { - "name": "${APPLICATION_NAME}-amq", - "labels": { - "deploymentConfig": "${APPLICATION_NAME}-amq", - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "containers": [ - { - "name": "${APPLICATION_NAME}-amq", - "image": "jboss-amq-6", - "imagePullPolicy": "Always", - "readinessProbe": { - "exec": { - "command": [ - "/bin/bash", - "-c", - "curl -s -L -u ${AMQ_ADMIN_USERNAME}:${AMQ_ADMIN_PASSWORD} 'http://localhost:8161/hawtio/jolokia/read/org.apache.activemq:type=Broker,brokerName=*,service=Health/CurrentStatus' | grep -q '\"CurrentStatus\" *: *\"Good\"'" - ] - } - }, - "ports": [ - { - "name": "amqp", - "containerPort": 5672, - "protocol": "TCP" - }, - { - "name": "amqp-ssl", - "containerPort": 5671, - "protocol": "TCP" - }, - { - "name": "mqtt", - "containerPort": 1883, - "protocol": "TCP" - }, - { - "name": "stomp", - "containerPort": 61613, - "protocol": "TCP" - }, - { - "name": "stomp-ssl", - "containerPort": 61612, - "protocol": "TCP" - }, - { - "name": "tcp", - "containerPort": 61616, - "protocol": "TCP" - }, - { - "name": "tcp-ssl", - "containerPort": 61617, - "protocol": "TCP" - } - ], - "env": [ - { - "name": "AMQ_USER", - "value": "${MQ_USERNAME}" - }, - { - "name": "AMQ_PASSWORD", - "value": "${MQ_PASSWORD}" - }, - { - "name": "AMQ_PROTOCOLS", - "value": "${MQ_PROTOCOL}" - }, - { - "name": "AMQ_QUEUES", - "value": "${MQ_QUEUES}" - }, - { - "name": "AMQ_TOPICS", - "value": "${MQ_TOPICS}" - }, - { - "name": "AMQ_ADMIN_USERNAME", - "value": "${AMQ_ADMIN_USERNAME}" - }, - { - "name": "AMQ_ADMIN_PASSWORD", - "value": "${AMQ_ADMIN_PASSWORD}" - } - ] - } - ] - } - } - } - } - ] -} diff --git a/roles/openshift_examples/files/examples/xpaas-templates/eap6-basic-sti.json b/roles/openshift_examples/files/examples/xpaas-templates/eap6-basic-sti.json deleted file mode 100644 index 146bfb1ee..000000000 --- a/roles/openshift_examples/files/examples/xpaas-templates/eap6-basic-sti.json +++ /dev/null @@ -1,304 +0,0 @@ -{ - "kind": "Template", - "apiVersion": "v1", - "metadata": { - "annotations": { - "iconClass" : "icon-jboss", - "description": "Application template for EAP 6 applications built using STI." - }, - "name": "eap6-basic-sti" - }, - "labels": { - "template": "eap6-basic-sti" - }, - "parameters": [ - { - "description": "EAP Release version, e.g. 6.4, etc.", - "name": "EAP_RELEASE", - "value": "6.4" - }, - { - "description": "The name for the application.", - "name": "APPLICATION_NAME", - "value": "eap-app" - }, - { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", - "name": "APPLICATION_HOSTNAME", - "value": "" - }, - { - "description": "Git source URI for application", - "name": "GIT_URI", - "value": "https://github.com/jboss-developer/jboss-eap-quickstarts" - }, - { - "description": "Git branch/tag reference", - "name": "GIT_REF", - "value": "6.4.x" - }, - { - "description": "Path within Git project to build; empty for root project directory.", - "name": "GIT_CONTEXT_DIR", - "value": "kitchensink" - }, - { - "description": "Queue names", - "name": "HORNETQ_QUEUES", - "value": "" - }, - { - "description": "Topic names", - "name": "HORNETQ_TOPICS", - "value": "" - }, - { - "description": "HornetQ cluster admin password", - "name": "HORNETQ_CLUSTER_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Github trigger secret", - "name": "GITHUB_TRIGGER_SECRET", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Generic build trigger secret", - "name": "GENERIC_TRIGGER_SECRET", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - } - ], - "objects": [ - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 8080, - "targetPort": 8080 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The web server's http port." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 8888, - "targetPort": 8888 - } - ], - "portalIP": "None", - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}-ping", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "Ping service for clustered applications." - } - } - }, - { - "kind": "Route", - "apiVersion": "v1", - "id": "${APPLICATION_NAME}-http-route", - "metadata": { - "name": "${APPLICATION_NAME}-http-route", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "Route for application's http service." - } - }, - "spec": { - "host": "${APPLICATION_HOSTNAME}", - "to": { - "name": "${APPLICATION_NAME}" - } - } - }, - { - "kind": "ImageStream", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - } - }, - { - "kind": "BuildConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "source": { - "type": "Git", - "git": { - "uri": "${GIT_URI}", - "ref": "${GIT_REF}" - }, - "contextDir":"${GIT_CONTEXT_DIR}" - }, - "strategy": { - "type": "Source", - "sourceStrategy": { - "from": { - "kind": "ImageStreamTag", - "namespace": "openshift", - "name": "jboss-eap6-openshift:${EAP_RELEASE}" - } - } - }, - "output": { - "to": { - "kind": "ImageStreamTag", - "name": "${APPLICATION_NAME}:latest" - } - }, - "triggers": [ - { - "type": "GitHub", - "github": { - "secret": "${GITHUB_TRIGGER_SECRET}" - } - }, - { - "type": "Generic", - "generic": { - "secret": "${GENERIC_TRIGGER_SECRET}" - } - }, - { - "type": "ImageChange", - "imageChange": {} - } - ] - } - }, - { - "kind": "DeploymentConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "strategy": { - "type": "Recreate" - }, - "triggers": [ - { - "type": "ImageChange", - "imageChangeParams": { - "automatic": true, - "containerNames": [ - "${APPLICATION_NAME}" - ], - "from": { - "kind": "ImageStream", - "name": "${APPLICATION_NAME}" - } - } - } - ], - "replicas": 1, - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - }, - "template": { - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "deploymentConfig": "${APPLICATION_NAME}", - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "containers": [ - { - "name": "${APPLICATION_NAME}", - "image": "${APPLICATION_NAME}", - "imagePullPolicy": "Always", - "readinessProbe": { - "exec": { - "command": [ - "/bin/bash", - "-c", - "/opt/eap/bin/readinessProbe.sh" - ] - } - }, - "ports": [ - { - "name": "http", - "containerPort": 8080, - "protocol": "TCP" - }, - { - "name": "ping", - "containerPort": 8888, - "protocol": "TCP" - } - ], - "env": [ - { - "name": "OPENSHIFT_DNS_PING_SERVICE_NAME", - "value": "${APPLICATION_NAME}-ping" - }, - { - "name": "OPENSHIFT_DNS_PING_SERVICE_PORT", - "value": "8888" - }, - { - "name": "HORNETQ_CLUSTER_PASSWORD", - "value": "${HORNETQ_CLUSTER_PASSWORD}" - }, - { - "name": "HORNETQ_QUEUES", - "value": "${HORNETQ_QUEUES}" - }, - { - "name": "HORNETQ_TOPICS", - "value": "${HORNETQ_TOPICS}" - } - ] - } - ] - } - } - } - } - ] -} diff --git a/roles/openshift_examples/files/examples/xpaas-templates/eap6-https-sti.json b/roles/openshift_examples/files/examples/xpaas-templates/eap6-https-sti.json deleted file mode 100644 index 5df36ccc2..000000000 --- a/roles/openshift_examples/files/examples/xpaas-templates/eap6-https-sti.json +++ /dev/null @@ -1,408 +0,0 @@ -{ - "kind": "Template", - "apiVersion": "v1", - "metadata": { - "annotations": { - "iconClass" : "icon-jboss", - "description": "Application template for EAP 6 applications built using STI." - }, - "name": "eap6-https-sti" - }, - "labels": { - "template": "eap6-https-sti" - }, - "parameters": [ - { - "description": "EAP Release version, e.g. 6.4, etc.", - "name": "EAP_RELEASE", - "value": "6.4" - }, - { - "description": "The name for the application.", - "name": "APPLICATION_NAME", - "value": "eap-app" - }, - { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", - "name": "APPLICATION_HOSTNAME", - "value": "" - }, - { - "description": "Git source URI for application", - "name": "GIT_URI", - "value": "https://github.com/jboss-developer/jboss-eap-quickstarts" - }, - { - "description": "Git branch/tag reference", - "name": "GIT_REF", - "value": "6.4.x" - }, - { - "description": "Path within Git project to build; empty for root project directory.", - "name": "GIT_CONTEXT_DIR", - "value": "kitchensink" - }, - { - "description": "Queue names", - "name": "HORNETQ_QUEUES", - "value": "" - }, - { - "description": "Topic names", - "name": "HORNETQ_TOPICS", - "value": "" - }, - { - "description": "The name of the secret containing the keystore file", - "name": "EAP_HTTPS_SECRET", - "value": "eap-app-secret" - }, - { - "description": "The name of the keystore file within the secret", - "name": "EAP_HTTPS_KEYSTORE", - "value": "keystore.jks" - }, - { - "description": "The name associated with the server certificate", - "name": "EAP_HTTPS_NAME", - "value": "" - }, - { - "description": "The password for the keystore and certificate", - "name": "EAP_HTTPS_PASSWORD", - "value": "" - }, - { - "description": "HornetQ cluster admin password", - "name": "HORNETQ_CLUSTER_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Github trigger secret", - "name": "GITHUB_TRIGGER_SECRET", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Generic build trigger secret", - "name": "GENERIC_TRIGGER_SECRET", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - } - ], - "objects": [ - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 8080, - "targetPort": 8080 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The web server's http port." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 8443, - "targetPort": 8443 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - } - }, - "metadata": { - "name": "secure-${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The web server's https port." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 8888, - "targetPort": 8888 - } - ], - "portalIP": "None", - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}-ping", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "Ping service for clustered applications." - } - } - }, - { - "kind": "Route", - "apiVersion": "v1", - "id": "${APPLICATION_NAME}-http-route", - "metadata": { - "name": "${APPLICATION_NAME}-http-route", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "Route for application's http service." - } - }, - "spec": { - "host": "${APPLICATION_HOSTNAME}", - "to": { - "name": "${APPLICATION_NAME}" - } - } - }, - { - "kind": "Route", - "apiVersion": "v1", - "id": "${APPLICATION_NAME}-https-route", - "metadata": { - "name": "${APPLICATION_NAME}-https-route", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "Route for application's https service." - } - }, - "spec": { - "host": "${APPLICATION_HOSTNAME}", - "to": { - "name": "secure-${APPLICATION_NAME}" - }, - "tls": { - "termination" : "passthrough" - } - } - }, - { - "kind": "ImageStream", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - } - }, - { - "kind": "BuildConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "source": { - "type": "Git", - "git": { - "uri": "${GIT_URI}", - "ref": "${GIT_REF}" - }, - "contextDir":"${GIT_CONTEXT_DIR}" - }, - "strategy": { - "type": "Source", - "sourceStrategy": { - "from": { - "kind": "ImageStreamTag", - "namespace": "openshift", - "name": "jboss-eap6-openshift:${EAP_RELEASE}" - } - } - }, - "output": { - "to": { - "kind": "ImageStreamTag", - "name": "${APPLICATION_NAME}:latest" - } - }, - "triggers": [ - { - "type": "GitHub", - "github": { - "secret": "${GITHUB_TRIGGER_SECRET}" - } - }, - { - "type": "Generic", - "generic": { - "secret": "${GENERIC_TRIGGER_SECRET}" - } - }, - { - "type": "ImageChange", - "imageChange": {} - } - ] - } - }, - { - "kind": "DeploymentConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "strategy": { - "type": "Recreate" - }, - "triggers": [ - { - "type": "ImageChange", - "imageChangeParams": { - "automatic": true, - "containerNames": [ - "${APPLICATION_NAME}" - ], - "from": { - "kind": "ImageStream", - "name": "${APPLICATION_NAME}" - } - } - } - ], - "replicas": 1, - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - }, - "template": { - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "deploymentConfig": "${APPLICATION_NAME}", - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "serviceAccount": "eap-service-account", - "containers": [ - { - "name": "${APPLICATION_NAME}", - "image": "${APPLICATION_NAME}", - "imagePullPolicy": "Always", - "volumeMounts": [ - { - "name": "eap-keystore-volume", - "mountPath": "/etc/eap-secret-volume", - "readOnly": true - } - ], - "readinessProbe": { - "exec": { - "command": [ - "/bin/bash", - "-c", - "/opt/eap/bin/readinessProbe.sh" - ] - } - }, - "ports": [ - { - "name": "http", - "containerPort": 8080, - "protocol": "TCP" - }, - { - "name": "https", - "containerPort": 8443, - "protocol": "TCP" - }, - { - "name": "ping", - "containerPort": 8888, - "protocol": "TCP" - } - ], - "env": [ - { - "name": "OPENSHIFT_DNS_PING_SERVICE_NAME", - "value": "${APPLICATION_NAME}-ping" - }, - { - "name": "OPENSHIFT_DNS_PING_SERVICE_PORT", - "value": "8888" - }, - { - "name": "EAP_HTTPS_KEYSTORE_DIR", - "value": "/etc/eap-secret-volume" - }, - { - "name": "EAP_HTTPS_KEYSTORE", - "value": "${EAP_HTTPS_KEYSTORE}" - }, - { - "name": "EAP_HTTPS_NAME", - "value": "${EAP_HTTPS_NAME}" - }, - { - "name": "EAP_HTTPS_PASSWORD", - "value": "${EAP_HTTPS_PASSWORD}" - }, - { - "name": "HORNETQ_CLUSTER_PASSWORD", - "value": "${HORNETQ_CLUSTER_PASSWORD}" - }, - { - "name": "HORNETQ_QUEUES", - "value": "${HORNETQ_QUEUES}" - }, - { - "name": "HORNETQ_TOPICS", - "value": "${HORNETQ_TOPICS}" - } - ] - } - ], - "volumes": [ - { - "name": "eap-keystore-volume", - "secret": { - "secretName": "${EAP_HTTPS_SECRET}" - } - } - ] - } - } - } - } - ] -} diff --git a/roles/openshift_examples/files/examples/xpaas-templates/eap6-mongodb-persistent-sti.json b/roles/openshift_examples/files/examples/xpaas-templates/eap6-mongodb-persistent-sti.json deleted file mode 100644 index 289ab284f..000000000 --- a/roles/openshift_examples/files/examples/xpaas-templates/eap6-mongodb-persistent-sti.json +++ /dev/null @@ -1,645 +0,0 @@ -{ - "kind": "Template", - "apiVersion": "v1", - "metadata": { - "annotations": { - "description": "Application template for EAP 6 MongDB applications with persistent storage built using STI.", - "iconClass" : "icon-jboss" - }, - "name": "eap6-mongodb-persistent-sti" - }, - "labels": { - "template": "eap6-mongodb-persistent-sti" - }, - "parameters": [ - { - "description": "EAP Release version, e.g. 6.4, etc.", - "name": "EAP_RELEASE", - "value": "6.4" - }, - { - "description": "The name for the application.", - "name": "APPLICATION_NAME", - "value": "eap-app" - }, - { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", - "name": "APPLICATION_HOSTNAME", - "value": "" - }, - { - "description": "Git source URI for application", - "name": "GIT_URI" - }, - { - "description": "Git branch/tag reference", - "name": "GIT_REF", - "value": "master" - }, - { - "description": "Path within Git project to build; empty for root project directory.", - "name": "GIT_CONTEXT_DIR", - "value": "" - }, - { - "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb", - "name": "DB_JNDI", - "value": "" - }, - { - "description": "Database name", - "name": "DB_DATABASE", - "value": "root" - }, - { - "description": "Size of persistent storage for database volume.", - "name": "VOLUME_CAPACITY", - "value": "512Mi" - }, - { - "description": "Queue names", - "name": "HORNETQ_QUEUES", - "value": "" - }, - { - "description": "Topic names", - "name": "HORNETQ_TOPICS", - "value": "" - }, - { - "description": "The name of the secret containing the keystore file", - "name": "EAP_HTTPS_SECRET", - "value": "eap-app-secret" - }, - { - "description": "The name of the keystore file within the secret", - "name": "EAP_HTTPS_KEYSTORE", - "value": "keystore.jks" - }, - { - "description": "The name associated with the server certificate", - "name": "EAP_HTTPS_NAME", - "value": "" - }, - { - "description": "The password for the keystore and certificate", - "name": "EAP_HTTPS_PASSWORD", - "value": "" - }, - { - "description": "Sets xa-pool/min-pool-size for the configured datasource.", - "name": "DB_MIN_POOL_SIZE" - }, - { - "description": "Sets xa-pool/max-pool-size for the configured datasource.", - "name": "DB_MAX_POOL_SIZE" - }, - { - "description": "Sets transaction-isolation for the configured datasource.", - "name": "DB_TX_ISOLATION" - }, - { - "description": "Disable data file preallocation.", - "name": "MONGODB_NOPREALLOC" - }, - { - "description": "Set MongoDB to use a smaller default data file size.", - "name": "MONGODB_SMALLFILES" - }, - { - "description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.", - "name": "MONGODB_QUIET" - }, - { - "description": "HornetQ cluster admin password", - "name": "HORNETQ_CLUSTER_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Database user name", - "name": "DB_USERNAME", - "from": "user[a-zA-Z0-9]{3}", - "generate": "expression" - }, - { - "description": "Database user password", - "name": "DB_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Database admin password", - "name": "DB_ADMIN_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Github trigger secret", - "name": "GITHUB_TRIGGER_SECRET", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Generic build trigger secret", - "name": "GENERIC_TRIGGER_SECRET", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - } - ], - "objects": [ - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 8080, - "targetPort": 8080 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The web server's http port." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 8443, - "targetPort": 8443 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - } - }, - "metadata": { - "name": "secure-${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The web server's https port." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 8888, - "targetPort": 8888 - } - ], - "portalIP": "None", - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}-ping", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "Ping service for clustered applications." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 27017, - "targetPort": 27017 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}-mongodb" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}-mongodb", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The database server's port." - } - } - }, - { - "kind": "Route", - "apiVersion": "v1", - "id": "${APPLICATION_NAME}-http-route", - "metadata": { - "name": "${APPLICATION_NAME}-http-route", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "Route for application's http service." - } - }, - "spec": { - "host": "${APPLICATION_HOSTNAME}", - "to": { - "name": "${APPLICATION_NAME}" - } - } - }, - { - "kind": "Route", - "apiVersion": "v1", - "id": "${APPLICATION_NAME}-https-route", - "metadata": { - "name": "${APPLICATION_NAME}-https-route", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "Route for application's https service." - } - }, - "spec": { - "host": "${APPLICATION_HOSTNAME}", - "to": { - "name": "secure-${APPLICATION_NAME}" - }, - "tls": { - "termination" : "passthrough" - } - } - }, - { - "kind": "ImageStream", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - } - }, - { - "kind": "BuildConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "source": { - "type": "Git", - "git": { - "uri": "${GIT_URI}", - "ref": "${GIT_REF}" - }, - "contextDir":"${GIT_CONTEXT_DIR}" - }, - "strategy": { - "type": "Source", - "sourceStrategy": { - "from": { - "kind": "ImageStreamTag", - "namespace": "openshift", - "name": "jboss-eap6-openshift:${EAP_RELEASE}" - } - } - }, - "output": { - "to": { - "kind": "ImageStreamTag", - "name": "${APPLICATION_NAME}:latest" - } - }, - "triggers": [ - { - "type": "GitHub", - "github": { - "secret": "${GITHUB_TRIGGER_SECRET}" - } - }, - { - "type": "Generic", - "generic": { - "secret": "${GENERIC_TRIGGER_SECRET}" - } - }, - { - "type": "ImageChange", - "imageChange": {} - } - ] - } - }, - { - "kind": "DeploymentConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "strategy": { - "type": "Recreate" - }, - "triggers": [ - { - "type": "ImageChange", - "imageChangeParams": { - "automatic": true, - "containerNames": [ - "${APPLICATION_NAME}" - ], - "from": { - "kind": "ImageStream", - "name": "${APPLICATION_NAME}" - } - } - } - ], - "replicas": 1, - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - }, - "template": { - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "deploymentConfig": "${APPLICATION_NAME}", - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "serviceAccount": "eap-service-account", - "containers": [ - { - "name": "${APPLICATION_NAME}", - "image": "${APPLICATION_NAME}", - "imagePullPolicy": "Always", - "volumeMounts": [ - { - "name": "eap-keystore-volume", - "mountPath": "/etc/eap-secret-volume", - "readOnly": true - } - ], - "readinessProbe": { - "exec": { - "command": [ - "/bin/bash", - "-c", - "/opt/eap/bin/readinessProbe.sh" - ] - } - }, - "ports": [ - { - "name": "http", - "containerPort": 8080, - "protocol": "TCP" - }, - { - "name": "https", - "containerPort": 8443, - "protocol": "TCP" - }, - { - "name": "ping", - "containerPort": 8888, - "protocol": "TCP" - } - ], - "env": [ - { - "name": "DB_SERVICE_PREFIX_MAPPING", - "value": "${APPLICATION_NAME}-mongodb=DB" - }, - { - "name": "DB_JNDI", - "value": "${DB_JNDI}" - }, - { - "name": "DB_USERNAME", - "value": "${DB_USERNAME}" - }, - { - "name": "DB_PASSWORD", - "value": "${DB_PASSWORD}" - }, - { - "name": "DB_DATABASE", - "value": "${DB_DATABASE}" - }, - { - "name": "DB_ADMIN_PASSWORD", - "value": "${DB_ADMIN_PASSWORD}" - }, - { - "name": "DB_MIN_POOL_SIZE", - "value": "${DB_MIN_POOL_SIZE}" - }, - { - "name": "DB_MAX_POOL_SIZE", - "value": "${DB_MAX_POOL_SIZE}" - }, - { - "name": "DB_TX_ISOLATION", - "value": "${DB_TX_ISOLATION}" - }, - { - "name": "OPENSHIFT_DNS_PING_SERVICE_NAME", - "value": "${APPLICATION_NAME}-ping" - }, - { - "name": "OPENSHIFT_DNS_PING_SERVICE_PORT", - "value": "8888" - }, - { - "name": "EAP_HTTPS_KEYSTORE_DIR", - "value": "/etc/eap-secret-volume" - }, - { - "name": "EAP_HTTPS_KEYSTORE", - "value": "${EAP_HTTPS_KEYSTORE}" - }, - { - "name": "EAP_HTTPS_NAME", - "value": "${EAP_HTTPS_NAME}" - }, - { - "name": "EAP_HTTPS_PASSWORD", - "value": "${EAP_HTTPS_PASSWORD}" - }, - { - "name": "HORNETQ_CLUSTER_PASSWORD", - "value": "${HORNETQ_CLUSTER_PASSWORD}" - }, - { - "name": "HORNETQ_QUEUES", - "value": "${HORNETQ_QUEUES}" - }, - { - "name": "HORNETQ_TOPICS", - "value": "${HORNETQ_TOPICS}" - } - ] - } - ], - "volumes": [ - { - "name": "eap-keystore-volume", - "secret": { - "secretName": "${EAP_HTTPS_SECRET}" - } - } - ] - } - } - } - }, - { - "kind": "DeploymentConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}-mongodb", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "strategy": { - "type": "Recreate" - }, - "triggers": [ - { - "type": "ImageChange", - "imageChangeParams": { - "automatic": true, - "containerNames": [ - "${APPLICATION_NAME}-mongodb" - ], - "from": { - "kind": "ImageStreamTag", - "namespace": "openshift", - "name": "mongodb:latest" - } - } - } - ], - "replicas": 1, - "selector": { - "deploymentConfig": "${APPLICATION_NAME}-mongodb" - }, - "template": { - "metadata": { - "name": "${APPLICATION_NAME}-mongodb", - "labels": { - "deploymentConfig": "${APPLICATION_NAME}-mongodb", - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "containers": [ - { - "name": "${APPLICATION_NAME}-mongodb", - "image": "mongodb", - "imagePullPolicy": "Always", - "ports": [ - { - "containerPort": 27017, - "protocol": "TCP" - } - ], - "volumeMounts": [ - { - "mountPath": "/var/lib/mongodb/data", - "name": "${APPLICATION_NAME}-mongodb-pvol" - } - ], - "env": [ - { - "name": "MONGODB_USER", - "value": "${DB_USERNAME}" - }, - { - "name": "MONGODB_PASSWORD", - "value": "${DB_PASSWORD}" - }, - { - "name": "MONGODB_DATABASE", - "value": "${DB_DATABASE}" - }, - { - "name": "MONGODB_ADMIN_PASSWORD", - "value": "${DB_ADMIN_PASSWORD}" - }, - { - "name": "MONGODB_NOPREALLOC", - "value": "${MONGODB_NOPREALLOC}" - }, - { - "name": "MONGODB_SMALLFILES", - "value": "${MONGODB_SMALLFILES}" - }, - { - "name": "MONGODB_QUIET", - "value": "${MONGODB_QUIET}" - } - ] - } - ], - "volumes": [ - { - "name": "${APPLICATION_NAME}-mongodb-pvol", - "persistentVolumeClaim": { - "claimName": "${APPLICATION_NAME}-mongodb-claim" - } - } - ] - } - } - } - }, - { - "apiVersion": "v1", - "kind": "PersistentVolumeClaim", - "metadata": { - "name": "${APPLICATION_NAME}-mongodb-claim", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "accessModes": [ "ReadWriteOnce" ], - "resources": { - "requests": { - "storage": "${VOLUME_CAPACITY}" - } - } - } - } - ] -} diff --git a/roles/openshift_examples/files/examples/xpaas-templates/eap6-mongodb-sti.json b/roles/openshift_examples/files/examples/xpaas-templates/eap6-mongodb-sti.json deleted file mode 100644 index 22b301aa9..000000000 --- a/roles/openshift_examples/files/examples/xpaas-templates/eap6-mongodb-sti.json +++ /dev/null @@ -1,608 +0,0 @@ -{ - "kind": "Template", - "apiVersion": "v1", - "metadata": { - "annotations": { - "description": "Application template for EAP 6 MongDB applications built using STI.", - "iconClass" : "icon-jboss" - }, - "name": "eap6-mongodb-sti" - }, - "labels": { - "template": "eap6-mongodb-sti" - }, - "parameters": [ - { - "description": "EAP Release version, e.g. 6.4, etc.", - "name": "EAP_RELEASE", - "value": "6.4" - }, - { - "description": "The name for the application.", - "name": "APPLICATION_NAME", - "value": "eap-app" - }, - { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", - "name": "APPLICATION_HOSTNAME", - "value": "" - }, - { - "description": "Git source URI for application", - "name": "GIT_URI" - }, - { - "description": "Git branch/tag reference", - "name": "GIT_REF", - "value": "master" - }, - { - "description": "Path within Git project to build; empty for root project directory.", - "name": "GIT_CONTEXT_DIR", - "value": "" - }, - { - "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb", - "name": "DB_JNDI", - "value": "" - }, - { - "description": "Database name", - "name": "DB_DATABASE", - "value": "root" - }, - { - "description": "Queue names", - "name": "HORNETQ_QUEUES", - "value": "" - }, - { - "description": "Topic names", - "name": "HORNETQ_TOPICS", - "value": "" - }, - { - "description": "The name of the secret containing the keystore file", - "name": "EAP_HTTPS_SECRET", - "value": "eap-app-secret" - }, - { - "description": "The name of the keystore file within the secret", - "name": "EAP_HTTPS_KEYSTORE", - "value": "keystore.jks" - }, - { - "description": "The name associated with the server certificate", - "name": "EAP_HTTPS_NAME", - "value": "" - }, - { - "description": "The password for the keystore and certificate", - "name": "EAP_HTTPS_PASSWORD", - "value": "" - }, - { - "description": "Sets xa-pool/min-pool-size for the configured datasource.", - "name": "DB_MIN_POOL_SIZE" - }, - { - "description": "Sets xa-pool/max-pool-size for the configured datasource.", - "name": "DB_MAX_POOL_SIZE" - }, - { - "description": "Sets transaction-isolation for the configured datasource.", - "name": "DB_TX_ISOLATION" - }, - { - "description": "Disable data file preallocation.", - "name": "MONGODB_NOPREALLOC" - }, - { - "description": "Set MongoDB to use a smaller default data file size.", - "name": "MONGODB_SMALLFILES" - }, - { - "description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.", - "name": "MONGODB_QUIET" - }, - { - "description": "HornetQ cluster admin password", - "name": "HORNETQ_CLUSTER_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Database user name", - "name": "DB_USERNAME", - "from": "user[a-zA-Z0-9]{3}", - "generate": "expression" - }, - { - "description": "Database user password", - "name": "DB_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Database admin password", - "name": "DB_ADMIN_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Github trigger secret", - "name": "GITHUB_TRIGGER_SECRET", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Generic build trigger secret", - "name": "GENERIC_TRIGGER_SECRET", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - } - ], - "objects": [ - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 8080, - "targetPort": 8080 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The web server's http port." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 8443, - "targetPort": 8443 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - } - }, - "metadata": { - "name": "secure-${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The web server's https port." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 8888, - "targetPort": 8888 - } - ], - "portalIP": "None", - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}-ping", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "Ping service for clustered applications." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 27017, - "targetPort": 27017 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}-mongodb" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}-mongodb", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The database server's port." - } - } - }, - { - "kind": "Route", - "apiVersion": "v1", - "id": "${APPLICATION_NAME}-http-route", - "metadata": { - "name": "${APPLICATION_NAME}-http-route", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "Route for application's http service." - } - }, - "spec": { - "host": "${APPLICATION_HOSTNAME}", - "to": { - "name": "${APPLICATION_NAME}" - } - } - }, - { - "kind": "Route", - "apiVersion": "v1", - "id": "${APPLICATION_NAME}-https-route", - "metadata": { - "name": "${APPLICATION_NAME}-https-route", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "Route for application's https service." - } - }, - "spec": { - "host": "${APPLICATION_HOSTNAME}", - "to": { - "name": "secure-${APPLICATION_NAME}" - }, - "tls": { - "termination" : "passthrough" - } - } - }, - { - "kind": "ImageStream", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - } - }, - { - "kind": "BuildConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "source": { - "type": "Git", - "git": { - "uri": "${GIT_URI}", - "ref": "${GIT_REF}" - }, - "contextDir":"${GIT_CONTEXT_DIR}" - }, - "strategy": { - "type": "Source", - "sourceStrategy": { - "from": { - "kind": "ImageStreamTag", - "namespace": "openshift", - "name": "jboss-eap6-openshift:${EAP_RELEASE}" - } - } - }, - "output": { - "to": { - "kind": "ImageStreamTag", - "name": "${APPLICATION_NAME}:latest" - } - }, - "triggers": [ - { - "type": "GitHub", - "github": { - "secret": "${GITHUB_TRIGGER_SECRET}" - } - }, - { - "type": "Generic", - "generic": { - "secret": "${GENERIC_TRIGGER_SECRET}" - } - }, - { - "type": "ImageChange", - "imageChange": {} - } - ] - } - }, - { - "kind": "DeploymentConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "strategy": { - "type": "Recreate" - }, - "triggers": [ - { - "type": "ImageChange", - "imageChangeParams": { - "automatic": true, - "containerNames": [ - "${APPLICATION_NAME}" - ], - "from": { - "kind": "ImageStream", - "name": "${APPLICATION_NAME}" - } - } - } - ], - "replicas": 1, - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - }, - "template": { - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "deploymentConfig": "${APPLICATION_NAME}", - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "serviceAccount": "eap-service-account", - "containers": [ - { - "name": "${APPLICATION_NAME}", - "image": "${APPLICATION_NAME}", - "imagePullPolicy": "Always", - "volumeMounts": [ - { - "name": "eap-keystore-volume", - "mountPath": "/etc/eap-secret-volume", - "readOnly": true - } - ], - "readinessProbe": { - "exec": { - "command": [ - "/bin/bash", - "-c", - "/opt/eap/bin/readinessProbe.sh" - ] - } - }, - "ports": [ - { - "name": "http", - "containerPort": 8080, - "protocol": "TCP" - }, - { - "name": "https", - "containerPort": 8443, - "protocol": "TCP" - }, - { - "name": "ping", - "containerPort": 8888, - "protocol": "TCP" - } - ], - "env": [ - { - "name": "DB_SERVICE_PREFIX_MAPPING", - "value": "${APPLICATION_NAME}-mongodb=DB" - }, - { - "name": "DB_JNDI", - "value": "${DB_JNDI}" - }, - { - "name": "DB_USERNAME", - "value": "${DB_USERNAME}" - }, - { - "name": "DB_PASSWORD", - "value": "${DB_PASSWORD}" - }, - { - "name": "DB_DATABASE", - "value": "${DB_DATABASE}" - }, - { - "name": "DB_ADMIN_PASSWORD", - "value": "${DB_ADMIN_PASSWORD}" - }, - { - "name": "DB_MIN_POOL_SIZE", - "value": "${DB_MIN_POOL_SIZE}" - }, - { - "name": "DB_MAX_POOL_SIZE", - "value": "${DB_MAX_POOL_SIZE}" - }, - { - "name": "DB_TX_ISOLATION", - "value": "${DB_TX_ISOLATION}" - }, - { - "name": "OPENSHIFT_DNS_PING_SERVICE_NAME", - "value": "${APPLICATION_NAME}-ping" - }, - { - "name": "OPENSHIFT_DNS_PING_SERVICE_PORT", - "value": "8888" - }, - { - "name": "EAP_HTTPS_KEYSTORE_DIR", - "value": "/etc/eap-secret-volume" - }, - { - "name": "EAP_HTTPS_KEYSTORE", - "value": "${EAP_HTTPS_KEYSTORE}" - }, - { - "name": "EAP_HTTPS_NAME", - "value": "${EAP_HTTPS_NAME}" - }, - { - "name": "EAP_HTTPS_PASSWORD", - "value": "${EAP_HTTPS_PASSWORD}" - }, - { - "name": "HORNETQ_CLUSTER_PASSWORD", - "value": "${HORNETQ_CLUSTER_PASSWORD}" - }, - { - "name": "HORNETQ_QUEUES", - "value": "${HORNETQ_QUEUES}" - }, - { - "name": "HORNETQ_TOPICS", - "value": "${HORNETQ_TOPICS}" - } - ] - } - ], - "volumes": [ - { - "name": "eap-keystore-volume", - "secret": { - "secretName": "${EAP_HTTPS_SECRET}" - } - } - ] - } - } - } - }, - { - "kind": "DeploymentConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}-mongodb", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "strategy": { - "type": "Recreate" - }, - "triggers": [ - { - "type": "ImageChange", - "imageChangeParams": { - "automatic": true, - "containerNames": [ - "${APPLICATION_NAME}-mongodb" - ], - "from": { - "kind": "ImageStreamTag", - "namespace": "openshift", - "name": "mongodb:latest" - } - } - } - ], - "replicas": 1, - "selector": { - "deploymentConfig": "${APPLICATION_NAME}-mongodb" - }, - "template": { - "metadata": { - "name": "${APPLICATION_NAME}-mongodb", - "labels": { - "deploymentConfig": "${APPLICATION_NAME}-mongodb", - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "containers": [ - { - "name": "${APPLICATION_NAME}-mongodb", - "image": "mongodb", - "imagePullPolicy": "Always", - "ports": [ - { - "containerPort": 27017, - "protocol": "TCP" - } - ], - "env": [ - { - "name": "MONGODB_USER", - "value": "${DB_USERNAME}" - }, - { - "name": "MONGODB_PASSWORD", - "value": "${DB_PASSWORD}" - }, - { - "name": "MONGODB_DATABASE", - "value": "${DB_DATABASE}" - }, - { - "name": "MONGODB_ADMIN_PASSWORD", - "value": "${DB_ADMIN_PASSWORD}" - }, - { - "name": "MONGODB_NOPREALLOC", - "value": "${MONGODB_NOPREALLOC}" - }, - { - "name": "MONGODB_SMALLFILES", - "value": "${MONGODB_SMALLFILES}" - }, - { - "name": "MONGODB_QUIET", - "value": "${MONGODB_QUIET}" - } - ] - } - ] - } - } - } - } - ] -} diff --git a/roles/openshift_examples/files/examples/xpaas-templates/eap6-mysql-persistent-sti.json b/roles/openshift_examples/files/examples/xpaas-templates/eap6-mysql-persistent-sti.json deleted file mode 100644 index 648a53199..000000000 --- a/roles/openshift_examples/files/examples/xpaas-templates/eap6-mysql-persistent-sti.json +++ /dev/null @@ -1,651 +0,0 @@ -{ - "kind": "Template", - "apiVersion": "v1", - "metadata": { - "annotations": { - "description": "Application template for EAP 6 MySQL applications with persistent storage built using STI.", - "iconClass" : "icon-jboss" - }, - "name": "eap6-mysql-persistent-sti" - }, - "labels": { - "template": "eap6-mysql-persistent-sti" - }, - "parameters": [ - { - "description": "EAP Release version, e.g. 6.4, etc.", - "name": "EAP_RELEASE", - "value": "6.4" - }, - { - "description": "The name for the application.", - "name": "APPLICATION_NAME", - "value": "eap-app" - }, - { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", - "name": "APPLICATION_HOSTNAME", - "value": "" - }, - { - "description": "Git source URI for application", - "name": "GIT_URI" - }, - { - "description": "Git branch/tag reference", - "name": "GIT_REF", - "value": "master" - }, - { - "description": "Path within Git project to build; empty for root project directory.", - "name": "GIT_CONTEXT_DIR", - "value": "" - }, - { - "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql", - "name": "DB_JNDI", - "value": "" - }, - { - "description": "Database name", - "name": "DB_DATABASE", - "value": "root" - }, - { - "description": "Size of persistent storage for database volume.", - "name": "VOLUME_CAPACITY", - "value": "512Mi" - }, - { - "description": "Queue names", - "name": "HORNETQ_QUEUES", - "value": "" - }, - { - "description": "Topic names", - "name": "HORNETQ_TOPICS", - "value": "" - }, - { - "description": "The name of the secret containing the keystore file", - "name": "EAP_HTTPS_SECRET", - "value": "eap-app-secret" - }, - { - "description": "The name of the keystore file within the secret", - "name": "EAP_HTTPS_KEYSTORE", - "value": "keystore.jks" - }, - { - "description": "The name associated with the server certificate", - "name": "EAP_HTTPS_NAME", - "value": "" - }, - { - "description": "The password for the keystore and certificate", - "name": "EAP_HTTPS_PASSWORD", - "value": "" - }, - { - "description": "Sets xa-pool/min-pool-size for the configured datasource.", - "name": "DB_MIN_POOL_SIZE" - }, - { - "description": "Sets xa-pool/max-pool-size for the configured datasource.", - "name": "DB_MAX_POOL_SIZE" - }, - { - "description": "Sets transaction-isolation for the configured datasource.", - "name": "DB_TX_ISOLATION" - }, - { - "description": "Sets how the table names are stored and compared.", - "name": "MYSQL_LOWER_CASE_TABLE_NAMES" - }, - { - "description": "The maximum permitted number of simultaneous client connections.", - "name": "MYSQL_MAX_CONNECTIONS" - }, - { - "description": "The minimum length of the word to be included in a FULLTEXT index.", - "name": "MYSQL_FT_MIN_WORD_LEN" - }, - { - "description": "The maximum length of the word to be included in a FULLTEXT index.", - "name": "MYSQL_FT_MAX_WORD_LEN" - }, - { - "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.", - "name": "MYSQL_AIO" - }, - { - "description": "HornetQ cluster admin password", - "name": "HORNETQ_CLUSTER_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Database user name", - "name": "DB_USERNAME", - "from": "user[a-zA-Z0-9]{3}", - "generate": "expression" - }, - { - "description": "Database user password", - "name": "DB_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Github trigger secret", - "name": "GITHUB_TRIGGER_SECRET", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Generic build trigger secret", - "name": "GENERIC_TRIGGER_SECRET", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - } - ], - "objects": [ - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 8080, - "targetPort": 8080 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The web server's http port." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 8443, - "targetPort": 8443 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - } - }, - "metadata": { - "name": "secure-${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The web server's https port." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 8888, - "targetPort": 8888 - } - ], - "portalIP": "None", - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}-ping", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "Ping service for clustered applications." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 3306, - "targetPort": 3306 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}-mysql" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}-mysql", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The database server's port." - } - } - }, - { - "kind": "Route", - "apiVersion": "v1", - "id": "${APPLICATION_NAME}-http-route", - "metadata": { - "name": "${APPLICATION_NAME}-http-route", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "Route for application's http service." - } - }, - "spec": { - "host": "${APPLICATION_HOSTNAME}", - "to": { - "name": "${APPLICATION_NAME}" - } - } - }, - { - "kind": "Route", - "apiVersion": "v1", - "id": "${APPLICATION_NAME}-https-route", - "metadata": { - "name": "${APPLICATION_NAME}-https-route", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "Route for application's https service." - } - }, - "spec": { - "host": "${APPLICATION_HOSTNAME}", - "to": { - "name": "secure-${APPLICATION_NAME}" - }, - "tls": { - "termination" : "passthrough" - } - } - }, - { - "kind": "ImageStream", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - } - }, - { - "kind": "BuildConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "source": { - "type": "Git", - "git": { - "uri": "${GIT_URI}", - "ref": "${GIT_REF}" - }, - "contextDir":"${GIT_CONTEXT_DIR}" - }, - "strategy": { - "type": "Source", - "sourceStrategy": { - "from": { - "kind": "ImageStreamTag", - "namespace": "openshift", - "name": "jboss-eap6-openshift:${EAP_RELEASE}" - } - } - }, - "output": { - "to": { - "kind": "ImageStreamTag", - "name": "${APPLICATION_NAME}:latest" - } - }, - "triggers": [ - { - "type": "GitHub", - "github": { - "secret": "${GITHUB_TRIGGER_SECRET}" - } - }, - { - "type": "Generic", - "generic": { - "secret": "${GENERIC_TRIGGER_SECRET}" - } - }, - { - "type": "ImageChange", - "imageChange": {} - } - ] - } - }, - { - "kind": "DeploymentConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "strategy": { - "type": "Recreate" - }, - "triggers": [ - { - "type": "ImageChange", - "imageChangeParams": { - "automatic": true, - "containerNames": [ - "${APPLICATION_NAME}" - ], - "from": { - "kind": "ImageStream", - "name": "${APPLICATION_NAME}" - } - } - } - ], - "replicas": 1, - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - }, - "template": { - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "deploymentConfig": "${APPLICATION_NAME}", - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "serviceAccount": "eap-service-account", - "containers": [ - { - "name": "${APPLICATION_NAME}", - "image": "${APPLICATION_NAME}", - "imagePullPolicy": "Always", - "volumeMounts": [ - { - "name": "eap-keystore-volume", - "mountPath": "/etc/eap-secret-volume", - "readOnly": true - } - ], - "readinessProbe": { - "exec": { - "command": [ - "/bin/bash", - "-c", - "/opt/eap/bin/readinessProbe.sh" - ] - } - }, - "ports": [ - { - "name": "http", - "containerPort": 8080, - "protocol": "TCP" - }, - { - "name": "https", - "containerPort": 8443, - "protocol": "TCP" - }, - { - "name": "ping", - "containerPort": 8888, - "protocol": "TCP" - } - ], - "env": [ - { - "name": "DB_SERVICE_PREFIX_MAPPING", - "value": "${APPLICATION_NAME}-mysql=DB" - }, - { - "name": "DB_JNDI", - "value": "${DB_JNDI}" - }, - { - "name": "DB_USERNAME", - "value": "${DB_USERNAME}" - }, - { - "name": "DB_PASSWORD", - "value": "${DB_PASSWORD}" - }, - { - "name": "DB_DATABASE", - "value": "${DB_DATABASE}" - }, - { - "name": "TX_DATABASE_PREFIX_MAPPING", - "value": "${APPLICATION_NAME}-mysql=DB" - }, - { - "name": "DB_MIN_POOL_SIZE", - "value": "${DB_MIN_POOL_SIZE}" - }, - { - "name": "DB_MAX_POOL_SIZE", - "value": "${DB_MAX_POOL_SIZE}" - }, - { - "name": "DB_TX_ISOLATION", - "value": "${DB_TX_ISOLATION}" - }, - { - "name": "OPENSHIFT_DNS_PING_SERVICE_NAME", - "value": "${APPLICATION_NAME}-ping" - }, - { - "name": "OPENSHIFT_DNS_PING_SERVICE_PORT", - "value": "8888" - }, - { - "name": "EAP_HTTPS_KEYSTORE_DIR", - "value": "/etc/eap-secret-volume" - }, - { - "name": "EAP_HTTPS_KEYSTORE", - "value": "${EAP_HTTPS_KEYSTORE}" - }, - { - "name": "EAP_HTTPS_NAME", - "value": "${EAP_HTTPS_NAME}" - }, - { - "name": "EAP_HTTPS_PASSWORD", - "value": "${EAP_HTTPS_PASSWORD}" - }, - { - "name": "HORNETQ_CLUSTER_PASSWORD", - "value": "${HORNETQ_CLUSTER_PASSWORD}" - }, - { - "name": "HORNETQ_QUEUES", - "value": "${HORNETQ_QUEUES}" - }, - { - "name": "HORNETQ_TOPICS", - "value": "${HORNETQ_TOPICS}" - } - ] - } - ], - "volumes": [ - { - "name": "eap-keystore-volume", - "secret": { - "secretName": "${EAP_HTTPS_SECRET}" - } - } - ] - } - } - } - }, - { - "kind": "DeploymentConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}-mysql", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "strategy": { - "type": "Recreate" - }, - "triggers": [ - { - "type": "ImageChange", - "imageChangeParams": { - "automatic": true, - "containerNames": [ - "${APPLICATION_NAME}-mysql" - ], - "from": { - "kind": "ImageStreamTag", - "namespace": "openshift", - "name": "mysql:latest" - } - } - } - ], - "replicas": 1, - "selector": { - "deploymentConfig": "${APPLICATION_NAME}-mysql" - }, - "template": { - "metadata": { - "name": "${APPLICATION_NAME}-mysql", - "labels": { - "deploymentConfig": "${APPLICATION_NAME}-mysql", - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "containers": [ - { - "name": "${APPLICATION_NAME}-mysql", - "image": "mysql", - "imagePullPolicy": "Always", - "ports": [ - { - "containerPort": 3306, - "protocol": "TCP" - } - ], - "volumeMounts": [ - { - "mountPath": "/var/lib/mysql/data", - "name": "${APPLICATION_NAME}-mysql-pvol" - } - ], - "env": [ - { - "name": "MYSQL_USER", - "value": "${DB_USERNAME}" - }, - { - "name": "MYSQL_PASSWORD", - "value": "${DB_PASSWORD}" - }, - { - "name": "MYSQL_DATABASE", - "value": "${DB_DATABASE}" - }, - { - "name": "MYSQL_LOWER_CASE_TABLE_NAMES", - "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}" - }, - { - "name": "MYSQL_MAX_CONNECTIONS", - "value": "${MYSQL_MAX_CONNECTIONS}" - }, - { - "name": "MYSQL_FT_MIN_WORD_LEN", - "value": "${MYSQL_FT_MIN_WORD_LEN}" - }, - { - "name": "MYSQL_FT_MAX_WORD_LEN", - "value": "${MYSQL_FT_MAX_WORD_LEN}" - }, - { - "name": "MYSQL_AIO", - "value": "${MYSQL_AIO}" - } - ] - } - ], - "volumes": [ - { - "name": "${APPLICATION_NAME}-mysql-pvol", - "persistentVolumeClaim": { - "claimName": "${APPLICATION_NAME}-mysql-claim" - } - } - ] - } - } - } - }, - { - "apiVersion": "v1", - "kind": "PersistentVolumeClaim", - "metadata": { - "name": "${APPLICATION_NAME}-mysql-claim", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "accessModes": [ "ReadWriteOnce" ], - "resources": { - "requests": { - "storage": "${VOLUME_CAPACITY}" - } - } - } - } - ] -} diff --git a/roles/openshift_examples/files/examples/xpaas-templates/eap6-mysql-sti.json b/roles/openshift_examples/files/examples/xpaas-templates/eap6-mysql-sti.json deleted file mode 100644 index 83d5c8b18..000000000 --- a/roles/openshift_examples/files/examples/xpaas-templates/eap6-mysql-sti.json +++ /dev/null @@ -1,614 +0,0 @@ -{ - "kind": "Template", - "apiVersion": "v1", - "metadata": { - "annotations": { - "description": "Application template for EAP 6 MySQL applications built using STI.", - "iconClass" : "icon-jboss" - }, - "name": "eap6-mysql-sti" - }, - "labels": { - "template": "eap6-mysql-sti" - }, - "parameters": [ - { - "description": "EAP Release version, e.g. 6.4, etc.", - "name": "EAP_RELEASE", - "value": "6.4" - }, - { - "description": "The name for the application.", - "name": "APPLICATION_NAME", - "value": "eap-app" - }, - { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", - "name": "APPLICATION_HOSTNAME", - "value": "" - }, - { - "description": "Git source URI for application", - "name": "GIT_URI" - }, - { - "description": "Git branch/tag reference", - "name": "GIT_REF", - "value": "master" - }, - { - "description": "Path within Git project to build; empty for root project directory.", - "name": "GIT_CONTEXT_DIR", - "value": "" - }, - { - "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql", - "name": "DB_JNDI", - "value": "" - }, - { - "description": "Database name", - "name": "DB_DATABASE", - "value": "root" - }, - { - "description": "Queue names", - "name": "HORNETQ_QUEUES", - "value": "" - }, - { - "description": "Topic names", - "name": "HORNETQ_TOPICS", - "value": "" - }, - { - "description": "The name of the secret containing the keystore file", - "name": "EAP_HTTPS_SECRET", - "value": "eap-app-secret" - }, - { - "description": "The name of the keystore file within the secret", - "name": "EAP_HTTPS_KEYSTORE", - "value": "keystore.jks" - }, - { - "description": "The name associated with the server certificate", - "name": "EAP_HTTPS_NAME", - "value": "" - }, - { - "description": "The password for the keystore and certificate", - "name": "EAP_HTTPS_PASSWORD", - "value": "" - }, - { - "description": "Sets xa-pool/min-pool-size for the configured datasource.", - "name": "DB_MIN_POOL_SIZE" - }, - { - "description": "Sets xa-pool/max-pool-size for the configured datasource.", - "name": "DB_MAX_POOL_SIZE" - }, - { - "description": "Sets transaction-isolation for the configured datasource.", - "name": "DB_TX_ISOLATION" - }, - { - "description": "Sets how the table names are stored and compared.", - "name": "MYSQL_LOWER_CASE_TABLE_NAMES" - }, - { - "description": "The maximum permitted number of simultaneous client connections.", - "name": "MYSQL_MAX_CONNECTIONS" - }, - { - "description": "The minimum length of the word to be included in a FULLTEXT index.", - "name": "MYSQL_FT_MIN_WORD_LEN" - }, - { - "description": "The maximum length of the word to be included in a FULLTEXT index.", - "name": "MYSQL_FT_MAX_WORD_LEN" - }, - { - "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.", - "name": "MYSQL_AIO" - }, - { - "description": "HornetQ cluster admin password", - "name": "HORNETQ_CLUSTER_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Database user name", - "name": "DB_USERNAME", - "from": "user[a-zA-Z0-9]{3}", - "generate": "expression" - }, - { - "description": "Database user password", - "name": "DB_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Github trigger secret", - "name": "GITHUB_TRIGGER_SECRET", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Generic build trigger secret", - "name": "GENERIC_TRIGGER_SECRET", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - } - ], - "objects": [ - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 8080, - "targetPort": 8080 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The web server's http port." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 8443, - "targetPort": 8443 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - } - }, - "metadata": { - "name": "secure-${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The web server's https port." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 8888, - "targetPort": 8888 - } - ], - "portalIP": "None", - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}-ping", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "Ping service for clustered applications." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 3306, - "targetPort": 3306 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}-mysql" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}-mysql", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The database server's port." - } - } - }, - { - "kind": "Route", - "apiVersion": "v1", - "id": "${APPLICATION_NAME}-http-route", - "metadata": { - "name": "${APPLICATION_NAME}-http-route", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "Route for application's http service." - } - }, - "spec": { - "host": "${APPLICATION_HOSTNAME}", - "to": { - "name": "${APPLICATION_NAME}" - } - } - }, - { - "kind": "Route", - "apiVersion": "v1", - "id": "${APPLICATION_NAME}-https-route", - "metadata": { - "name": "${APPLICATION_NAME}-https-route", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "Route for application's https service." - } - }, - "spec": { - "host": "${APPLICATION_HOSTNAME}", - "to": { - "name": "secure-${APPLICATION_NAME}" - }, - "tls": { - "termination" : "passthrough" - } - } - }, - { - "kind": "ImageStream", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - } - }, - { - "kind": "BuildConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "source": { - "type": "Git", - "git": { - "uri": "${GIT_URI}", - "ref": "${GIT_REF}" - }, - "contextDir":"${GIT_CONTEXT_DIR}" - }, - "strategy": { - "type": "Source", - "sourceStrategy": { - "from": { - "kind": "ImageStreamTag", - "namespace": "openshift", - "name": "jboss-eap6-openshift:${EAP_RELEASE}" - } - } - }, - "output": { - "to": { - "kind": "ImageStreamTag", - "name": "${APPLICATION_NAME}:latest" - } - }, - "triggers": [ - { - "type": "GitHub", - "github": { - "secret": "${GITHUB_TRIGGER_SECRET}" - } - }, - { - "type": "Generic", - "generic": { - "secret": "${GENERIC_TRIGGER_SECRET}" - } - }, - { - "type": "ImageChange", - "imageChange": {} - } - ] - } - }, - { - "kind": "DeploymentConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "strategy": { - "type": "Recreate" - }, - "triggers": [ - { - "type": "ImageChange", - "imageChangeParams": { - "automatic": true, - "containerNames": [ - "${APPLICATION_NAME}" - ], - "from": { - "kind": "ImageStream", - "name": "${APPLICATION_NAME}" - } - } - } - ], - "replicas": 1, - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - }, - "template": { - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "deploymentConfig": "${APPLICATION_NAME}", - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "serviceAccount": "eap-service-account", - "containers": [ - { - "name": "${APPLICATION_NAME}", - "image": "${APPLICATION_NAME}", - "imagePullPolicy": "Always", - "volumeMounts": [ - { - "name": "eap-keystore-volume", - "mountPath": "/etc/eap-secret-volume", - "readOnly": true - } - ], - "readinessProbe": { - "exec": { - "command": [ - "/bin/bash", - "-c", - "/opt/eap/bin/readinessProbe.sh" - ] - } - }, - "ports": [ - { - "name": "http", - "containerPort": 8080, - "protocol": "TCP" - }, - { - "name": "https", - "containerPort": 8443, - "protocol": "TCP" - }, - { - "name": "ping", - "containerPort": 8888, - "protocol": "TCP" - } - ], - "env": [ - { - "name": "DB_SERVICE_PREFIX_MAPPING", - "value": "${APPLICATION_NAME}-mysql=DB" - }, - { - "name": "DB_JNDI", - "value": "${DB_JNDI}" - }, - { - "name": "DB_USERNAME", - "value": "${DB_USERNAME}" - }, - { - "name": "DB_PASSWORD", - "value": "${DB_PASSWORD}" - }, - { - "name": "DB_DATABASE", - "value": "${DB_DATABASE}" - }, - { - "name": "TX_DATABASE_PREFIX_MAPPING", - "value": "${APPLICATION_NAME}-mysql=DB" - }, - { - "name": "DB_MIN_POOL_SIZE", - "value": "${DB_MIN_POOL_SIZE}" - }, - { - "name": "DB_MAX_POOL_SIZE", - "value": "${DB_MAX_POOL_SIZE}" - }, - { - "name": "DB_TX_ISOLATION", - "value": "${DB_TX_ISOLATION}" - }, - { - "name": "OPENSHIFT_DNS_PING_SERVICE_NAME", - "value": "${APPLICATION_NAME}-ping" - }, - { - "name": "OPENSHIFT_DNS_PING_SERVICE_PORT", - "value": "8888" - }, - { - "name": "EAP_HTTPS_KEYSTORE_DIR", - "value": "/etc/eap-secret-volume" - }, - { - "name": "EAP_HTTPS_KEYSTORE", - "value": "${EAP_HTTPS_KEYSTORE}" - }, - { - "name": "EAP_HTTPS_NAME", - "value": "${EAP_HTTPS_NAME}" - }, - { - "name": "EAP_HTTPS_PASSWORD", - "value": "${EAP_HTTPS_PASSWORD}" - }, - { - "name": "HORNETQ_CLUSTER_PASSWORD", - "value": "${HORNETQ_CLUSTER_PASSWORD}" - }, - { - "name": "HORNETQ_QUEUES", - "value": "${HORNETQ_QUEUES}" - }, - { - "name": "HORNETQ_TOPICS", - "value": "${HORNETQ_TOPICS}" - } - ] - } - ], - "volumes": [ - { - "name": "eap-keystore-volume", - "secret": { - "secretName": "${EAP_HTTPS_SECRET}" - } - } - ] - } - } - } - }, - { - "kind": "DeploymentConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}-mysql", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "strategy": { - "type": "Recreate" - }, - "triggers": [ - { - "type": "ImageChange", - "imageChangeParams": { - "automatic": true, - "containerNames": [ - "${APPLICATION_NAME}-mysql" - ], - "from": { - "kind": "ImageStreamTag", - "namespace": "openshift", - "name": "mysql:latest" - } - } - } - ], - "replicas": 1, - "selector": { - "deploymentConfig": "${APPLICATION_NAME}-mysql" - }, - "template": { - "metadata": { - "name": "${APPLICATION_NAME}-mysql", - "labels": { - "deploymentConfig": "${APPLICATION_NAME}-mysql", - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "containers": [ - { - "name": "${APPLICATION_NAME}-mysql", - "image": "mysql", - "imagePullPolicy": "Always", - "ports": [ - { - "containerPort": 3306, - "protocol": "TCP" - } - ], - "env": [ - { - "name": "MYSQL_USER", - "value": "${DB_USERNAME}" - }, - { - "name": "MYSQL_PASSWORD", - "value": "${DB_PASSWORD}" - }, - { - "name": "MYSQL_DATABASE", - "value": "${DB_DATABASE}" - }, - { - "name": "MYSQL_LOWER_CASE_TABLE_NAMES", - "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}" - }, - { - "name": "MYSQL_MAX_CONNECTIONS", - "value": "${MYSQL_MAX_CONNECTIONS}" - }, - { - "name": "MYSQL_FT_MIN_WORD_LEN", - "value": "${MYSQL_FT_MIN_WORD_LEN}" - }, - { - "name": "MYSQL_FT_MAX_WORD_LEN", - "value": "${MYSQL_FT_MAX_WORD_LEN}" - }, - { - "name": "MYSQL_AIO", - "value": "${MYSQL_AIO}" - } - ] - } - ] - } - } - } - } - ] -} diff --git a/roles/openshift_examples/files/examples/xpaas-templates/eap6-postgresql-persistent-sti.json b/roles/openshift_examples/files/examples/xpaas-templates/eap6-postgresql-persistent-sti.json deleted file mode 100644 index 53b953b7e..000000000 --- a/roles/openshift_examples/files/examples/xpaas-templates/eap6-postgresql-persistent-sti.json +++ /dev/null @@ -1,627 +0,0 @@ -{ - "kind": "Template", - "apiVersion": "v1", - "metadata": { - "annotations": { - "description": "Application template for EAP 6 PostgreSQL applications with persistent storage built using STI.", - "iconClass" : "icon-jboss" - }, - "name": "eap6-postgresql-persistent-sti" - }, - "labels": { - "template": "eap6-postgresql-persistent-sti" - }, - "parameters": [ - { - "description": "EAP Release version, e.g. 6.4, etc.", - "name": "EAP_RELEASE", - "value": "6.4" - }, - { - "description": "The name for the application.", - "name": "APPLICATION_NAME", - "value": "eap-app" - }, - { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", - "name": "APPLICATION_HOSTNAME", - "value": "" - }, - { - "description": "Git source URI for application", - "name": "GIT_URI" - }, - { - "description": "Git branch/tag reference", - "name": "GIT_REF", - "value": "master" - }, - { - "description": "Path within Git project to build; empty for root project directory.", - "name": "GIT_CONTEXT_DIR", - "value": "" - }, - { - "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql", - "name": "DB_JNDI", - "value": "" - }, - { - "description": "Database name", - "name": "DB_DATABASE", - "value": "root" - }, - { - "description": "Size of persistent storage for database volume.", - "name": "VOLUME_CAPACITY", - "value": "512Mi" - }, - { - "description": "Queue names", - "name": "HORNETQ_QUEUES", - "value": "" - }, - { - "description": "Topic names", - "name": "HORNETQ_TOPICS", - "value": "" - }, - { - "description": "The name of the secret containing the keystore file", - "name": "EAP_HTTPS_SECRET", - "value": "eap-app-secret" - }, - { - "description": "The name of the keystore file within the secret", - "name": "EAP_HTTPS_KEYSTORE", - "value": "keystore.jks" - }, - { - "description": "The name associated with the server certificate", - "name": "EAP_HTTPS_NAME", - "value": "" - }, - { - "description": "The password for the keystore and certificate", - "name": "EAP_HTTPS_PASSWORD", - "value": "" - }, - { - "description": "Sets xa-pool/min-pool-size for the configured datasource.", - "name": "DB_MIN_POOL_SIZE" - }, - { - "description": "Sets xa-pool/max-pool-size for the configured datasource.", - "name": "DB_MAX_POOL_SIZE" - }, - { - "description": "Sets transaction-isolation for the configured datasource.", - "name": "DB_TX_ISOLATION" - }, - { - "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.", - "name": "POSTGRESQL_MAX_CONNECTIONS" - }, - { - "description": "Configures how much memory is dedicated to PostgreSQL for caching data.", - "name": "POSTGRESQL_SHARED_BUFFERS" - }, - { - "description": "HornetQ cluster admin password", - "name": "HORNETQ_CLUSTER_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Database user name", - "name": "DB_USERNAME", - "from": "user[a-zA-Z0-9]{3}", - "generate": "expression" - }, - { - "description": "Database user password", - "name": "DB_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Github trigger secret", - "name": "GITHUB_TRIGGER_SECRET", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Generic build trigger secret", - "name": "GENERIC_TRIGGER_SECRET", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - } - ], - "objects": [ - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 8080, - "targetPort": 8080 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The web server's http port." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 8443, - "targetPort": 8443 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - } - }, - "metadata": { - "name": "secure-${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The web server's https port." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 8888, - "targetPort": 8888 - } - ], - "portalIP": "None", - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}-ping", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "Ping service for clustered applications." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 5432, - "targetPort": 5432 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}-postgresql" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}-postgresql", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The database server's port." - } - } - }, - { - "kind": "Route", - "apiVersion": "v1", - "id": "${APPLICATION_NAME}-http-route", - "metadata": { - "name": "${APPLICATION_NAME}-http-route", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "Route for application's http service." - } - }, - "spec": { - "host": "${APPLICATION_HOSTNAME}", - "to": { - "name": "${APPLICATION_NAME}" - } - } - }, - { - "kind": "Route", - "apiVersion": "v1", - "id": "${APPLICATION_NAME}-https-route", - "metadata": { - "name": "${APPLICATION_NAME}-https-route", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "Route for application's https service." - } - }, - "spec": { - "host": "${APPLICATION_HOSTNAME}", - "to": { - "name": "secure-${APPLICATION_NAME}" - }, - "tls": { - "termination" : "passthrough" - } - } - }, - { - "kind": "ImageStream", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - } - }, - { - "kind": "BuildConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "source": { - "type": "Git", - "git": { - "uri": "${GIT_URI}", - "ref": "${GIT_REF}" - }, - "contextDir":"${GIT_CONTEXT_DIR}" - }, - "strategy": { - "type": "Source", - "sourceStrategy": { - "from": { - "kind": "ImageStreamTag", - "namespace": "openshift", - "name": "jboss-eap6-openshift:${EAP_RELEASE}" - } - } - }, - "output": { - "to": { - "kind": "ImageStreamTag", - "name": "${APPLICATION_NAME}:latest" - } - }, - "triggers": [ - { - "type": "GitHub", - "github": { - "secret": "${GITHUB_TRIGGER_SECRET}" - } - }, - { - "type": "Generic", - "generic": { - "secret": "${GENERIC_TRIGGER_SECRET}" - } - }, - { - "type": "ImageChange", - "imageChange": {} - } - ] - } - }, - { - "kind": "DeploymentConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "strategy": { - "type": "Recreate" - }, - "triggers": [ - { - "type": "ImageChange", - "imageChangeParams": { - "automatic": true, - "containerNames": [ - "${APPLICATION_NAME}" - ], - "from": { - "kind": "ImageStream", - "name": "${APPLICATION_NAME}" - } - } - } - ], - "replicas": 1, - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - }, - "template": { - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "deploymentConfig": "${APPLICATION_NAME}", - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "serviceAccount": "eap-service-account", - "containers": [ - { - "name": "${APPLICATION_NAME}", - "image": "${APPLICATION_NAME}", - "imagePullPolicy": "Always", - "volumeMounts": [ - { - "name": "eap-keystore-volume", - "mountPath": "/etc/eap-secret-volume", - "readOnly": true - } - ], - "readinessProbe": { - "exec": { - "command": [ - "/bin/bash", - "-c", - "/opt/eap/bin/readinessProbe.sh" - ] - } - }, - "ports": [ - { - "name": "http", - "containerPort": 8080, - "protocol": "TCP" - }, - { - "name": "https", - "containerPort": 8443, - "protocol": "TCP" - }, - { - "name": "ping", - "containerPort": 8888, - "protocol": "TCP" - } - ], - "env": [ - { - "name": "DB_SERVICE_PREFIX_MAPPING", - "value": "${APPLICATION_NAME}-postgresql=DB" - }, - { - "name": "DB_JNDI", - "value": "${DB_JNDI}" - }, - { - "name": "DB_USERNAME", - "value": "${DB_USERNAME}" - }, - { - "name": "DB_PASSWORD", - "value": "${DB_PASSWORD}" - }, - { - "name": "DB_DATABASE", - "value": "${DB_DATABASE}" - }, - { - "name": "TX_DATABASE_PREFIX_MAPPING", - "value": "${APPLICATION_NAME}-postgresql=DB" - }, - { - "name": "DB_MIN_POOL_SIZE", - "value": "${DB_MIN_POOL_SIZE}" - }, - { - "name": "DB_MAX_POOL_SIZE", - "value": "${DB_MAX_POOL_SIZE}" - }, - { - "name": "DB_TX_ISOLATION", - "value": "${DB_TX_ISOLATION}" - }, - { - "name": "OPENSHIFT_DNS_PING_SERVICE_NAME", - "value": "${APPLICATION_NAME}-ping" - }, - { - "name": "OPENSHIFT_DNS_PING_SERVICE_PORT", - "value": "8888" - }, - { - "name": "EAP_HTTPS_KEYSTORE_DIR", - "value": "/etc/eap-secret-volume" - }, - { - "name": "EAP_HTTPS_KEYSTORE", - "value": "${EAP_HTTPS_KEYSTORE}" - }, - { - "name": "EAP_HTTPS_NAME", - "value": "${EAP_HTTPS_NAME}" - }, - { - "name": "EAP_HTTPS_PASSWORD", - "value": "${EAP_HTTPS_PASSWORD}" - }, - { - "name": "HORNETQ_CLUSTER_PASSWORD", - "value": "${HORNETQ_CLUSTER_PASSWORD}" - }, - { - "name": "HORNETQ_QUEUES", - "value": "${HORNETQ_QUEUES}" - }, - { - "name": "HORNETQ_TOPICS", - "value": "${HORNETQ_TOPICS}" - } - ] - } - ], - "volumes": [ - { - "name": "eap-keystore-volume", - "secret": { - "secretName": "${EAP_HTTPS_SECRET}" - } - } - ] - } - } - } - }, - { - "kind": "DeploymentConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}-postgresql", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "strategy": { - "type": "Recreate" - }, - "triggers": [ - { - "type": "ImageChange", - "imageChangeParams": { - "automatic": true, - "containerNames": [ - "${APPLICATION_NAME}-postgresql" - ], - "from": { - "kind": "ImageStreamTag", - "namespace": "openshift", - "name": "postgresql:latest" - } - } - } - ], - "replicas": 1, - "selector": { - "deploymentConfig": "${APPLICATION_NAME}-postgresql" - }, - "template": { - "metadata": { - "name": "${APPLICATION_NAME}-postgresql", - "labels": { - "deploymentConfig": "${APPLICATION_NAME}-postgresql", - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "containers": [ - { - "name": "${APPLICATION_NAME}-postgresql", - "image": "postgresql", - "imagePullPolicy": "Always", - "ports": [ - { - "containerPort": 5432, - "protocol": "TCP" - } - ], - "volumeMounts": [ - { - "mountPath": "/var/lib/pgsql/data", - "name": "${APPLICATION_NAME}-postgresql-pvol" - } - ], - "env": [ - { - "name": "POSTGRESQL_USER", - "value": "${DB_USERNAME}" - }, - { - "name": "POSTGRESQL_PASSWORD", - "value": "${DB_PASSWORD}" - }, - { - "name": "POSTGRESQL_DATABASE", - "value": "${DB_DATABASE}" - }, - { - "name": "POSTGRESQL_MAX_CONNECTIONS", - "value": "${POSTGRESQL_MAX_CONNECTIONS}" - }, - { - "name": "POSTGRESQL_SHARED_BUFFERS", - "value": "${POSTGRESQL_SHARED_BUFFERS}" - } - ] - } - ], - "volumes": [ - { - "name": "${APPLICATION_NAME}-postgresql-pvol", - "persistentVolumeClaim": { - "claimName": "${APPLICATION_NAME}-postgresql-claim" - } - } - ] - } - } - } - }, - { - "apiVersion": "v1", - "kind": "PersistentVolumeClaim", - "metadata": { - "name": "${APPLICATION_NAME}-postgresql-claim", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "accessModes": [ "ReadWriteOnce" ], - "resources": { - "requests": { - "storage": "${VOLUME_CAPACITY}" - } - } - } - } - ] -} diff --git a/roles/openshift_examples/files/examples/xpaas-templates/eap6-postgresql-sti.json b/roles/openshift_examples/files/examples/xpaas-templates/eap6-postgresql-sti.json deleted file mode 100644 index 9d660cb42..000000000 --- a/roles/openshift_examples/files/examples/xpaas-templates/eap6-postgresql-sti.json +++ /dev/null @@ -1,590 +0,0 @@ -{ - "kind": "Template", - "apiVersion": "v1", - "metadata": { - "annotations": { - "description": "Application template for EAP 6 PostgreSQL applications built using STI.", - "iconClass" : "icon-jboss" - }, - "name": "eap6-postgresql-sti" - }, - "labels": { - "template": "eap6-postgresql-sti" - }, - "parameters": [ - { - "description": "EAP Release version, e.g. 6.4, etc.", - "name": "EAP_RELEASE", - "value": "6.4" - }, - { - "description": "The name for the application.", - "name": "APPLICATION_NAME", - "value": "eap-app" - }, - { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", - "name": "APPLICATION_HOSTNAME", - "value": "" - }, - { - "description": "Git source URI for application", - "name": "GIT_URI" - }, - { - "description": "Git branch/tag reference", - "name": "GIT_REF", - "value": "master" - }, - { - "description": "Path within Git project to build; empty for root project directory.", - "name": "GIT_CONTEXT_DIR", - "value": "" - }, - { - "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql", - "name": "DB_JNDI", - "value": "" - }, - { - "description": "Database name", - "name": "DB_DATABASE", - "value": "root" - }, - { - "description": "Queue names", - "name": "HORNETQ_QUEUES", - "value": "" - }, - { - "description": "Topic names", - "name": "HORNETQ_TOPICS", - "value": "" - }, - { - "description": "The name of the secret containing the keystore file", - "name": "EAP_HTTPS_SECRET", - "value": "eap-app-secret" - }, - { - "description": "The name of the keystore file within the secret", - "name": "EAP_HTTPS_KEYSTORE", - "value": "keystore.jks" - }, - { - "description": "The name associated with the server certificate", - "name": "EAP_HTTPS_NAME", - "value": "" - }, - { - "description": "The password for the keystore and certificate", - "name": "EAP_HTTPS_PASSWORD", - "value": "" - }, - { - "description": "Sets xa-pool/min-pool-size for the configured datasource.", - "name": "DB_MIN_POOL_SIZE" - }, - { - "description": "Sets xa-pool/max-pool-size for the configured datasource.", - "name": "DB_MAX_POOL_SIZE" - }, - { - "description": "Sets transaction-isolation for the configured datasource.", - "name": "DB_TX_ISOLATION" - }, - { - "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.", - "name": "POSTGRESQL_MAX_CONNECTIONS" - }, - { - "description": "Configures how much memory is dedicated to PostgreSQL for caching data.", - "name": "POSTGRESQL_SHARED_BUFFERS" - }, - { - "description": "HornetQ cluster admin password", - "name": "HORNETQ_CLUSTER_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Database user name", - "name": "DB_USERNAME", - "from": "user[a-zA-Z0-9]{3}", - "generate": "expression" - }, - { - "description": "Database user password", - "name": "DB_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Github trigger secret", - "name": "GITHUB_TRIGGER_SECRET", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Generic build trigger secret", - "name": "GENERIC_TRIGGER_SECRET", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - } - ], - "objects": [ - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 8080, - "targetPort": 8080 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The web server's http port." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 8443, - "targetPort": 8443 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - } - }, - "metadata": { - "name": "secure-${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The web server's https port." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 8888, - "targetPort": 8888 - } - ], - "portalIP": "None", - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}-ping", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "Ping service for clustered applications." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 5432, - "targetPort": 5432 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}-postgresql" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}-postgresql", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The database server's port." - } - } - }, - { - "kind": "Route", - "apiVersion": "v1", - "id": "${APPLICATION_NAME}-http-route", - "metadata": { - "name": "${APPLICATION_NAME}-http-route", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "Route for application's http service." - } - }, - "spec": { - "host": "${APPLICATION_HOSTNAME}", - "to": { - "name": "${APPLICATION_NAME}" - } - } - }, - { - "kind": "Route", - "apiVersion": "v1", - "id": "${APPLICATION_NAME}-https-route", - "metadata": { - "name": "${APPLICATION_NAME}-https-route", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "Route for application's https service." - } - }, - "spec": { - "host": "${APPLICATION_HOSTNAME}", - "to": { - "name": "secure-${APPLICATION_NAME}" - }, - "tls": { - "termination" : "passthrough" - } - } - }, - { - "kind": "ImageStream", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - } - }, - { - "kind": "BuildConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "source": { - "type": "Git", - "git": { - "uri": "${GIT_URI}", - "ref": "${GIT_REF}" - }, - "contextDir":"${GIT_CONTEXT_DIR}" - }, - "strategy": { - "type": "Source", - "sourceStrategy": { - "from": { - "kind": "ImageStreamTag", - "namespace": "openshift", - "name": "jboss-eap6-openshift:${EAP_RELEASE}" - } - } - }, - "output": { - "to": { - "kind": "ImageStreamTag", - "name": "${APPLICATION_NAME}:latest" - } - }, - "triggers": [ - { - "type": "GitHub", - "github": { - "secret": "${GITHUB_TRIGGER_SECRET}" - } - }, - { - "type": "Generic", - "generic": { - "secret": "${GENERIC_TRIGGER_SECRET}" - } - }, - { - "type": "ImageChange", - "imageChange": {} - } - ] - } - }, - { - "kind": "DeploymentConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "strategy": { - "type": "Recreate" - }, - "triggers": [ - { - "type": "ImageChange", - "imageChangeParams": { - "automatic": true, - "containerNames": [ - "${APPLICATION_NAME}" - ], - "from": { - "kind": "ImageStream", - "name": "${APPLICATION_NAME}" - } - } - } - ], - "replicas": 1, - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - }, - "template": { - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "deploymentConfig": "${APPLICATION_NAME}", - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "serviceAccount": "eap-service-account", - "containers": [ - { - "name": "${APPLICATION_NAME}", - "image": "${APPLICATION_NAME}", - "imagePullPolicy": "Always", - "volumeMounts": [ - { - "name": "eap-keystore-volume", - "mountPath": "/etc/eap-secret-volume", - "readOnly": true - } - ], - "readinessProbe": { - "exec": { - "command": [ - "/bin/bash", - "-c", - "/opt/eap/bin/readinessProbe.sh" - ] - } - }, - "ports": [ - { - "name": "http", - "containerPort": 8080, - "protocol": "TCP" - }, - { - "name": "https", - "containerPort": 8443, - "protocol": "TCP" - }, - { - "name": "ping", - "containerPort": 8888, - "protocol": "TCP" - } - ], - "env": [ - { - "name": "DB_SERVICE_PREFIX_MAPPING", - "value": "${APPLICATION_NAME}-postgresql=DB" - }, - { - "name": "DB_JNDI", - "value": "${DB_JNDI}" - }, - { - "name": "DB_USERNAME", - "value": "${DB_USERNAME}" - }, - { - "name": "DB_PASSWORD", - "value": "${DB_PASSWORD}" - }, - { - "name": "DB_DATABASE", - "value": "${DB_DATABASE}" - }, - { - "name": "TX_DATABASE_PREFIX_MAPPING", - "value": "${APPLICATION_NAME}-postgresql=DB" - }, - { - "name": "DB_MIN_POOL_SIZE", - "value": "${DB_MIN_POOL_SIZE}" - }, - { - "name": "DB_MAX_POOL_SIZE", - "value": "${DB_MAX_POOL_SIZE}" - }, - { - "name": "DB_TX_ISOLATION", - "value": "${DB_TX_ISOLATION}" - }, - { - "name": "OPENSHIFT_DNS_PING_SERVICE_NAME", - "value": "${APPLICATION_NAME}-ping" - }, - { - "name": "OPENSHIFT_DNS_PING_SERVICE_PORT", - "value": "8888" - }, - { - "name": "EAP_HTTPS_KEYSTORE_DIR", - "value": "/etc/eap-secret-volume" - }, - { - "name": "EAP_HTTPS_KEYSTORE", - "value": "${EAP_HTTPS_KEYSTORE}" - }, - { - "name": "EAP_HTTPS_NAME", - "value": "${EAP_HTTPS_NAME}" - }, - { - "name": "EAP_HTTPS_PASSWORD", - "value": "${EAP_HTTPS_PASSWORD}" - }, - { - "name": "HORNETQ_CLUSTER_PASSWORD", - "value": "${HORNETQ_CLUSTER_PASSWORD}" - }, - { - "name": "HORNETQ_QUEUES", - "value": "${HORNETQ_QUEUES}" - }, - { - "name": "HORNETQ_TOPICS", - "value": "${HORNETQ_TOPICS}" - } - ] - } - ], - "volumes": [ - { - "name": "eap-keystore-volume", - "secret": { - "secretName": "${EAP_HTTPS_SECRET}" - } - } - ] - } - } - } - }, - { - "kind": "DeploymentConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}-postgresql", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "strategy": { - "type": "Recreate" - }, - "triggers": [ - { - "type": "ImageChange", - "imageChangeParams": { - "automatic": true, - "containerNames": [ - "${APPLICATION_NAME}-postgresql" - ], - "from": { - "kind": "ImageStreamTag", - "namespace": "openshift", - "name": "postgresql:latest" - } - } - } - ], - "replicas": 1, - "selector": { - "deploymentConfig": "${APPLICATION_NAME}-postgresql" - }, - "template": { - "metadata": { - "name": "${APPLICATION_NAME}-postgresql", - "labels": { - "deploymentConfig": "${APPLICATION_NAME}-postgresql", - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "containers": [ - { - "name": "${APPLICATION_NAME}-postgresql", - "image": "postgresql", - "imagePullPolicy": "Always", - "ports": [ - { - "containerPort": 5432, - "protocol": "TCP" - } - ], - "env": [ - { - "name": "POSTGRESQL_USER", - "value": "${DB_USERNAME}" - }, - { - "name": "POSTGRESQL_PASSWORD", - "value": "${DB_PASSWORD}" - }, - { - "name": "POSTGRESQL_DATABASE", - "value": "${DB_DATABASE}" - }, - { - "name": "POSTGRESQL_MAX_CONNECTIONS", - "value": "${POSTGRESQL_MAX_CONNECTIONS}" - }, - { - "name": "POSTGRESQL_SHARED_BUFFERS", - "value": "${POSTGRESQL_SHARED_BUFFERS}" - } - ] - } - ] - } - } - } - } - ] -} diff --git a/roles/openshift_examples/files/examples/xpaas-templates/eap64-amq-persistent-s2i.json b/roles/openshift_examples/files/examples/xpaas-templates/eap64-amq-persistent-s2i.json new file mode 100644 index 000000000..2fc3b5b25 --- /dev/null +++ b/roles/openshift_examples/files/examples/xpaas-templates/eap64-amq-persistent-s2i.json @@ -0,0 +1,659 @@ +{ + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "annotations": { + "description": "Application template for EAP 6 A-MQ applications with persistent storage built using S2I.", + "iconClass": "icon-jboss", + "tags": "eap,amq,javaee,java,messaging,jboss,xpaas", + "version": "1.1.0" + }, + "name": "eap64-amq-persistent-s2i" + }, + "labels": { + "template": "eap64-amq-persistent-s2i", + "xpaas": "1.1.0" + }, + "parameters": [ + { + "description": "The name for the application.", + "name": "APPLICATION_NAME", + "value": "eap-app", + "required": true + }, + { + "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", + "name": "APPLICATION_DOMAIN", + "value": "", + "required": false + }, + { + "description": "Git source URI for application", + "name": "SOURCE_REPOSITORY_URL", + "value": "https://github.com/jboss-openshift/openshift-quickstarts.git", + "required": true + }, + { + "description": "Git branch/tag reference", + "name": "SOURCE_REPOSITORY_REF", + "value": "1.1", + "required": false + }, + { + "description": "Path within Git project to build; empty for root project directory.", + "name": "CONTEXT_DIR", + "value": "helloworld-mdb", + "required": false + }, + { + "description": "Size of persistent storage for database volume.", + "name": "VOLUME_CAPACITY", + "value": "512Mi", + "required": true + }, + { + "description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/ConnectionFactory", + "name": "MQ_JNDI", + "value": "java:/ConnectionFactory", + "required": false + }, + { + "description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.", + "name": "MQ_PROTOCOL", + "value": "openwire", + "required": false + }, + { + "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.", + "name": "MQ_QUEUES", + "value": "HELLOWORLDMDBQueue", + "required": false + }, + { + "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.", + "name": "MQ_TOPICS", + "value": "HELLOWORLDMDBTopic", + "required": false + }, + { + "description": "The name of the secret containing the keystore file", + "name": "EAP_HTTPS_SECRET", + "value": "eap-app-secret", + "required": false + }, + { + "description": "The name of the keystore file within the secret", + "name": "EAP_HTTPS_KEYSTORE", + "value": "keystore.jks", + "required": false + }, + { + "description": "The name associated with the server certificate", + "name": "EAP_HTTPS_NAME", + "value": "", + "required": false + }, + { + "description": "The password for the keystore and certificate", + "name": "EAP_HTTPS_PASSWORD", + "value": "", + "required": false + }, + { + "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.", + "name": "MQ_USERNAME", + "from": "user[a-zA-Z0-9]{3}", + "generate": "expression", + "required": false + }, + { + "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.", + "name": "MQ_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": false + }, + { + "description": "User name for broker admin. If left empty, it will be generated.", + "name": "AMQ_ADMIN_USERNAME", + "from": "user[a-zA-Z0-9]{3}", + "generate": "expression", + "required": true + }, + { + "description": "Password for broker admin. If left empty, it will be generated.", + "name": "AMQ_ADMIN_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "GitHub trigger secret", + "name": "GITHUB_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Generic build trigger secret", + "name": "GENERIC_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.", + "name": "IMAGE_STREAM_NAMESPACE", + "value": "openshift", + "required": true + } + ], + "objects": [ + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8080, + "targetPort": 8080 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's HTTP port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8443, + "targetPort": 8443 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's HTTPS port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 61616, + "targetPort": 61616 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-amq" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-amq-tcp", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The broker's OpenWire port." + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-http", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's HTTP service." + } + }, + "spec": { + "host": "${APPLICATION_DOMAIN}", + "to": { + "name": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-https", + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's HTTPS service." + } + }, + "spec": { + "host": "${APPLICATION_DOMAIN}", + "to": { + "name": "secure-${APPLICATION_NAME}" + }, + "tls": { + "termination": "passthrough" + } + } + }, + { + "kind": "ImageStream", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "BuildConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "source": { + "type": "Git", + "git": { + "uri": "${SOURCE_REPOSITORY_URL}", + "ref": "${SOURCE_REPOSITORY_REF}" + }, + "contextDir": "${CONTEXT_DIR}" + }, + "strategy": { + "type": "Source", + "sourceStrategy": { + "forcePull": true, + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "jboss-eap64-openshift:1.1" + } + } + }, + "output": { + "to": { + "kind": "ImageStreamTag", + "name": "${APPLICATION_NAME}:latest" + } + }, + "triggers": [ + { + "type": "GitHub", + "github": { + "secret": "${GITHUB_WEBHOOK_SECRET}" + } + }, + { + "type": "Generic", + "generic": { + "secret": "${GENERIC_WEBHOOK_SECRET}" + } + }, + { + "type": "ImageChange", + "imageChange": {} + }, + { + "type": "ConfigChange" + } + ] + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}" + ], + "from": { + "kind": "ImageStream", + "name": "${APPLICATION_NAME}" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "serviceAccount": "eap-service-account", + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}", + "image": "${APPLICATION_NAME}", + "imagePullPolicy": "Always", + "volumeMounts": [ + { + "name": "eap-keystore-volume", + "mountPath": "/etc/eap-secret-volume", + "readOnly": true + } + ], + "readinessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/eap/bin/readinessProbe.sh" + ] + } + }, + "ports": [ + { + "name": "http", + "containerPort": 8080, + "protocol": "TCP" + }, + { + "name": "https", + "containerPort": 8443, + "protocol": "TCP" + }, + { + "name": "ping", + "containerPort": 8888, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "MQ_SERVICE_PREFIX_MAPPING", + "value": "${APPLICATION_NAME}-amq=MQ" + }, + { + "name": "MQ_JNDI", + "value": "${MQ_JNDI}" + }, + { + "name": "MQ_USERNAME", + "value": "${MQ_USERNAME}" + }, + { + "name": "MQ_PASSWORD", + "value": "${MQ_PASSWORD}" + }, + { + "name": "MQ_PROTOCOL", + "value": "tcp" + }, + { + "name": "MQ_QUEUES", + "value": "${MQ_QUEUES}" + }, + { + "name": "MQ_TOPICS", + "value": "${MQ_TOPICS}" + }, + { + "name": "OPENSHIFT_KUBE_PING_LABELS", + "value": "application=${APPLICATION_NAME}" + }, + { + "name": "OPENSHIFT_KUBE_PING_NAMESPACE", + "valueFrom": { + "fieldRef": { + "fieldPath": "metadata.namespace" + } + } + }, + { + "name": "EAP_HTTPS_KEYSTORE_DIR", + "value": "/etc/eap-secret-volume" + }, + { + "name": "EAP_HTTPS_KEYSTORE", + "value": "${EAP_HTTPS_KEYSTORE}" + }, + { + "name": "EAP_HTTPS_NAME", + "value": "${EAP_HTTPS_NAME}" + }, + { + "name": "EAP_HTTPS_PASSWORD", + "value": "${EAP_HTTPS_PASSWORD}" + } + ] + } + ], + "volumes": [ + { + "name": "eap-keystore-volume", + "secret": { + "secretName": "${EAP_HTTPS_SECRET}" + } + } + ] + } + } + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}-amq", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}-amq" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "jboss-amq-62:1.1" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-amq" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}-amq", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}-amq", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}-amq", + "image": "jboss-amq-62", + "imagePullPolicy": "Always", + "readinessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "curl -s -L -u ${AMQ_ADMIN_USERNAME}:${AMQ_ADMIN_PASSWORD} 'http://localhost:8161/hawtio/jolokia/read/org.apache.activemq:type=Broker,brokerName=*,service=Health/CurrentStatus' | grep -q '\"CurrentStatus\" *: *\"Good\"'" + ] + } + }, + "ports": [ + { + "name": "amqp", + "containerPort": 5672, + "protocol": "TCP" + }, + { + "name": "amqp-ssl", + "containerPort": 5671, + "protocol": "TCP" + }, + { + "name": "mqtt", + "containerPort": 1883, + "protocol": "TCP" + }, + { + "name": "stomp", + "containerPort": 61613, + "protocol": "TCP" + }, + { + "name": "stomp-ssl", + "containerPort": 61612, + "protocol": "TCP" + }, + { + "name": "tcp", + "containerPort": 61616, + "protocol": "TCP" + }, + { + "name": "tcp-ssl", + "containerPort": 61617, + "protocol": "TCP" + } + ], + "volumeMounts": [ + { + "mountPath": "/opt/amq/data/kahadb", + "name": "${APPLICATION_NAME}-amq-pvol" + } + ], + "env": [ + { + "name": "AMQ_USER", + "value": "${MQ_USERNAME}" + }, + { + "name": "AMQ_PASSWORD", + "value": "${MQ_PASSWORD}" + }, + { + "name": "AMQ_TRANSPORTS", + "value": "${MQ_PROTOCOL}" + }, + { + "name": "AMQ_QUEUES", + "value": "${MQ_QUEUES}" + }, + { + "name": "AMQ_TOPICS", + "value": "${MQ_TOPICS}" + }, + { + "name": "AMQ_ADMIN_USERNAME", + "value": "${AMQ_ADMIN_USERNAME}" + }, + { + "name": "AMQ_ADMIN_PASSWORD", + "value": "${AMQ_ADMIN_PASSWORD}" + } + ] + } + ], + "volumes": [ + { + "name": "${APPLICATION_NAME}-amq-pvol", + "persistentVolumeClaim": { + "claimName": "${APPLICATION_NAME}-amq-claim" + } + } + ] + } + } + } + }, + { + "apiVersion": "v1", + "kind": "PersistentVolumeClaim", + "metadata": { + "name": "${APPLICATION_NAME}-amq-claim", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "accessModes": [ + "ReadWriteOnce" + ], + "resources": { + "requests": { + "storage": "${VOLUME_CAPACITY}" + } + } + } + } + ] +} diff --git a/roles/openshift_examples/files/examples/xpaas-templates/eap64-amq-s2i.json b/roles/openshift_examples/files/examples/xpaas-templates/eap64-amq-s2i.json new file mode 100644 index 000000000..a420bb1ea --- /dev/null +++ b/roles/openshift_examples/files/examples/xpaas-templates/eap64-amq-s2i.json @@ -0,0 +1,619 @@ +{ + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "annotations": { + "description": "Application template for EAP 6 A-MQ applications built using S2I.", + "iconClass": "icon-jboss", + "tags": "eap,amq,javaee,java,messaging,jboss,xpaas", + "version": "1.1.0" + }, + "name": "eap64-amq-s2i" + }, + "labels": { + "template": "eap64-amq-s2i", + "xpaas": "1.1.0" + }, + "parameters": [ + { + "description": "The name for the application.", + "name": "APPLICATION_NAME", + "value": "eap-app", + "required": true + }, + { + "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", + "name": "APPLICATION_DOMAIN", + "value": "", + "required": false + }, + { + "description": "Git source URI for application", + "name": "SOURCE_REPOSITORY_URL", + "value": "https://github.com/jboss-openshift/openshift-quickstarts.git", + "required": true + }, + { + "description": "Git branch/tag reference", + "name": "SOURCE_REPOSITORY_REF", + "value": "1.1", + "required": false + }, + { + "description": "Path within Git project to build; empty for root project directory.", + "name": "CONTEXT_DIR", + "value": "helloworld-mdb", + "required": false + }, + { + "description": "JNDI name for connection factory used by applications to connect to the broker, e.g. java:/ConnectionFactory", + "name": "MQ_JNDI", + "value": "java:/ConnectionFactory", + "required": false + }, + { + "description": "Broker protocols to configure, separated by commas. Allowed values are: `openwire`, `amqp`, `stomp` and `mqtt`. Only `openwire` is supported by EAP.", + "name": "MQ_PROTOCOL", + "value": "openwire", + "required": false + }, + { + "description": "Queue names, separated by commas. These queues will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.", + "name": "MQ_QUEUES", + "value": "HELLOWORLDMDBQueue", + "required": false + }, + { + "description": "Topic names, separated by commas. These topics will be automatically created when the broker starts. Also, they will be made accessible as JNDI resources in EAP.", + "name": "MQ_TOPICS", + "value": "HELLOWORLDMDBTopic", + "required": false + }, + { + "description": "The name of the secret containing the keystore file", + "name": "EAP_HTTPS_SECRET", + "value": "eap-app-secret", + "required": false + }, + { + "description": "The name of the keystore file within the secret", + "name": "EAP_HTTPS_KEYSTORE", + "value": "keystore.jks", + "required": false + }, + { + "description": "The name associated with the server certificate", + "name": "EAP_HTTPS_NAME", + "value": "", + "required": false + }, + { + "description": "The password for the keystore and certificate", + "name": "EAP_HTTPS_PASSWORD", + "value": "", + "required": false + }, + { + "description": "User name for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.", + "name": "MQ_USERNAME", + "from": "user[a-zA-Z0-9]{3}", + "generate": "expression", + "required": false + }, + { + "description": "Password for standard broker user. It is required for connecting to the broker. If left empty, it will be generated.", + "name": "MQ_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": false + }, + { + "description": "User name for broker admin. If left empty, it will be generated.", + "name": "AMQ_ADMIN_USERNAME", + "from": "user[a-zA-Z0-9]{3}", + "generate": "expression", + "required": true + }, + { + "description": "Password for broker admin. If left empty, it will be generated.", + "name": "AMQ_ADMIN_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "GitHub trigger secret", + "name": "GITHUB_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Generic build trigger secret", + "name": "GENERIC_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.", + "name": "IMAGE_STREAM_NAMESPACE", + "value": "openshift", + "required": true + } + ], + "objects": [ + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8080, + "targetPort": 8080 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's HTTP port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8443, + "targetPort": 8443 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's HTTPS port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 61616, + "targetPort": 61616 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-amq" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-amq-tcp", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The broker's OpenWire port." + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-http", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's HTTP service." + } + }, + "spec": { + "host": "${APPLICATION_DOMAIN}", + "to": { + "name": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-https", + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's HTTPS service." + } + }, + "spec": { + "host": "${APPLICATION_DOMAIN}", + "to": { + "name": "secure-${APPLICATION_NAME}" + }, + "tls": { + "termination": "passthrough" + } + } + }, + { + "kind": "ImageStream", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "BuildConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "source": { + "type": "Git", + "git": { + "uri": "${SOURCE_REPOSITORY_URL}", + "ref": "${SOURCE_REPOSITORY_REF}" + }, + "contextDir": "${CONTEXT_DIR}" + }, + "strategy": { + "type": "Source", + "sourceStrategy": { + "forcePull": true, + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "jboss-eap64-openshift:1.1" + } + } + }, + "output": { + "to": { + "kind": "ImageStreamTag", + "name": "${APPLICATION_NAME}:latest" + } + }, + "triggers": [ + { + "type": "GitHub", + "github": { + "secret": "${GITHUB_WEBHOOK_SECRET}" + } + }, + { + "type": "Generic", + "generic": { + "secret": "${GENERIC_WEBHOOK_SECRET}" + } + }, + { + "type": "ImageChange", + "imageChange": {} + }, + { + "type": "ConfigChange" + } + ] + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}" + ], + "from": { + "kind": "ImageStream", + "name": "${APPLICATION_NAME}" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "serviceAccount": "eap-service-account", + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}", + "image": "${APPLICATION_NAME}", + "imagePullPolicy": "Always", + "volumeMounts": [ + { + "name": "eap-keystore-volume", + "mountPath": "/etc/eap-secret-volume", + "readOnly": true + } + ], + "readinessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/eap/bin/readinessProbe.sh" + ] + } + }, + "ports": [ + { + "name": "http", + "containerPort": 8080, + "protocol": "TCP" + }, + { + "name": "https", + "containerPort": 8443, + "protocol": "TCP" + }, + { + "name": "ping", + "containerPort": 8888, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "MQ_SERVICE_PREFIX_MAPPING", + "value": "${APPLICATION_NAME}-amq=MQ" + }, + { + "name": "MQ_JNDI", + "value": "${MQ_JNDI}" + }, + { + "name": "MQ_USERNAME", + "value": "${MQ_USERNAME}" + }, + { + "name": "MQ_PASSWORD", + "value": "${MQ_PASSWORD}" + }, + { + "name": "MQ_PROTOCOL", + "value": "tcp" + }, + { + "name": "MQ_QUEUES", + "value": "${MQ_QUEUES}" + }, + { + "name": "MQ_TOPICS", + "value": "${MQ_TOPICS}" + }, + { + "name": "OPENSHIFT_KUBE_PING_LABELS", + "value": "application=${APPLICATION_NAME}" + }, + { + "name": "OPENSHIFT_KUBE_PING_NAMESPACE", + "valueFrom": { + "fieldRef": { + "fieldPath": "metadata.namespace" + } + } + }, + { + "name": "EAP_HTTPS_KEYSTORE_DIR", + "value": "/etc/eap-secret-volume" + }, + { + "name": "EAP_HTTPS_KEYSTORE", + "value": "${EAP_HTTPS_KEYSTORE}" + }, + { + "name": "EAP_HTTPS_NAME", + "value": "${EAP_HTTPS_NAME}" + }, + { + "name": "EAP_HTTPS_PASSWORD", + "value": "${EAP_HTTPS_PASSWORD}" + } + ] + } + ], + "volumes": [ + { + "name": "eap-keystore-volume", + "secret": { + "secretName": "${EAP_HTTPS_SECRET}" + } + } + ] + } + } + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}-amq", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}-amq" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "jboss-amq-62:1.1" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-amq" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}-amq", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}-amq", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}-amq", + "image": "jboss-amq-62", + "imagePullPolicy": "Always", + "readinessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "curl -s -L -u ${AMQ_ADMIN_USERNAME}:${AMQ_ADMIN_PASSWORD} 'http://localhost:8161/hawtio/jolokia/read/org.apache.activemq:type=Broker,brokerName=*,service=Health/CurrentStatus' | grep -q '\"CurrentStatus\" *: *\"Good\"'" + ] + } + }, + "ports": [ + { + "name": "amqp", + "containerPort": 5672, + "protocol": "TCP" + }, + { + "name": "amqp-ssl", + "containerPort": 5671, + "protocol": "TCP" + }, + { + "name": "mqtt", + "containerPort": 1883, + "protocol": "TCP" + }, + { + "name": "stomp", + "containerPort": 61613, + "protocol": "TCP" + }, + { + "name": "stomp-ssl", + "containerPort": 61612, + "protocol": "TCP" + }, + { + "name": "tcp", + "containerPort": 61616, + "protocol": "TCP" + }, + { + "name": "tcp-ssl", + "containerPort": 61617, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "AMQ_USER", + "value": "${MQ_USERNAME}" + }, + { + "name": "AMQ_PASSWORD", + "value": "${MQ_PASSWORD}" + }, + { + "name": "AMQ_TRANSPORTS", + "value": "${MQ_PROTOCOL}" + }, + { + "name": "AMQ_QUEUES", + "value": "${MQ_QUEUES}" + }, + { + "name": "AMQ_TOPICS", + "value": "${MQ_TOPICS}" + }, + { + "name": "AMQ_ADMIN_USERNAME", + "value": "${AMQ_ADMIN_USERNAME}" + }, + { + "name": "AMQ_ADMIN_PASSWORD", + "value": "${AMQ_ADMIN_PASSWORD}" + } + ] + } + ] + } + } + } + } + ] +} diff --git a/roles/openshift_examples/files/examples/xpaas-templates/eap64-basic-s2i.json b/roles/openshift_examples/files/examples/xpaas-templates/eap64-basic-s2i.json new file mode 100644 index 000000000..3f90eb8be --- /dev/null +++ b/roles/openshift_examples/files/examples/xpaas-templates/eap64-basic-s2i.json @@ -0,0 +1,305 @@ +{ + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "annotations": { + "iconClass": "icon-jboss", + "description": "Application template for EAP 6 applications built using S2I.", + "tags": "eap,javaee,java,jboss,xpaas", + "version": "1.1.0" + }, + "name": "eap64-basic-s2i" + }, + "labels": { + "template": "eap64-basic-s2i", + "xpaas": "1.1.0" + }, + "parameters": [ + { + "description": "The name for the application.", + "name": "APPLICATION_NAME", + "value": "eap-app", + "required": true + }, + { + "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", + "name": "APPLICATION_DOMAIN", + "value": "", + "required": false + }, + { + "description": "Git source URI for application", + "name": "SOURCE_REPOSITORY_URL", + "value": "https://github.com/jboss-developer/jboss-eap-quickstarts", + "required": true + }, + { + "description": "Git branch/tag reference", + "name": "SOURCE_REPOSITORY_REF", + "value": "6.4.x", + "required": false + }, + { + "description": "Path within Git project to build; empty for root project directory.", + "name": "CONTEXT_DIR", + "value": "kitchensink", + "required": false + }, + { + "description": "Queue names", + "name": "HORNETQ_QUEUES", + "value": "", + "required": false + }, + { + "description": "Topic names", + "name": "HORNETQ_TOPICS", + "value": "", + "required": false + }, + { + "description": "HornetQ cluster admin password", + "name": "HORNETQ_CLUSTER_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "GitHub trigger secret", + "name": "GITHUB_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Generic build trigger secret", + "name": "GENERIC_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.", + "name": "IMAGE_STREAM_NAMESPACE", + "value": "openshift", + "required": true + } + ], + "objects": [ + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8080, + "targetPort": 8080 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's http port." + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-http", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's http service." + } + }, + "spec": { + "host": "${APPLICATION_DOMAIN}", + "to": { + "name": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "ImageStream", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "BuildConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "source": { + "type": "Git", + "git": { + "uri": "${SOURCE_REPOSITORY_URL}", + "ref": "${SOURCE_REPOSITORY_REF}" + }, + "contextDir": "${CONTEXT_DIR}" + }, + "strategy": { + "type": "Source", + "sourceStrategy": { + "forcePull": true, + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "jboss-eap64-openshift:1.1" + } + } + }, + "output": { + "to": { + "kind": "ImageStreamTag", + "name": "${APPLICATION_NAME}:latest" + } + }, + "triggers": [ + { + "type": "GitHub", + "github": { + "secret": "${GITHUB_WEBHOOK_SECRET}" + } + }, + { + "type": "Generic", + "generic": { + "secret": "${GENERIC_WEBHOOK_SECRET}" + } + }, + { + "type": "ImageChange", + "imageChange": {} + }, + { + "type": "ConfigChange" + } + ] + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}" + ], + "from": { + "kind": "ImageStream", + "name": "${APPLICATION_NAME}" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}", + "image": "${APPLICATION_NAME}", + "imagePullPolicy": "Always", + "readinessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/eap/bin/readinessProbe.sh" + ] + } + }, + "ports": [ + { + "name": "http", + "containerPort": 8080, + "protocol": "TCP" + }, + { + "name": "ping", + "containerPort": 8888, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "OPENSHIFT_KUBE_PING_LABELS", + "value": "application=${APPLICATION_NAME}" + }, + { + "name": "OPENSHIFT_KUBE_PING_NAMESPACE", + "valueFrom": { + "fieldRef": { + "fieldPath": "metadata.namespace" + } + } + }, + { + "name": "HORNETQ_CLUSTER_PASSWORD", + "value": "${HORNETQ_CLUSTER_PASSWORD}" + }, + { + "name": "HORNETQ_QUEUES", + "value": "${HORNETQ_QUEUES}" + }, + { + "name": "HORNETQ_TOPICS", + "value": "${HORNETQ_TOPICS}" + } + ] + } + ] + } + } + } + } + ] +} \ No newline at end of file diff --git a/roles/openshift_examples/files/examples/xpaas-templates/eap64-https-s2i.json b/roles/openshift_examples/files/examples/xpaas-templates/eap64-https-s2i.json new file mode 100644 index 000000000..220d2f5b9 --- /dev/null +++ b/roles/openshift_examples/files/examples/xpaas-templates/eap64-https-s2i.json @@ -0,0 +1,413 @@ +{ + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "annotations": { + "iconClass": "icon-jboss", + "description": "Application template for EAP 6 applications built using S2I.", + "tags": "eap,javaee,java,jboss,xpaas", + "version": "1.1.0" + }, + "name": "eap64-https-s2i" + }, + "labels": { + "template": "eap64-https-s2i", + "xpaas": "1.1.0" + }, + "parameters": [ + { + "description": "The name for the application.", + "name": "APPLICATION_NAME", + "value": "eap-app", + "required": true + }, + { + "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", + "name": "APPLICATION_DOMAIN", + "value": "", + "required": false + }, + { + "description": "Git source URI for application", + "name": "SOURCE_REPOSITORY_URL", + "value": "https://github.com/jboss-developer/jboss-eap-quickstarts", + "required": true + }, + { + "description": "Git branch/tag reference", + "name": "SOURCE_REPOSITORY_REF", + "value": "6.4.x", + "required": false + }, + { + "description": "Path within Git project to build; empty for root project directory.", + "name": "CONTEXT_DIR", + "value": "kitchensink", + "required": false + }, + { + "description": "Queue names", + "name": "HORNETQ_QUEUES", + "value": "", + "required": false + }, + { + "description": "Topic names", + "name": "HORNETQ_TOPICS", + "value": "", + "required": false + }, + { + "description": "The name of the secret containing the keystore file", + "name": "EAP_HTTPS_SECRET", + "value": "eap-app-secret", + "required": true + }, + { + "description": "The name of the keystore file within the secret", + "name": "EAP_HTTPS_KEYSTORE", + "value": "keystore.jks", + "required": false + }, + { + "description": "The name associated with the server certificate", + "name": "EAP_HTTPS_NAME", + "value": "", + "required": false + }, + { + "description": "The password for the keystore and certificate", + "name": "EAP_HTTPS_PASSWORD", + "value": "", + "required": false + }, + { + "description": "HornetQ cluster admin password", + "name": "HORNETQ_CLUSTER_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "GitHub trigger secret", + "name": "GITHUB_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Generic build trigger secret", + "name": "GENERIC_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.", + "name": "IMAGE_STREAM_NAMESPACE", + "value": "openshift", + "required": true + } + ], + "objects": [ + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8080, + "targetPort": 8080 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's http port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8443, + "targetPort": 8443 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's https port." + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-http", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's http service." + } + }, + "spec": { + "host": "${APPLICATION_DOMAIN}", + "to": { + "name": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-https", + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's https service." + } + }, + "spec": { + "host": "${APPLICATION_DOMAIN}", + "to": { + "name": "secure-${APPLICATION_NAME}" + }, + "tls": { + "termination": "passthrough" + } + } + }, + { + "kind": "ImageStream", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "BuildConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "source": { + "type": "Git", + "git": { + "uri": "${SOURCE_REPOSITORY_URL}", + "ref": "${SOURCE_REPOSITORY_REF}" + }, + "contextDir": "${CONTEXT_DIR}" + }, + "strategy": { + "type": "Source", + "sourceStrategy": { + "forcePull": true, + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "jboss-eap64-openshift:1.1" + } + } + }, + "output": { + "to": { + "kind": "ImageStreamTag", + "name": "${APPLICATION_NAME}:latest" + } + }, + "triggers": [ + { + "type": "GitHub", + "github": { + "secret": "${GITHUB_WEBHOOK_SECRET}" + } + }, + { + "type": "Generic", + "generic": { + "secret": "${GENERIC_WEBHOOK_SECRET}" + } + }, + { + "type": "ImageChange", + "imageChange": {} + }, + { + "type": "ConfigChange" + } + ] + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}" + ], + "from": { + "kind": "ImageStream", + "name": "${APPLICATION_NAME}" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "serviceAccount": "eap-service-account", + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}", + "image": "${APPLICATION_NAME}", + "imagePullPolicy": "Always", + "volumeMounts": [ + { + "name": "eap-keystore-volume", + "mountPath": "/etc/eap-secret-volume", + "readOnly": true + } + ], + "readinessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/eap/bin/readinessProbe.sh" + ] + } + }, + "ports": [ + { + "name": "http", + "containerPort": 8080, + "protocol": "TCP" + }, + { + "name": "https", + "containerPort": 8443, + "protocol": "TCP" + }, + { + "name": "ping", + "containerPort": 8888, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "OPENSHIFT_KUBE_PING_LABELS", + "value": "application=${APPLICATION_NAME}" + }, + { + "name": "OPENSHIFT_KUBE_PING_NAMESPACE", + "valueFrom": { + "fieldRef": { + "fieldPath": "metadata.namespace" + } + } + }, + { + "name": "EAP_HTTPS_KEYSTORE_DIR", + "value": "/etc/eap-secret-volume" + }, + { + "name": "EAP_HTTPS_KEYSTORE", + "value": "${EAP_HTTPS_KEYSTORE}" + }, + { + "name": "EAP_HTTPS_NAME", + "value": "${EAP_HTTPS_NAME}" + }, + { + "name": "EAP_HTTPS_PASSWORD", + "value": "${EAP_HTTPS_PASSWORD}" + }, + { + "name": "HORNETQ_CLUSTER_PASSWORD", + "value": "${HORNETQ_CLUSTER_PASSWORD}" + }, + { + "name": "HORNETQ_QUEUES", + "value": "${HORNETQ_QUEUES}" + }, + { + "name": "HORNETQ_TOPICS", + "value": "${HORNETQ_TOPICS}" + } + ] + } + ], + "volumes": [ + { + "name": "eap-keystore-volume", + "secret": { + "secretName": "${EAP_HTTPS_SECRET}" + } + } + ] + } + } + } + } + ] +} \ No newline at end of file diff --git a/roles/openshift_examples/files/examples/xpaas-templates/eap64-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/xpaas-templates/eap64-mongodb-persistent-s2i.json new file mode 100644 index 000000000..a1a3a9f2c --- /dev/null +++ b/roles/openshift_examples/files/examples/xpaas-templates/eap64-mongodb-persistent-s2i.json @@ -0,0 +1,669 @@ +{ + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "annotations": { + "description": "Application template for EAP 6 MongDB applications with persistent storage built using S2I.", + "iconClass": "icon-jboss", + "tags": "eap,mongodb,javaee,java,database,jboss,xpaas", + "version": "1.1.0" + }, + "name": "eap64-mongodb-persistent-s2i" + }, + "labels": { + "template": "eap64-mongodb-persistent-s2i", + "xpaas": "1.1.0" + }, + "parameters": [ + { + "description": "The name for the application.", + "name": "APPLICATION_NAME", + "value": "eap-app", + "required": true + }, + { + "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", + "name": "APPLICATION_DOMAIN", + "value": "", + "required": false + }, + { + "description": "Git source URI for application", + "name": "SOURCE_REPOSITORY_URL", + "value": "https://github.com/jboss-openshift/openshift-quickstarts", + "required": true + }, + { + "description": "Git branch/tag reference", + "name": "SOURCE_REPOSITORY_REF", + "value": "1.1", + "required": false + }, + { + "description": "Path within Git project to build; empty for root project directory.", + "name": "CONTEXT_DIR", + "value": "todolist/todolist-mongodb", + "required": false + }, + { + "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb", + "name": "DB_JNDI", + "value": "", + "required": false + }, + { + "description": "Database name", + "name": "DB_DATABASE", + "value": "root", + "required": true + }, + { + "description": "Size of persistent storage for database volume.", + "name": "VOLUME_CAPACITY", + "value": "512Mi", + "required": true + }, + { + "description": "Queue names", + "name": "HORNETQ_QUEUES", + "value": "", + "required": false + }, + { + "description": "Topic names", + "name": "HORNETQ_TOPICS", + "value": "", + "required": false + }, + { + "description": "The name of the secret containing the keystore file", + "name": "EAP_HTTPS_SECRET", + "value": "eap-app-secret", + "required": false + }, + { + "description": "The name of the keystore file within the secret", + "name": "EAP_HTTPS_KEYSTORE", + "value": "keystore.jks", + "required": false + }, + { + "description": "The name associated with the server certificate", + "name": "EAP_HTTPS_NAME", + "value": "", + "required": false + }, + { + "description": "The password for the keystore and certificate", + "name": "EAP_HTTPS_PASSWORD", + "value": "", + "required": false + }, + { + "description": "Sets xa-pool/min-pool-size for the configured datasource.", + "name": "DB_MIN_POOL_SIZE", + "required": false + }, + { + "description": "Sets xa-pool/max-pool-size for the configured datasource.", + "name": "DB_MAX_POOL_SIZE", + "required": false + }, + { + "description": "Sets transaction-isolation for the configured datasource.", + "name": "DB_TX_ISOLATION", + "required": false + }, + { + "description": "Disable data file preallocation.", + "name": "MONGODB_NOPREALLOC", + "required": false + }, + { + "description": "Set MongoDB to use a smaller default data file size.", + "name": "MONGODB_SMALLFILES", + "required": false + }, + { + "description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.", + "name": "MONGODB_QUIET", + "required": false + }, + { + "description": "HornetQ cluster admin password", + "name": "HORNETQ_CLUSTER_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Database user name", + "name": "DB_USERNAME", + "from": "user[a-zA-Z0-9]{3}", + "generate": "expression", + "required": true + }, + { + "description": "Database user password", + "name": "DB_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Database admin password", + "name": "DB_ADMIN_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "GitHub trigger secret", + "name": "GITHUB_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Generic build trigger secret", + "name": "GENERIC_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.", + "name": "IMAGE_STREAM_NAMESPACE", + "value": "openshift", + "required": true + } + ], + "objects": [ + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8080, + "targetPort": 8080 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's http port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8443, + "targetPort": 8443 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's https port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 27017, + "targetPort": 27017 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-mongodb" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-mongodb", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The database server's port." + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-http", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's http service." + } + }, + "spec": { + "host": "${APPLICATION_DOMAIN}", + "to": { + "name": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-https", + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's https service." + } + }, + "spec": { + "host": "${APPLICATION_DOMAIN}", + "to": { + "name": "secure-${APPLICATION_NAME}" + }, + "tls": { + "termination": "passthrough" + } + } + }, + { + "kind": "ImageStream", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "BuildConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "source": { + "type": "Git", + "git": { + "uri": "${SOURCE_REPOSITORY_URL}", + "ref": "${SOURCE_REPOSITORY_REF}" + }, + "contextDir": "${CONTEXT_DIR}" + }, + "strategy": { + "type": "Source", + "sourceStrategy": { + "forcePull": true, + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "jboss-eap64-openshift:1.1" + } + } + }, + "output": { + "to": { + "kind": "ImageStreamTag", + "name": "${APPLICATION_NAME}:latest" + } + }, + "triggers": [ + { + "type": "GitHub", + "github": { + "secret": "${GITHUB_WEBHOOK_SECRET}" + } + }, + { + "type": "Generic", + "generic": { + "secret": "${GENERIC_WEBHOOK_SECRET}" + } + }, + { + "type": "ImageChange", + "imageChange": {} + }, + { + "type": "ConfigChange" + } + ] + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}" + ], + "from": { + "kind": "ImageStream", + "name": "${APPLICATION_NAME}" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "serviceAccount": "eap-service-account", + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}", + "image": "${APPLICATION_NAME}", + "imagePullPolicy": "Always", + "volumeMounts": [ + { + "name": "eap-keystore-volume", + "mountPath": "/etc/eap-secret-volume", + "readOnly": true + } + ], + "readinessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/eap/bin/readinessProbe.sh" + ] + } + }, + "ports": [ + { + "name": "http", + "containerPort": 8080, + "protocol": "TCP" + }, + { + "name": "https", + "containerPort": 8443, + "protocol": "TCP" + }, + { + "name": "ping", + "containerPort": 8888, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "DB_SERVICE_PREFIX_MAPPING", + "value": "${APPLICATION_NAME}-mongodb=DB" + }, + { + "name": "DB_JNDI", + "value": "${DB_JNDI}" + }, + { + "name": "DB_USERNAME", + "value": "${DB_USERNAME}" + }, + { + "name": "DB_PASSWORD", + "value": "${DB_PASSWORD}" + }, + { + "name": "DB_DATABASE", + "value": "${DB_DATABASE}" + }, + { + "name": "DB_ADMIN_PASSWORD", + "value": "${DB_ADMIN_PASSWORD}" + }, + { + "name": "DB_MIN_POOL_SIZE", + "value": "${DB_MIN_POOL_SIZE}" + }, + { + "name": "DB_MAX_POOL_SIZE", + "value": "${DB_MAX_POOL_SIZE}" + }, + { + "name": "DB_TX_ISOLATION", + "value": "${DB_TX_ISOLATION}" + }, + { + "name": "OPENSHIFT_KUBE_PING_LABELS", + "value": "application=${APPLICATION_NAME}" + }, + { + "name": "OPENSHIFT_KUBE_PING_NAMESPACE", + "valueFrom": { + "fieldRef": { + "fieldPath": "metadata.namespace" + } + } + }, + { + "name": "EAP_HTTPS_KEYSTORE_DIR", + "value": "/etc/eap-secret-volume" + }, + { + "name": "EAP_HTTPS_KEYSTORE", + "value": "${EAP_HTTPS_KEYSTORE}" + }, + { + "name": "EAP_HTTPS_NAME", + "value": "${EAP_HTTPS_NAME}" + }, + { + "name": "EAP_HTTPS_PASSWORD", + "value": "${EAP_HTTPS_PASSWORD}" + }, + { + "name": "HORNETQ_CLUSTER_PASSWORD", + "value": "${HORNETQ_CLUSTER_PASSWORD}" + }, + { + "name": "HORNETQ_QUEUES", + "value": "${HORNETQ_QUEUES}" + }, + { + "name": "HORNETQ_TOPICS", + "value": "${HORNETQ_TOPICS}" + } + ] + } + ], + "volumes": [ + { + "name": "eap-keystore-volume", + "secret": { + "secretName": "${EAP_HTTPS_SECRET}" + } + } + ] + } + } + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}-mongodb", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}-mongodb" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "mongodb:latest" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-mongodb" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}-mongodb", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}-mongodb", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}-mongodb", + "image": "mongodb", + "imagePullPolicy": "Always", + "ports": [ + { + "containerPort": 27017, + "protocol": "TCP" + } + ], + "volumeMounts": [ + { + "mountPath": "/var/lib/mongodb/data", + "name": "${APPLICATION_NAME}-mongodb-pvol" + } + ], + "env": [ + { + "name": "MONGODB_USER", + "value": "${DB_USERNAME}" + }, + { + "name": "MONGODB_PASSWORD", + "value": "${DB_PASSWORD}" + }, + { + "name": "MONGODB_DATABASE", + "value": "${DB_DATABASE}" + }, + { + "name": "MONGODB_ADMIN_PASSWORD", + "value": "${DB_ADMIN_PASSWORD}" + }, + { + "name": "MONGODB_NOPREALLOC", + "value": "${MONGODB_NOPREALLOC}" + }, + { + "name": "MONGODB_SMALLFILES", + "value": "${MONGODB_SMALLFILES}" + }, + { + "name": "MONGODB_QUIET", + "value": "${MONGODB_QUIET}" + } + ] + } + ], + "volumes": [ + { + "name": "${APPLICATION_NAME}-mongodb-pvol", + "persistentVolumeClaim": { + "claimName": "${APPLICATION_NAME}-mongodb-claim" + } + } + ] + } + } + } + }, + { + "apiVersion": "v1", + "kind": "PersistentVolumeClaim", + "metadata": { + "name": "${APPLICATION_NAME}-mongodb-claim", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "accessModes": [ + "ReadWriteOnce" + ], + "resources": { + "requests": { + "storage": "${VOLUME_CAPACITY}" + } + } + } + } + ] +} \ No newline at end of file diff --git a/roles/openshift_examples/files/examples/xpaas-templates/eap64-mongodb-s2i.json b/roles/openshift_examples/files/examples/xpaas-templates/eap64-mongodb-s2i.json new file mode 100644 index 000000000..dfd1443ed --- /dev/null +++ b/roles/openshift_examples/files/examples/xpaas-templates/eap64-mongodb-s2i.json @@ -0,0 +1,629 @@ +{ + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "annotations": { + "description": "Application template for EAP 6 MongDB applications built using S2I.", + "iconClass": "icon-jboss", + "tags": "eap,mongodb,javaee,java,database,jboss,xpaas", + "version": "1.1.0" + }, + "name": "eap64-mongodb-s2i" + }, + "labels": { + "template": "eap64-mongodb-s2i", + "xpaas": "1.1.0" + }, + "parameters": [ + { + "description": "The name for the application.", + "name": "APPLICATION_NAME", + "value": "eap-app", + "required": true + }, + { + "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", + "name": "APPLICATION_DOMAIN", + "value": "", + "required": false + }, + { + "description": "Git source URI for application", + "name": "SOURCE_REPOSITORY_URL", + "value": "https://github.com/jboss-openshift/openshift-quickstarts", + "required": true + }, + { + "description": "Git branch/tag reference", + "name": "SOURCE_REPOSITORY_REF", + "value": "1.1", + "required": false + }, + { + "description": "Path within Git project to build; empty for root project directory.", + "name": "CONTEXT_DIR", + "value": "todolist/todolist-mongodb", + "required": false + }, + { + "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb", + "name": "DB_JNDI", + "value": "", + "required": false + }, + { + "description": "Database name", + "name": "DB_DATABASE", + "value": "root", + "required": true + }, + { + "description": "Queue names", + "name": "HORNETQ_QUEUES", + "value": "", + "required": false + }, + { + "description": "Topic names", + "name": "HORNETQ_TOPICS", + "value": "", + "required": false + }, + { + "description": "The name of the secret containing the keystore file", + "name": "EAP_HTTPS_SECRET", + "value": "eap-app-secret", + "required": false + }, + { + "description": "The name of the keystore file within the secret", + "name": "EAP_HTTPS_KEYSTORE", + "value": "keystore.jks", + "required": false + }, + { + "description": "The name associated with the server certificate", + "name": "EAP_HTTPS_NAME", + "value": "", + "required": false + }, + { + "description": "The password for the keystore and certificate", + "name": "EAP_HTTPS_PASSWORD", + "value": "", + "required": false + }, + { + "description": "Sets xa-pool/min-pool-size for the configured datasource.", + "name": "DB_MIN_POOL_SIZE", + "required": false + }, + { + "description": "Sets xa-pool/max-pool-size for the configured datasource.", + "name": "DB_MAX_POOL_SIZE", + "required": false + }, + { + "description": "Sets transaction-isolation for the configured datasource.", + "name": "DB_TX_ISOLATION", + "required": false + }, + { + "description": "Disable data file preallocation.", + "name": "MONGODB_NOPREALLOC", + "required": false + }, + { + "description": "Set MongoDB to use a smaller default data file size.", + "name": "MONGODB_SMALLFILES", + "required": false + }, + { + "description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.", + "name": "MONGODB_QUIET", + "required": false + }, + { + "description": "HornetQ cluster admin password", + "name": "HORNETQ_CLUSTER_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Database user name", + "name": "DB_USERNAME", + "from": "user[a-zA-Z0-9]{3}", + "generate": "expression", + "required": true + }, + { + "description": "Database user password", + "name": "DB_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Database admin password", + "name": "DB_ADMIN_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "GitHub trigger secret", + "name": "GITHUB_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Generic build trigger secret", + "name": "GENERIC_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.", + "name": "IMAGE_STREAM_NAMESPACE", + "value": "openshift", + "required": true + } + ], + "objects": [ + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8080, + "targetPort": 8080 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's http port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8443, + "targetPort": 8443 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's https port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 27017, + "targetPort": 27017 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-mongodb" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-mongodb", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The database server's port." + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-http", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's http service." + } + }, + "spec": { + "host": "${APPLICATION_DOMAIN}", + "to": { + "name": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-https", + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's https service." + } + }, + "spec": { + "host": "${APPLICATION_DOMAIN}", + "to": { + "name": "secure-${APPLICATION_NAME}" + }, + "tls": { + "termination": "passthrough" + } + } + }, + { + "kind": "ImageStream", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "BuildConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "source": { + "type": "Git", + "git": { + "uri": "${SOURCE_REPOSITORY_URL}", + "ref": "${SOURCE_REPOSITORY_REF}" + }, + "contextDir": "${CONTEXT_DIR}" + }, + "strategy": { + "type": "Source", + "sourceStrategy": { + "forcePull": true, + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "jboss-eap64-openshift:1.1" + } + } + }, + "output": { + "to": { + "kind": "ImageStreamTag", + "name": "${APPLICATION_NAME}:latest" + } + }, + "triggers": [ + { + "type": "GitHub", + "github": { + "secret": "${GITHUB_WEBHOOK_SECRET}" + } + }, + { + "type": "Generic", + "generic": { + "secret": "${GENERIC_WEBHOOK_SECRET}" + } + }, + { + "type": "ImageChange", + "imageChange": {} + }, + { + "type": "ConfigChange" + } + ] + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}" + ], + "from": { + "kind": "ImageStream", + "name": "${APPLICATION_NAME}" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "serviceAccount": "eap-service-account", + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}", + "image": "${APPLICATION_NAME}", + "imagePullPolicy": "Always", + "volumeMounts": [ + { + "name": "eap-keystore-volume", + "mountPath": "/etc/eap-secret-volume", + "readOnly": true + } + ], + "readinessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/eap/bin/readinessProbe.sh" + ] + } + }, + "ports": [ + { + "name": "http", + "containerPort": 8080, + "protocol": "TCP" + }, + { + "name": "https", + "containerPort": 8443, + "protocol": "TCP" + }, + { + "name": "ping", + "containerPort": 8888, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "DB_SERVICE_PREFIX_MAPPING", + "value": "${APPLICATION_NAME}-mongodb=DB" + }, + { + "name": "DB_JNDI", + "value": "${DB_JNDI}" + }, + { + "name": "DB_USERNAME", + "value": "${DB_USERNAME}" + }, + { + "name": "DB_PASSWORD", + "value": "${DB_PASSWORD}" + }, + { + "name": "DB_DATABASE", + "value": "${DB_DATABASE}" + }, + { + "name": "DB_ADMIN_PASSWORD", + "value": "${DB_ADMIN_PASSWORD}" + }, + { + "name": "DB_MIN_POOL_SIZE", + "value": "${DB_MIN_POOL_SIZE}" + }, + { + "name": "DB_MAX_POOL_SIZE", + "value": "${DB_MAX_POOL_SIZE}" + }, + { + "name": "DB_TX_ISOLATION", + "value": "${DB_TX_ISOLATION}" + }, + { + "name": "OPENSHIFT_KUBE_PING_LABELS", + "value": "application=${APPLICATION_NAME}" + }, + { + "name": "OPENSHIFT_KUBE_PING_NAMESPACE", + "valueFrom": { + "fieldRef": { + "fieldPath": "metadata.namespace" + } + } + }, + { + "name": "EAP_HTTPS_KEYSTORE_DIR", + "value": "/etc/eap-secret-volume" + }, + { + "name": "EAP_HTTPS_KEYSTORE", + "value": "${EAP_HTTPS_KEYSTORE}" + }, + { + "name": "EAP_HTTPS_NAME", + "value": "${EAP_HTTPS_NAME}" + }, + { + "name": "EAP_HTTPS_PASSWORD", + "value": "${EAP_HTTPS_PASSWORD}" + }, + { + "name": "HORNETQ_CLUSTER_PASSWORD", + "value": "${HORNETQ_CLUSTER_PASSWORD}" + }, + { + "name": "HORNETQ_QUEUES", + "value": "${HORNETQ_QUEUES}" + }, + { + "name": "HORNETQ_TOPICS", + "value": "${HORNETQ_TOPICS}" + } + ] + } + ], + "volumes": [ + { + "name": "eap-keystore-volume", + "secret": { + "secretName": "${EAP_HTTPS_SECRET}" + } + } + ] + } + } + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}-mongodb", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}-mongodb" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "mongodb:latest" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-mongodb" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}-mongodb", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}-mongodb", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}-mongodb", + "image": "mongodb", + "imagePullPolicy": "Always", + "ports": [ + { + "containerPort": 27017, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "MONGODB_USER", + "value": "${DB_USERNAME}" + }, + { + "name": "MONGODB_PASSWORD", + "value": "${DB_PASSWORD}" + }, + { + "name": "MONGODB_DATABASE", + "value": "${DB_DATABASE}" + }, + { + "name": "MONGODB_ADMIN_PASSWORD", + "value": "${DB_ADMIN_PASSWORD}" + }, + { + "name": "MONGODB_NOPREALLOC", + "value": "${MONGODB_NOPREALLOC}" + }, + { + "name": "MONGODB_SMALLFILES", + "value": "${MONGODB_SMALLFILES}" + }, + { + "name": "MONGODB_QUIET", + "value": "${MONGODB_QUIET}" + } + ] + } + ] + } + } + } + } + ] +} \ No newline at end of file diff --git a/roles/openshift_examples/files/examples/xpaas-templates/eap64-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/xpaas-templates/eap64-mysql-persistent-s2i.json new file mode 100644 index 000000000..fdd368a5f --- /dev/null +++ b/roles/openshift_examples/files/examples/xpaas-templates/eap64-mysql-persistent-s2i.json @@ -0,0 +1,676 @@ +{ + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "annotations": { + "description": "Application template for EAP 6 MySQL applications with persistent storage built using S2I.", + "iconClass": "icon-jboss", + "tags": "eap,mysql,javaee,java,database,jboss,xpaas", + "version": "1.1.0" + }, + "name": "eap64-mysql-persistent-s2i" + }, + "labels": { + "template": "eap64-mysql-persistent-s2i", + "xpaas": "1.1.0" + }, + "parameters": [ + { + "description": "The name for the application.", + "name": "APPLICATION_NAME", + "value": "eap-app", + "required": true + }, + { + "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", + "name": "APPLICATION_DOMAIN", + "value": "", + "required": false + }, + { + "description": "Git source URI for application", + "name": "SOURCE_REPOSITORY_URL", + "value": "https://github.com/jboss-openshift/openshift-quickstarts", + "required": true + }, + { + "description": "Git branch/tag reference", + "name": "SOURCE_REPOSITORY_REF", + "value": "1.1", + "required": false + }, + { + "description": "Path within Git project to build; empty for root project directory.", + "name": "CONTEXT_DIR", + "value": "todolist/todolist-jdbc", + "required": false + }, + { + "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql", + "name": "DB_JNDI", + "value": "java:jboss/datasources/TodoListDS", + "required": false + }, + { + "description": "Database name", + "name": "DB_DATABASE", + "value": "root", + "required": true + }, + { + "description": "Size of persistent storage for database volume.", + "name": "VOLUME_CAPACITY", + "value": "512Mi", + "required": true + }, + { + "description": "Queue names", + "name": "HORNETQ_QUEUES", + "value": "", + "required": false + }, + { + "description": "Topic names", + "name": "HORNETQ_TOPICS", + "value": "", + "required": false + }, + { + "description": "The name of the secret containing the keystore file", + "name": "EAP_HTTPS_SECRET", + "value": "eap-app-secret", + "required": false + }, + { + "description": "The name of the keystore file within the secret", + "name": "EAP_HTTPS_KEYSTORE", + "value": "keystore.jks", + "required": false + }, + { + "description": "The name associated with the server certificate", + "name": "EAP_HTTPS_NAME", + "value": "", + "required": false + }, + { + "description": "The password for the keystore and certificate", + "name": "EAP_HTTPS_PASSWORD", + "value": "", + "required": false + }, + { + "description": "Sets xa-pool/min-pool-size for the configured datasource.", + "name": "DB_MIN_POOL_SIZE", + "required": false + }, + { + "description": "Sets xa-pool/max-pool-size for the configured datasource.", + "name": "DB_MAX_POOL_SIZE", + "required": false + }, + { + "description": "Sets transaction-isolation for the configured datasource.", + "name": "DB_TX_ISOLATION", + "required": false + }, + { + "description": "Sets how the table names are stored and compared.", + "name": "MYSQL_LOWER_CASE_TABLE_NAMES", + "required": false + }, + { + "description": "The maximum permitted number of simultaneous client connections.", + "name": "MYSQL_MAX_CONNECTIONS", + "required": false + }, + { + "description": "The minimum length of the word to be included in a FULLTEXT index.", + "name": "MYSQL_FT_MIN_WORD_LEN", + "required": false + }, + { + "description": "The maximum length of the word to be included in a FULLTEXT index.", + "name": "MYSQL_FT_MAX_WORD_LEN", + "required": false + }, + { + "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.", + "name": "MYSQL_AIO", + "required": false + }, + { + "description": "HornetQ cluster admin password", + "name": "HORNETQ_CLUSTER_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Database user name", + "name": "DB_USERNAME", + "from": "user[a-zA-Z0-9]{3}", + "generate": "expression", + "required": true + }, + { + "description": "Database user password", + "name": "DB_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "GitHub trigger secret", + "name": "GITHUB_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Generic build trigger secret", + "name": "GENERIC_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.", + "name": "IMAGE_STREAM_NAMESPACE", + "value": "openshift", + "required": true + } + ], + "objects": [ + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8080, + "targetPort": 8080 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's http port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8443, + "targetPort": 8443 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's https port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 3306, + "targetPort": 3306 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-mysql" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-mysql", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The database server's port." + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-http", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's http service." + } + }, + "spec": { + "host": "${APPLICATION_DOMAIN}", + "to": { + "name": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-https", + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's https service." + } + }, + "spec": { + "host": "${APPLICATION_DOMAIN}", + "to": { + "name": "secure-${APPLICATION_NAME}" + }, + "tls": { + "termination": "passthrough" + } + } + }, + { + "kind": "ImageStream", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "BuildConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "source": { + "type": "Git", + "git": { + "uri": "${SOURCE_REPOSITORY_URL}", + "ref": "${SOURCE_REPOSITORY_REF}" + }, + "contextDir": "${CONTEXT_DIR}" + }, + "strategy": { + "type": "Source", + "sourceStrategy": { + "forcePull": true, + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "jboss-eap64-openshift:1.1" + } + } + }, + "output": { + "to": { + "kind": "ImageStreamTag", + "name": "${APPLICATION_NAME}:latest" + } + }, + "triggers": [ + { + "type": "GitHub", + "github": { + "secret": "${GITHUB_WEBHOOK_SECRET}" + } + }, + { + "type": "Generic", + "generic": { + "secret": "${GENERIC_WEBHOOK_SECRET}" + } + }, + { + "type": "ImageChange", + "imageChange": {} + }, + { + "type": "ConfigChange" + } + ] + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}" + ], + "from": { + "kind": "ImageStream", + "name": "${APPLICATION_NAME}" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "serviceAccount": "eap-service-account", + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}", + "image": "${APPLICATION_NAME}", + "imagePullPolicy": "Always", + "volumeMounts": [ + { + "name": "eap-keystore-volume", + "mountPath": "/etc/eap-secret-volume", + "readOnly": true + } + ], + "readinessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/eap/bin/readinessProbe.sh" + ] + } + }, + "ports": [ + { + "name": "http", + "containerPort": 8080, + "protocol": "TCP" + }, + { + "name": "https", + "containerPort": 8443, + "protocol": "TCP" + }, + { + "name": "ping", + "containerPort": 8888, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "DB_SERVICE_PREFIX_MAPPING", + "value": "${APPLICATION_NAME}-mysql=DB" + }, + { + "name": "DB_JNDI", + "value": "${DB_JNDI}" + }, + { + "name": "DB_USERNAME", + "value": "${DB_USERNAME}" + }, + { + "name": "DB_PASSWORD", + "value": "${DB_PASSWORD}" + }, + { + "name": "DB_DATABASE", + "value": "${DB_DATABASE}" + }, + { + "name": "TX_DATABASE_PREFIX_MAPPING", + "value": "${APPLICATION_NAME}-mysql=DB" + }, + { + "name": "DB_MIN_POOL_SIZE", + "value": "${DB_MIN_POOL_SIZE}" + }, + { + "name": "DB_MAX_POOL_SIZE", + "value": "${DB_MAX_POOL_SIZE}" + }, + { + "name": "DB_TX_ISOLATION", + "value": "${DB_TX_ISOLATION}" + }, + { + "name": "OPENSHIFT_KUBE_PING_LABELS", + "value": "application=${APPLICATION_NAME}" + }, + { + "name": "OPENSHIFT_KUBE_PING_NAMESPACE", + "valueFrom": { + "fieldRef": { + "fieldPath": "metadata.namespace" + } + } + }, + { + "name": "EAP_HTTPS_KEYSTORE_DIR", + "value": "/etc/eap-secret-volume" + }, + { + "name": "EAP_HTTPS_KEYSTORE", + "value": "${EAP_HTTPS_KEYSTORE}" + }, + { + "name": "EAP_HTTPS_NAME", + "value": "${EAP_HTTPS_NAME}" + }, + { + "name": "EAP_HTTPS_PASSWORD", + "value": "${EAP_HTTPS_PASSWORD}" + }, + { + "name": "HORNETQ_CLUSTER_PASSWORD", + "value": "${HORNETQ_CLUSTER_PASSWORD}" + }, + { + "name": "HORNETQ_QUEUES", + "value": "${HORNETQ_QUEUES}" + }, + { + "name": "HORNETQ_TOPICS", + "value": "${HORNETQ_TOPICS}" + } + ] + } + ], + "volumes": [ + { + "name": "eap-keystore-volume", + "secret": { + "secretName": "${EAP_HTTPS_SECRET}" + } + } + ] + } + } + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}-mysql", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}-mysql" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "mysql:latest" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-mysql" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}-mysql", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}-mysql", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}-mysql", + "image": "mysql", + "imagePullPolicy": "Always", + "ports": [ + { + "containerPort": 3306, + "protocol": "TCP" + } + ], + "volumeMounts": [ + { + "mountPath": "/var/lib/mysql/data", + "name": "${APPLICATION_NAME}-mysql-pvol" + } + ], + "env": [ + { + "name": "MYSQL_USER", + "value": "${DB_USERNAME}" + }, + { + "name": "MYSQL_PASSWORD", + "value": "${DB_PASSWORD}" + }, + { + "name": "MYSQL_DATABASE", + "value": "${DB_DATABASE}" + }, + { + "name": "MYSQL_LOWER_CASE_TABLE_NAMES", + "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}" + }, + { + "name": "MYSQL_MAX_CONNECTIONS", + "value": "${MYSQL_MAX_CONNECTIONS}" + }, + { + "name": "MYSQL_FT_MIN_WORD_LEN", + "value": "${MYSQL_FT_MIN_WORD_LEN}" + }, + { + "name": "MYSQL_FT_MAX_WORD_LEN", + "value": "${MYSQL_FT_MAX_WORD_LEN}" + }, + { + "name": "MYSQL_AIO", + "value": "${MYSQL_AIO}" + } + ] + } + ], + "volumes": [ + { + "name": "${APPLICATION_NAME}-mysql-pvol", + "persistentVolumeClaim": { + "claimName": "${APPLICATION_NAME}-mysql-claim" + } + } + ] + } + } + } + }, + { + "apiVersion": "v1", + "kind": "PersistentVolumeClaim", + "metadata": { + "name": "${APPLICATION_NAME}-mysql-claim", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "accessModes": [ + "ReadWriteOnce" + ], + "resources": { + "requests": { + "storage": "${VOLUME_CAPACITY}" + } + } + } + } + ] +} \ No newline at end of file diff --git a/roles/openshift_examples/files/examples/xpaas-templates/eap64-mysql-s2i.json b/roles/openshift_examples/files/examples/xpaas-templates/eap64-mysql-s2i.json new file mode 100644 index 000000000..ff6bdc112 --- /dev/null +++ b/roles/openshift_examples/files/examples/xpaas-templates/eap64-mysql-s2i.json @@ -0,0 +1,636 @@ +{ + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "annotations": { + "description": "Application template for EAP 6 MySQL applications built using S2I.", + "iconClass": "icon-jboss", + "tags": "eap,mysql,javaee,java,database,jboss,xpaas", + "version": "1.1.0" + }, + "name": "eap64-mysql-s2i" + }, + "labels": { + "template": "eap64-mysql-s2i", + "xpaas": "1.1.0" + }, + "parameters": [ + { + "description": "The name for the application.", + "name": "APPLICATION_NAME", + "value": "eap-app", + "required": true + }, + { + "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", + "name": "APPLICATION_DOMAIN", + "value": "", + "required": false + }, + { + "description": "Git source URI for application", + "name": "SOURCE_REPOSITORY_URL", + "value": "https://github.com/jboss-openshift/openshift-quickstarts", + "required": true + }, + { + "description": "Git branch/tag reference", + "name": "SOURCE_REPOSITORY_REF", + "value": "1.1", + "required": false + }, + { + "description": "Path within Git project to build; empty for root project directory.", + "name": "CONTEXT_DIR", + "value": "todolist/todolist-jdbc", + "required": false + }, + { + "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql", + "name": "DB_JNDI", + "value": "java:jboss/datasources/TodoListDS", + "required": false + }, + { + "description": "Database name", + "name": "DB_DATABASE", + "value": "root", + "required": true + }, + { + "description": "Queue names", + "name": "HORNETQ_QUEUES", + "value": "", + "required": false + }, + { + "description": "Topic names", + "name": "HORNETQ_TOPICS", + "value": "", + "required": false + }, + { + "description": "The name of the secret containing the keystore file", + "name": "EAP_HTTPS_SECRET", + "value": "eap-app-secret", + "required": false + }, + { + "description": "The name of the keystore file within the secret", + "name": "EAP_HTTPS_KEYSTORE", + "value": "keystore.jks", + "required": false + }, + { + "description": "The name associated with the server certificate", + "name": "EAP_HTTPS_NAME", + "value": "", + "required": false + }, + { + "description": "The password for the keystore and certificate", + "name": "EAP_HTTPS_PASSWORD", + "value": "", + "required": false + }, + { + "description": "Sets xa-pool/min-pool-size for the configured datasource.", + "name": "DB_MIN_POOL_SIZE", + "required": false + }, + { + "description": "Sets xa-pool/max-pool-size for the configured datasource.", + "name": "DB_MAX_POOL_SIZE", + "required": false + }, + { + "description": "Sets transaction-isolation for the configured datasource.", + "name": "DB_TX_ISOLATION", + "required": false + }, + { + "description": "Sets how the table names are stored and compared.", + "name": "MYSQL_LOWER_CASE_TABLE_NAMES", + "required": false + }, + { + "description": "The maximum permitted number of simultaneous client connections.", + "name": "MYSQL_MAX_CONNECTIONS", + "required": false + }, + { + "description": "The minimum length of the word to be included in a FULLTEXT index.", + "name": "MYSQL_FT_MIN_WORD_LEN", + "required": false + }, + { + "description": "The maximum length of the word to be included in a FULLTEXT index.", + "name": "MYSQL_FT_MAX_WORD_LEN", + "required": false + }, + { + "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.", + "name": "MYSQL_AIO", + "required": false + }, + { + "description": "HornetQ cluster admin password", + "name": "HORNETQ_CLUSTER_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Database user name", + "name": "DB_USERNAME", + "from": "user[a-zA-Z0-9]{3}", + "generate": "expression", + "required": true + }, + { + "description": "Database user password", + "name": "DB_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "GitHub trigger secret", + "name": "GITHUB_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Generic build trigger secret", + "name": "GENERIC_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.", + "name": "IMAGE_STREAM_NAMESPACE", + "value": "openshift", + "required": true + } + ], + "objects": [ + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8080, + "targetPort": 8080 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's http port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8443, + "targetPort": 8443 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's https port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 3306, + "targetPort": 3306 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-mysql" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-mysql", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The database server's port." + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-http", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's http service." + } + }, + "spec": { + "host": "${APPLICATION_DOMAIN}", + "to": { + "name": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-https", + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's https service." + } + }, + "spec": { + "host": "${APPLICATION_DOMAIN}", + "to": { + "name": "secure-${APPLICATION_NAME}" + }, + "tls": { + "termination": "passthrough" + } + } + }, + { + "kind": "ImageStream", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "BuildConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "source": { + "type": "Git", + "git": { + "uri": "${SOURCE_REPOSITORY_URL}", + "ref": "${SOURCE_REPOSITORY_REF}" + }, + "contextDir": "${CONTEXT_DIR}" + }, + "strategy": { + "type": "Source", + "sourceStrategy": { + "forcePull": true, + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "jboss-eap64-openshift:1.1" + } + } + }, + "output": { + "to": { + "kind": "ImageStreamTag", + "name": "${APPLICATION_NAME}:latest" + } + }, + "triggers": [ + { + "type": "GitHub", + "github": { + "secret": "${GITHUB_WEBHOOK_SECRET}" + } + }, + { + "type": "Generic", + "generic": { + "secret": "${GENERIC_WEBHOOK_SECRET}" + } + }, + { + "type": "ImageChange", + "imageChange": {} + }, + { + "type": "ConfigChange" + } + ] + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}" + ], + "from": { + "kind": "ImageStream", + "name": "${APPLICATION_NAME}" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "serviceAccount": "eap-service-account", + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}", + "image": "${APPLICATION_NAME}", + "imagePullPolicy": "Always", + "volumeMounts": [ + { + "name": "eap-keystore-volume", + "mountPath": "/etc/eap-secret-volume", + "readOnly": true + } + ], + "readinessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/eap/bin/readinessProbe.sh" + ] + } + }, + "ports": [ + { + "name": "http", + "containerPort": 8080, + "protocol": "TCP" + }, + { + "name": "https", + "containerPort": 8443, + "protocol": "TCP" + }, + { + "name": "ping", + "containerPort": 8888, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "DB_SERVICE_PREFIX_MAPPING", + "value": "${APPLICATION_NAME}-mysql=DB" + }, + { + "name": "DB_JNDI", + "value": "${DB_JNDI}" + }, + { + "name": "DB_USERNAME", + "value": "${DB_USERNAME}" + }, + { + "name": "DB_PASSWORD", + "value": "${DB_PASSWORD}" + }, + { + "name": "DB_DATABASE", + "value": "${DB_DATABASE}" + }, + { + "name": "TX_DATABASE_PREFIX_MAPPING", + "value": "${APPLICATION_NAME}-mysql=DB" + }, + { + "name": "DB_MIN_POOL_SIZE", + "value": "${DB_MIN_POOL_SIZE}" + }, + { + "name": "DB_MAX_POOL_SIZE", + "value": "${DB_MAX_POOL_SIZE}" + }, + { + "name": "DB_TX_ISOLATION", + "value": "${DB_TX_ISOLATION}" + }, + { + "name": "OPENSHIFT_KUBE_PING_LABELS", + "value": "application=${APPLICATION_NAME}" + }, + { + "name": "OPENSHIFT_KUBE_PING_NAMESPACE", + "valueFrom": { + "fieldRef": { + "fieldPath": "metadata.namespace" + } + } + }, + { + "name": "EAP_HTTPS_KEYSTORE_DIR", + "value": "/etc/eap-secret-volume" + }, + { + "name": "EAP_HTTPS_KEYSTORE", + "value": "${EAP_HTTPS_KEYSTORE}" + }, + { + "name": "EAP_HTTPS_NAME", + "value": "${EAP_HTTPS_NAME}" + }, + { + "name": "EAP_HTTPS_PASSWORD", + "value": "${EAP_HTTPS_PASSWORD}" + }, + { + "name": "HORNETQ_CLUSTER_PASSWORD", + "value": "${HORNETQ_CLUSTER_PASSWORD}" + }, + { + "name": "HORNETQ_QUEUES", + "value": "${HORNETQ_QUEUES}" + }, + { + "name": "HORNETQ_TOPICS", + "value": "${HORNETQ_TOPICS}" + } + ] + } + ], + "volumes": [ + { + "name": "eap-keystore-volume", + "secret": { + "secretName": "${EAP_HTTPS_SECRET}" + } + } + ] + } + } + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}-mysql", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}-mysql" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "mysql:latest" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-mysql" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}-mysql", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}-mysql", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}-mysql", + "image": "mysql", + "imagePullPolicy": "Always", + "ports": [ + { + "containerPort": 3306, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "MYSQL_USER", + "value": "${DB_USERNAME}" + }, + { + "name": "MYSQL_PASSWORD", + "value": "${DB_PASSWORD}" + }, + { + "name": "MYSQL_DATABASE", + "value": "${DB_DATABASE}" + }, + { + "name": "MYSQL_LOWER_CASE_TABLE_NAMES", + "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}" + }, + { + "name": "MYSQL_MAX_CONNECTIONS", + "value": "${MYSQL_MAX_CONNECTIONS}" + }, + { + "name": "MYSQL_FT_MIN_WORD_LEN", + "value": "${MYSQL_FT_MIN_WORD_LEN}" + }, + { + "name": "MYSQL_FT_MAX_WORD_LEN", + "value": "${MYSQL_FT_MAX_WORD_LEN}" + }, + { + "name": "MYSQL_AIO", + "value": "${MYSQL_AIO}" + } + ] + } + ] + } + } + } + } + ] +} \ No newline at end of file diff --git a/roles/openshift_examples/files/examples/xpaas-templates/eap64-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/xpaas-templates/eap64-postgresql-persistent-s2i.json new file mode 100644 index 000000000..6443afdb0 --- /dev/null +++ b/roles/openshift_examples/files/examples/xpaas-templates/eap64-postgresql-persistent-s2i.json @@ -0,0 +1,649 @@ +{ + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "annotations": { + "description": "Application template for EAP 6 PostgreSQL applications with persistent storage built using S2I.", + "iconClass": "icon-jboss", + "tags": "eap,postgresql,javaee,java,database,jboss,xpaas", + "version": "1.1.0" + }, + "name": "eap64-postgresql-persistent-s2i" + }, + "labels": { + "template": "eap64-postgresql-persistent-s2i", + "xpaas": "1.1.0" + }, + "parameters": [ + { + "description": "The name for the application.", + "name": "APPLICATION_NAME", + "value": "eap-app", + "required": true + }, + { + "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", + "name": "APPLICATION_DOMAIN", + "value": "", + "required": false + }, + { + "description": "Git source URI for application", + "name": "SOURCE_REPOSITORY_URL", + "value": "https://github.com/jboss-openshift/openshift-quickstarts", + "required": true + }, + { + "description": "Git branch/tag reference", + "name": "SOURCE_REPOSITORY_REF", + "value": "1.1", + "required": false + }, + { + "description": "Path within Git project to build; empty for root project directory.", + "name": "CONTEXT_DIR", + "value": "todolist/todolist-jdbc", + "required": false + }, + { + "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql", + "name": "DB_JNDI", + "value": "java:jboss/datasources/TodoListDS", + "required": false + }, + { + "description": "Database name", + "name": "DB_DATABASE", + "value": "root", + "required": true + }, + { + "description": "Size of persistent storage for database volume.", + "name": "VOLUME_CAPACITY", + "value": "512Mi", + "required": true + }, + { + "description": "Queue names", + "name": "HORNETQ_QUEUES", + "value": "", + "required": false + }, + { + "description": "Topic names", + "name": "HORNETQ_TOPICS", + "value": "", + "required": false + }, + { + "description": "The name of the secret containing the keystore file", + "name": "EAP_HTTPS_SECRET", + "value": "eap-app-secret", + "required": false + }, + { + "description": "The name of the keystore file within the secret", + "name": "EAP_HTTPS_KEYSTORE", + "value": "keystore.jks", + "required": false + }, + { + "description": "The name associated with the server certificate", + "name": "EAP_HTTPS_NAME", + "value": "", + "required": false + }, + { + "description": "The password for the keystore and certificate", + "name": "EAP_HTTPS_PASSWORD", + "value": "", + "required": false + }, + { + "description": "Sets xa-pool/min-pool-size for the configured datasource.", + "name": "DB_MIN_POOL_SIZE", + "required": false + }, + { + "description": "Sets xa-pool/max-pool-size for the configured datasource.", + "name": "DB_MAX_POOL_SIZE", + "required": false + }, + { + "description": "Sets transaction-isolation for the configured datasource.", + "name": "DB_TX_ISOLATION", + "required": false + }, + { + "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.", + "name": "POSTGRESQL_MAX_CONNECTIONS", + "required": false + }, + { + "description": "Configures how much memory is dedicated to PostgreSQL for caching data.", + "name": "POSTGRESQL_SHARED_BUFFERS", + "required": false + }, + { + "description": "HornetQ cluster admin password", + "name": "HORNETQ_CLUSTER_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Database user name", + "name": "DB_USERNAME", + "from": "user[a-zA-Z0-9]{3}", + "generate": "expression", + "required": true + }, + { + "description": "Database user password", + "name": "DB_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "GitHub trigger secret", + "name": "GITHUB_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Generic build trigger secret", + "name": "GENERIC_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.", + "name": "IMAGE_STREAM_NAMESPACE", + "value": "openshift", + "required": true + } + ], + "objects": [ + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8080, + "targetPort": 8080 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's http port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8443, + "targetPort": 8443 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's https port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 5432, + "targetPort": 5432 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-postgresql" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-postgresql", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The database server's port." + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-http", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's http service." + } + }, + "spec": { + "host": "${APPLICATION_DOMAIN}", + "to": { + "name": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-https", + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's https service." + } + }, + "spec": { + "host": "${APPLICATION_DOMAIN}", + "to": { + "name": "secure-${APPLICATION_NAME}" + }, + "tls": { + "termination": "passthrough" + } + } + }, + { + "kind": "ImageStream", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "BuildConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "source": { + "type": "Git", + "git": { + "uri": "${SOURCE_REPOSITORY_URL}", + "ref": "${SOURCE_REPOSITORY_REF}" + }, + "contextDir": "${CONTEXT_DIR}" + }, + "strategy": { + "type": "Source", + "sourceStrategy": { + "forcePull": true, + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "jboss-eap64-openshift:1.1" + } + } + }, + "output": { + "to": { + "kind": "ImageStreamTag", + "name": "${APPLICATION_NAME}:latest" + } + }, + "triggers": [ + { + "type": "GitHub", + "github": { + "secret": "${GITHUB_WEBHOOK_SECRET}" + } + }, + { + "type": "Generic", + "generic": { + "secret": "${GENERIC_WEBHOOK_SECRET}" + } + }, + { + "type": "ImageChange", + "imageChange": {} + }, + { + "type": "ConfigChange" + } + ] + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}" + ], + "from": { + "kind": "ImageStream", + "name": "${APPLICATION_NAME}" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "serviceAccount": "eap-service-account", + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}", + "image": "${APPLICATION_NAME}", + "imagePullPolicy": "Always", + "volumeMounts": [ + { + "name": "eap-keystore-volume", + "mountPath": "/etc/eap-secret-volume", + "readOnly": true + } + ], + "readinessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/eap/bin/readinessProbe.sh" + ] + } + }, + "ports": [ + { + "name": "http", + "containerPort": 8080, + "protocol": "TCP" + }, + { + "name": "https", + "containerPort": 8443, + "protocol": "TCP" + }, + { + "name": "ping", + "containerPort": 8888, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "DB_SERVICE_PREFIX_MAPPING", + "value": "${APPLICATION_NAME}-postgresql=DB" + }, + { + "name": "DB_JNDI", + "value": "${DB_JNDI}" + }, + { + "name": "DB_USERNAME", + "value": "${DB_USERNAME}" + }, + { + "name": "DB_PASSWORD", + "value": "${DB_PASSWORD}" + }, + { + "name": "DB_DATABASE", + "value": "${DB_DATABASE}" + }, + { + "name": "TX_DATABASE_PREFIX_MAPPING", + "value": "${APPLICATION_NAME}-postgresql=DB" + }, + { + "name": "DB_MIN_POOL_SIZE", + "value": "${DB_MIN_POOL_SIZE}" + }, + { + "name": "DB_MAX_POOL_SIZE", + "value": "${DB_MAX_POOL_SIZE}" + }, + { + "name": "DB_TX_ISOLATION", + "value": "${DB_TX_ISOLATION}" + }, + { + "name": "OPENSHIFT_KUBE_PING_LABELS", + "value": "application=${APPLICATION_NAME}" + }, + { + "name": "OPENSHIFT_KUBE_PING_NAMESPACE", + "valueFrom": { + "fieldRef": { + "fieldPath": "metadata.namespace" + } + } + }, + { + "name": "EAP_HTTPS_KEYSTORE_DIR", + "value": "/etc/eap-secret-volume" + }, + { + "name": "EAP_HTTPS_KEYSTORE", + "value": "${EAP_HTTPS_KEYSTORE}" + }, + { + "name": "EAP_HTTPS_NAME", + "value": "${EAP_HTTPS_NAME}" + }, + { + "name": "EAP_HTTPS_PASSWORD", + "value": "${EAP_HTTPS_PASSWORD}" + }, + { + "name": "HORNETQ_CLUSTER_PASSWORD", + "value": "${HORNETQ_CLUSTER_PASSWORD}" + }, + { + "name": "HORNETQ_QUEUES", + "value": "${HORNETQ_QUEUES}" + }, + { + "name": "HORNETQ_TOPICS", + "value": "${HORNETQ_TOPICS}" + } + ] + } + ], + "volumes": [ + { + "name": "eap-keystore-volume", + "secret": { + "secretName": "${EAP_HTTPS_SECRET}" + } + } + ] + } + } + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}-postgresql", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}-postgresql" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "postgresql:latest" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-postgresql" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}-postgresql", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}-postgresql", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}-postgresql", + "image": "postgresql", + "imagePullPolicy": "Always", + "ports": [ + { + "containerPort": 5432, + "protocol": "TCP" + } + ], + "volumeMounts": [ + { + "mountPath": "/var/lib/pgsql/data", + "name": "${APPLICATION_NAME}-postgresql-pvol" + } + ], + "env": [ + { + "name": "POSTGRESQL_USER", + "value": "${DB_USERNAME}" + }, + { + "name": "POSTGRESQL_PASSWORD", + "value": "${DB_PASSWORD}" + }, + { + "name": "POSTGRESQL_DATABASE", + "value": "${DB_DATABASE}" + }, + { + "name": "POSTGRESQL_MAX_CONNECTIONS", + "value": "${POSTGRESQL_MAX_CONNECTIONS}" + }, + { + "name": "POSTGRESQL_SHARED_BUFFERS", + "value": "${POSTGRESQL_SHARED_BUFFERS}" + } + ] + } + ], + "volumes": [ + { + "name": "${APPLICATION_NAME}-postgresql-pvol", + "persistentVolumeClaim": { + "claimName": "${APPLICATION_NAME}-postgresql-claim" + } + } + ] + } + } + } + }, + { + "apiVersion": "v1", + "kind": "PersistentVolumeClaim", + "metadata": { + "name": "${APPLICATION_NAME}-postgresql-claim", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "accessModes": [ + "ReadWriteOnce" + ], + "resources": { + "requests": { + "storage": "${VOLUME_CAPACITY}" + } + } + } + } + ] +} \ No newline at end of file diff --git a/roles/openshift_examples/files/examples/xpaas-templates/eap64-postgresql-s2i.json b/roles/openshift_examples/files/examples/xpaas-templates/eap64-postgresql-s2i.json new file mode 100644 index 000000000..e879e51cf --- /dev/null +++ b/roles/openshift_examples/files/examples/xpaas-templates/eap64-postgresql-s2i.json @@ -0,0 +1,609 @@ +{ + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "annotations": { + "description": "Application template for EAP 6 PostgreSQL applications built using S2I.", + "iconClass": "icon-jboss", + "tags": "eap,postgresql,javaee,java,database,jboss,xpaas", + "version": "1.1.0" + }, + "name": "eap64-postgresql-s2i" + }, + "labels": { + "template": "eap64-postgresql-s2i", + "xpaas": "1.1.0" + }, + "parameters": [ + { + "description": "The name for the application.", + "name": "APPLICATION_NAME", + "value": "eap-app", + "required": true + }, + { + "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", + "name": "APPLICATION_DOMAIN", + "value": "", + "required": false + }, + { + "description": "Git source URI for application", + "name": "SOURCE_REPOSITORY_URL", + "value": "https://github.com/jboss-openshift/openshift-quickstarts", + "required": true + }, + { + "description": "Git branch/tag reference", + "name": "SOURCE_REPOSITORY_REF", + "value": "1.1", + "required": false + }, + { + "description": "Path within Git project to build; empty for root project directory.", + "name": "CONTEXT_DIR", + "value": "todolist/todolist-jdbc", + "required": false + }, + { + "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql", + "name": "DB_JNDI", + "value": "java:jboss/datasources/TodoListDS", + "required": false + }, + { + "description": "Database name", + "name": "DB_DATABASE", + "value": "root", + "required": true + }, + { + "description": "Queue names", + "name": "HORNETQ_QUEUES", + "value": "", + "required": false + }, + { + "description": "Topic names", + "name": "HORNETQ_TOPICS", + "value": "", + "required": false + }, + { + "description": "The name of the secret containing the keystore file", + "name": "EAP_HTTPS_SECRET", + "value": "eap-app-secret", + "required": false + }, + { + "description": "The name of the keystore file within the secret", + "name": "EAP_HTTPS_KEYSTORE", + "value": "keystore.jks", + "required": false + }, + { + "description": "The name associated with the server certificate", + "name": "EAP_HTTPS_NAME", + "value": "", + "required": false + }, + { + "description": "The password for the keystore and certificate", + "name": "EAP_HTTPS_PASSWORD", + "value": "", + "required": false + }, + { + "description": "Sets xa-pool/min-pool-size for the configured datasource.", + "name": "DB_MIN_POOL_SIZE", + "required": false + }, + { + "description": "Sets xa-pool/max-pool-size for the configured datasource.", + "name": "DB_MAX_POOL_SIZE", + "required": false + }, + { + "description": "Sets transaction-isolation for the configured datasource.", + "name": "DB_TX_ISOLATION", + "required": false + }, + { + "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.", + "name": "POSTGRESQL_MAX_CONNECTIONS", + "required": false + }, + { + "description": "Configures how much memory is dedicated to PostgreSQL for caching data.", + "name": "POSTGRESQL_SHARED_BUFFERS", + "required": false + }, + { + "description": "HornetQ cluster admin password", + "name": "HORNETQ_CLUSTER_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Database user name", + "name": "DB_USERNAME", + "from": "user[a-zA-Z0-9]{3}", + "generate": "expression", + "required": true + }, + { + "description": "Database user password", + "name": "DB_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "GitHub trigger secret", + "name": "GITHUB_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Generic build trigger secret", + "name": "GENERIC_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.", + "name": "IMAGE_STREAM_NAMESPACE", + "value": "openshift", + "required": true + } + ], + "objects": [ + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8080, + "targetPort": 8080 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's http port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8443, + "targetPort": 8443 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's https port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 5432, + "targetPort": 5432 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-postgresql" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-postgresql", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The database server's port." + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-http", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's http service." + } + }, + "spec": { + "host": "${APPLICATION_DOMAIN}", + "to": { + "name": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-https", + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's https service." + } + }, + "spec": { + "host": "${APPLICATION_DOMAIN}", + "to": { + "name": "secure-${APPLICATION_NAME}" + }, + "tls": { + "termination": "passthrough" + } + } + }, + { + "kind": "ImageStream", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "BuildConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "source": { + "type": "Git", + "git": { + "uri": "${SOURCE_REPOSITORY_URL}", + "ref": "${SOURCE_REPOSITORY_REF}" + }, + "contextDir": "${CONTEXT_DIR}" + }, + "strategy": { + "type": "Source", + "sourceStrategy": { + "forcePull": true, + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "jboss-eap64-openshift:1.1" + } + } + }, + "output": { + "to": { + "kind": "ImageStreamTag", + "name": "${APPLICATION_NAME}:latest" + } + }, + "triggers": [ + { + "type": "GitHub", + "github": { + "secret": "${GITHUB_WEBHOOK_SECRET}" + } + }, + { + "type": "Generic", + "generic": { + "secret": "${GENERIC_WEBHOOK_SECRET}" + } + }, + { + "type": "ImageChange", + "imageChange": {} + }, + { + "type": "ConfigChange" + } + ] + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}" + ], + "from": { + "kind": "ImageStream", + "name": "${APPLICATION_NAME}" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "serviceAccount": "eap-service-account", + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}", + "image": "${APPLICATION_NAME}", + "imagePullPolicy": "Always", + "volumeMounts": [ + { + "name": "eap-keystore-volume", + "mountPath": "/etc/eap-secret-volume", + "readOnly": true + } + ], + "readinessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "/opt/eap/bin/readinessProbe.sh" + ] + } + }, + "ports": [ + { + "name": "http", + "containerPort": 8080, + "protocol": "TCP" + }, + { + "name": "https", + "containerPort": 8443, + "protocol": "TCP" + }, + { + "name": "ping", + "containerPort": 8888, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "DB_SERVICE_PREFIX_MAPPING", + "value": "${APPLICATION_NAME}-postgresql=DB" + }, + { + "name": "DB_JNDI", + "value": "${DB_JNDI}" + }, + { + "name": "DB_USERNAME", + "value": "${DB_USERNAME}" + }, + { + "name": "DB_PASSWORD", + "value": "${DB_PASSWORD}" + }, + { + "name": "DB_DATABASE", + "value": "${DB_DATABASE}" + }, + { + "name": "TX_DATABASE_PREFIX_MAPPING", + "value": "${APPLICATION_NAME}-postgresql=DB" + }, + { + "name": "DB_MIN_POOL_SIZE", + "value": "${DB_MIN_POOL_SIZE}" + }, + { + "name": "DB_MAX_POOL_SIZE", + "value": "${DB_MAX_POOL_SIZE}" + }, + { + "name": "DB_TX_ISOLATION", + "value": "${DB_TX_ISOLATION}" + }, + { + "name": "OPENSHIFT_KUBE_PING_LABELS", + "value": "application=${APPLICATION_NAME}" + }, + { + "name": "OPENSHIFT_KUBE_PING_NAMESPACE", + "valueFrom": { + "fieldRef": { + "fieldPath": "metadata.namespace" + } + } + }, + { + "name": "EAP_HTTPS_KEYSTORE_DIR", + "value": "/etc/eap-secret-volume" + }, + { + "name": "EAP_HTTPS_KEYSTORE", + "value": "${EAP_HTTPS_KEYSTORE}" + }, + { + "name": "EAP_HTTPS_NAME", + "value": "${EAP_HTTPS_NAME}" + }, + { + "name": "EAP_HTTPS_PASSWORD", + "value": "${EAP_HTTPS_PASSWORD}" + }, + { + "name": "HORNETQ_CLUSTER_PASSWORD", + "value": "${HORNETQ_CLUSTER_PASSWORD}" + }, + { + "name": "HORNETQ_QUEUES", + "value": "${HORNETQ_QUEUES}" + }, + { + "name": "HORNETQ_TOPICS", + "value": "${HORNETQ_TOPICS}" + } + ] + } + ], + "volumes": [ + { + "name": "eap-keystore-volume", + "secret": { + "secretName": "${EAP_HTTPS_SECRET}" + } + } + ] + } + } + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}-postgresql", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}-postgresql" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "postgresql:latest" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-postgresql" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}-postgresql", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}-postgresql", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}-postgresql", + "image": "postgresql", + "imagePullPolicy": "Always", + "ports": [ + { + "containerPort": 5432, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "POSTGRESQL_USER", + "value": "${DB_USERNAME}" + }, + { + "name": "POSTGRESQL_PASSWORD", + "value": "${DB_PASSWORD}" + }, + { + "name": "POSTGRESQL_DATABASE", + "value": "${DB_DATABASE}" + }, + { + "name": "POSTGRESQL_MAX_CONNECTIONS", + "value": "${POSTGRESQL_MAX_CONNECTIONS}" + }, + { + "name": "POSTGRESQL_SHARED_BUFFERS", + "value": "${POSTGRESQL_SHARED_BUFFERS}" + } + ] + } + ] + } + } + } + } + ] +} \ No newline at end of file diff --git a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-basic-sti.json b/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-basic-sti.json deleted file mode 100644 index d74c2dfe3..000000000 --- a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-basic-sti.json +++ /dev/null @@ -1,257 +0,0 @@ -{ - "kind": "Template", - "apiVersion": "v1", - "metadata": { - "annotations": { - "iconClass" : "icon-tomcat", - "description": "Application template for JWS applications built using STI." - }, - "name": "jws-tomcat7-basic-sti" - }, - "labels": { - "template": "jws-tomcat7-basic-sti" - }, - "parameters": [ - { - "description": "JWS Release version, e.g. 3.0, 2.1, etc.", - "name": "JWS_RELEASE", - "value": "3.0" - }, - { - "description": "The name for the application.", - "name": "APPLICATION_NAME", - "value": "jws-app" - }, - { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", - "name": "APPLICATION_HOSTNAME", - "value": "" - }, - { - "description": "Git source URI for application", - "name": "GIT_URI" - }, - { - "description": "Git branch/tag reference", - "name": "GIT_REF", - "value": "master" - }, - { - "description": "Path within Git project to build; empty for root project directory.", - "name": "GIT_CONTEXT_DIR", - "value": "" - }, - { - "description": "JWS Admin User", - "name": "JWS_ADMIN_USERNAME", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "JWS Admin Password", - "name": "JWS_ADMIN_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Github trigger secret", - "name": "GITHUB_TRIGGER_SECRET", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Generic build trigger secret", - "name": "GENERIC_TRIGGER_SECRET", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - } - ], - "objects": [ - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 8080, - "targetPort": 8080 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The web server's http port." - } - } - }, - { - "kind": "Route", - "apiVersion": "v1", - "id": "${APPLICATION_NAME}-http-route", - "metadata": { - "name": "${APPLICATION_NAME}-http-route", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "Route for application's http service." - } - }, - "spec": { - "host": "${APPLICATION_HOSTNAME}", - "to": { - "name": "${APPLICATION_NAME}" - } - } - }, - { - "kind": "ImageStream", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - } - }, - { - "kind": "BuildConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "source": { - "type": "Git", - "git": { - "uri": "${GIT_URI}", - "ref": "${GIT_REF}" - }, - "contextDir":"${GIT_CONTEXT_DIR}" - }, - "strategy": { - "type": "Source", - "sourceStrategy": { - "from": { - "kind": "ImageStreamTag", - "namespace": "openshift", - "name": "jboss-webserver3-tomcat7-openshift:${JWS_RELEASE}" - } - } - }, - "output": { - "to": { - "kind": "ImageStreamTag", - "name": "${APPLICATION_NAME}:latest" - } - }, - "triggers": [ - { - "type": "GitHub", - "github": { - "secret": "${GITHUB_TRIGGER_SECRET}" - } - }, - { - "type": "Generic", - "generic": { - "secret": "${GENERIC_TRIGGER_SECRET}" - } - }, - { - "type": "ImageChange", - "imageChange": {} - } - ] - } - }, - { - "kind": "DeploymentConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "strategy": { - "type": "Recreate" - }, - "triggers": [ - { - "type": "ImageChange", - "imageChangeParams": { - "automatic": true, - "containerNames": [ - "${APPLICATION_NAME}" - ], - "from": { - "kind": "ImageStream", - "name": "${APPLICATION_NAME}" - } - } - } - ], - "replicas": 1, - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - }, - "template": { - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "deploymentConfig": "${APPLICATION_NAME}", - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "containers": [ - { - "name": "${APPLICATION_NAME}", - "image": "${APPLICATION_NAME}", - "imagePullPolicy": "Always", - "readinessProbe": { - "exec": { - "command": [ - "/bin/bash", - "-c", - "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'" - ] - } - }, - "ports": [ - { - "name": "http", - "containerPort": 8080, - "protocol": "TCP" - } - ], - "env": [ - { - "name": "JWS_ADMIN_USERNAME", - "value": "${JWS_ADMIN_USERNAME}" - }, - { - "name": "JWS_ADMIN_PASSWORD", - "value": "${JWS_ADMIN_PASSWORD}" - } - ] - } - ] - } - } - } - } - ] -} diff --git a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-https-sti.json b/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-https-sti.json deleted file mode 100644 index b94142135..000000000 --- a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-https-sti.json +++ /dev/null @@ -1,361 +0,0 @@ -{ - "kind": "Template", - "apiVersion": "v1", - "metadata": { - "annotations": { - "iconClass" : "icon-tomcat", - "description": "Application template for JWS applications built using STI." - }, - "name": "jws-tomcat7-basic-sti" - }, - "labels": { - "template": "jws-tomcat7-basic-sti" - }, - "parameters": [ - { - "description": "JWS Release version, e.g. 3.0, 2.1, etc.", - "name": "JWS_RELEASE", - "value": "3.0" - }, - { - "description": "The name for the application.", - "name": "APPLICATION_NAME", - "value": "jws-app" - }, - { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", - "name": "APPLICATION_HOSTNAME", - "value": "" - }, - { - "description": "Git source URI for application", - "name": "GIT_URI" - }, - { - "description": "Git branch/tag reference", - "name": "GIT_REF", - "value": "master" - }, - { - "description": "Path within Git project to build; empty for root project directory.", - "name": "GIT_CONTEXT_DIR", - "value": "" - }, - { - "description": "The name of the secret containing the certificate files", - "name": "JWS_HTTPS_SECRET", - "value": "jws-app-secret" - }, - { - "description": "The name of the certificate file within the secret", - "name": "JWS_HTTPS_CERTIFICATE", - "value": "server.crt" - }, - { - "description": "The name of the certificate key file within the secret", - "name": "JWS_HTTPS_CERTIFICATE_KEY", - "value": "server.key" - }, - { - "description": "The certificate password", - "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", - "value": "" - }, - { - "description": "JWS Admin User", - "name": "JWS_ADMIN_USERNAME", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "JWS Admin Password", - "name": "JWS_ADMIN_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Github trigger secret", - "name": "GITHUB_TRIGGER_SECRET", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Generic build trigger secret", - "name": "GENERIC_TRIGGER_SECRET", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - } - ], - "objects": [ - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 8080, - "targetPort": 8080 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The web server's http port." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 8443, - "targetPort": 8443 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - } - }, - "metadata": { - "name": "secure-${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The web server's https port." - } - } - }, - { - "kind": "Route", - "apiVersion": "v1", - "id": "${APPLICATION_NAME}-http-route", - "metadata": { - "name": "${APPLICATION_NAME}-http-route", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "Route for application's http service." - } - }, - "spec": { - "host": "${APPLICATION_HOSTNAME}", - "to": { - "name": "${APPLICATION_NAME}" - } - } - }, - { - "kind": "Route", - "apiVersion": "v1", - "id": "${APPLICATION_NAME}-https-route", - "metadata": { - "name": "${APPLICATION_NAME}-https-route", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "Route for application's https service." - } - }, - "spec": { - "host": "${APPLICATION_HOSTNAME}", - "to": { - "name": "secure-${APPLICATION_NAME}" - }, - "tls": { - "termination" : "passthrough" - } - } - }, - { - "kind": "ImageStream", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - } - }, - { - "kind": "BuildConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "source": { - "type": "Git", - "git": { - "uri": "${GIT_URI}", - "ref": "${GIT_REF}" - }, - "contextDir":"${GIT_CONTEXT_DIR}" - }, - "strategy": { - "type": "Source", - "sourceStrategy": { - "from": { - "kind": "ImageStreamTag", - "namespace": "openshift", - "name": "jboss-webserver3-tomcat7-openshift:${JWS_RELEASE}" - } - } - }, - "output": { - "to": { - "kind": "ImageStreamTag", - "name": "${APPLICATION_NAME}:latest" - } - }, - "triggers": [ - { - "type": "GitHub", - "github": { - "secret": "${GITHUB_TRIGGER_SECRET}" - } - }, - { - "type": "Generic", - "generic": { - "secret": "${GENERIC_TRIGGER_SECRET}" - } - }, - { - "type": "ImageChange", - "imageChange": {} - } - ] - } - }, - { - "kind": "DeploymentConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "strategy": { - "type": "Recreate" - }, - "triggers": [ - { - "type": "ImageChange", - "imageChangeParams": { - "automatic": true, - "containerNames": [ - "${APPLICATION_NAME}" - ], - "from": { - "kind": "ImageStream", - "name": "${APPLICATION_NAME}" - } - } - } - ], - "replicas": 1, - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - }, - "template": { - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "deploymentConfig": "${APPLICATION_NAME}", - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "serviceAccount": "jws-service-account", - "containers": [ - { - "name": "${APPLICATION_NAME}", - "image": "${APPLICATION_NAME}", - "imagePullPolicy": "Always", - "readinessProbe": { - "exec": { - "command": [ - "/bin/bash", - "-c", - "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'" - ] - } - }, - "volumeMounts": [ - { - "name": "jws-certificate-volume", - "mountPath": "/etc/jws-secret-volume", - "readOnly": true - } - ], - "ports": [ - { - "name": "http", - "containerPort": 8080, - "protocol": "TCP" - }, - { - "name": "https", - "containerPort": 8443, - "protocol": "TCP" - } - ], - "env": [ - { - "name": "JWS_HTTPS_CERTIFICATE_DIR", - "value": "/etc/jws-secret-volume" - }, - { - "name": "JWS_HTTPS_CERTIFICATE", - "value": "${JWS_HTTPS_CERTIFICATE}" - }, - { - "name": "JWS_HTTPS_CERTIFICATE_KEY", - "value": "${JWS_HTTPS_CERTIFICATE_KEY}" - }, - { - "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", - "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}" - }, - { - "name": "JWS_ADMIN_USERNAME", - "value": "${JWS_ADMIN_USERNAME}" - }, - { - "name": "JWS_ADMIN_PASSWORD", - "value": "${JWS_ADMIN_PASSWORD}" - } - ] - } - ], - "volumes": [ - { - "name": "jws-certificate-volume", - "secret": { - "secretName": "${JWS_HTTPS_SECRET}" - } - } - ] - } - } - } - } - ] -} diff --git a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-mongodb-persistent-sti.json b/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-mongodb-persistent-sti.json deleted file mode 100644 index 0c7b7d8e3..000000000 --- a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-mongodb-persistent-sti.json +++ /dev/null @@ -1,599 +0,0 @@ -{ - "kind": "Template", - "apiVersion": "v1", - "metadata": { - "annotations": { - "iconClass" : "icon-tomcat", - "description": "Application template for JWS MongoDB applications with persistent storage built using STI." - }, - "name": "jws-tomcat7-mongodb-persistent-sti" - }, - "labels": { - "template": "jws-tomcat7-mongodb-persistent-sti" - }, - "parameters": [ - { - "description": "JWS Release version, e.g. 3.0, 2.1, etc.", - "name": "JWS_RELEASE", - "value": "3.0" - }, - { - "description": "The name for the application.", - "name": "APPLICATION_NAME", - "value": "jws-app" - }, - { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", - "name": "APPLICATION_HOSTNAME", - "value": "" - }, - { - "description": "Git source URI for application", - "name": "GIT_URI" - }, - { - "description": "Git branch/tag reference", - "name": "GIT_REF", - "value": "master" - }, - { - "description": "Path within Git project to build; empty for root project directory.", - "name": "GIT_CONTEXT_DIR", - "value": "" - }, - { - "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb", - "name": "DB_JNDI", - "value": "" - }, - { - "description": "Database name", - "name": "DB_DATABASE", - "value": "root" - }, - { - "description": "Size of persistent storage for database volume.", - "name": "VOLUME_CAPACITY", - "value": "512Mi" - }, - { - "description": "The name of the secret containing the certificate files", - "name": "JWS_HTTPS_SECRET", - "value": "jws-app-secret" - }, - { - "description": "The name of the certificate file within the secret", - "name": "JWS_HTTPS_CERTIFICATE", - "value": "server.crt" - }, - { - "description": "The name of the certificate key file within the secret", - "name": "JWS_HTTPS_CERTIFICATE_KEY", - "value": "server.key" - }, - { - "description": "The certificate password", - "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", - "value": "" - }, - { - "description": "Sets xa-pool/min-pool-size for the configured datasource.", - "name": "DB_MIN_POOL_SIZE" - }, - { - "description": "Sets xa-pool/max-pool-size for the configured datasource.", - "name": "DB_MAX_POOL_SIZE" - }, - { - "description": "Sets transaction-isolation for the configured datasource.", - "name": "DB_TX_ISOLATION" - }, - { - "description": "Disable data file preallocation.", - "name": "MONGODB_NOPREALLOC" - }, - { - "description": "Set MongoDB to use a smaller default data file size.", - "name": "MONGODB_SMALLFILES" - }, - { - "description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.", - "name": "MONGODB_QUIET" - }, - { - "description": "Database user name", - "name": "DB_USERNAME", - "from": "user[a-zA-Z0-9]{3}", - "generate": "expression" - }, - { - "description": "Database user password", - "name": "DB_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Database admin password", - "name": "DB_ADMIN_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "JWS Admin User", - "name": "JWS_ADMIN_USERNAME", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "JWS Admin Password", - "name": "JWS_ADMIN_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Github trigger secret", - "name": "GITHUB_TRIGGER_SECRET", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Generic build trigger secret", - "name": "GENERIC_TRIGGER_SECRET", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - } - ], - "objects": [ - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 8080, - "targetPort": 8080 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The web server's http port." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 8443, - "targetPort": 8443 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - } - }, - "metadata": { - "name": "secure-${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The web server's https port." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 27017, - "targetPort": 27017 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}-mongodb" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}-mongodb", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The database server's port." - } - } - }, - { - "kind": "Route", - "apiVersion": "v1", - "id": "${APPLICATION_NAME}-http-route", - "metadata": { - "name": "${APPLICATION_NAME}-http-route", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "Route for application's http service." - } - }, - "spec": { - "host": "${APPLICATION_HOSTNAME}", - "to": { - "name": "${APPLICATION_NAME}" - } - } - }, - { - "kind": "Route", - "apiVersion": "v1", - "id": "${APPLICATION_NAME}-https-route", - "metadata": { - "name": "${APPLICATION_NAME}-https-route", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "Route for application's https service." - } - }, - "spec": { - "host": "${APPLICATION_HOSTNAME}", - "to": { - "name": "secure-${APPLICATION_NAME}" - }, - "tls": { - "termination" : "passthrough" - } - } - }, - { - "kind": "ImageStream", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - } - }, - { - "kind": "BuildConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "source": { - "type": "Git", - "git": { - "uri": "${GIT_URI}", - "ref": "${GIT_REF}" - }, - "contextDir":"${GIT_CONTEXT_DIR}" - }, - "strategy": { - "type": "Source", - "sourceStrategy": { - "from": { - "kind": "ImageStreamTag", - "namespace": "openshift", - "name": "jboss-webserver3-tomcat7-openshift:${JWS_RELEASE}" - } - } - }, - "output": { - "to": { - "kind": "ImageStreamTag", - "name": "${APPLICATION_NAME}:latest" - } - }, - "triggers": [ - { - "type": "GitHub", - "github": { - "secret": "${GITHUB_TRIGGER_SECRET}" - } - }, - { - "type": "Generic", - "generic": { - "secret": "${GENERIC_TRIGGER_SECRET}" - } - }, - { - "type": "ImageChange", - "imageChange": {} - } - ] - } - }, - { - "kind": "DeploymentConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "strategy": { - "type": "Recreate" - }, - "triggers": [ - { - "type": "ImageChange", - "imageChangeParams": { - "automatic": true, - "containerNames": [ - "${APPLICATION_NAME}" - ], - "from": { - "kind": "ImageStream", - "name": "${APPLICATION_NAME}" - } - } - } - ], - "replicas": 1, - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - }, - "template": { - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "deploymentConfig": "${APPLICATION_NAME}", - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "serviceAccount": "jws-service-account", - "containers": [ - { - "name": "${APPLICATION_NAME}", - "image": "${APPLICATION_NAME}", - "imagePullPolicy": "Always", - "readinessProbe": { - "exec": { - "command": [ - "/bin/bash", - "-c", - "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'" - ] - } - }, - "volumeMounts": [ - { - "name": "jws-certificate-volume", - "mountPath": "/etc/jws-secret-volume", - "readOnly": true - } - ], - "ports": [ - { - "name": "http", - "containerPort": 8080, - "protocol": "TCP" - }, - { - "name": "https", - "containerPort": 8443, - "protocol": "TCP" - } - ], - "env": [ - { - "name": "DB_SERVICE_PREFIX_MAPPING", - "value": "${APPLICATION_NAME}-mongodb=DB" - }, - { - "name": "DB_JNDI", - "value": "${DB_JNDI}" - }, - { - "name": "DB_USERNAME", - "value": "${DB_USERNAME}" - }, - { - "name": "DB_PASSWORD", - "value": "${DB_PASSWORD}" - }, - { - "name": "DB_DATABASE", - "value": "${DB_DATABASE}" - }, - { - "name": "DB_ADMIN_PASSWORD", - "value": "${DB_ADMIN_PASSWORD}" - }, - { - "name": "DB_MIN_POOL_SIZE", - "value": "${DB_MIN_POOL_SIZE}" - }, - { - "name": "DB_MAX_POOL_SIZE", - "value": "${DB_MAX_POOL_SIZE}" - }, - { - "name": "DB_TX_ISOLATION", - "value": "${DB_TX_ISOLATION}" - }, - { - "name": "JWS_HTTPS_CERTIFICATE_DIR", - "value": "/etc/jws-secret-volume" - }, - { - "name": "JWS_HTTPS_CERTIFICATE", - "value": "${JWS_HTTPS_CERTIFICATE}" - }, - { - "name": "JWS_HTTPS_CERTIFICATE_KEY", - "value": "${JWS_HTTPS_CERTIFICATE_KEY}" - }, - { - "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", - "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}" - }, - { - "name": "JWS_ADMIN_USERNAME", - "value": "${JWS_ADMIN_USERNAME}" - }, - { - "name": "JWS_ADMIN_PASSWORD", - "value": "${JWS_ADMIN_PASSWORD}" - } - ] - } - ], - "volumes": [ - { - "name": "jws-certificate-volume", - "secret": { - "secretName": "${JWS_HTTPS_SECRET}" - } - } - ] - } - } - } - }, - { - "kind": "DeploymentConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}-mongodb", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "strategy": { - "type": "Recreate" - }, - "triggers": [ - { - "type": "ImageChange", - "imageChangeParams": { - "automatic": true, - "containerNames": [ - "${APPLICATION_NAME}-mongodb" - ], - "from": { - "kind": "ImageStreamTag", - "namespace": "openshift", - "name": "mongodb:latest" - } - } - } - ], - "replicas": 1, - "selector": { - "deploymentConfig": "${APPLICATION_NAME}-mongodb" - }, - "template": { - "metadata": { - "name": "${APPLICATION_NAME}-mongodb", - "labels": { - "deploymentConfig": "${APPLICATION_NAME}-mongodb", - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "containers": [ - { - "name": "${APPLICATION_NAME}-mongodb", - "image": "mongodb", - "imagePullPolicy": "Always", - "ports": [ - { - "containerPort": 27017, - "protocol": "TCP" - } - ], - "volumeMounts": [ - { - "mountPath": "/var/lib/mongodb/data", - "name": "${APPLICATION_NAME}-mongodb-pvol" - } - ], - "env": [ - { - "name": "MONGODB_USER", - "value": "${DB_USERNAME}" - }, - { - "name": "MONGODB_PASSWORD", - "value": "${DB_PASSWORD}" - }, - { - "name": "MONGODB_DATABASE", - "value": "${DB_DATABASE}" - }, - { - "name": "MONGODB_ADMIN_PASSWORD", - "value": "${DB_ADMIN_PASSWORD}" - }, - { - "name": "MONGODB_NOPREALLOC", - "value": "${MONGODB_NOPREALLOC}" - }, - { - "name": "MONGODB_SMALLFILES", - "value": "${MONGODB_SMALLFILES}" - }, - { - "name": "MONGODB_QUIET", - "value": "${MONGODB_QUIET}" - } - ] - } - ], - "volumes": [ - { - "name": "${APPLICATION_NAME}-mongodb-pvol", - "persistentVolumeClaim": { - "claimName": "${APPLICATION_NAME}-mongodb-claim" - } - } - ] - } - } - } - }, - { - "apiVersion": "v1", - "kind": "PersistentVolumeClaim", - "metadata": { - "name": "${APPLICATION_NAME}-mongodb-claim", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "accessModes": [ "ReadWriteOnce" ], - "resources": { - "requests": { - "storage": "${VOLUME_CAPACITY}" - } - } - } - } - ] -} diff --git a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-mongodb-sti.json b/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-mongodb-sti.json deleted file mode 100644 index 892f27fe3..000000000 --- a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-mongodb-sti.json +++ /dev/null @@ -1,562 +0,0 @@ -{ - "kind": "Template", - "apiVersion": "v1", - "metadata": { - "annotations": { - "iconClass" : "icon-tomcat", - "description": "Application template for JWS MongoDB applications built using STI." - }, - "name": "jws-tomcat7-mongodb-sti" - }, - "labels": { - "template": "jws-tomcat7-mongodb-sti" - }, - "parameters": [ - { - "description": "JWS Release version, e.g. 3.0, 2.1, etc.", - "name": "JWS_RELEASE", - "value": "3.0" - }, - { - "description": "The name for the application.", - "name": "APPLICATION_NAME", - "value": "jws-app" - }, - { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", - "name": "APPLICATION_HOSTNAME", - "value": "" - }, - { - "description": "Git source URI for application", - "name": "GIT_URI" - }, - { - "description": "Git branch/tag reference", - "name": "GIT_REF", - "value": "master" - }, - { - "description": "Path within Git project to build; empty for root project directory.", - "name": "GIT_CONTEXT_DIR", - "value": "" - }, - { - "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb", - "name": "DB_JNDI", - "value": "" - }, - { - "description": "Database name", - "name": "DB_DATABASE", - "value": "root" - }, - { - "description": "The name of the secret containing the certificate files", - "name": "JWS_HTTPS_SECRET", - "value": "jws-app-secret" - }, - { - "description": "The name of the certificate file within the secret", - "name": "JWS_HTTPS_CERTIFICATE", - "value": "server.crt" - }, - { - "description": "The name of the certificate key file within the secret", - "name": "JWS_HTTPS_CERTIFICATE_KEY", - "value": "server.key" - }, - { - "description": "The certificate password", - "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", - "value": "" - }, - { - "description": "Sets xa-pool/min-pool-size for the configured datasource.", - "name": "DB_MIN_POOL_SIZE" - }, - { - "description": "Sets xa-pool/max-pool-size for the configured datasource.", - "name": "DB_MAX_POOL_SIZE" - }, - { - "description": "Sets transaction-isolation for the configured datasource.", - "name": "DB_TX_ISOLATION" - }, - { - "description": "Disable data file preallocation.", - "name": "MONGODB_NOPREALLOC" - }, - { - "description": "Set MongoDB to use a smaller default data file size.", - "name": "MONGODB_SMALLFILES" - }, - { - "description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.", - "name": "MONGODB_QUIET" - }, - { - "description": "Database user name", - "name": "DB_USERNAME", - "from": "user[a-zA-Z0-9]{3}", - "generate": "expression" - }, - { - "description": "Database user password", - "name": "DB_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Database admin password", - "name": "DB_ADMIN_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "JWS Admin User", - "name": "JWS_ADMIN_USERNAME", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "JWS Admin Password", - "name": "JWS_ADMIN_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Github trigger secret", - "name": "GITHUB_TRIGGER_SECRET", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Generic build trigger secret", - "name": "GENERIC_TRIGGER_SECRET", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - } - ], - "objects": [ - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 8080, - "targetPort": 8080 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The web server's http port." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 8443, - "targetPort": 8443 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - } - }, - "metadata": { - "name": "secure-${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The web server's https port." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 27017, - "targetPort": 27017 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}-mongodb" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}-mongodb", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The database server's port." - } - } - }, - { - "kind": "Route", - "apiVersion": "v1", - "id": "${APPLICATION_NAME}-http-route", - "metadata": { - "name": "${APPLICATION_NAME}-http-route", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "Route for application's http service." - } - }, - "spec": { - "host": "${APPLICATION_HOSTNAME}", - "to": { - "name": "${APPLICATION_NAME}" - } - } - }, - { - "kind": "Route", - "apiVersion": "v1", - "id": "${APPLICATION_NAME}-https-route", - "metadata": { - "name": "${APPLICATION_NAME}-https-route", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "Route for application's https service." - } - }, - "spec": { - "host": "${APPLICATION_HOSTNAME}", - "to": { - "name": "secure-${APPLICATION_NAME}" - }, - "tls": { - "termination" : "passthrough" - } - } - }, - { - "kind": "ImageStream", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - } - }, - { - "kind": "BuildConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "source": { - "type": "Git", - "git": { - "uri": "${GIT_URI}", - "ref": "${GIT_REF}" - }, - "contextDir":"${GIT_CONTEXT_DIR}" - }, - "strategy": { - "type": "Source", - "sourceStrategy": { - "from": { - "kind": "ImageStreamTag", - "namespace": "openshift", - "name": "jboss-webserver3-tomcat7-openshift:${JWS_RELEASE}" - } - } - }, - "output": { - "to": { - "kind": "ImageStreamTag", - "name": "${APPLICATION_NAME}:latest" - } - }, - "triggers": [ - { - "type": "GitHub", - "github": { - "secret": "${GITHUB_TRIGGER_SECRET}" - } - }, - { - "type": "Generic", - "generic": { - "secret": "${GENERIC_TRIGGER_SECRET}" - } - }, - { - "type": "ImageChange", - "imageChange": {} - } - ] - } - }, - { - "kind": "DeploymentConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "strategy": { - "type": "Recreate" - }, - "triggers": [ - { - "type": "ImageChange", - "imageChangeParams": { - "automatic": true, - "containerNames": [ - "${APPLICATION_NAME}" - ], - "from": { - "kind": "ImageStream", - "name": "${APPLICATION_NAME}" - } - } - } - ], - "replicas": 1, - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - }, - "template": { - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "deploymentConfig": "${APPLICATION_NAME}", - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "serviceAccount": "jws-service-account", - "containers": [ - { - "name": "${APPLICATION_NAME}", - "image": "${APPLICATION_NAME}", - "imagePullPolicy": "Always", - "readinessProbe": { - "exec": { - "command": [ - "/bin/bash", - "-c", - "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'" - ] - } - }, - "volumeMounts": [ - { - "name": "jws-certificate-volume", - "mountPath": "/etc/jws-secret-volume", - "readOnly": true - } - ], - "ports": [ - { - "name": "http", - "containerPort": 8080, - "protocol": "TCP" - }, - { - "name": "https", - "containerPort": 8443, - "protocol": "TCP" - } - ], - "env": [ - { - "name": "DB_SERVICE_PREFIX_MAPPING", - "value": "${APPLICATION_NAME}-mongodb=DB" - }, - { - "name": "DB_JNDI", - "value": "${DB_JNDI}" - }, - { - "name": "DB_USERNAME", - "value": "${DB_USERNAME}" - }, - { - "name": "DB_PASSWORD", - "value": "${DB_PASSWORD}" - }, - { - "name": "DB_DATABASE", - "value": "${DB_DATABASE}" - }, - { - "name": "DB_ADMIN_PASSWORD", - "value": "${DB_ADMIN_PASSWORD}" - }, - { - "name": "DB_MIN_POOL_SIZE", - "value": "${DB_MIN_POOL_SIZE}" - }, - { - "name": "DB_MAX_POOL_SIZE", - "value": "${DB_MAX_POOL_SIZE}" - }, - { - "name": "DB_TX_ISOLATION", - "value": "${DB_TX_ISOLATION}" - }, - { - "name": "JWS_HTTPS_CERTIFICATE_DIR", - "value": "/etc/jws-secret-volume" - }, - { - "name": "JWS_HTTPS_CERTIFICATE", - "value": "${JWS_HTTPS_CERTIFICATE}" - }, - { - "name": "JWS_HTTPS_CERTIFICATE_KEY", - "value": "${JWS_HTTPS_CERTIFICATE_KEY}" - }, - { - "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", - "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}" - }, - { - "name": "JWS_ADMIN_USERNAME", - "value": "${JWS_ADMIN_USERNAME}" - }, - { - "name": "JWS_ADMIN_PASSWORD", - "value": "${JWS_ADMIN_PASSWORD}" - } - ] - } - ], - "volumes": [ - { - "name": "jws-certificate-volume", - "secret": { - "secretName": "${JWS_HTTPS_SECRET}" - } - } - ] - } - } - } - }, - { - "kind": "DeploymentConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}-mongodb", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "strategy": { - "type": "Recreate" - }, - "triggers": [ - { - "type": "ImageChange", - "imageChangeParams": { - "automatic": true, - "containerNames": [ - "${APPLICATION_NAME}-mongodb" - ], - "from": { - "kind": "ImageStreamTag", - "namespace": "openshift", - "name": "mongodb:latest" - } - } - } - ], - "replicas": 1, - "selector": { - "deploymentConfig": "${APPLICATION_NAME}-mongodb" - }, - "template": { - "metadata": { - "name": "${APPLICATION_NAME}-mongodb", - "labels": { - "deploymentConfig": "${APPLICATION_NAME}-mongodb", - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "containers": [ - { - "name": "${APPLICATION_NAME}-mongodb", - "image": "mongodb", - "imagePullPolicy": "Always", - "ports": [ - { - "containerPort": 27017, - "protocol": "TCP" - } - ], - "env": [ - { - "name": "MONGODB_USER", - "value": "${DB_USERNAME}" - }, - { - "name": "MONGODB_PASSWORD", - "value": "${DB_PASSWORD}" - }, - { - "name": "MONGODB_DATABASE", - "value": "${DB_DATABASE}" - }, - { - "name": "MONGODB_ADMIN_PASSWORD", - "value": "${DB_ADMIN_PASSWORD}" - }, - { - "name": "MONGODB_NOPREALLOC", - "value": "${MONGODB_NOPREALLOC}" - }, - { - "name": "MONGODB_SMALLFILES", - "value": "${MONGODB_SMALLFILES}" - }, - { - "name": "MONGODB_QUIET", - "value": "${MONGODB_QUIET}" - } - ] - } - ] - } - } - } - } - ] -} diff --git a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-mysql-persistent-sti.json b/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-mysql-persistent-sti.json deleted file mode 100644 index 547449010..000000000 --- a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-mysql-persistent-sti.json +++ /dev/null @@ -1,600 +0,0 @@ -{ - "kind": "Template", - "apiVersion": "v1", - "metadata": { - "annotations": { - "iconClass" : "icon-tomcat", - "description": "Application template for JWS MySQL applications with persistent storage built using STI." - }, - "name": "jws-tomcat7-mysql-persistent-sti" - }, - "labels": { - "template": "jws-tomcat7-mysql-persistent-sti" - }, - "parameters": [ - { - "description": "JWS Release version, e.g. 3.0, 2.1, etc.", - "name": "JWS_RELEASE", - "value": "3.0" - }, - { - "description": "The name for the application.", - "name": "APPLICATION_NAME", - "value": "jws-app" - }, - { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", - "name": "APPLICATION_HOSTNAME", - "value": "" - }, - { - "description": "Git source URI for application", - "name": "GIT_URI" - }, - { - "description": "Git branch/tag reference", - "name": "GIT_REF", - "value": "master" - }, - { - "description": "Path within Git project to build; empty for root project directory.", - "name": "GIT_CONTEXT_DIR", - "value": "" - }, - { - "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb", - "name": "DB_JNDI", - "value": "" - }, - { - "description": "Database name", - "name": "DB_DATABASE", - "value": "root" - }, - { - "description": "Size of persistent storage for database volume.", - "name": "VOLUME_CAPACITY", - "value": "512Mi" - }, - { - "description": "The name of the secret containing the certificate files", - "name": "JWS_HTTPS_SECRET", - "value": "jws-app-secret" - }, - { - "description": "The name of the certificate file within the secret", - "name": "JWS_HTTPS_CERTIFICATE", - "value": "server.crt" - }, - { - "description": "The name of the certificate key file within the secret", - "name": "JWS_HTTPS_CERTIFICATE_KEY", - "value": "server.key" - }, - { - "description": "The certificate password", - "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", - "value": "" - }, - { - "description": "Sets xa-pool/min-pool-size for the configured datasource.", - "name": "DB_MIN_POOL_SIZE" - }, - { - "description": "Sets xa-pool/max-pool-size for the configured datasource.", - "name": "DB_MAX_POOL_SIZE" - }, - { - "description": "Sets transaction-isolation for the configured datasource.", - "name": "DB_TX_ISOLATION" - }, - { - "description": "Sets how the table names are stored and compared.", - "name": "MYSQL_LOWER_CASE_TABLE_NAMES" - }, - { - "description": "The maximum permitted number of simultaneous client connections.", - "name": "MYSQL_MAX_CONNECTIONS" - }, - { - "description": "The minimum length of the word to be included in a FULLTEXT index.", - "name": "MYSQL_FT_MIN_WORD_LEN" - }, - { - "description": "The maximum length of the word to be included in a FULLTEXT index.", - "name": "MYSQL_FT_MAX_WORD_LEN" - }, - { - "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.", - "name": "MYSQL_AIO" - }, - { - "description": "Database user name", - "name": "DB_USERNAME", - "from": "user[a-zA-Z0-9]{3}", - "generate": "expression" - }, - { - "description": "Database user password", - "name": "DB_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "JWS Admin User", - "name": "JWS_ADMIN_USERNAME", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "JWS Admin Password", - "name": "JWS_ADMIN_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Github trigger secret", - "name": "GITHUB_TRIGGER_SECRET", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Generic build trigger secret", - "name": "GENERIC_TRIGGER_SECRET", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - } - ], - "objects": [ - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 8080, - "targetPort": 8080 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The web server's http port." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 8443, - "targetPort": 8443 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - } - }, - "metadata": { - "name": "secure-${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The web server's https port." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 3306, - "targetPort": 3306 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}-mysql" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}-mysql", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The database server's port." - } - } - }, - { - "kind": "Route", - "apiVersion": "v1", - "id": "${APPLICATION_NAME}-http-route", - "metadata": { - "name": "${APPLICATION_NAME}-http-route", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "Route for application's http service." - } - }, - "spec": { - "host": "${APPLICATION_HOSTNAME}", - "to": { - "name": "${APPLICATION_NAME}" - } - } - }, - { - "kind": "Route", - "apiVersion": "v1", - "id": "${APPLICATION_NAME}-https-route", - "metadata": { - "name": "${APPLICATION_NAME}-https-route", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "Route for application's https service." - } - }, - "spec": { - "host": "${APPLICATION_HOSTNAME}", - "to": { - "name": "secure-${APPLICATION_NAME}" - }, - "tls": { - "termination" : "passthrough" - } - } - }, - { - "kind": "ImageStream", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - } - }, - { - "kind": "BuildConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "source": { - "type": "Git", - "git": { - "uri": "${GIT_URI}", - "ref": "${GIT_REF}" - }, - "contextDir":"${GIT_CONTEXT_DIR}" - }, - "strategy": { - "type": "Source", - "sourceStrategy": { - "from": { - "kind": "ImageStreamTag", - "namespace": "openshift", - "name": "jboss-webserver3-tomcat7-openshift:${JWS_RELEASE}" - } - } - }, - "output": { - "to": { - "kind": "ImageStreamTag", - "name": "${APPLICATION_NAME}:latest" - } - }, - "triggers": [ - { - "type": "GitHub", - "github": { - "secret": "${GITHUB_TRIGGER_SECRET}" - } - }, - { - "type": "Generic", - "generic": { - "secret": "${GENERIC_TRIGGER_SECRET}" - } - }, - { - "type": "ImageChange", - "imageChange": {} - } - ] - } - }, - { - "kind": "DeploymentConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "strategy": { - "type": "Recreate" - }, - "triggers": [ - { - "type": "ImageChange", - "imageChangeParams": { - "automatic": true, - "containerNames": [ - "${APPLICATION_NAME}" - ], - "from": { - "kind": "ImageStream", - "name": "${APPLICATION_NAME}" - } - } - } - ], - "replicas": 1, - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - }, - "template": { - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "deploymentConfig": "${APPLICATION_NAME}", - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "serviceAccount": "jws-service-account", - "containers": [ - { - "name": "${APPLICATION_NAME}", - "image": "${APPLICATION_NAME}", - "imagePullPolicy": "Always", - "readinessProbe": { - "exec": { - "command": [ - "/bin/bash", - "-c", - "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'" - ] - } - }, - "volumeMounts": [ - { - "name": "jws-certificate-volume", - "mountPath": "/etc/jws-secret-volume", - "readOnly": true - } - ], - "ports": [ - { - "name": "http", - "containerPort": 8080, - "protocol": "TCP" - }, - { - "name": "https", - "containerPort": 8443, - "protocol": "TCP" - } - ], - "env": [ - { - "name": "DB_SERVICE_PREFIX_MAPPING", - "value": "${APPLICATION_NAME}-mysql=DB" - }, - { - "name": "DB_JNDI", - "value": "${DB_JNDI}" - }, - { - "name": "DB_USERNAME", - "value": "${DB_USERNAME}" - }, - { - "name": "DB_PASSWORD", - "value": "${DB_PASSWORD}" - }, - { - "name": "DB_DATABASE", - "value": "${DB_DATABASE}" - }, - { - "name": "DB_MIN_POOL_SIZE", - "value": "${DB_MIN_POOL_SIZE}" - }, - { - "name": "DB_MAX_POOL_SIZE", - "value": "${DB_MAX_POOL_SIZE}" - }, - { - "name": "DB_TX_ISOLATION", - "value": "${DB_TX_ISOLATION}" - }, - { - "name": "JWS_HTTPS_CERTIFICATE_DIR", - "value": "/etc/jws-secret-volume" - }, - { - "name": "JWS_HTTPS_CERTIFICATE", - "value": "${JWS_HTTPS_CERTIFICATE}" - }, - { - "name": "JWS_HTTPS_CERTIFICATE_KEY", - "value": "${JWS_HTTPS_CERTIFICATE_KEY}" - }, - { - "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", - "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}" - }, - { - "name": "JWS_ADMIN_USERNAME", - "value": "${JWS_ADMIN_USERNAME}" - }, - { - "name": "JWS_ADMIN_PASSWORD", - "value": "${JWS_ADMIN_PASSWORD}" - } - ] - } - ], - "volumes": [ - { - "name": "jws-certificate-volume", - "secret": { - "secretName": "${JWS_HTTPS_SECRET}" - } - } - ] - } - } - } - }, - { - "kind": "DeploymentConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}-mysql", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "strategy": { - "type": "Recreate" - }, - "triggers": [ - { - "type": "ImageChange", - "imageChangeParams": { - "automatic": true, - "containerNames": [ - "${APPLICATION_NAME}-mysql" - ], - "from": { - "kind": "ImageStreamTag", - "namespace": "openshift", - "name": "mysql:latest" - } - } - } - ], - "replicas": 1, - "selector": { - "deploymentConfig": "${APPLICATION_NAME}-mysql" - }, - "template": { - "metadata": { - "name": "${APPLICATION_NAME}-mysql", - "labels": { - "deploymentConfig": "${APPLICATION_NAME}-mysql", - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "containers": [ - { - "name": "${APPLICATION_NAME}-mysql", - "image": "mysql", - "ports": [ - { - "containerPort": 3306, - "protocol": "TCP" - } - ], - "volumeMounts": [ - { - "mountPath": "/var/lib/mysql/data", - "name": "${APPLICATION_NAME}-mysql-pvol" - } - ], - "env": [ - { - "name": "MYSQL_USER", - "value": "${DB_USERNAME}" - }, - { - "name": "MYSQL_PASSWORD", - "value": "${DB_PASSWORD}" - }, - { - "name": "MYSQL_DATABASE", - "value": "${DB_DATABASE}" - }, - { - "name": "MYSQL_LOWER_CASE_TABLE_NAMES", - "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}" - }, - { - "name": "MYSQL_MAX_CONNECTIONS", - "value": "${MYSQL_MAX_CONNECTIONS}" - }, - { - "name": "MYSQL_FT_MIN_WORD_LEN", - "value": "${MYSQL_FT_MIN_WORD_LEN}" - }, - { - "name": "MYSQL_FT_MAX_WORD_LEN", - "value": "${MYSQL_FT_MAX_WORD_LEN}" - }, - { - "name": "MYSQL_AIO", - "value": "${MYSQL_AIO}" - } - ] - } - ], - "volumes": [ - { - "name": "${APPLICATION_NAME}-mysql-pvol", - "persistentVolumeClaim": { - "claimName": "${APPLICATION_NAME}-mysql-claim" - } - } - ] - } - } - } - }, - { - "apiVersion": "v1", - "kind": "PersistentVolumeClaim", - "metadata": { - "name": "${APPLICATION_NAME}-mysql-claim", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "accessModes": [ "ReadWriteOnce" ], - "resources": { - "requests": { - "storage": "${VOLUME_CAPACITY}" - } - } - } - } - ] -} diff --git a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-mysql-sti.json b/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-mysql-sti.json deleted file mode 100644 index 2ae59ec71..000000000 --- a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-mysql-sti.json +++ /dev/null @@ -1,563 +0,0 @@ -{ - "kind": "Template", - "apiVersion": "v1", - "metadata": { - "annotations": { - "iconClass" : "icon-tomcat", - "description": "Application template for JWS MySQL applications built using STI." - }, - "name": "jws-tomcat7-mysql-sti" - }, - "labels": { - "template": "jws-tomcat7-mysql-sti" - }, - "parameters": [ - { - "description": "JWS Release version, e.g. 3.0, 2.1, etc.", - "name": "JWS_RELEASE", - "value": "3.0" - }, - { - "description": "The name for the application.", - "name": "APPLICATION_NAME", - "value": "jws-app" - }, - { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", - "name": "APPLICATION_HOSTNAME", - "value": "" - }, - { - "description": "Git source URI for application", - "name": "GIT_URI" - }, - { - "description": "Git branch/tag reference", - "name": "GIT_REF", - "value": "master" - }, - { - "description": "Path within Git project to build; empty for root project directory.", - "name": "GIT_CONTEXT_DIR", - "value": "" - }, - { - "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb", - "name": "DB_JNDI", - "value": "" - }, - { - "description": "Database name", - "name": "DB_DATABASE", - "value": "root" - }, - { - "description": "The name of the secret containing the certificate files", - "name": "JWS_HTTPS_SECRET", - "value": "jws-app-secret" - }, - { - "description": "The name of the certificate file within the secret", - "name": "JWS_HTTPS_CERTIFICATE", - "value": "server.crt" - }, - { - "description": "The name of the certificate key file within the secret", - "name": "JWS_HTTPS_CERTIFICATE_KEY", - "value": "server.key" - }, - { - "description": "The certificate password", - "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", - "value": "" - }, - { - "description": "Sets xa-pool/min-pool-size for the configured datasource.", - "name": "DB_MIN_POOL_SIZE" - }, - { - "description": "Sets xa-pool/max-pool-size for the configured datasource.", - "name": "DB_MAX_POOL_SIZE" - }, - { - "description": "Sets transaction-isolation for the configured datasource.", - "name": "DB_TX_ISOLATION" - }, - { - "description": "Sets how the table names are stored and compared.", - "name": "MYSQL_LOWER_CASE_TABLE_NAMES" - }, - { - "description": "The maximum permitted number of simultaneous client connections.", - "name": "MYSQL_MAX_CONNECTIONS" - }, - { - "description": "The minimum length of the word to be included in a FULLTEXT index.", - "name": "MYSQL_FT_MIN_WORD_LEN" - }, - { - "description": "The maximum length of the word to be included in a FULLTEXT index.", - "name": "MYSQL_FT_MAX_WORD_LEN" - }, - { - "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.", - "name": "MYSQL_AIO" - }, - { - "description": "Database user name", - "name": "DB_USERNAME", - "from": "user[a-zA-Z0-9]{3}", - "generate": "expression" - }, - { - "description": "Database user password", - "name": "DB_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "JWS Admin User", - "name": "JWS_ADMIN_USERNAME", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "JWS Admin Password", - "name": "JWS_ADMIN_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Github trigger secret", - "name": "GITHUB_TRIGGER_SECRET", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Generic build trigger secret", - "name": "GENERIC_TRIGGER_SECRET", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - } - ], - "objects": [ - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 8080, - "targetPort": 8080 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The web server's http port." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 8443, - "targetPort": 8443 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - } - }, - "metadata": { - "name": "secure-${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The web server's https port." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 3306, - "targetPort": 3306 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}-mysql" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}-mysql", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The database server's port." - } - } - }, - { - "kind": "Route", - "apiVersion": "v1", - "id": "${APPLICATION_NAME}-http-route", - "metadata": { - "name": "${APPLICATION_NAME}-http-route", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "Route for application's http service." - } - }, - "spec": { - "host": "${APPLICATION_HOSTNAME}", - "to": { - "name": "${APPLICATION_NAME}" - } - } - }, - { - "kind": "Route", - "apiVersion": "v1", - "id": "${APPLICATION_NAME}-https-route", - "metadata": { - "name": "${APPLICATION_NAME}-https-route", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "Route for application's https service." - } - }, - "spec": { - "host": "${APPLICATION_HOSTNAME}", - "to": { - "name": "secure-${APPLICATION_NAME}" - }, - "tls": { - "termination" : "passthrough" - } - } - }, - { - "kind": "ImageStream", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - } - }, - { - "kind": "BuildConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "source": { - "type": "Git", - "git": { - "uri": "${GIT_URI}", - "ref": "${GIT_REF}" - }, - "contextDir":"${GIT_CONTEXT_DIR}" - }, - "strategy": { - "type": "Source", - "sourceStrategy": { - "from": { - "kind": "ImageStreamTag", - "namespace": "openshift", - "name": "jboss-webserver3-tomcat7-openshift:${JWS_RELEASE}" - } - } - }, - "output": { - "to": { - "kind": "ImageStreamTag", - "name": "${APPLICATION_NAME}:latest" - } - }, - "triggers": [ - { - "type": "GitHub", - "github": { - "secret": "${GITHUB_TRIGGER_SECRET}" - } - }, - { - "type": "Generic", - "generic": { - "secret": "${GENERIC_TRIGGER_SECRET}" - } - }, - { - "type": "ImageChange", - "imageChange": {} - } - ] - } - }, - { - "kind": "DeploymentConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "strategy": { - "type": "Recreate" - }, - "triggers": [ - { - "type": "ImageChange", - "imageChangeParams": { - "automatic": true, - "containerNames": [ - "${APPLICATION_NAME}" - ], - "from": { - "kind": "ImageStream", - "name": "${APPLICATION_NAME}" - } - } - } - ], - "replicas": 1, - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - }, - "template": { - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "deploymentConfig": "${APPLICATION_NAME}", - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "serviceAccount": "jws-service-account", - "containers": [ - { - "name": "${APPLICATION_NAME}", - "image": "${APPLICATION_NAME}", - "imagePullPolicy": "Always", - "readinessProbe": { - "exec": { - "command": [ - "/bin/bash", - "-c", - "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'" - ] - } - }, - "volumeMounts": [ - { - "name": "jws-certificate-volume", - "mountPath": "/etc/jws-secret-volume", - "readOnly": true - } - ], - "ports": [ - { - "name": "http", - "containerPort": 8080, - "protocol": "TCP" - }, - { - "name": "https", - "containerPort": 8443, - "protocol": "TCP" - } - ], - "env": [ - { - "name": "DB_SERVICE_PREFIX_MAPPING", - "value": "${APPLICATION_NAME}-mysql=DB" - }, - { - "name": "DB_JNDI", - "value": "${DB_JNDI}" - }, - { - "name": "DB_USERNAME", - "value": "${DB_USERNAME}" - }, - { - "name": "DB_PASSWORD", - "value": "${DB_PASSWORD}" - }, - { - "name": "DB_DATABASE", - "value": "${DB_DATABASE}" - }, - { - "name": "DB_MIN_POOL_SIZE", - "value": "${DB_MIN_POOL_SIZE}" - }, - { - "name": "DB_MAX_POOL_SIZE", - "value": "${DB_MAX_POOL_SIZE}" - }, - { - "name": "DB_TX_ISOLATION", - "value": "${DB_TX_ISOLATION}" - }, - { - "name": "JWS_HTTPS_CERTIFICATE_DIR", - "value": "/etc/jws-secret-volume" - }, - { - "name": "JWS_HTTPS_CERTIFICATE", - "value": "${JWS_HTTPS_CERTIFICATE}" - }, - { - "name": "JWS_HTTPS_CERTIFICATE_KEY", - "value": "${JWS_HTTPS_CERTIFICATE_KEY}" - }, - { - "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", - "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}" - }, - { - "name": "JWS_ADMIN_USERNAME", - "value": "${JWS_ADMIN_USERNAME}" - }, - { - "name": "JWS_ADMIN_PASSWORD", - "value": "${JWS_ADMIN_PASSWORD}" - } - ] - } - ], - "volumes": [ - { - "name": "jws-certificate-volume", - "secret": { - "secretName": "${JWS_HTTPS_SECRET}" - } - } - ] - } - } - } - }, - { - "kind": "DeploymentConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}-mysql", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "strategy": { - "type": "Recreate" - }, - "triggers": [ - { - "type": "ImageChange", - "imageChangeParams": { - "automatic": true, - "containerNames": [ - "${APPLICATION_NAME}-mysql" - ], - "from": { - "kind": "ImageStreamTag", - "namespace": "openshift", - "name": "mysql:latest" - } - } - } - ], - "replicas": 1, - "selector": { - "deploymentConfig": "${APPLICATION_NAME}-mysql" - }, - "template": { - "metadata": { - "name": "${APPLICATION_NAME}-mysql", - "labels": { - "deploymentConfig": "${APPLICATION_NAME}-mysql", - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "containers": [ - { - "name": "${APPLICATION_NAME}-mysql", - "image": "mysql", - "ports": [ - { - "containerPort": 3306, - "protocol": "TCP" - } - ], - "env": [ - { - "name": "MYSQL_USER", - "value": "${DB_USERNAME}" - }, - { - "name": "MYSQL_PASSWORD", - "value": "${DB_PASSWORD}" - }, - { - "name": "MYSQL_DATABASE", - "value": "${DB_DATABASE}" - }, - { - "name": "MYSQL_LOWER_CASE_TABLE_NAMES", - "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}" - }, - { - "name": "MYSQL_MAX_CONNECTIONS", - "value": "${MYSQL_MAX_CONNECTIONS}" - }, - { - "name": "MYSQL_FT_MIN_WORD_LEN", - "value": "${MYSQL_FT_MIN_WORD_LEN}" - }, - { - "name": "MYSQL_FT_MAX_WORD_LEN", - "value": "${MYSQL_FT_MAX_WORD_LEN}" - }, - { - "name": "MYSQL_AIO", - "value": "${MYSQL_AIO}" - } - ] - } - ] - } - } - } - } - ] -} diff --git a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-postgresql-persistent-sti.json b/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-postgresql-persistent-sti.json deleted file mode 100644 index b871b48d0..000000000 --- a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-postgresql-persistent-sti.json +++ /dev/null @@ -1,576 +0,0 @@ -{ - "kind": "Template", - "apiVersion": "v1", - "metadata": { - "annotations": { - "iconClass" : "icon-tomcat", - "description": "Application template for JWS PostgreSQL applications with persistent storage built using STI." - }, - "name": "jws-tomcat7-postgresql-persistent-sti" - }, - "labels": { - "template": "jws-tomcat7-postgresql-persistent-sti" - }, - "parameters": [ - { - "description": "JWS Release version, e.g. 3.0, 2.1, etc.", - "name": "JWS_RELEASE", - "value": "3.0" - }, - { - "description": "The name for the application.", - "name": "APPLICATION_NAME", - "value": "jws-app" - }, - { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", - "name": "APPLICATION_HOSTNAME", - "value": "" - }, - { - "description": "Git source URI for application", - "name": "GIT_URI" - }, - { - "description": "Git branch/tag reference", - "name": "GIT_REF", - "value": "master" - }, - { - "description": "Path within Git project to build; empty for root project directory.", - "name": "GIT_CONTEXT_DIR", - "value": "" - }, - { - "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb", - "name": "DB_JNDI", - "value": "" - }, - { - "description": "Database name", - "name": "DB_DATABASE", - "value": "root" - }, - { - "description": "Size of persistent storage for database volume.", - "name": "VOLUME_CAPACITY", - "value": "512Mi" - }, - { - "description": "The name of the secret containing the certificate files", - "name": "JWS_HTTPS_SECRET", - "value": "jws-app-secret" - }, - { - "description": "The name of the certificate file within the secret", - "name": "JWS_HTTPS_CERTIFICATE", - "value": "server.crt" - }, - { - "description": "The name of the certificate key file within the secret", - "name": "JWS_HTTPS_CERTIFICATE_KEY", - "value": "server.key" - }, - { - "description": "The certificate password", - "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", - "value": "" - }, - { - "description": "Sets xa-pool/min-pool-size for the configured datasource.", - "name": "DB_MIN_POOL_SIZE" - }, - { - "description": "Sets xa-pool/max-pool-size for the configured datasource.", - "name": "DB_MAX_POOL_SIZE" - }, - { - "description": "Sets transaction-isolation for the configured datasource.", - "name": "DB_TX_ISOLATION" - }, - { - "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.", - "name": "POSTGRESQL_MAX_CONNECTIONS" - }, - { - "description": "Configures how much memory is dedicated to PostgreSQL for caching data.", - "name": "POSTGRESQL_SHARED_BUFFERS" - }, - { - "description": "Database user name", - "name": "DB_USERNAME", - "from": "user[a-zA-Z0-9]{3}", - "generate": "expression" - }, - { - "description": "Database user password", - "name": "DB_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "JWS Admin User", - "name": "JWS_ADMIN_USERNAME", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "JWS Admin Password", - "name": "JWS_ADMIN_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Github trigger secret", - "name": "GITHUB_TRIGGER_SECRET", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Generic build trigger secret", - "name": "GENERIC_TRIGGER_SECRET", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - } - ], - "objects": [ - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 8080, - "targetPort": 8080 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The web server's http port." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 8443, - "targetPort": 8443 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - } - }, - "metadata": { - "name": "secure-${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The web server's https port." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 5432, - "targetPort": 5432 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}-postgresql" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}-postgresql", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The database server's port." - } - } - }, - { - "kind": "Route", - "apiVersion": "v1", - "id": "${APPLICATION_NAME}-http-route", - "metadata": { - "name": "${APPLICATION_NAME}-http-route", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "Route for application's http service." - } - }, - "spec": { - "host": "${APPLICATION_HOSTNAME}", - "to": { - "name": "${APPLICATION_NAME}" - } - } - }, - { - "kind": "Route", - "apiVersion": "v1", - "id": "${APPLICATION_NAME}-https-route", - "metadata": { - "name": "${APPLICATION_NAME}-https-route", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "Route for application's https service." - } - }, - "spec": { - "host": "${APPLICATION_HOSTNAME}", - "to": { - "name": "secure-${APPLICATION_NAME}" - }, - "tls": { - "termination" : "passthrough" - } - } - }, - { - "kind": "ImageStream", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - } - }, - { - "kind": "BuildConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "source": { - "type": "Git", - "git": { - "uri": "${GIT_URI}", - "ref": "${GIT_REF}" - }, - "contextDir":"${GIT_CONTEXT_DIR}" - }, - "strategy": { - "type": "Source", - "sourceStrategy": { - "from": { - "kind": "ImageStreamTag", - "namespace": "openshift", - "name": "jboss-webserver3-tomcat7-openshift:${JWS_RELEASE}" - } - } - }, - "output": { - "to": { - "kind": "ImageStreamTag", - "name": "${APPLICATION_NAME}:latest" - } - }, - "triggers": [ - { - "type": "GitHub", - "github": { - "secret": "${GITHUB_TRIGGER_SECRET}" - } - }, - { - "type": "Generic", - "generic": { - "secret": "${GENERIC_TRIGGER_SECRET}" - } - }, - { - "type": "ImageChange", - "imageChange": {} - } - ] - } - }, - { - "kind": "DeploymentConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "strategy": { - "type": "Recreate" - }, - "triggers": [ - { - "type": "ImageChange", - "imageChangeParams": { - "automatic": true, - "containerNames": [ - "${APPLICATION_NAME}" - ], - "from": { - "kind": "ImageStream", - "name": "${APPLICATION_NAME}" - } - } - } - ], - "replicas": 1, - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - }, - "template": { - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "deploymentConfig": "${APPLICATION_NAME}", - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "serviceAccount": "jws-service-account", - "containers": [ - { - "name": "${APPLICATION_NAME}", - "image": "${APPLICATION_NAME}", - "imagePullPolicy": "Always", - "readinessProbe": { - "exec": { - "command": [ - "/bin/bash", - "-c", - "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'" - ] - } - }, - "volumeMounts": [ - { - "name": "jws-certificate-volume", - "mountPath": "/etc/jws-secret-volume", - "readOnly": true - } - ], - "ports": [ - { - "name": "http", - "containerPort": 8080, - "protocol": "TCP" - }, - { - "name": "https", - "containerPort": 8443, - "protocol": "TCP" - } - ], - "env": [ - { - "name": "DB_SERVICE_PREFIX_MAPPING", - "value": "${APPLICATION_NAME}-postgresql=DB" - }, - { - "name": "DB_JNDI", - "value": "${DB_JNDI}" - }, - { - "name": "DB_USERNAME", - "value": "${DB_USERNAME}" - }, - { - "name": "DB_PASSWORD", - "value": "${DB_PASSWORD}" - }, - { - "name": "DB_DATABASE", - "value": "${DB_DATABASE}" - }, - { - "name": "DB_MIN_POOL_SIZE", - "value": "${DB_MIN_POOL_SIZE}" - }, - { - "name": "DB_MAX_POOL_SIZE", - "value": "${DB_MAX_POOL_SIZE}" - }, - { - "name": "DB_TX_ISOLATION", - "value": "${DB_TX_ISOLATION}" - }, - { - "name": "JWS_HTTPS_CERTIFICATE_DIR", - "value": "/etc/jws-secret-volume" - }, - { - "name": "JWS_HTTPS_CERTIFICATE", - "value": "${JWS_HTTPS_CERTIFICATE}" - }, - { - "name": "JWS_HTTPS_CERTIFICATE_KEY", - "value": "${JWS_HTTPS_CERTIFICATE_KEY}" - }, - { - "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", - "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}" - }, - { - "name": "JWS_ADMIN_USERNAME", - "value": "${JWS_ADMIN_USERNAME}" - }, - { - "name": "JWS_ADMIN_PASSWORD", - "value": "${JWS_ADMIN_PASSWORD}" - } - ] - } - ], - "volumes": [ - { - "name": "jws-certificate-volume", - "secret": { - "secretName": "${JWS_HTTPS_SECRET}" - } - } - ] - } - } - } - }, - { - "kind": "DeploymentConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}-postgresql", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "strategy": { - "type": "Recreate" - }, - "triggers": [ - { - "type": "ImageChange", - "imageChangeParams": { - "automatic": true, - "containerNames": [ - "${APPLICATION_NAME}-postgresql" - ], - "from": { - "kind": "ImageStreamTag", - "namespace": "openshift", - "name": "postgresql:latest" - } - } - } - ], - "replicas": 1, - "selector": { - "deploymentConfig": "${APPLICATION_NAME}-postgresql" - }, - "template": { - "metadata": { - "name": "${APPLICATION_NAME}-postgresql", - "labels": { - "deploymentConfig": "${APPLICATION_NAME}-postgresql", - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "containers": [ - { - "name": "${APPLICATION_NAME}-postgresql", - "image": "postgresql", - "ports": [ - { - "containerPort": 5432, - "protocol": "TCP" - } - ], - "volumeMounts": [ - { - "mountPath": "/var/lib/pgsql/data", - "name": "${APPLICATION_NAME}-postgresql-pvol" - } - ], - "env": [ - { - "name": "POSTGRESQL_USER", - "value": "${DB_USERNAME}" - }, - { - "name": "POSTGRESQL_PASSWORD", - "value": "${DB_PASSWORD}" - }, - { - "name": "POSTGRESQL_DATABASE", - "value": "${DB_DATABASE}" - }, - { - "name": "POSTGRESQL_MAX_CONNECTIONS", - "value": "${POSTGRESQL_MAX_CONNECTIONS}" - }, - { - "name": "POSTGRESQL_SHARED_BUFFERS", - "value": "${POSTGRESQL_SHARED_BUFFERS}" - } - ] - } - ], - "volumes": [ - { - "name": "${APPLICATION_NAME}-postgresql-pvol", - "persistentVolumeClaim": { - "claimName": "${APPLICATION_NAME}-postgresql-claim" - } - } - ] - } - } - } - }, - { - "apiVersion": "v1", - "kind": "PersistentVolumeClaim", - "metadata": { - "name": "${APPLICATION_NAME}-postgresql-claim", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "accessModes": [ "ReadWriteOnce" ], - "resources": { - "requests": { - "storage": "${VOLUME_CAPACITY}" - } - } - } - } - ] -} diff --git a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-postgresql-sti.json b/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-postgresql-sti.json deleted file mode 100644 index 384ff1b8f..000000000 --- a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat7-postgresql-sti.json +++ /dev/null @@ -1,539 +0,0 @@ -{ - "kind": "Template", - "apiVersion": "v1", - "metadata": { - "annotations": { - "iconClass" : "icon-tomcat", - "description": "Application template for JWS PostgreSQL applications built using STI." - }, - "name": "jws-tomcat7-postgresql-sti" - }, - "labels": { - "template": "jws-tomcat7-postgresql-sti" - }, - "parameters": [ - { - "description": "JWS Release version, e.g. 3.0, 2.1, etc.", - "name": "JWS_RELEASE", - "value": "3.0" - }, - { - "description": "The name for the application.", - "name": "APPLICATION_NAME", - "value": "jws-app" - }, - { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", - "name": "APPLICATION_HOSTNAME", - "value": "" - }, - { - "description": "Git source URI for application", - "name": "GIT_URI" - }, - { - "description": "Git branch/tag reference", - "name": "GIT_REF", - "value": "master" - }, - { - "description": "Path within Git project to build; empty for root project directory.", - "name": "GIT_CONTEXT_DIR", - "value": "" - }, - { - "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb", - "name": "DB_JNDI", - "value": "" - }, - { - "description": "Database name", - "name": "DB_DATABASE", - "value": "root" - }, - { - "description": "The name of the secret containing the certificate files", - "name": "JWS_HTTPS_SECRET", - "value": "jws-app-secret" - }, - { - "description": "The name of the certificate file within the secret", - "name": "JWS_HTTPS_CERTIFICATE", - "value": "server.crt" - }, - { - "description": "The name of the certificate key file within the secret", - "name": "JWS_HTTPS_CERTIFICATE_KEY", - "value": "server.key" - }, - { - "description": "The certificate password", - "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", - "value": "" - }, - { - "description": "Sets xa-pool/min-pool-size for the configured datasource.", - "name": "DB_MIN_POOL_SIZE" - }, - { - "description": "Sets xa-pool/max-pool-size for the configured datasource.", - "name": "DB_MAX_POOL_SIZE" - }, - { - "description": "Sets transaction-isolation for the configured datasource.", - "name": "DB_TX_ISOLATION" - }, - { - "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.", - "name": "POSTGRESQL_MAX_CONNECTIONS" - }, - { - "description": "Configures how much memory is dedicated to PostgreSQL for caching data.", - "name": "POSTGRESQL_SHARED_BUFFERS" - }, - { - "description": "Database user name", - "name": "DB_USERNAME", - "from": "user[a-zA-Z0-9]{3}", - "generate": "expression" - }, - { - "description": "Database user password", - "name": "DB_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "JWS Admin User", - "name": "JWS_ADMIN_USERNAME", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "JWS Admin Password", - "name": "JWS_ADMIN_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Github trigger secret", - "name": "GITHUB_TRIGGER_SECRET", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Generic build trigger secret", - "name": "GENERIC_TRIGGER_SECRET", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - } - ], - "objects": [ - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 8080, - "targetPort": 8080 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The web server's http port." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 8443, - "targetPort": 8443 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - } - }, - "metadata": { - "name": "secure-${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The web server's https port." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 5432, - "targetPort": 5432 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}-postgresql" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}-postgresql", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The database server's port." - } - } - }, - { - "kind": "Route", - "apiVersion": "v1", - "id": "${APPLICATION_NAME}-http-route", - "metadata": { - "name": "${APPLICATION_NAME}-http-route", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "Route for application's http service." - } - }, - "spec": { - "host": "${APPLICATION_HOSTNAME}", - "to": { - "name": "${APPLICATION_NAME}" - } - } - }, - { - "kind": "Route", - "apiVersion": "v1", - "id": "${APPLICATION_NAME}-https-route", - "metadata": { - "name": "${APPLICATION_NAME}-https-route", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "Route for application's https service." - } - }, - "spec": { - "host": "${APPLICATION_HOSTNAME}", - "to": { - "name": "secure-${APPLICATION_NAME}" - }, - "tls": { - "termination" : "passthrough" - } - } - }, - { - "kind": "ImageStream", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - } - }, - { - "kind": "BuildConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "source": { - "type": "Git", - "git": { - "uri": "${GIT_URI}", - "ref": "${GIT_REF}" - }, - "contextDir":"${GIT_CONTEXT_DIR}" - }, - "strategy": { - "type": "Source", - "sourceStrategy": { - "from": { - "kind": "ImageStreamTag", - "namespace": "openshift", - "name": "jboss-webserver3-tomcat7-openshift:${JWS_RELEASE}" - } - } - }, - "output": { - "to": { - "kind": "ImageStreamTag", - "name": "${APPLICATION_NAME}:latest" - } - }, - "triggers": [ - { - "type": "GitHub", - "github": { - "secret": "${GITHUB_TRIGGER_SECRET}" - } - }, - { - "type": "Generic", - "generic": { - "secret": "${GENERIC_TRIGGER_SECRET}" - } - }, - { - "type": "ImageChange", - "imageChange": {} - } - ] - } - }, - { - "kind": "DeploymentConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "strategy": { - "type": "Recreate" - }, - "triggers": [ - { - "type": "ImageChange", - "imageChangeParams": { - "automatic": true, - "containerNames": [ - "${APPLICATION_NAME}" - ], - "from": { - "kind": "ImageStream", - "name": "${APPLICATION_NAME}" - } - } - } - ], - "replicas": 1, - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - }, - "template": { - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "deploymentConfig": "${APPLICATION_NAME}", - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "serviceAccount": "jws-service-account", - "containers": [ - { - "name": "${APPLICATION_NAME}", - "image": "${APPLICATION_NAME}", - "imagePullPolicy": "Always", - "readinessProbe": { - "exec": { - "command": [ - "/bin/bash", - "-c", - "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'" - ] - } - }, - "volumeMounts": [ - { - "name": "jws-certificate-volume", - "mountPath": "/etc/jws-secret-volume", - "readOnly": true - } - ], - "ports": [ - { - "name": "http", - "containerPort": 8080, - "protocol": "TCP" - }, - { - "name": "https", - "containerPort": 8443, - "protocol": "TCP" - } - ], - "env": [ - { - "name": "DB_SERVICE_PREFIX_MAPPING", - "value": "${APPLICATION_NAME}-postgresql=DB" - }, - { - "name": "DB_JNDI", - "value": "${DB_JNDI}" - }, - { - "name": "DB_USERNAME", - "value": "${DB_USERNAME}" - }, - { - "name": "DB_PASSWORD", - "value": "${DB_PASSWORD}" - }, - { - "name": "DB_DATABASE", - "value": "${DB_DATABASE}" - }, - { - "name": "DB_MIN_POOL_SIZE", - "value": "${DB_MIN_POOL_SIZE}" - }, - { - "name": "DB_MAX_POOL_SIZE", - "value": "${DB_MAX_POOL_SIZE}" - }, - { - "name": "DB_TX_ISOLATION", - "value": "${DB_TX_ISOLATION}" - }, - { - "name": "JWS_HTTPS_CERTIFICATE_DIR", - "value": "/etc/jws-secret-volume" - }, - { - "name": "JWS_HTTPS_CERTIFICATE", - "value": "${JWS_HTTPS_CERTIFICATE}" - }, - { - "name": "JWS_HTTPS_CERTIFICATE_KEY", - "value": "${JWS_HTTPS_CERTIFICATE_KEY}" - }, - { - "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", - "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}" - }, - { - "name": "JWS_ADMIN_USERNAME", - "value": "${JWS_ADMIN_USERNAME}" - }, - { - "name": "JWS_ADMIN_PASSWORD", - "value": "${JWS_ADMIN_PASSWORD}" - } - ] - } - ], - "volumes": [ - { - "name": "jws-certificate-volume", - "secret": { - "secretName": "${JWS_HTTPS_SECRET}" - } - } - ] - } - } - } - }, - { - "kind": "DeploymentConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}-postgresql", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "strategy": { - "type": "Recreate" - }, - "triggers": [ - { - "type": "ImageChange", - "imageChangeParams": { - "automatic": true, - "containerNames": [ - "${APPLICATION_NAME}-postgresql" - ], - "from": { - "kind": "ImageStreamTag", - "namespace": "openshift", - "name": "postgresql:latest" - } - } - } - ], - "replicas": 1, - "selector": { - "deploymentConfig": "${APPLICATION_NAME}-postgresql" - }, - "template": { - "metadata": { - "name": "${APPLICATION_NAME}-postgresql", - "labels": { - "deploymentConfig": "${APPLICATION_NAME}-postgresql", - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "containers": [ - { - "name": "${APPLICATION_NAME}-postgresql", - "image": "postgresql", - "ports": [ - { - "containerPort": 5432, - "protocol": "TCP" - } - ], - "env": [ - { - "name": "POSTGRESQL_USER", - "value": "${DB_USERNAME}" - }, - { - "name": "POSTGRESQL_PASSWORD", - "value": "${DB_PASSWORD}" - }, - { - "name": "POSTGRESQL_DATABASE", - "value": "${DB_DATABASE}" - }, - { - "name": "POSTGRESQL_MAX_CONNECTIONS", - "value": "${POSTGRESQL_MAX_CONNECTIONS}" - }, - { - "name": "POSTGRESQL_SHARED_BUFFERS", - "value": "${POSTGRESQL_SHARED_BUFFERS}" - } - ] - } - ] - } - } - } - } - ] -} diff --git a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-basic-sti.json b/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-basic-sti.json deleted file mode 100644 index 3c7812b69..000000000 --- a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-basic-sti.json +++ /dev/null @@ -1,257 +0,0 @@ -{ - "kind": "Template", - "apiVersion": "v1", - "metadata": { - "annotations": { - "iconClass" : "icon-tomcat", - "description": "Application template for JWS applications built using STI." - }, - "name": "jws-tomcat8-basic-sti" - }, - "labels": { - "template": "jws-tomcat8-basic-sti" - }, - "parameters": [ - { - "description": "JWS Release version, e.g. 3.0, 2.1, etc.", - "name": "JWS_RELEASE", - "value": "3.0" - }, - { - "description": "The name for the application.", - "name": "APPLICATION_NAME", - "value": "jws-app" - }, - { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", - "name": "APPLICATION_HOSTNAME", - "value": "" - }, - { - "description": "Git source URI for application", - "name": "GIT_URI" - }, - { - "description": "Git branch/tag reference", - "name": "GIT_REF", - "value": "master" - }, - { - "description": "Path within Git project to build; empty for root project directory.", - "name": "GIT_CONTEXT_DIR", - "value": "" - }, - { - "description": "JWS Admin User", - "name": "JWS_ADMIN_USERNAME", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "JWS Admin Password", - "name": "JWS_ADMIN_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Github trigger secret", - "name": "GITHUB_TRIGGER_SECRET", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Generic build trigger secret", - "name": "GENERIC_TRIGGER_SECRET", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - } - ], - "objects": [ - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 8080, - "targetPort": 8080 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The web server's http port." - } - } - }, - { - "kind": "Route", - "apiVersion": "v1", - "id": "${APPLICATION_NAME}-http-route", - "metadata": { - "name": "${APPLICATION_NAME}-http-route", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "Route for application's http service." - } - }, - "spec": { - "host": "${APPLICATION_HOSTNAME}", - "to": { - "name": "${APPLICATION_NAME}" - } - } - }, - { - "kind": "ImageStream", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - } - }, - { - "kind": "BuildConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "source": { - "type": "Git", - "git": { - "uri": "${GIT_URI}", - "ref": "${GIT_REF}" - }, - "contextDir":"${GIT_CONTEXT_DIR}" - }, - "strategy": { - "type": "Source", - "sourceStrategy": { - "from": { - "kind": "ImageStreamTag", - "namespace": "openshift", - "name": "jboss-webserver3-tomcat8-openshift:${JWS_RELEASE}" - } - } - }, - "output": { - "to": { - "kind": "ImageStreamTag", - "name": "${APPLICATION_NAME}:latest" - } - }, - "triggers": [ - { - "type": "GitHub", - "github": { - "secret": "${GITHUB_TRIGGER_SECRET}" - } - }, - { - "type": "Generic", - "generic": { - "secret": "${GENERIC_TRIGGER_SECRET}" - } - }, - { - "type": "ImageChange", - "imageChange": {} - } - ] - } - }, - { - "kind": "DeploymentConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "strategy": { - "type": "Recreate" - }, - "triggers": [ - { - "type": "ImageChange", - "imageChangeParams": { - "automatic": true, - "containerNames": [ - "${APPLICATION_NAME}" - ], - "from": { - "kind": "ImageStream", - "name": "${APPLICATION_NAME}" - } - } - } - ], - "replicas": 1, - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - }, - "template": { - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "deploymentConfig": "${APPLICATION_NAME}", - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "containers": [ - { - "name": "${APPLICATION_NAME}", - "image": "${APPLICATION_NAME}", - "imagePullPolicy": "Always", - "readinessProbe": { - "exec": { - "command": [ - "/bin/bash", - "-c", - "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'" - ] - } - }, - "ports": [ - { - "name": "http", - "containerPort": 8080, - "protocol": "TCP" - } - ], - "env": [ - { - "name": "JWS_ADMIN_USERNAME", - "value": "${JWS_ADMIN_USERNAME}" - }, - { - "name": "JWS_ADMIN_PASSWORD", - "value": "${JWS_ADMIN_PASSWORD}" - } - ] - } - ] - } - } - } - } - ] -} diff --git a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-https-sti.json b/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-https-sti.json deleted file mode 100644 index d725e0606..000000000 --- a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-https-sti.json +++ /dev/null @@ -1,361 +0,0 @@ -{ - "kind": "Template", - "apiVersion": "v1", - "metadata": { - "annotations": { - "iconClass" : "icon-tomcat", - "description": "Application template for JWS applications built using STI." - }, - "name": "jws-tomcat8-basic-sti" - }, - "labels": { - "template": "jws-tomcat8-basic-sti" - }, - "parameters": [ - { - "description": "JWS Release version, e.g. 3.0, 2.1, etc.", - "name": "JWS_RELEASE", - "value": "3.0" - }, - { - "description": "The name for the application.", - "name": "APPLICATION_NAME", - "value": "jws-app" - }, - { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", - "name": "APPLICATION_HOSTNAME", - "value": "" - }, - { - "description": "Git source URI for application", - "name": "GIT_URI" - }, - { - "description": "Git branch/tag reference", - "name": "GIT_REF", - "value": "master" - }, - { - "description": "Path within Git project to build; empty for root project directory.", - "name": "GIT_CONTEXT_DIR", - "value": "" - }, - { - "description": "The name of the secret containing the certificate files", - "name": "JWS_HTTPS_SECRET", - "value": "jws-app-secret" - }, - { - "description": "The name of the certificate file within the secret", - "name": "JWS_HTTPS_CERTIFICATE", - "value": "server.crt" - }, - { - "description": "The name of the certificate key file within the secret", - "name": "JWS_HTTPS_CERTIFICATE_KEY", - "value": "server.key" - }, - { - "description": "The certificate password", - "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", - "value": "" - }, - { - "description": "JWS Admin User", - "name": "JWS_ADMIN_USERNAME", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "JWS Admin Password", - "name": "JWS_ADMIN_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Github trigger secret", - "name": "GITHUB_TRIGGER_SECRET", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Generic build trigger secret", - "name": "GENERIC_TRIGGER_SECRET", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - } - ], - "objects": [ - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 8080, - "targetPort": 8080 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The web server's http port." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 8443, - "targetPort": 8443 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - } - }, - "metadata": { - "name": "secure-${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The web server's https port." - } - } - }, - { - "kind": "Route", - "apiVersion": "v1", - "id": "${APPLICATION_NAME}-http-route", - "metadata": { - "name": "${APPLICATION_NAME}-http-route", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "Route for application's http service." - } - }, - "spec": { - "host": "${APPLICATION_HOSTNAME}", - "to": { - "name": "${APPLICATION_NAME}" - } - } - }, - { - "kind": "Route", - "apiVersion": "v1", - "id": "${APPLICATION_NAME}-https-route", - "metadata": { - "name": "${APPLICATION_NAME}-https-route", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "Route for application's https service." - } - }, - "spec": { - "host": "${APPLICATION_HOSTNAME}", - "to": { - "name": "secure-${APPLICATION_NAME}" - }, - "tls": { - "termination" : "passthrough" - } - } - }, - { - "kind": "ImageStream", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - } - }, - { - "kind": "BuildConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "source": { - "type": "Git", - "git": { - "uri": "${GIT_URI}", - "ref": "${GIT_REF}" - }, - "contextDir":"${GIT_CONTEXT_DIR}" - }, - "strategy": { - "type": "Source", - "sourceStrategy": { - "from": { - "kind": "ImageStreamTag", - "namespace": "openshift", - "name": "jboss-webserver3-tomcat8-openshift:${JWS_RELEASE}" - } - } - }, - "output": { - "to": { - "kind": "ImageStreamTag", - "name": "${APPLICATION_NAME}:latest" - } - }, - "triggers": [ - { - "type": "GitHub", - "github": { - "secret": "${GITHUB_TRIGGER_SECRET}" - } - }, - { - "type": "Generic", - "generic": { - "secret": "${GENERIC_TRIGGER_SECRET}" - } - }, - { - "type": "ImageChange", - "imageChange": {} - } - ] - } - }, - { - "kind": "DeploymentConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "strategy": { - "type": "Recreate" - }, - "triggers": [ - { - "type": "ImageChange", - "imageChangeParams": { - "automatic": true, - "containerNames": [ - "${APPLICATION_NAME}" - ], - "from": { - "kind": "ImageStream", - "name": "${APPLICATION_NAME}" - } - } - } - ], - "replicas": 1, - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - }, - "template": { - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "deploymentConfig": "${APPLICATION_NAME}", - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "serviceAccount": "jws-service-account", - "containers": [ - { - "name": "${APPLICATION_NAME}", - "image": "${APPLICATION_NAME}", - "imagePullPolicy": "Always", - "readinessProbe": { - "exec": { - "command": [ - "/bin/bash", - "-c", - "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'" - ] - } - }, - "volumeMounts": [ - { - "name": "jws-certificate-volume", - "mountPath": "/etc/jws-secret-volume", - "readOnly": true - } - ], - "ports": [ - { - "name": "http", - "containerPort": 8080, - "protocol": "TCP" - }, - { - "name": "https", - "containerPort": 8443, - "protocol": "TCP" - } - ], - "env": [ - { - "name": "JWS_HTTPS_CERTIFICATE_DIR", - "value": "/etc/jws-secret-volume" - }, - { - "name": "JWS_HTTPS_CERTIFICATE", - "value": "${JWS_HTTPS_CERTIFICATE}" - }, - { - "name": "JWS_HTTPS_CERTIFICATE_KEY", - "value": "${JWS_HTTPS_CERTIFICATE_KEY}" - }, - { - "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", - "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}" - }, - { - "name": "JWS_ADMIN_USERNAME", - "value": "${JWS_ADMIN_USERNAME}" - }, - { - "name": "JWS_ADMIN_PASSWORD", - "value": "${JWS_ADMIN_PASSWORD}" - } - ] - } - ], - "volumes": [ - { - "name": "jws-certificate-volume", - "secret": { - "secretName": "${JWS_HTTPS_SECRET}" - } - } - ] - } - } - } - } - ] -} diff --git a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-mongodb-persistent-sti.json b/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-mongodb-persistent-sti.json deleted file mode 100644 index cf35d0024..000000000 --- a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-mongodb-persistent-sti.json +++ /dev/null @@ -1,599 +0,0 @@ -{ - "kind": "Template", - "apiVersion": "v1", - "metadata": { - "annotations": { - "iconClass" : "icon-tomcat", - "description": "Application template for JWS MongoDB applications with persistent storage built using STI." - }, - "name": "jws-tomcat8-mongodb-persistent-sti" - }, - "labels": { - "template": "jws-tomcat8-mongodb-persistent-sti" - }, - "parameters": [ - { - "description": "JWS Release version, e.g. 3.0, 2.1, etc.", - "name": "JWS_RELEASE", - "value": "3.0" - }, - { - "description": "The name for the application.", - "name": "APPLICATION_NAME", - "value": "jws-app" - }, - { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", - "name": "APPLICATION_HOSTNAME", - "value": "" - }, - { - "description": "Git source URI for application", - "name": "GIT_URI" - }, - { - "description": "Git branch/tag reference", - "name": "GIT_REF", - "value": "master" - }, - { - "description": "Path within Git project to build; empty for root project directory.", - "name": "GIT_CONTEXT_DIR", - "value": "" - }, - { - "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb", - "name": "DB_JNDI", - "value": "" - }, - { - "description": "Database name", - "name": "DB_DATABASE", - "value": "root" - }, - { - "description": "Size of persistent storage for database volume.", - "name": "VOLUME_CAPACITY", - "value": "512Mi" - }, - { - "description": "The name of the secret containing the certificate files", - "name": "JWS_HTTPS_SECRET", - "value": "jws-app-secret" - }, - { - "description": "The name of the certificate file within the secret", - "name": "JWS_HTTPS_CERTIFICATE", - "value": "server.crt" - }, - { - "description": "The name of the certificate key file within the secret", - "name": "JWS_HTTPS_CERTIFICATE_KEY", - "value": "server.key" - }, - { - "description": "The certificate password", - "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", - "value": "" - }, - { - "description": "Sets xa-pool/min-pool-size for the configured datasource.", - "name": "DB_MIN_POOL_SIZE" - }, - { - "description": "Sets xa-pool/max-pool-size for the configured datasource.", - "name": "DB_MAX_POOL_SIZE" - }, - { - "description": "Sets transaction-isolation for the configured datasource.", - "name": "DB_TX_ISOLATION" - }, - { - "description": "Disable data file preallocation.", - "name": "MONGODB_NOPREALLOC" - }, - { - "description": "Set MongoDB to use a smaller default data file size.", - "name": "MONGODB_SMALLFILES" - }, - { - "description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.", - "name": "MONGODB_QUIET" - }, - { - "description": "Database user name", - "name": "DB_USERNAME", - "from": "user[a-zA-Z0-9]{3}", - "generate": "expression" - }, - { - "description": "Database user password", - "name": "DB_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Database admin password", - "name": "DB_ADMIN_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "JWS Admin User", - "name": "JWS_ADMIN_USERNAME", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "JWS Admin Password", - "name": "JWS_ADMIN_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Github trigger secret", - "name": "GITHUB_TRIGGER_SECRET", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Generic build trigger secret", - "name": "GENERIC_TRIGGER_SECRET", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - } - ], - "objects": [ - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 8080, - "targetPort": 8080 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The web server's http port." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 8443, - "targetPort": 8443 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - } - }, - "metadata": { - "name": "secure-${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The web server's https port." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 27017, - "targetPort": 27017 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}-mongodb" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}-mongodb", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The database server's port." - } - } - }, - { - "kind": "Route", - "apiVersion": "v1", - "id": "${APPLICATION_NAME}-http-route", - "metadata": { - "name": "${APPLICATION_NAME}-http-route", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "Route for application's http service." - } - }, - "spec": { - "host": "${APPLICATION_HOSTNAME}", - "to": { - "name": "${APPLICATION_NAME}" - } - } - }, - { - "kind": "Route", - "apiVersion": "v1", - "id": "${APPLICATION_NAME}-https-route", - "metadata": { - "name": "${APPLICATION_NAME}-https-route", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "Route for application's https service." - } - }, - "spec": { - "host": "${APPLICATION_HOSTNAME}", - "to": { - "name": "secure-${APPLICATION_NAME}" - }, - "tls": { - "termination" : "passthrough" - } - } - }, - { - "kind": "ImageStream", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - } - }, - { - "kind": "BuildConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "source": { - "type": "Git", - "git": { - "uri": "${GIT_URI}", - "ref": "${GIT_REF}" - }, - "contextDir":"${GIT_CONTEXT_DIR}" - }, - "strategy": { - "type": "Source", - "sourceStrategy": { - "from": { - "kind": "ImageStreamTag", - "namespace": "openshift", - "name": "jboss-webserver3-tomcat8-openshift:${JWS_RELEASE}" - } - } - }, - "output": { - "to": { - "kind": "ImageStreamTag", - "name": "${APPLICATION_NAME}:latest" - } - }, - "triggers": [ - { - "type": "GitHub", - "github": { - "secret": "${GITHUB_TRIGGER_SECRET}" - } - }, - { - "type": "Generic", - "generic": { - "secret": "${GENERIC_TRIGGER_SECRET}" - } - }, - { - "type": "ImageChange", - "imageChange": {} - } - ] - } - }, - { - "kind": "DeploymentConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "strategy": { - "type": "Recreate" - }, - "triggers": [ - { - "type": "ImageChange", - "imageChangeParams": { - "automatic": true, - "containerNames": [ - "${APPLICATION_NAME}" - ], - "from": { - "kind": "ImageStream", - "name": "${APPLICATION_NAME}" - } - } - } - ], - "replicas": 1, - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - }, - "template": { - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "deploymentConfig": "${APPLICATION_NAME}", - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "serviceAccount": "jws-service-account", - "containers": [ - { - "name": "${APPLICATION_NAME}", - "image": "${APPLICATION_NAME}", - "imagePullPolicy": "Always", - "readinessProbe": { - "exec": { - "command": [ - "/bin/bash", - "-c", - "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'" - ] - } - }, - "volumeMounts": [ - { - "name": "jws-certificate-volume", - "mountPath": "/etc/jws-secret-volume", - "readOnly": true - } - ], - "ports": [ - { - "name": "http", - "containerPort": 8080, - "protocol": "TCP" - }, - { - "name": "https", - "containerPort": 8443, - "protocol": "TCP" - } - ], - "env": [ - { - "name": "DB_SERVICE_PREFIX_MAPPING", - "value": "${APPLICATION_NAME}-mongodb=DB" - }, - { - "name": "DB_JNDI", - "value": "${DB_JNDI}" - }, - { - "name": "DB_USERNAME", - "value": "${DB_USERNAME}" - }, - { - "name": "DB_PASSWORD", - "value": "${DB_PASSWORD}" - }, - { - "name": "DB_DATABASE", - "value": "${DB_DATABASE}" - }, - { - "name": "DB_ADMIN_PASSWORD", - "value": "${DB_ADMIN_PASSWORD}" - }, - { - "name": "DB_MIN_POOL_SIZE", - "value": "${DB_MIN_POOL_SIZE}" - }, - { - "name": "DB_MAX_POOL_SIZE", - "value": "${DB_MAX_POOL_SIZE}" - }, - { - "name": "DB_TX_ISOLATION", - "value": "${DB_TX_ISOLATION}" - }, - { - "name": "JWS_HTTPS_CERTIFICATE_DIR", - "value": "/etc/jws-secret-volume" - }, - { - "name": "JWS_HTTPS_CERTIFICATE", - "value": "${JWS_HTTPS_CERTIFICATE}" - }, - { - "name": "JWS_HTTPS_CERTIFICATE_KEY", - "value": "${JWS_HTTPS_CERTIFICATE_KEY}" - }, - { - "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", - "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}" - }, - { - "name": "JWS_ADMIN_USERNAME", - "value": "${JWS_ADMIN_USERNAME}" - }, - { - "name": "JWS_ADMIN_PASSWORD", - "value": "${JWS_ADMIN_PASSWORD}" - } - ] - } - ], - "volumes": [ - { - "name": "jws-certificate-volume", - "secret": { - "secretName": "${JWS_HTTPS_SECRET}" - } - } - ] - } - } - } - }, - { - "kind": "DeploymentConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}-mongodb", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "strategy": { - "type": "Recreate" - }, - "triggers": [ - { - "type": "ImageChange", - "imageChangeParams": { - "automatic": true, - "containerNames": [ - "${APPLICATION_NAME}-mongodb" - ], - "from": { - "kind": "ImageStreamTag", - "namespace": "openshift", - "name": "mongodb:latest" - } - } - } - ], - "replicas": 1, - "selector": { - "deploymentConfig": "${APPLICATION_NAME}-mongodb" - }, - "template": { - "metadata": { - "name": "${APPLICATION_NAME}-mongodb", - "labels": { - "deploymentConfig": "${APPLICATION_NAME}-mongodb", - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "containers": [ - { - "name": "${APPLICATION_NAME}-mongodb", - "image": "mongodb", - "imagePullPolicy": "Always", - "ports": [ - { - "containerPort": 27017, - "protocol": "TCP" - } - ], - "volumeMounts": [ - { - "mountPath": "/var/lib/mongodb/data", - "name": "${APPLICATION_NAME}-mongodb-pvol" - } - ], - "env": [ - { - "name": "MONGODB_USER", - "value": "${DB_USERNAME}" - }, - { - "name": "MONGODB_PASSWORD", - "value": "${DB_PASSWORD}" - }, - { - "name": "MONGODB_DATABASE", - "value": "${DB_DATABASE}" - }, - { - "name": "MONGODB_ADMIN_PASSWORD", - "value": "${DB_ADMIN_PASSWORD}" - }, - { - "name": "MONGODB_NOPREALLOC", - "value": "${MONGODB_NOPREALLOC}" - }, - { - "name": "MONGODB_SMALLFILES", - "value": "${MONGODB_SMALLFILES}" - }, - { - "name": "MONGODB_QUIET", - "value": "${MONGODB_QUIET}" - } - ] - } - ], - "volumes": [ - { - "name": "${APPLICATION_NAME}-mongodb-pvol", - "persistentVolumeClaim": { - "claimName": "${APPLICATION_NAME}-mongodb-claim" - } - } - ] - } - } - } - }, - { - "apiVersion": "v1", - "kind": "PersistentVolumeClaim", - "metadata": { - "name": "${APPLICATION_NAME}-mongodb-claim", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "accessModes": [ "ReadWriteOnce" ], - "resources": { - "requests": { - "storage": "${VOLUME_CAPACITY}" - } - } - } - } - ] -} diff --git a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-mongodb-sti.json b/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-mongodb-sti.json deleted file mode 100644 index a993024f4..000000000 --- a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-mongodb-sti.json +++ /dev/null @@ -1,562 +0,0 @@ -{ - "kind": "Template", - "apiVersion": "v1", - "metadata": { - "annotations": { - "iconClass" : "icon-tomcat", - "description": "Application template for JWS MongoDB applications built using STI." - }, - "name": "jws-tomcat8-mongodb-sti" - }, - "labels": { - "template": "jws-tomcat8-mongodb-sti" - }, - "parameters": [ - { - "description": "JWS Release version, e.g. 3.0, 2.1, etc.", - "name": "JWS_RELEASE", - "value": "3.0" - }, - { - "description": "The name for the application.", - "name": "APPLICATION_NAME", - "value": "jws-app" - }, - { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", - "name": "APPLICATION_HOSTNAME", - "value": "" - }, - { - "description": "Git source URI for application", - "name": "GIT_URI" - }, - { - "description": "Git branch/tag reference", - "name": "GIT_REF", - "value": "master" - }, - { - "description": "Path within Git project to build; empty for root project directory.", - "name": "GIT_CONTEXT_DIR", - "value": "" - }, - { - "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb", - "name": "DB_JNDI", - "value": "" - }, - { - "description": "Database name", - "name": "DB_DATABASE", - "value": "root" - }, - { - "description": "The name of the secret containing the certificate files", - "name": "JWS_HTTPS_SECRET", - "value": "jws-app-secret" - }, - { - "description": "The name of the certificate file within the secret", - "name": "JWS_HTTPS_CERTIFICATE", - "value": "server.crt" - }, - { - "description": "The name of the certificate key file within the secret", - "name": "JWS_HTTPS_CERTIFICATE_KEY", - "value": "server.key" - }, - { - "description": "The certificate password", - "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", - "value": "" - }, - { - "description": "Sets xa-pool/min-pool-size for the configured datasource.", - "name": "DB_MIN_POOL_SIZE" - }, - { - "description": "Sets xa-pool/max-pool-size for the configured datasource.", - "name": "DB_MAX_POOL_SIZE" - }, - { - "description": "Sets transaction-isolation for the configured datasource.", - "name": "DB_TX_ISOLATION" - }, - { - "description": "Disable data file preallocation.", - "name": "MONGODB_NOPREALLOC" - }, - { - "description": "Set MongoDB to use a smaller default data file size.", - "name": "MONGODB_SMALLFILES" - }, - { - "description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.", - "name": "MONGODB_QUIET" - }, - { - "description": "Database user name", - "name": "DB_USERNAME", - "from": "user[a-zA-Z0-9]{3}", - "generate": "expression" - }, - { - "description": "Database user password", - "name": "DB_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Database admin password", - "name": "DB_ADMIN_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "JWS Admin User", - "name": "JWS_ADMIN_USERNAME", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "JWS Admin Password", - "name": "JWS_ADMIN_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Github trigger secret", - "name": "GITHUB_TRIGGER_SECRET", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Generic build trigger secret", - "name": "GENERIC_TRIGGER_SECRET", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - } - ], - "objects": [ - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 8080, - "targetPort": 8080 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The web server's http port." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 8443, - "targetPort": 8443 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - } - }, - "metadata": { - "name": "secure-${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The web server's https port." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 27017, - "targetPort": 27017 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}-mongodb" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}-mongodb", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The database server's port." - } - } - }, - { - "kind": "Route", - "apiVersion": "v1", - "id": "${APPLICATION_NAME}-http-route", - "metadata": { - "name": "${APPLICATION_NAME}-http-route", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "Route for application's http service." - } - }, - "spec": { - "host": "${APPLICATION_HOSTNAME}", - "to": { - "name": "${APPLICATION_NAME}" - } - } - }, - { - "kind": "Route", - "apiVersion": "v1", - "id": "${APPLICATION_NAME}-https-route", - "metadata": { - "name": "${APPLICATION_NAME}-https-route", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "Route for application's https service." - } - }, - "spec": { - "host": "${APPLICATION_HOSTNAME}", - "to": { - "name": "secure-${APPLICATION_NAME}" - }, - "tls": { - "termination" : "passthrough" - } - } - }, - { - "kind": "ImageStream", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - } - }, - { - "kind": "BuildConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "source": { - "type": "Git", - "git": { - "uri": "${GIT_URI}", - "ref": "${GIT_REF}" - }, - "contextDir":"${GIT_CONTEXT_DIR}" - }, - "strategy": { - "type": "Source", - "sourceStrategy": { - "from": { - "kind": "ImageStreamTag", - "namespace": "openshift", - "name": "jboss-webserver3-tomcat8-openshift:${JWS_RELEASE}" - } - } - }, - "output": { - "to": { - "kind": "ImageStreamTag", - "name": "${APPLICATION_NAME}:latest" - } - }, - "triggers": [ - { - "type": "GitHub", - "github": { - "secret": "${GITHUB_TRIGGER_SECRET}" - } - }, - { - "type": "Generic", - "generic": { - "secret": "${GENERIC_TRIGGER_SECRET}" - } - }, - { - "type": "ImageChange", - "imageChange": {} - } - ] - } - }, - { - "kind": "DeploymentConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "strategy": { - "type": "Recreate" - }, - "triggers": [ - { - "type": "ImageChange", - "imageChangeParams": { - "automatic": true, - "containerNames": [ - "${APPLICATION_NAME}" - ], - "from": { - "kind": "ImageStream", - "name": "${APPLICATION_NAME}" - } - } - } - ], - "replicas": 1, - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - }, - "template": { - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "deploymentConfig": "${APPLICATION_NAME}", - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "serviceAccount": "jws-service-account", - "containers": [ - { - "name": "${APPLICATION_NAME}", - "image": "${APPLICATION_NAME}", - "imagePullPolicy": "Always", - "readinessProbe": { - "exec": { - "command": [ - "/bin/bash", - "-c", - "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'" - ] - } - }, - "volumeMounts": [ - { - "name": "jws-certificate-volume", - "mountPath": "/etc/jws-secret-volume", - "readOnly": true - } - ], - "ports": [ - { - "name": "http", - "containerPort": 8080, - "protocol": "TCP" - }, - { - "name": "https", - "containerPort": 8443, - "protocol": "TCP" - } - ], - "env": [ - { - "name": "DB_SERVICE_PREFIX_MAPPING", - "value": "${APPLICATION_NAME}-mongodb=DB" - }, - { - "name": "DB_JNDI", - "value": "${DB_JNDI}" - }, - { - "name": "DB_USERNAME", - "value": "${DB_USERNAME}" - }, - { - "name": "DB_PASSWORD", - "value": "${DB_PASSWORD}" - }, - { - "name": "DB_DATABASE", - "value": "${DB_DATABASE}" - }, - { - "name": "DB_ADMIN_PASSWORD", - "value": "${DB_ADMIN_PASSWORD}" - }, - { - "name": "DB_MIN_POOL_SIZE", - "value": "${DB_MIN_POOL_SIZE}" - }, - { - "name": "DB_MAX_POOL_SIZE", - "value": "${DB_MAX_POOL_SIZE}" - }, - { - "name": "DB_TX_ISOLATION", - "value": "${DB_TX_ISOLATION}" - }, - { - "name": "JWS_HTTPS_CERTIFICATE_DIR", - "value": "/etc/jws-secret-volume" - }, - { - "name": "JWS_HTTPS_CERTIFICATE", - "value": "${JWS_HTTPS_CERTIFICATE}" - }, - { - "name": "JWS_HTTPS_CERTIFICATE_KEY", - "value": "${JWS_HTTPS_CERTIFICATE_KEY}" - }, - { - "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", - "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}" - }, - { - "name": "JWS_ADMIN_USERNAME", - "value": "${JWS_ADMIN_USERNAME}" - }, - { - "name": "JWS_ADMIN_PASSWORD", - "value": "${JWS_ADMIN_PASSWORD}" - } - ] - } - ], - "volumes": [ - { - "name": "jws-certificate-volume", - "secret": { - "secretName": "${JWS_HTTPS_SECRET}" - } - } - ] - } - } - } - }, - { - "kind": "DeploymentConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}-mongodb", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "strategy": { - "type": "Recreate" - }, - "triggers": [ - { - "type": "ImageChange", - "imageChangeParams": { - "automatic": true, - "containerNames": [ - "${APPLICATION_NAME}-mongodb" - ], - "from": { - "kind": "ImageStreamTag", - "namespace": "openshift", - "name": "mongodb:latest" - } - } - } - ], - "replicas": 1, - "selector": { - "deploymentConfig": "${APPLICATION_NAME}-mongodb" - }, - "template": { - "metadata": { - "name": "${APPLICATION_NAME}-mongodb", - "labels": { - "deploymentConfig": "${APPLICATION_NAME}-mongodb", - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "containers": [ - { - "name": "${APPLICATION_NAME}-mongodb", - "image": "mongodb", - "imagePullPolicy": "Always", - "ports": [ - { - "containerPort": 27017, - "protocol": "TCP" - } - ], - "env": [ - { - "name": "MONGODB_USER", - "value": "${DB_USERNAME}" - }, - { - "name": "MONGODB_PASSWORD", - "value": "${DB_PASSWORD}" - }, - { - "name": "MONGODB_DATABASE", - "value": "${DB_DATABASE}" - }, - { - "name": "MONGODB_ADMIN_PASSWORD", - "value": "${DB_ADMIN_PASSWORD}" - }, - { - "name": "MONGODB_NOPREALLOC", - "value": "${MONGODB_NOPREALLOC}" - }, - { - "name": "MONGODB_SMALLFILES", - "value": "${MONGODB_SMALLFILES}" - }, - { - "name": "MONGODB_QUIET", - "value": "${MONGODB_QUIET}" - } - ] - } - ] - } - } - } - } - ] -} diff --git a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-mysql-persistent-sti.json b/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-mysql-persistent-sti.json deleted file mode 100644 index 0692817bf..000000000 --- a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-mysql-persistent-sti.json +++ /dev/null @@ -1,600 +0,0 @@ -{ - "kind": "Template", - "apiVersion": "v1", - "metadata": { - "annotations": { - "iconClass" : "icon-tomcat", - "description": "Application template for JWS MySQL applications with persistent storage built using STI." - }, - "name": "jws-tomcat8-mysql-persistent-sti" - }, - "labels": { - "template": "jws-tomcat8-mysql-persistent-sti" - }, - "parameters": [ - { - "description": "JWS Release version, e.g. 3.0, 2.1, etc.", - "name": "JWS_RELEASE", - "value": "3.0" - }, - { - "description": "The name for the application.", - "name": "APPLICATION_NAME", - "value": "jws-app" - }, - { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", - "name": "APPLICATION_HOSTNAME", - "value": "" - }, - { - "description": "Git source URI for application", - "name": "GIT_URI" - }, - { - "description": "Git branch/tag reference", - "name": "GIT_REF", - "value": "master" - }, - { - "description": "Path within Git project to build; empty for root project directory.", - "name": "GIT_CONTEXT_DIR", - "value": "" - }, - { - "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb", - "name": "DB_JNDI", - "value": "" - }, - { - "description": "Database name", - "name": "DB_DATABASE", - "value": "root" - }, - { - "description": "Size of persistent storage for database volume.", - "name": "VOLUME_CAPACITY", - "value": "512Mi" - }, - { - "description": "The name of the secret containing the certificate files", - "name": "JWS_HTTPS_SECRET", - "value": "jws-app-secret" - }, - { - "description": "The name of the certificate file within the secret", - "name": "JWS_HTTPS_CERTIFICATE", - "value": "server.crt" - }, - { - "description": "The name of the certificate key file within the secret", - "name": "JWS_HTTPS_CERTIFICATE_KEY", - "value": "server.key" - }, - { - "description": "The certificate password", - "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", - "value": "" - }, - { - "description": "Sets xa-pool/min-pool-size for the configured datasource.", - "name": "DB_MIN_POOL_SIZE" - }, - { - "description": "Sets xa-pool/max-pool-size for the configured datasource.", - "name": "DB_MAX_POOL_SIZE" - }, - { - "description": "Sets transaction-isolation for the configured datasource.", - "name": "DB_TX_ISOLATION" - }, - { - "description": "Sets how the table names are stored and compared.", - "name": "MYSQL_LOWER_CASE_TABLE_NAMES" - }, - { - "description": "The maximum permitted number of simultaneous client connections.", - "name": "MYSQL_MAX_CONNECTIONS" - }, - { - "description": "The minimum length of the word to be included in a FULLTEXT index.", - "name": "MYSQL_FT_MIN_WORD_LEN" - }, - { - "description": "The maximum length of the word to be included in a FULLTEXT index.", - "name": "MYSQL_FT_MAX_WORD_LEN" - }, - { - "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.", - "name": "MYSQL_AIO" - }, - { - "description": "Database user name", - "name": "DB_USERNAME", - "from": "user[a-zA-Z0-9]{3}", - "generate": "expression" - }, - { - "description": "Database user password", - "name": "DB_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "JWS Admin User", - "name": "JWS_ADMIN_USERNAME", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "JWS Admin Password", - "name": "JWS_ADMIN_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Github trigger secret", - "name": "GITHUB_TRIGGER_SECRET", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Generic build trigger secret", - "name": "GENERIC_TRIGGER_SECRET", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - } - ], - "objects": [ - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 8080, - "targetPort": 8080 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The web server's http port." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 8443, - "targetPort": 8443 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - } - }, - "metadata": { - "name": "secure-${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The web server's https port." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 3306, - "targetPort": 3306 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}-mysql" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}-mysql", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The database server's port." - } - } - }, - { - "kind": "Route", - "apiVersion": "v1", - "id": "${APPLICATION_NAME}-http-route", - "metadata": { - "name": "${APPLICATION_NAME}-http-route", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "Route for application's http service." - } - }, - "spec": { - "host": "${APPLICATION_HOSTNAME}", - "to": { - "name": "${APPLICATION_NAME}" - } - } - }, - { - "kind": "Route", - "apiVersion": "v1", - "id": "${APPLICATION_NAME}-https-route", - "metadata": { - "name": "${APPLICATION_NAME}-https-route", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "Route for application's https service." - } - }, - "spec": { - "host": "${APPLICATION_HOSTNAME}", - "to": { - "name": "secure-${APPLICATION_NAME}" - }, - "tls": { - "termination" : "passthrough" - } - } - }, - { - "kind": "ImageStream", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - } - }, - { - "kind": "BuildConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "source": { - "type": "Git", - "git": { - "uri": "${GIT_URI}", - "ref": "${GIT_REF}" - }, - "contextDir":"${GIT_CONTEXT_DIR}" - }, - "strategy": { - "type": "Source", - "sourceStrategy": { - "from": { - "kind": "ImageStreamTag", - "namespace": "openshift", - "name": "jboss-webserver3-tomcat8-openshift:${JWS_RELEASE}" - } - } - }, - "output": { - "to": { - "kind": "ImageStreamTag", - "name": "${APPLICATION_NAME}:latest" - } - }, - "triggers": [ - { - "type": "GitHub", - "github": { - "secret": "${GITHUB_TRIGGER_SECRET}" - } - }, - { - "type": "Generic", - "generic": { - "secret": "${GENERIC_TRIGGER_SECRET}" - } - }, - { - "type": "ImageChange", - "imageChange": {} - } - ] - } - }, - { - "kind": "DeploymentConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "strategy": { - "type": "Recreate" - }, - "triggers": [ - { - "type": "ImageChange", - "imageChangeParams": { - "automatic": true, - "containerNames": [ - "${APPLICATION_NAME}" - ], - "from": { - "kind": "ImageStream", - "name": "${APPLICATION_NAME}" - } - } - } - ], - "replicas": 1, - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - }, - "template": { - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "deploymentConfig": "${APPLICATION_NAME}", - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "serviceAccount": "jws-service-account", - "containers": [ - { - "name": "${APPLICATION_NAME}", - "image": "${APPLICATION_NAME}", - "imagePullPolicy": "Always", - "readinessProbe": { - "exec": { - "command": [ - "/bin/bash", - "-c", - "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'" - ] - } - }, - "volumeMounts": [ - { - "name": "jws-certificate-volume", - "mountPath": "/etc/jws-secret-volume", - "readOnly": true - } - ], - "ports": [ - { - "name": "http", - "containerPort": 8080, - "protocol": "TCP" - }, - { - "name": "https", - "containerPort": 8443, - "protocol": "TCP" - } - ], - "env": [ - { - "name": "DB_SERVICE_PREFIX_MAPPING", - "value": "${APPLICATION_NAME}-mysql=DB" - }, - { - "name": "DB_JNDI", - "value": "${DB_JNDI}" - }, - { - "name": "DB_USERNAME", - "value": "${DB_USERNAME}" - }, - { - "name": "DB_PASSWORD", - "value": "${DB_PASSWORD}" - }, - { - "name": "DB_DATABASE", - "value": "${DB_DATABASE}" - }, - { - "name": "DB_MIN_POOL_SIZE", - "value": "${DB_MIN_POOL_SIZE}" - }, - { - "name": "DB_MAX_POOL_SIZE", - "value": "${DB_MAX_POOL_SIZE}" - }, - { - "name": "DB_TX_ISOLATION", - "value": "${DB_TX_ISOLATION}" - }, - { - "name": "JWS_HTTPS_CERTIFICATE_DIR", - "value": "/etc/jws-secret-volume" - }, - { - "name": "JWS_HTTPS_CERTIFICATE", - "value": "${JWS_HTTPS_CERTIFICATE}" - }, - { - "name": "JWS_HTTPS_CERTIFICATE_KEY", - "value": "${JWS_HTTPS_CERTIFICATE_KEY}" - }, - { - "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", - "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}" - }, - { - "name": "JWS_ADMIN_USERNAME", - "value": "${JWS_ADMIN_USERNAME}" - }, - { - "name": "JWS_ADMIN_PASSWORD", - "value": "${JWS_ADMIN_PASSWORD}" - } - ] - } - ], - "volumes": [ - { - "name": "jws-certificate-volume", - "secret": { - "secretName": "${JWS_HTTPS_SECRET}" - } - } - ] - } - } - } - }, - { - "kind": "DeploymentConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}-mysql", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "strategy": { - "type": "Recreate" - }, - "triggers": [ - { - "type": "ImageChange", - "imageChangeParams": { - "automatic": true, - "containerNames": [ - "${APPLICATION_NAME}-mysql" - ], - "from": { - "kind": "ImageStreamTag", - "namespace": "openshift", - "name": "mysql:latest" - } - } - } - ], - "replicas": 1, - "selector": { - "deploymentConfig": "${APPLICATION_NAME}-mysql" - }, - "template": { - "metadata": { - "name": "${APPLICATION_NAME}-mysql", - "labels": { - "deploymentConfig": "${APPLICATION_NAME}-mysql", - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "containers": [ - { - "name": "${APPLICATION_NAME}-mysql", - "image": "mysql", - "ports": [ - { - "containerPort": 3306, - "protocol": "TCP" - } - ], - "volumeMounts": [ - { - "mountPath": "/var/lib/mysql/data", - "name": "${APPLICATION_NAME}-mysql-pvol" - } - ], - "env": [ - { - "name": "MYSQL_USER", - "value": "${DB_USERNAME}" - }, - { - "name": "MYSQL_PASSWORD", - "value": "${DB_PASSWORD}" - }, - { - "name": "MYSQL_DATABASE", - "value": "${DB_DATABASE}" - }, - { - "name": "MYSQL_LOWER_CASE_TABLE_NAMES", - "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}" - }, - { - "name": "MYSQL_MAX_CONNECTIONS", - "value": "${MYSQL_MAX_CONNECTIONS}" - }, - { - "name": "MYSQL_FT_MIN_WORD_LEN", - "value": "${MYSQL_FT_MIN_WORD_LEN}" - }, - { - "name": "MYSQL_FT_MAX_WORD_LEN", - "value": "${MYSQL_FT_MAX_WORD_LEN}" - }, - { - "name": "MYSQL_AIO", - "value": "${MYSQL_AIO}" - } - ] - } - ], - "volumes": [ - { - "name": "${APPLICATION_NAME}-mysql-pvol", - "persistentVolumeClaim": { - "claimName": "${APPLICATION_NAME}-mysql-claim" - } - } - ] - } - } - } - }, - { - "apiVersion": "v1", - "kind": "PersistentVolumeClaim", - "metadata": { - "name": "${APPLICATION_NAME}-mysql-claim", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "accessModes": [ "ReadWriteOnce" ], - "resources": { - "requests": { - "storage": "${VOLUME_CAPACITY}" - } - } - } - } - ] -} diff --git a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-mysql-sti.json b/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-mysql-sti.json deleted file mode 100644 index 226a983b7..000000000 --- a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-mysql-sti.json +++ /dev/null @@ -1,563 +0,0 @@ -{ - "kind": "Template", - "apiVersion": "v1", - "metadata": { - "annotations": { - "iconClass" : "icon-tomcat", - "description": "Application template for JWS MySQL applications built using STI." - }, - "name": "jws-tomcat8-mysql-sti" - }, - "labels": { - "template": "jws-tomcat8-mysql-sti" - }, - "parameters": [ - { - "description": "JWS Release version, e.g. 3.0, 2.1, etc.", - "name": "JWS_RELEASE", - "value": "3.0" - }, - { - "description": "The name for the application.", - "name": "APPLICATION_NAME", - "value": "jws-app" - }, - { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", - "name": "APPLICATION_HOSTNAME", - "value": "" - }, - { - "description": "Git source URI for application", - "name": "GIT_URI" - }, - { - "description": "Git branch/tag reference", - "name": "GIT_REF", - "value": "master" - }, - { - "description": "Path within Git project to build; empty for root project directory.", - "name": "GIT_CONTEXT_DIR", - "value": "" - }, - { - "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb", - "name": "DB_JNDI", - "value": "" - }, - { - "description": "Database name", - "name": "DB_DATABASE", - "value": "root" - }, - { - "description": "The name of the secret containing the certificate files", - "name": "JWS_HTTPS_SECRET", - "value": "jws-app-secret" - }, - { - "description": "The name of the certificate file within the secret", - "name": "JWS_HTTPS_CERTIFICATE", - "value": "server.crt" - }, - { - "description": "The name of the certificate key file within the secret", - "name": "JWS_HTTPS_CERTIFICATE_KEY", - "value": "server.key" - }, - { - "description": "The certificate password", - "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", - "value": "" - }, - { - "description": "Sets xa-pool/min-pool-size for the configured datasource.", - "name": "DB_MIN_POOL_SIZE" - }, - { - "description": "Sets xa-pool/max-pool-size for the configured datasource.", - "name": "DB_MAX_POOL_SIZE" - }, - { - "description": "Sets transaction-isolation for the configured datasource.", - "name": "DB_TX_ISOLATION" - }, - { - "description": "Sets how the table names are stored and compared.", - "name": "MYSQL_LOWER_CASE_TABLE_NAMES" - }, - { - "description": "The maximum permitted number of simultaneous client connections.", - "name": "MYSQL_MAX_CONNECTIONS" - }, - { - "description": "The minimum length of the word to be included in a FULLTEXT index.", - "name": "MYSQL_FT_MIN_WORD_LEN" - }, - { - "description": "The maximum length of the word to be included in a FULLTEXT index.", - "name": "MYSQL_FT_MAX_WORD_LEN" - }, - { - "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.", - "name": "MYSQL_AIO" - }, - { - "description": "Database user name", - "name": "DB_USERNAME", - "from": "user[a-zA-Z0-9]{3}", - "generate": "expression" - }, - { - "description": "Database user password", - "name": "DB_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "JWS Admin User", - "name": "JWS_ADMIN_USERNAME", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "JWS Admin Password", - "name": "JWS_ADMIN_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Github trigger secret", - "name": "GITHUB_TRIGGER_SECRET", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Generic build trigger secret", - "name": "GENERIC_TRIGGER_SECRET", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - } - ], - "objects": [ - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 8080, - "targetPort": 8080 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The web server's http port." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 8443, - "targetPort": 8443 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - } - }, - "metadata": { - "name": "secure-${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The web server's https port." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 3306, - "targetPort": 3306 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}-mysql" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}-mysql", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The database server's port." - } - } - }, - { - "kind": "Route", - "apiVersion": "v1", - "id": "${APPLICATION_NAME}-http-route", - "metadata": { - "name": "${APPLICATION_NAME}-http-route", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "Route for application's http service." - } - }, - "spec": { - "host": "${APPLICATION_HOSTNAME}", - "to": { - "name": "${APPLICATION_NAME}" - } - } - }, - { - "kind": "Route", - "apiVersion": "v1", - "id": "${APPLICATION_NAME}-https-route", - "metadata": { - "name": "${APPLICATION_NAME}-https-route", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "Route for application's https service." - } - }, - "spec": { - "host": "${APPLICATION_HOSTNAME}", - "to": { - "name": "secure-${APPLICATION_NAME}" - }, - "tls": { - "termination" : "passthrough" - } - } - }, - { - "kind": "ImageStream", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - } - }, - { - "kind": "BuildConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "source": { - "type": "Git", - "git": { - "uri": "${GIT_URI}", - "ref": "${GIT_REF}" - }, - "contextDir":"${GIT_CONTEXT_DIR}" - }, - "strategy": { - "type": "Source", - "sourceStrategy": { - "from": { - "kind": "ImageStreamTag", - "namespace": "openshift", - "name": "jboss-webserver3-tomcat8-openshift:${JWS_RELEASE}" - } - } - }, - "output": { - "to": { - "kind": "ImageStreamTag", - "name": "${APPLICATION_NAME}:latest" - } - }, - "triggers": [ - { - "type": "GitHub", - "github": { - "secret": "${GITHUB_TRIGGER_SECRET}" - } - }, - { - "type": "Generic", - "generic": { - "secret": "${GENERIC_TRIGGER_SECRET}" - } - }, - { - "type": "ImageChange", - "imageChange": {} - } - ] - } - }, - { - "kind": "DeploymentConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "strategy": { - "type": "Recreate" - }, - "triggers": [ - { - "type": "ImageChange", - "imageChangeParams": { - "automatic": true, - "containerNames": [ - "${APPLICATION_NAME}" - ], - "from": { - "kind": "ImageStream", - "name": "${APPLICATION_NAME}" - } - } - } - ], - "replicas": 1, - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - }, - "template": { - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "deploymentConfig": "${APPLICATION_NAME}", - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "serviceAccount": "jws-service-account", - "containers": [ - { - "name": "${APPLICATION_NAME}", - "image": "${APPLICATION_NAME}", - "imagePullPolicy": "Always", - "readinessProbe": { - "exec": { - "command": [ - "/bin/bash", - "-c", - "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'" - ] - } - }, - "volumeMounts": [ - { - "name": "jws-certificate-volume", - "mountPath": "/etc/jws-secret-volume", - "readOnly": true - } - ], - "ports": [ - { - "name": "http", - "containerPort": 8080, - "protocol": "TCP" - }, - { - "name": "https", - "containerPort": 8443, - "protocol": "TCP" - } - ], - "env": [ - { - "name": "DB_SERVICE_PREFIX_MAPPING", - "value": "${APPLICATION_NAME}-mysql=DB" - }, - { - "name": "DB_JNDI", - "value": "${DB_JNDI}" - }, - { - "name": "DB_USERNAME", - "value": "${DB_USERNAME}" - }, - { - "name": "DB_PASSWORD", - "value": "${DB_PASSWORD}" - }, - { - "name": "DB_DATABASE", - "value": "${DB_DATABASE}" - }, - { - "name": "DB_MIN_POOL_SIZE", - "value": "${DB_MIN_POOL_SIZE}" - }, - { - "name": "DB_MAX_POOL_SIZE", - "value": "${DB_MAX_POOL_SIZE}" - }, - { - "name": "DB_TX_ISOLATION", - "value": "${DB_TX_ISOLATION}" - }, - { - "name": "JWS_HTTPS_CERTIFICATE_DIR", - "value": "/etc/jws-secret-volume" - }, - { - "name": "JWS_HTTPS_CERTIFICATE", - "value": "${JWS_HTTPS_CERTIFICATE}" - }, - { - "name": "JWS_HTTPS_CERTIFICATE_KEY", - "value": "${JWS_HTTPS_CERTIFICATE_KEY}" - }, - { - "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", - "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}" - }, - { - "name": "JWS_ADMIN_USERNAME", - "value": "${JWS_ADMIN_USERNAME}" - }, - { - "name": "JWS_ADMIN_PASSWORD", - "value": "${JWS_ADMIN_PASSWORD}" - } - ] - } - ], - "volumes": [ - { - "name": "jws-certificate-volume", - "secret": { - "secretName": "${JWS_HTTPS_SECRET}" - } - } - ] - } - } - } - }, - { - "kind": "DeploymentConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}-mysql", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "strategy": { - "type": "Recreate" - }, - "triggers": [ - { - "type": "ImageChange", - "imageChangeParams": { - "automatic": true, - "containerNames": [ - "${APPLICATION_NAME}-mysql" - ], - "from": { - "kind": "ImageStreamTag", - "namespace": "openshift", - "name": "mysql:latest" - } - } - } - ], - "replicas": 1, - "selector": { - "deploymentConfig": "${APPLICATION_NAME}-mysql" - }, - "template": { - "metadata": { - "name": "${APPLICATION_NAME}-mysql", - "labels": { - "deploymentConfig": "${APPLICATION_NAME}-mysql", - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "containers": [ - { - "name": "${APPLICATION_NAME}-mysql", - "image": "mysql", - "ports": [ - { - "containerPort": 3306, - "protocol": "TCP" - } - ], - "env": [ - { - "name": "MYSQL_USER", - "value": "${DB_USERNAME}" - }, - { - "name": "MYSQL_PASSWORD", - "value": "${DB_PASSWORD}" - }, - { - "name": "MYSQL_DATABASE", - "value": "${DB_DATABASE}" - }, - { - "name": "MYSQL_LOWER_CASE_TABLE_NAMES", - "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}" - }, - { - "name": "MYSQL_MAX_CONNECTIONS", - "value": "${MYSQL_MAX_CONNECTIONS}" - }, - { - "name": "MYSQL_FT_MIN_WORD_LEN", - "value": "${MYSQL_FT_MIN_WORD_LEN}" - }, - { - "name": "MYSQL_FT_MAX_WORD_LEN", - "value": "${MYSQL_FT_MAX_WORD_LEN}" - }, - { - "name": "MYSQL_AIO", - "value": "${MYSQL_AIO}" - } - ] - } - ] - } - } - } - } - ] -} diff --git a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-postgresql-persistent-sti.json b/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-postgresql-persistent-sti.json deleted file mode 100644 index b4644ac08..000000000 --- a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-postgresql-persistent-sti.json +++ /dev/null @@ -1,576 +0,0 @@ -{ - "kind": "Template", - "apiVersion": "v1", - "metadata": { - "annotations": { - "iconClass" : "icon-tomcat", - "description": "Application template for JWS PostgreSQL applications with persistent storage built using STI." - }, - "name": "jws-tomcat8-postgresql-persistent-sti" - }, - "labels": { - "template": "jws-tomcat8-postgresql-persistent-sti" - }, - "parameters": [ - { - "description": "JWS Release version, e.g. 3.0, 2.1, etc.", - "name": "JWS_RELEASE", - "value": "3.0" - }, - { - "description": "The name for the application.", - "name": "APPLICATION_NAME", - "value": "jws-app" - }, - { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", - "name": "APPLICATION_HOSTNAME", - "value": "" - }, - { - "description": "Git source URI for application", - "name": "GIT_URI" - }, - { - "description": "Git branch/tag reference", - "name": "GIT_REF", - "value": "master" - }, - { - "description": "Path within Git project to build; empty for root project directory.", - "name": "GIT_CONTEXT_DIR", - "value": "" - }, - { - "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb", - "name": "DB_JNDI", - "value": "" - }, - { - "description": "Database name", - "name": "DB_DATABASE", - "value": "root" - }, - { - "description": "Size of persistent storage for database volume.", - "name": "VOLUME_CAPACITY", - "value": "512Mi" - }, - { - "description": "The name of the secret containing the certificate files", - "name": "JWS_HTTPS_SECRET", - "value": "jws-app-secret" - }, - { - "description": "The name of the certificate file within the secret", - "name": "JWS_HTTPS_CERTIFICATE", - "value": "server.crt" - }, - { - "description": "The name of the certificate key file within the secret", - "name": "JWS_HTTPS_CERTIFICATE_KEY", - "value": "server.key" - }, - { - "description": "The certificate password", - "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", - "value": "" - }, - { - "description": "Sets xa-pool/min-pool-size for the configured datasource.", - "name": "DB_MIN_POOL_SIZE" - }, - { - "description": "Sets xa-pool/max-pool-size for the configured datasource.", - "name": "DB_MAX_POOL_SIZE" - }, - { - "description": "Sets transaction-isolation for the configured datasource.", - "name": "DB_TX_ISOLATION" - }, - { - "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.", - "name": "POSTGRESQL_MAX_CONNECTIONS" - }, - { - "description": "Configures how much memory is dedicated to PostgreSQL for caching data.", - "name": "POSTGRESQL_SHARED_BUFFERS" - }, - { - "description": "Database user name", - "name": "DB_USERNAME", - "from": "user[a-zA-Z0-9]{3}", - "generate": "expression" - }, - { - "description": "Database user password", - "name": "DB_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "JWS Admin User", - "name": "JWS_ADMIN_USERNAME", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "JWS Admin Password", - "name": "JWS_ADMIN_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Github trigger secret", - "name": "GITHUB_TRIGGER_SECRET", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Generic build trigger secret", - "name": "GENERIC_TRIGGER_SECRET", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - } - ], - "objects": [ - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 8080, - "targetPort": 8080 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The web server's http port." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 8443, - "targetPort": 8443 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - } - }, - "metadata": { - "name": "secure-${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The web server's https port." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 5432, - "targetPort": 5432 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}-postgresql" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}-postgresql", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The database server's port." - } - } - }, - { - "kind": "Route", - "apiVersion": "v1", - "id": "${APPLICATION_NAME}-http-route", - "metadata": { - "name": "${APPLICATION_NAME}-http-route", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "Route for application's http service." - } - }, - "spec": { - "host": "${APPLICATION_HOSTNAME}", - "to": { - "name": "${APPLICATION_NAME}" - } - } - }, - { - "kind": "Route", - "apiVersion": "v1", - "id": "${APPLICATION_NAME}-https-route", - "metadata": { - "name": "${APPLICATION_NAME}-https-route", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "Route for application's https service." - } - }, - "spec": { - "host": "${APPLICATION_HOSTNAME}", - "to": { - "name": "secure-${APPLICATION_NAME}" - }, - "tls": { - "termination" : "passthrough" - } - } - }, - { - "kind": "ImageStream", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - } - }, - { - "kind": "BuildConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "source": { - "type": "Git", - "git": { - "uri": "${GIT_URI}", - "ref": "${GIT_REF}" - }, - "contextDir":"${GIT_CONTEXT_DIR}" - }, - "strategy": { - "type": "Source", - "sourceStrategy": { - "from": { - "kind": "ImageStreamTag", - "namespace": "openshift", - "name": "jboss-webserver3-tomcat8-openshift:${JWS_RELEASE}" - } - } - }, - "output": { - "to": { - "kind": "ImageStreamTag", - "name": "${APPLICATION_NAME}:latest" - } - }, - "triggers": [ - { - "type": "GitHub", - "github": { - "secret": "${GITHUB_TRIGGER_SECRET}" - } - }, - { - "type": "Generic", - "generic": { - "secret": "${GENERIC_TRIGGER_SECRET}" - } - }, - { - "type": "ImageChange", - "imageChange": {} - } - ] - } - }, - { - "kind": "DeploymentConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "strategy": { - "type": "Recreate" - }, - "triggers": [ - { - "type": "ImageChange", - "imageChangeParams": { - "automatic": true, - "containerNames": [ - "${APPLICATION_NAME}" - ], - "from": { - "kind": "ImageStream", - "name": "${APPLICATION_NAME}" - } - } - } - ], - "replicas": 1, - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - }, - "template": { - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "deploymentConfig": "${APPLICATION_NAME}", - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "serviceAccount": "jws-service-account", - "containers": [ - { - "name": "${APPLICATION_NAME}", - "image": "${APPLICATION_NAME}", - "imagePullPolicy": "Always", - "readinessProbe": { - "exec": { - "command": [ - "/bin/bash", - "-c", - "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'" - ] - } - }, - "volumeMounts": [ - { - "name": "jws-certificate-volume", - "mountPath": "/etc/jws-secret-volume", - "readOnly": true - } - ], - "ports": [ - { - "name": "http", - "containerPort": 8080, - "protocol": "TCP" - }, - { - "name": "https", - "containerPort": 8443, - "protocol": "TCP" - } - ], - "env": [ - { - "name": "DB_SERVICE_PREFIX_MAPPING", - "value": "${APPLICATION_NAME}-postgresql=DB" - }, - { - "name": "DB_JNDI", - "value": "${DB_JNDI}" - }, - { - "name": "DB_USERNAME", - "value": "${DB_USERNAME}" - }, - { - "name": "DB_PASSWORD", - "value": "${DB_PASSWORD}" - }, - { - "name": "DB_DATABASE", - "value": "${DB_DATABASE}" - }, - { - "name": "DB_MIN_POOL_SIZE", - "value": "${DB_MIN_POOL_SIZE}" - }, - { - "name": "DB_MAX_POOL_SIZE", - "value": "${DB_MAX_POOL_SIZE}" - }, - { - "name": "DB_TX_ISOLATION", - "value": "${DB_TX_ISOLATION}" - }, - { - "name": "JWS_HTTPS_CERTIFICATE_DIR", - "value": "/etc/jws-secret-volume" - }, - { - "name": "JWS_HTTPS_CERTIFICATE", - "value": "${JWS_HTTPS_CERTIFICATE}" - }, - { - "name": "JWS_HTTPS_CERTIFICATE_KEY", - "value": "${JWS_HTTPS_CERTIFICATE_KEY}" - }, - { - "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", - "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}" - }, - { - "name": "JWS_ADMIN_USERNAME", - "value": "${JWS_ADMIN_USERNAME}" - }, - { - "name": "JWS_ADMIN_PASSWORD", - "value": "${JWS_ADMIN_PASSWORD}" - } - ] - } - ], - "volumes": [ - { - "name": "jws-certificate-volume", - "secret": { - "secretName": "${JWS_HTTPS_SECRET}" - } - } - ] - } - } - } - }, - { - "kind": "DeploymentConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}-postgresql", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "strategy": { - "type": "Recreate" - }, - "triggers": [ - { - "type": "ImageChange", - "imageChangeParams": { - "automatic": true, - "containerNames": [ - "${APPLICATION_NAME}-postgresql" - ], - "from": { - "kind": "ImageStreamTag", - "namespace": "openshift", - "name": "postgresql:latest" - } - } - } - ], - "replicas": 1, - "selector": { - "deploymentConfig": "${APPLICATION_NAME}-postgresql" - }, - "template": { - "metadata": { - "name": "${APPLICATION_NAME}-postgresql", - "labels": { - "deploymentConfig": "${APPLICATION_NAME}-postgresql", - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "containers": [ - { - "name": "${APPLICATION_NAME}-postgresql", - "image": "postgresql", - "ports": [ - { - "containerPort": 5432, - "protocol": "TCP" - } - ], - "volumeMounts": [ - { - "mountPath": "/var/lib/pgsql/data", - "name": "${APPLICATION_NAME}-postgresql-pvol" - } - ], - "env": [ - { - "name": "POSTGRESQL_USER", - "value": "${DB_USERNAME}" - }, - { - "name": "POSTGRESQL_PASSWORD", - "value": "${DB_PASSWORD}" - }, - { - "name": "POSTGRESQL_DATABASE", - "value": "${DB_DATABASE}" - }, - { - "name": "POSTGRESQL_MAX_CONNECTIONS", - "value": "${POSTGRESQL_MAX_CONNECTIONS}" - }, - { - "name": "POSTGRESQL_SHARED_BUFFERS", - "value": "${POSTGRESQL_SHARED_BUFFERS}" - } - ] - } - ], - "volumes": [ - { - "name": "${APPLICATION_NAME}-postgresql-pvol", - "persistentVolumeClaim": { - "claimName": "${APPLICATION_NAME}-postgresql-claim" - } - } - ] - } - } - } - }, - { - "apiVersion": "v1", - "kind": "PersistentVolumeClaim", - "metadata": { - "name": "${APPLICATION_NAME}-postgresql-claim", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "accessModes": [ "ReadWriteOnce" ], - "resources": { - "requests": { - "storage": "${VOLUME_CAPACITY}" - } - } - } - } - ] -} diff --git a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-postgresql-sti.json b/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-postgresql-sti.json deleted file mode 100644 index b46f23225..000000000 --- a/roles/openshift_examples/files/examples/xpaas-templates/jws-tomcat8-postgresql-sti.json +++ /dev/null @@ -1,539 +0,0 @@ -{ - "kind": "Template", - "apiVersion": "v1", - "metadata": { - "annotations": { - "iconClass" : "icon-tomcat", - "description": "Application template for JWS PostgreSQL applications built using STI." - }, - "name": "jws-tomcat8-postgresql-sti" - }, - "labels": { - "template": "jws-tomcat8-postgresql-sti" - }, - "parameters": [ - { - "description": "JWS Release version, e.g. 3.0, 2.1, etc.", - "name": "JWS_RELEASE", - "value": "3.0" - }, - { - "description": "The name for the application.", - "name": "APPLICATION_NAME", - "value": "jws-app" - }, - { - "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", - "name": "APPLICATION_HOSTNAME", - "value": "" - }, - { - "description": "Git source URI for application", - "name": "GIT_URI" - }, - { - "description": "Git branch/tag reference", - "name": "GIT_REF", - "value": "master" - }, - { - "description": "Path within Git project to build; empty for root project directory.", - "name": "GIT_CONTEXT_DIR", - "value": "" - }, - { - "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb", - "name": "DB_JNDI", - "value": "" - }, - { - "description": "Database name", - "name": "DB_DATABASE", - "value": "root" - }, - { - "description": "The name of the secret containing the certificate files", - "name": "JWS_HTTPS_SECRET", - "value": "jws-app-secret" - }, - { - "description": "The name of the certificate file within the secret", - "name": "JWS_HTTPS_CERTIFICATE", - "value": "server.crt" - }, - { - "description": "The name of the certificate key file within the secret", - "name": "JWS_HTTPS_CERTIFICATE_KEY", - "value": "server.key" - }, - { - "description": "The certificate password", - "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", - "value": "" - }, - { - "description": "Sets xa-pool/min-pool-size for the configured datasource.", - "name": "DB_MIN_POOL_SIZE" - }, - { - "description": "Sets xa-pool/max-pool-size for the configured datasource.", - "name": "DB_MAX_POOL_SIZE" - }, - { - "description": "Sets transaction-isolation for the configured datasource.", - "name": "DB_TX_ISOLATION" - }, - { - "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.", - "name": "POSTGRESQL_MAX_CONNECTIONS" - }, - { - "description": "Configures how much memory is dedicated to PostgreSQL for caching data.", - "name": "POSTGRESQL_SHARED_BUFFERS" - }, - { - "description": "Database user name", - "name": "DB_USERNAME", - "from": "user[a-zA-Z0-9]{3}", - "generate": "expression" - }, - { - "description": "Database user password", - "name": "DB_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "JWS Admin User", - "name": "JWS_ADMIN_USERNAME", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "JWS Admin Password", - "name": "JWS_ADMIN_PASSWORD", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Github trigger secret", - "name": "GITHUB_TRIGGER_SECRET", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - }, - { - "description": "Generic build trigger secret", - "name": "GENERIC_TRIGGER_SECRET", - "from": "[a-zA-Z0-9]{8}", - "generate": "expression" - } - ], - "objects": [ - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 8080, - "targetPort": 8080 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The web server's http port." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 8443, - "targetPort": 8443 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - } - }, - "metadata": { - "name": "secure-${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The web server's https port." - } - } - }, - { - "kind": "Service", - "apiVersion": "v1", - "spec": { - "ports": [ - { - "port": 5432, - "targetPort": 5432 - } - ], - "selector": { - "deploymentConfig": "${APPLICATION_NAME}-postgresql" - } - }, - "metadata": { - "name": "${APPLICATION_NAME}-postgresql", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "The database server's port." - } - } - }, - { - "kind": "Route", - "apiVersion": "v1", - "id": "${APPLICATION_NAME}-http-route", - "metadata": { - "name": "${APPLICATION_NAME}-http-route", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "Route for application's http service." - } - }, - "spec": { - "host": "${APPLICATION_HOSTNAME}", - "to": { - "name": "${APPLICATION_NAME}" - } - } - }, - { - "kind": "Route", - "apiVersion": "v1", - "id": "${APPLICATION_NAME}-https-route", - "metadata": { - "name": "${APPLICATION_NAME}-https-route", - "labels": { - "application": "${APPLICATION_NAME}" - }, - "annotations": { - "description": "Route for application's https service." - } - }, - "spec": { - "host": "${APPLICATION_HOSTNAME}", - "to": { - "name": "secure-${APPLICATION_NAME}" - }, - "tls": { - "termination" : "passthrough" - } - } - }, - { - "kind": "ImageStream", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - } - }, - { - "kind": "BuildConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "source": { - "type": "Git", - "git": { - "uri": "${GIT_URI}", - "ref": "${GIT_REF}" - }, - "contextDir":"${GIT_CONTEXT_DIR}" - }, - "strategy": { - "type": "Source", - "sourceStrategy": { - "from": { - "kind": "ImageStreamTag", - "namespace": "openshift", - "name": "jboss-webserver3-tomcat8-openshift:${JWS_RELEASE}" - } - } - }, - "output": { - "to": { - "kind": "ImageStreamTag", - "name": "${APPLICATION_NAME}:latest" - } - }, - "triggers": [ - { - "type": "GitHub", - "github": { - "secret": "${GITHUB_TRIGGER_SECRET}" - } - }, - { - "type": "Generic", - "generic": { - "secret": "${GENERIC_TRIGGER_SECRET}" - } - }, - { - "type": "ImageChange", - "imageChange": {} - } - ] - } - }, - { - "kind": "DeploymentConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "strategy": { - "type": "Recreate" - }, - "triggers": [ - { - "type": "ImageChange", - "imageChangeParams": { - "automatic": true, - "containerNames": [ - "${APPLICATION_NAME}" - ], - "from": { - "kind": "ImageStream", - "name": "${APPLICATION_NAME}" - } - } - } - ], - "replicas": 1, - "selector": { - "deploymentConfig": "${APPLICATION_NAME}" - }, - "template": { - "metadata": { - "name": "${APPLICATION_NAME}", - "labels": { - "deploymentConfig": "${APPLICATION_NAME}", - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "serviceAccount": "jws-service-account", - "containers": [ - { - "name": "${APPLICATION_NAME}", - "image": "${APPLICATION_NAME}", - "imagePullPolicy": "Always", - "readinessProbe": { - "exec": { - "command": [ - "/bin/bash", - "-c", - "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'" - ] - } - }, - "volumeMounts": [ - { - "name": "jws-certificate-volume", - "mountPath": "/etc/jws-secret-volume", - "readOnly": true - } - ], - "ports": [ - { - "name": "http", - "containerPort": 8080, - "protocol": "TCP" - }, - { - "name": "https", - "containerPort": 8443, - "protocol": "TCP" - } - ], - "env": [ - { - "name": "DB_SERVICE_PREFIX_MAPPING", - "value": "${APPLICATION_NAME}-postgresql=DB" - }, - { - "name": "DB_JNDI", - "value": "${DB_JNDI}" - }, - { - "name": "DB_USERNAME", - "value": "${DB_USERNAME}" - }, - { - "name": "DB_PASSWORD", - "value": "${DB_PASSWORD}" - }, - { - "name": "DB_DATABASE", - "value": "${DB_DATABASE}" - }, - { - "name": "DB_MIN_POOL_SIZE", - "value": "${DB_MIN_POOL_SIZE}" - }, - { - "name": "DB_MAX_POOL_SIZE", - "value": "${DB_MAX_POOL_SIZE}" - }, - { - "name": "DB_TX_ISOLATION", - "value": "${DB_TX_ISOLATION}" - }, - { - "name": "JWS_HTTPS_CERTIFICATE_DIR", - "value": "/etc/jws-secret-volume" - }, - { - "name": "JWS_HTTPS_CERTIFICATE", - "value": "${JWS_HTTPS_CERTIFICATE}" - }, - { - "name": "JWS_HTTPS_CERTIFICATE_KEY", - "value": "${JWS_HTTPS_CERTIFICATE_KEY}" - }, - { - "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", - "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}" - }, - { - "name": "JWS_ADMIN_USERNAME", - "value": "${JWS_ADMIN_USERNAME}" - }, - { - "name": "JWS_ADMIN_PASSWORD", - "value": "${JWS_ADMIN_PASSWORD}" - } - ] - } - ], - "volumes": [ - { - "name": "jws-certificate-volume", - "secret": { - "secretName": "${JWS_HTTPS_SECRET}" - } - } - ] - } - } - } - }, - { - "kind": "DeploymentConfig", - "apiVersion": "v1", - "metadata": { - "name": "${APPLICATION_NAME}-postgresql", - "labels": { - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "strategy": { - "type": "Recreate" - }, - "triggers": [ - { - "type": "ImageChange", - "imageChangeParams": { - "automatic": true, - "containerNames": [ - "${APPLICATION_NAME}-postgresql" - ], - "from": { - "kind": "ImageStreamTag", - "namespace": "openshift", - "name": "postgresql:latest" - } - } - } - ], - "replicas": 1, - "selector": { - "deploymentConfig": "${APPLICATION_NAME}-postgresql" - }, - "template": { - "metadata": { - "name": "${APPLICATION_NAME}-postgresql", - "labels": { - "deploymentConfig": "${APPLICATION_NAME}-postgresql", - "application": "${APPLICATION_NAME}" - } - }, - "spec": { - "containers": [ - { - "name": "${APPLICATION_NAME}-postgresql", - "image": "postgresql", - "ports": [ - { - "containerPort": 5432, - "protocol": "TCP" - } - ], - "env": [ - { - "name": "POSTGRESQL_USER", - "value": "${DB_USERNAME}" - }, - { - "name": "POSTGRESQL_PASSWORD", - "value": "${DB_PASSWORD}" - }, - { - "name": "POSTGRESQL_DATABASE", - "value": "${DB_DATABASE}" - }, - { - "name": "POSTGRESQL_MAX_CONNECTIONS", - "value": "${POSTGRESQL_MAX_CONNECTIONS}" - }, - { - "name": "POSTGRESQL_SHARED_BUFFERS", - "value": "${POSTGRESQL_SHARED_BUFFERS}" - } - ] - } - ] - } - } - } - } - ] -} diff --git a/roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat7-basic-s2i.json b/roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat7-basic-s2i.json new file mode 100644 index 000000000..729079130 --- /dev/null +++ b/roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat7-basic-s2i.json @@ -0,0 +1,279 @@ +{ + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "annotations": { + "iconClass": "icon-tomcat", + "description": "Application template for JWS applications built using S2I.", + "tags": "tomcat,tomcat7,java,jboss,xpaas", + "version": "1.1.0" + }, + "name": "jws30-tomcat7-basic-s2i" + }, + "labels": { + "template": "jws30-tomcat7-basic-s2i", + "xpaas": "1.1.0" + }, + "parameters": [ + { + "description": "The name for the application.", + "name": "APPLICATION_NAME", + "value": "jws-app", + "required": true + }, + { + "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", + "name": "APPLICATION_DOMAIN", + "value": "", + "required": false + }, + { + "description": "Git source URI for application", + "name": "SOURCE_REPOSITORY_URL", + "value": "https://github.com/jboss-openshift/openshift-quickstarts.git", + "required": true + }, + { + "description": "Git branch/tag reference", + "name": "SOURCE_REPOSITORY_REF", + "value": "1.1", + "required": false + }, + { + "description": "Path within Git project to build; empty for root project directory.", + "name": "CONTEXT_DIR", + "value": "tomcat-websocket-chat", + "required": false + }, + { + "description": "JWS Admin User", + "name": "JWS_ADMIN_USERNAME", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "JWS Admin Password", + "name": "JWS_ADMIN_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "GitHub trigger secret", + "name": "GITHUB_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Generic build trigger secret", + "name": "GENERIC_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.", + "name": "IMAGE_STREAM_NAMESPACE", + "value": "openshift", + "required": true + } + ], + "objects": [ + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8080, + "targetPort": 8080 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's http port." + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-http", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's http service." + } + }, + "spec": { + "host": "${APPLICATION_DOMAIN}", + "to": { + "name": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "ImageStream", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "BuildConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "source": { + "type": "Git", + "git": { + "uri": "${SOURCE_REPOSITORY_URL}", + "ref": "${SOURCE_REPOSITORY_REF}" + }, + "contextDir": "${CONTEXT_DIR}" + }, + "strategy": { + "type": "Source", + "sourceStrategy": { + "forcePull": true, + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "jboss-webserver30-tomcat7-openshift:1.1" + } + } + }, + "output": { + "to": { + "kind": "ImageStreamTag", + "name": "${APPLICATION_NAME}:latest" + } + }, + "triggers": [ + { + "type": "GitHub", + "github": { + "secret": "${GITHUB_WEBHOOK_SECRET}" + } + }, + { + "type": "Generic", + "generic": { + "secret": "${GENERIC_WEBHOOK_SECRET}" + } + }, + { + "type": "ImageChange", + "imageChange": {} + }, + { + "type": "ConfigChange" + } + ] + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}" + ], + "from": { + "kind": "ImageStream", + "name": "${APPLICATION_NAME}" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}", + "image": "${APPLICATION_NAME}", + "imagePullPolicy": "Always", + "readinessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'" + ] + } + }, + "ports": [ + { + "name": "http", + "containerPort": 8080, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "JWS_ADMIN_USERNAME", + "value": "${JWS_ADMIN_USERNAME}" + }, + { + "name": "JWS_ADMIN_PASSWORD", + "value": "${JWS_ADMIN_PASSWORD}" + } + ] + } + ] + } + } + } + } + ] +} diff --git a/roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat7-https-s2i.json b/roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat7-https-s2i.json new file mode 100644 index 000000000..7ce7e7fe2 --- /dev/null +++ b/roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat7-https-s2i.json @@ -0,0 +1,387 @@ +{ + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "annotations": { + "iconClass": "icon-tomcat", + "description": "Application template for JWS applications built using S2I.", + "tags": "tomcat,tomcat7,java,jboss,xpaas", + "version": "1.1.0" + }, + "name": "jws30-tomcat7-https-s2i" + }, + "labels": { + "template": "jws30-tomcat7-https-s2i", + "xpaas": "1.1.0" + }, + "parameters": [ + { + "description": "The name for the application.", + "name": "APPLICATION_NAME", + "value": "jws-app", + "required": true + }, + { + "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", + "name": "APPLICATION_DOMAIN", + "value": "", + "required": false + }, + { + "description": "Git source URI for application", + "name": "SOURCE_REPOSITORY_URL", + "value": "https://github.com/jboss-openshift/openshift-quickstarts.git", + "required": true + }, + { + "description": "Git branch/tag reference", + "name": "SOURCE_REPOSITORY_REF", + "value": "1.1", + "required": false + }, + { + "description": "Path within Git project to build; empty for root project directory.", + "name": "CONTEXT_DIR", + "value": "tomcat-websocket-chat", + "required": false + }, + { + "description": "The name of the secret containing the certificate files", + "name": "JWS_HTTPS_SECRET", + "value": "jws-app-secret", + "required": true + }, + { + "description": "The name of the certificate file within the secret", + "name": "JWS_HTTPS_CERTIFICATE", + "value": "server.crt", + "required": false + }, + { + "description": "The name of the certificate key file within the secret", + "name": "JWS_HTTPS_CERTIFICATE_KEY", + "value": "server.key", + "required": false + }, + { + "description": "The certificate password", + "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", + "value": "", + "required": false + }, + { + "description": "JWS Admin User", + "name": "JWS_ADMIN_USERNAME", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "JWS Admin Password", + "name": "JWS_ADMIN_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "GitHub trigger secret", + "name": "GITHUB_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Generic build trigger secret", + "name": "GENERIC_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.", + "name": "IMAGE_STREAM_NAMESPACE", + "value": "openshift", + "required": true + } + ], + "objects": [ + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8080, + "targetPort": 8080 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's http port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8443, + "targetPort": 8443 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's https port." + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-http", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's http service." + } + }, + "spec": { + "host": "${APPLICATION_DOMAIN}", + "to": { + "name": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-https", + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's https service." + } + }, + "spec": { + "host": "${APPLICATION_DOMAIN}", + "to": { + "name": "secure-${APPLICATION_NAME}" + }, + "tls": { + "termination": "passthrough" + } + } + }, + { + "kind": "ImageStream", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "BuildConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "source": { + "type": "Git", + "git": { + "uri": "${SOURCE_REPOSITORY_URL}", + "ref": "${SOURCE_REPOSITORY_REF}" + }, + "contextDir": "${CONTEXT_DIR}" + }, + "strategy": { + "type": "Source", + "sourceStrategy": { + "forcePull": true, + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "jboss-webserver30-tomcat7-openshift:1.1" + } + } + }, + "output": { + "to": { + "kind": "ImageStreamTag", + "name": "${APPLICATION_NAME}:latest" + } + }, + "triggers": [ + { + "type": "GitHub", + "github": { + "secret": "${GITHUB_WEBHOOK_SECRET}" + } + }, + { + "type": "Generic", + "generic": { + "secret": "${GENERIC_WEBHOOK_SECRET}" + } + }, + { + "type": "ImageChange", + "imageChange": {} + }, + { + "type": "ConfigChange" + } + ] + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}" + ], + "from": { + "kind": "ImageStream", + "name": "${APPLICATION_NAME}" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "serviceAccount": "jws-service-account", + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}", + "image": "${APPLICATION_NAME}", + "imagePullPolicy": "Always", + "readinessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'" + ] + } + }, + "volumeMounts": [ + { + "name": "jws-certificate-volume", + "mountPath": "/etc/jws-secret-volume", + "readOnly": true + } + ], + "ports": [ + { + "name": "http", + "containerPort": 8080, + "protocol": "TCP" + }, + { + "name": "https", + "containerPort": 8443, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "JWS_HTTPS_CERTIFICATE_DIR", + "value": "/etc/jws-secret-volume" + }, + { + "name": "JWS_HTTPS_CERTIFICATE", + "value": "${JWS_HTTPS_CERTIFICATE}" + }, + { + "name": "JWS_HTTPS_CERTIFICATE_KEY", + "value": "${JWS_HTTPS_CERTIFICATE_KEY}" + }, + { + "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", + "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}" + }, + { + "name": "JWS_ADMIN_USERNAME", + "value": "${JWS_ADMIN_USERNAME}" + }, + { + "name": "JWS_ADMIN_PASSWORD", + "value": "${JWS_ADMIN_PASSWORD}" + } + ] + } + ], + "volumes": [ + { + "name": "jws-certificate-volume", + "secret": { + "secretName": "${JWS_HTTPS_SECRET}" + } + } + ] + } + } + } + } + ] +} diff --git a/roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat7-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat7-mongodb-persistent-s2i.json new file mode 100644 index 000000000..9a08ec0b0 --- /dev/null +++ b/roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat7-mongodb-persistent-s2i.json @@ -0,0 +1,643 @@ +{ + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "annotations": { + "iconClass": "icon-tomcat", + "description": "Application template for JWS MongoDB applications with persistent storage built using S2I.", + "tags": "tomcat,tomcat7,mongodb,java,database,jboss,xpaas", + "version": "1.1.0" + }, + "name": "jws30-tomcat7-mongodb-persistent-s2i" + }, + "labels": { + "template": "jws30-tomcat7-mongodb-persistent-s2i", + "xpaas": "1.1.0" + }, + "parameters": [ + { + "description": "The name for the application.", + "name": "APPLICATION_NAME", + "value": "jws-app", + "required": true + }, + { + "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", + "name": "APPLICATION_DOMAIN", + "value": "", + "required": false + }, + { + "description": "Git source URI for application", + "name": "SOURCE_REPOSITORY_URL", + "value": "https://github.com/jboss-openshift/openshift-quickstarts", + "required": true + }, + { + "description": "Git branch/tag reference", + "name": "SOURCE_REPOSITORY_REF", + "value": "1.1", + "required": false + }, + { + "description": "Path within Git project to build; empty for root project directory.", + "name": "CONTEXT_DIR", + "value": "todolist/todolist-mongodb", + "required": false + }, + { + "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb", + "name": "DB_JNDI", + "value": "", + "required": false + }, + { + "description": "Database name", + "name": "DB_DATABASE", + "value": "root", + "required": true + }, + { + "description": "Size of persistent storage for database volume.", + "name": "VOLUME_CAPACITY", + "value": "512Mi", + "required": true + }, + { + "description": "The name of the secret containing the certificate files", + "name": "JWS_HTTPS_SECRET", + "value": "jws-app-secret", + "required": true + }, + { + "description": "The name of the certificate file within the secret", + "name": "JWS_HTTPS_CERTIFICATE", + "value": "server.crt", + "required": false + }, + { + "description": "The name of the certificate key file within the secret", + "name": "JWS_HTTPS_CERTIFICATE_KEY", + "value": "server.key", + "required": false + }, + { + "description": "The certificate password", + "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", + "value": "", + "required": false + }, + { + "description": "Sets xa-pool/min-pool-size for the configured datasource.", + "name": "DB_MIN_POOL_SIZE", + "required": false + }, + { + "description": "Sets xa-pool/max-pool-size for the configured datasource.", + "name": "DB_MAX_POOL_SIZE", + "required": false + }, + { + "description": "Sets transaction-isolation for the configured datasource.", + "name": "DB_TX_ISOLATION", + "required": false + }, + { + "description": "Disable data file preallocation.", + "name": "MONGODB_NOPREALLOC", + "required": false + }, + { + "description": "Set MongoDB to use a smaller default data file size.", + "name": "MONGODB_SMALLFILES", + "required": false + }, + { + "description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.", + "name": "MONGODB_QUIET", + "required": false + }, + { + "description": "Database user name", + "name": "DB_USERNAME", + "from": "user[a-zA-Z0-9]{3}", + "generate": "expression", + "required": true + }, + { + "description": "Database user password", + "name": "DB_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Database admin password", + "name": "DB_ADMIN_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "JWS Admin User", + "name": "JWS_ADMIN_USERNAME", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "JWS Admin Password", + "name": "JWS_ADMIN_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "GitHub trigger secret", + "name": "GITHUB_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Generic build trigger secret", + "name": "GENERIC_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.", + "name": "IMAGE_STREAM_NAMESPACE", + "value": "openshift", + "required": true + } + ], + "objects": [ + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8080, + "targetPort": 8080 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's http port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8443, + "targetPort": 8443 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's https port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 27017, + "targetPort": 27017 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-mongodb" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-mongodb", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The database server's port." + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-http", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's http service." + } + }, + "spec": { + "host": "${APPLICATION_DOMAIN}", + "to": { + "name": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-https", + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's https service." + } + }, + "spec": { + "host": "${APPLICATION_DOMAIN}", + "to": { + "name": "secure-${APPLICATION_NAME}" + }, + "tls": { + "termination": "passthrough" + } + } + }, + { + "kind": "ImageStream", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "BuildConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "source": { + "type": "Git", + "git": { + "uri": "${SOURCE_REPOSITORY_URL}", + "ref": "${SOURCE_REPOSITORY_REF}" + }, + "contextDir": "${CONTEXT_DIR}" + }, + "strategy": { + "type": "Source", + "sourceStrategy": { + "forcePull": true, + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "jboss-webserver30-tomcat7-openshift:1.1" + } + } + }, + "output": { + "to": { + "kind": "ImageStreamTag", + "name": "${APPLICATION_NAME}:latest" + } + }, + "triggers": [ + { + "type": "GitHub", + "github": { + "secret": "${GITHUB_WEBHOOK_SECRET}" + } + }, + { + "type": "Generic", + "generic": { + "secret": "${GENERIC_WEBHOOK_SECRET}" + } + }, + { + "type": "ImageChange", + "imageChange": {} + }, + { + "type": "ConfigChange" + } + ] + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}" + ], + "from": { + "kind": "ImageStream", + "name": "${APPLICATION_NAME}" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "serviceAccount": "jws-service-account", + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}", + "image": "${APPLICATION_NAME}", + "imagePullPolicy": "Always", + "readinessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'" + ] + } + }, + "volumeMounts": [ + { + "name": "jws-certificate-volume", + "mountPath": "/etc/jws-secret-volume", + "readOnly": true + } + ], + "ports": [ + { + "name": "http", + "containerPort": 8080, + "protocol": "TCP" + }, + { + "name": "https", + "containerPort": 8443, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "DB_SERVICE_PREFIX_MAPPING", + "value": "${APPLICATION_NAME}-mongodb=DB" + }, + { + "name": "DB_JNDI", + "value": "${DB_JNDI}" + }, + { + "name": "DB_USERNAME", + "value": "${DB_USERNAME}" + }, + { + "name": "DB_PASSWORD", + "value": "${DB_PASSWORD}" + }, + { + "name": "DB_DATABASE", + "value": "${DB_DATABASE}" + }, + { + "name": "DB_ADMIN_PASSWORD", + "value": "${DB_ADMIN_PASSWORD}" + }, + { + "name": "DB_MIN_POOL_SIZE", + "value": "${DB_MIN_POOL_SIZE}" + }, + { + "name": "DB_MAX_POOL_SIZE", + "value": "${DB_MAX_POOL_SIZE}" + }, + { + "name": "DB_TX_ISOLATION", + "value": "${DB_TX_ISOLATION}" + }, + { + "name": "JWS_HTTPS_CERTIFICATE_DIR", + "value": "/etc/jws-secret-volume" + }, + { + "name": "JWS_HTTPS_CERTIFICATE", + "value": "${JWS_HTTPS_CERTIFICATE}" + }, + { + "name": "JWS_HTTPS_CERTIFICATE_KEY", + "value": "${JWS_HTTPS_CERTIFICATE_KEY}" + }, + { + "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", + "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}" + }, + { + "name": "JWS_ADMIN_USERNAME", + "value": "${JWS_ADMIN_USERNAME}" + }, + { + "name": "JWS_ADMIN_PASSWORD", + "value": "${JWS_ADMIN_PASSWORD}" + } + ] + } + ], + "volumes": [ + { + "name": "jws-certificate-volume", + "secret": { + "secretName": "${JWS_HTTPS_SECRET}" + } + } + ] + } + } + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}-mongodb", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}-mongodb" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "mongodb:latest" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-mongodb" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}-mongodb", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}-mongodb", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}-mongodb", + "image": "mongodb", + "imagePullPolicy": "Always", + "ports": [ + { + "containerPort": 27017, + "protocol": "TCP" + } + ], + "volumeMounts": [ + { + "mountPath": "/var/lib/mongodb/data", + "name": "${APPLICATION_NAME}-mongodb-pvol" + } + ], + "env": [ + { + "name": "MONGODB_USER", + "value": "${DB_USERNAME}" + }, + { + "name": "MONGODB_PASSWORD", + "value": "${DB_PASSWORD}" + }, + { + "name": "MONGODB_DATABASE", + "value": "${DB_DATABASE}" + }, + { + "name": "MONGODB_ADMIN_PASSWORD", + "value": "${DB_ADMIN_PASSWORD}" + }, + { + "name": "MONGODB_NOPREALLOC", + "value": "${MONGODB_NOPREALLOC}" + }, + { + "name": "MONGODB_SMALLFILES", + "value": "${MONGODB_SMALLFILES}" + }, + { + "name": "MONGODB_QUIET", + "value": "${MONGODB_QUIET}" + } + ] + } + ], + "volumes": [ + { + "name": "${APPLICATION_NAME}-mongodb-pvol", + "persistentVolumeClaim": { + "claimName": "${APPLICATION_NAME}-mongodb-claim" + } + } + ] + } + } + } + }, + { + "apiVersion": "v1", + "kind": "PersistentVolumeClaim", + "metadata": { + "name": "${APPLICATION_NAME}-mongodb-claim", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "accessModes": [ + "ReadWriteOnce" + ], + "resources": { + "requests": { + "storage": "${VOLUME_CAPACITY}" + } + } + } + } + ] +} \ No newline at end of file diff --git a/roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat7-mongodb-s2i.json b/roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat7-mongodb-s2i.json new file mode 100644 index 000000000..b8dfb3ad3 --- /dev/null +++ b/roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat7-mongodb-s2i.json @@ -0,0 +1,603 @@ +{ + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "annotations": { + "iconClass": "icon-tomcat", + "description": "Application template for JWS MongoDB applications built using S2I.", + "tags": "tomcat,tomcat7,mongodb,java,database,jboss,xpaas", + "version": "1.1.0" + }, + "name": "jws30-tomcat7-mongodb-s2i" + }, + "labels": { + "template": "jws30-tomcat7-mongodb-s2i", + "xpaas": "1.1.0" + }, + "parameters": [ + { + "description": "The name for the application.", + "name": "APPLICATION_NAME", + "value": "jws-app", + "required": true + }, + { + "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", + "name": "APPLICATION_DOMAIN", + "value": "", + "required": false + }, + { + "description": "Git source URI for application", + "name": "SOURCE_REPOSITORY_URL", + "value": "https://github.com/jboss-openshift/openshift-quickstarts", + "required": true + }, + { + "description": "Git branch/tag reference", + "name": "SOURCE_REPOSITORY_REF", + "value": "1.1", + "required": false + }, + { + "description": "Path within Git project to build; empty for root project directory.", + "name": "CONTEXT_DIR", + "value": "todolist/todolist-mongodb", + "required": false + }, + { + "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb", + "name": "DB_JNDI", + "value": "", + "required": false + }, + { + "description": "Database name", + "name": "DB_DATABASE", + "value": "root", + "required": true + }, + { + "description": "The name of the secret containing the certificate files", + "name": "JWS_HTTPS_SECRET", + "value": "jws-app-secret", + "required": true + }, + { + "description": "The name of the certificate file within the secret", + "name": "JWS_HTTPS_CERTIFICATE", + "value": "server.crt", + "required": false + }, + { + "description": "The name of the certificate key file within the secret", + "name": "JWS_HTTPS_CERTIFICATE_KEY", + "value": "server.key", + "required": false + }, + { + "description": "The certificate password", + "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", + "value": "", + "required": false + }, + { + "description": "Sets xa-pool/min-pool-size for the configured datasource.", + "name": "DB_MIN_POOL_SIZE", + "required": false + }, + { + "description": "Sets xa-pool/max-pool-size for the configured datasource.", + "name": "DB_MAX_POOL_SIZE", + "required": false + }, + { + "description": "Sets transaction-isolation for the configured datasource.", + "name": "DB_TX_ISOLATION", + "required": false + }, + { + "description": "Disable data file preallocation.", + "name": "MONGODB_NOPREALLOC", + "required": false + }, + { + "description": "Set MongoDB to use a smaller default data file size.", + "name": "MONGODB_SMALLFILES", + "required": false + }, + { + "description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.", + "name": "MONGODB_QUIET", + "required": false + }, + { + "description": "Database user name", + "name": "DB_USERNAME", + "from": "user[a-zA-Z0-9]{3}", + "generate": "expression", + "required": true + }, + { + "description": "Database user password", + "name": "DB_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Database admin password", + "name": "DB_ADMIN_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "JWS Admin User", + "name": "JWS_ADMIN_USERNAME", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "JWS Admin Password", + "name": "JWS_ADMIN_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "GitHub trigger secret", + "name": "GITHUB_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Generic build trigger secret", + "name": "GENERIC_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.", + "name": "IMAGE_STREAM_NAMESPACE", + "value": "openshift", + "required": true + } + ], + "objects": [ + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8080, + "targetPort": 8080 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's http port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8443, + "targetPort": 8443 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's https port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 27017, + "targetPort": 27017 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-mongodb" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-mongodb", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The database server's port." + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-http", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's http service." + } + }, + "spec": { + "host": "${APPLICATION_DOMAIN}", + "to": { + "name": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-https", + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's https service." + } + }, + "spec": { + "host": "${APPLICATION_DOMAIN}", + "to": { + "name": "secure-${APPLICATION_NAME}" + }, + "tls": { + "termination": "passthrough" + } + } + }, + { + "kind": "ImageStream", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "BuildConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "source": { + "type": "Git", + "git": { + "uri": "${SOURCE_REPOSITORY_URL}", + "ref": "${SOURCE_REPOSITORY_REF}" + }, + "contextDir": "${CONTEXT_DIR}" + }, + "strategy": { + "type": "Source", + "sourceStrategy": { + "forcePull": true, + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "jboss-webserver30-tomcat7-openshift:1.1" + } + } + }, + "output": { + "to": { + "kind": "ImageStreamTag", + "name": "${APPLICATION_NAME}:latest" + } + }, + "triggers": [ + { + "type": "GitHub", + "github": { + "secret": "${GITHUB_WEBHOOK_SECRET}" + } + }, + { + "type": "Generic", + "generic": { + "secret": "${GENERIC_WEBHOOK_SECRET}" + } + }, + { + "type": "ImageChange", + "imageChange": {} + }, + { + "type": "ConfigChange" + } + ] + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}" + ], + "from": { + "kind": "ImageStream", + "name": "${APPLICATION_NAME}" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "serviceAccount": "jws-service-account", + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}", + "image": "${APPLICATION_NAME}", + "imagePullPolicy": "Always", + "readinessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'" + ] + } + }, + "volumeMounts": [ + { + "name": "jws-certificate-volume", + "mountPath": "/etc/jws-secret-volume", + "readOnly": true + } + ], + "ports": [ + { + "name": "http", + "containerPort": 8080, + "protocol": "TCP" + }, + { + "name": "https", + "containerPort": 8443, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "DB_SERVICE_PREFIX_MAPPING", + "value": "${APPLICATION_NAME}-mongodb=DB" + }, + { + "name": "DB_JNDI", + "value": "${DB_JNDI}" + }, + { + "name": "DB_USERNAME", + "value": "${DB_USERNAME}" + }, + { + "name": "DB_PASSWORD", + "value": "${DB_PASSWORD}" + }, + { + "name": "DB_DATABASE", + "value": "${DB_DATABASE}" + }, + { + "name": "DB_ADMIN_PASSWORD", + "value": "${DB_ADMIN_PASSWORD}" + }, + { + "name": "DB_MIN_POOL_SIZE", + "value": "${DB_MIN_POOL_SIZE}" + }, + { + "name": "DB_MAX_POOL_SIZE", + "value": "${DB_MAX_POOL_SIZE}" + }, + { + "name": "DB_TX_ISOLATION", + "value": "${DB_TX_ISOLATION}" + }, + { + "name": "JWS_HTTPS_CERTIFICATE_DIR", + "value": "/etc/jws-secret-volume" + }, + { + "name": "JWS_HTTPS_CERTIFICATE", + "value": "${JWS_HTTPS_CERTIFICATE}" + }, + { + "name": "JWS_HTTPS_CERTIFICATE_KEY", + "value": "${JWS_HTTPS_CERTIFICATE_KEY}" + }, + { + "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", + "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}" + }, + { + "name": "JWS_ADMIN_USERNAME", + "value": "${JWS_ADMIN_USERNAME}" + }, + { + "name": "JWS_ADMIN_PASSWORD", + "value": "${JWS_ADMIN_PASSWORD}" + } + ] + } + ], + "volumes": [ + { + "name": "jws-certificate-volume", + "secret": { + "secretName": "${JWS_HTTPS_SECRET}" + } + } + ] + } + } + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}-mongodb", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}-mongodb" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "mongodb:latest" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-mongodb" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}-mongodb", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}-mongodb", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}-mongodb", + "image": "mongodb", + "imagePullPolicy": "Always", + "ports": [ + { + "containerPort": 27017, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "MONGODB_USER", + "value": "${DB_USERNAME}" + }, + { + "name": "MONGODB_PASSWORD", + "value": "${DB_PASSWORD}" + }, + { + "name": "MONGODB_DATABASE", + "value": "${DB_DATABASE}" + }, + { + "name": "MONGODB_ADMIN_PASSWORD", + "value": "${DB_ADMIN_PASSWORD}" + }, + { + "name": "MONGODB_NOPREALLOC", + "value": "${MONGODB_NOPREALLOC}" + }, + { + "name": "MONGODB_SMALLFILES", + "value": "${MONGODB_SMALLFILES}" + }, + { + "name": "MONGODB_QUIET", + "value": "${MONGODB_QUIET}" + } + ] + } + ] + } + } + } + } + ] +} \ No newline at end of file diff --git a/roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat7-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat7-mysql-persistent-s2i.json new file mode 100644 index 000000000..d36e330d3 --- /dev/null +++ b/roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat7-mysql-persistent-s2i.json @@ -0,0 +1,645 @@ +{ + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "annotations": { + "iconClass": "icon-tomcat", + "description": "Application template for JWS MySQL applications with persistent storage built using S2I.", + "tags": "tomcat,tomcat7,mysql,java,database,jboss,xpaas", + "version": "1.1.0" + }, + "name": "jws30-tomcat7-mysql-persistent-s2i" + }, + "labels": { + "template": "jws30-tomcat7-mysql-persistent-s2i", + "xpaas": "1.1.0" + }, + "parameters": [ + { + "description": "The name for the application.", + "name": "APPLICATION_NAME", + "value": "jws-app", + "required": true + }, + { + "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", + "name": "APPLICATION_DOMAIN", + "value": "", + "required": false + }, + { + "description": "Git source URI for application", + "name": "SOURCE_REPOSITORY_URL", + "value": "https://github.com/jboss-openshift/openshift-quickstarts", + "required": true + }, + { + "description": "Git branch/tag reference", + "name": "SOURCE_REPOSITORY_REF", + "value": "1.1", + "required": false + }, + { + "description": "Path within Git project to build; empty for root project directory.", + "name": "CONTEXT_DIR", + "value": "todolist/todolist-jdbc", + "required": false + }, + { + "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb", + "name": "DB_JNDI", + "value": "java:jboss/datasources/TodoListDS", + "required": false + }, + { + "description": "Database name", + "name": "DB_DATABASE", + "value": "root", + "required": true + }, + { + "description": "Size of persistent storage for database volume.", + "name": "VOLUME_CAPACITY", + "value": "512Mi", + "required": true + }, + { + "description": "The name of the secret containing the certificate files", + "name": "JWS_HTTPS_SECRET", + "value": "jws-app-secret", + "required": true + }, + { + "description": "The name of the certificate file within the secret", + "name": "JWS_HTTPS_CERTIFICATE", + "value": "server.crt", + "required": false + }, + { + "description": "The name of the certificate key file within the secret", + "name": "JWS_HTTPS_CERTIFICATE_KEY", + "value": "server.key", + "required": false + }, + { + "description": "The certificate password", + "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", + "value": "", + "required": false + }, + { + "description": "Sets xa-pool/min-pool-size for the configured datasource.", + "name": "DB_MIN_POOL_SIZE", + "required": false + }, + { + "description": "Sets xa-pool/max-pool-size for the configured datasource.", + "name": "DB_MAX_POOL_SIZE", + "required": false + }, + { + "description": "Sets transaction-isolation for the configured datasource.", + "name": "DB_TX_ISOLATION", + "required": false + }, + { + "description": "Sets how the table names are stored and compared.", + "name": "MYSQL_LOWER_CASE_TABLE_NAMES", + "required": false + }, + { + "description": "The maximum permitted number of simultaneous client connections.", + "name": "MYSQL_MAX_CONNECTIONS", + "required": false + }, + { + "description": "The minimum length of the word to be included in a FULLTEXT index.", + "name": "MYSQL_FT_MIN_WORD_LEN", + "required": false + }, + { + "description": "The maximum length of the word to be included in a FULLTEXT index.", + "name": "MYSQL_FT_MAX_WORD_LEN", + "required": false + }, + { + "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.", + "name": "MYSQL_AIO", + "required": false + }, + { + "description": "Database user name", + "name": "DB_USERNAME", + "from": "user[a-zA-Z0-9]{3}", + "generate": "expression", + "required": true + }, + { + "description": "Database user password", + "name": "DB_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "JWS Admin User", + "name": "JWS_ADMIN_USERNAME", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "JWS Admin Password", + "name": "JWS_ADMIN_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "GitHub trigger secret", + "name": "GITHUB_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Generic build trigger secret", + "name": "GENERIC_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.", + "name": "IMAGE_STREAM_NAMESPACE", + "value": "openshift", + "required": true + } + ], + "objects": [ + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8080, + "targetPort": 8080 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's http port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8443, + "targetPort": 8443 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's https port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 3306, + "targetPort": 3306 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-mysql" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-mysql", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The database server's port." + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-http", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's http service." + } + }, + "spec": { + "host": "${APPLICATION_DOMAIN}", + "to": { + "name": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-https", + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's https service." + } + }, + "spec": { + "host": "${APPLICATION_DOMAIN}", + "to": { + "name": "secure-${APPLICATION_NAME}" + }, + "tls": { + "termination": "passthrough" + } + } + }, + { + "kind": "ImageStream", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "BuildConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "source": { + "type": "Git", + "git": { + "uri": "${SOURCE_REPOSITORY_URL}", + "ref": "${SOURCE_REPOSITORY_REF}" + }, + "contextDir": "${CONTEXT_DIR}" + }, + "strategy": { + "type": "Source", + "sourceStrategy": { + "forcePull": true, + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "jboss-webserver30-tomcat7-openshift:1.1" + } + } + }, + "output": { + "to": { + "kind": "ImageStreamTag", + "name": "${APPLICATION_NAME}:latest" + } + }, + "triggers": [ + { + "type": "GitHub", + "github": { + "secret": "${GITHUB_WEBHOOK_SECRET}" + } + }, + { + "type": "Generic", + "generic": { + "secret": "${GENERIC_WEBHOOK_SECRET}" + } + }, + { + "type": "ImageChange", + "imageChange": {} + }, + { + "type": "ConfigChange" + } + ] + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}" + ], + "from": { + "kind": "ImageStream", + "name": "${APPLICATION_NAME}" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "serviceAccount": "jws-service-account", + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}", + "image": "${APPLICATION_NAME}", + "imagePullPolicy": "Always", + "readinessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'" + ] + } + }, + "volumeMounts": [ + { + "name": "jws-certificate-volume", + "mountPath": "/etc/jws-secret-volume", + "readOnly": true + } + ], + "ports": [ + { + "name": "http", + "containerPort": 8080, + "protocol": "TCP" + }, + { + "name": "https", + "containerPort": 8443, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "DB_SERVICE_PREFIX_MAPPING", + "value": "${APPLICATION_NAME}-mysql=DB" + }, + { + "name": "DB_JNDI", + "value": "${DB_JNDI}" + }, + { + "name": "DB_USERNAME", + "value": "${DB_USERNAME}" + }, + { + "name": "DB_PASSWORD", + "value": "${DB_PASSWORD}" + }, + { + "name": "DB_DATABASE", + "value": "${DB_DATABASE}" + }, + { + "name": "DB_MIN_POOL_SIZE", + "value": "${DB_MIN_POOL_SIZE}" + }, + { + "name": "DB_MAX_POOL_SIZE", + "value": "${DB_MAX_POOL_SIZE}" + }, + { + "name": "DB_TX_ISOLATION", + "value": "${DB_TX_ISOLATION}" + }, + { + "name": "JWS_HTTPS_CERTIFICATE_DIR", + "value": "/etc/jws-secret-volume" + }, + { + "name": "JWS_HTTPS_CERTIFICATE", + "value": "${JWS_HTTPS_CERTIFICATE}" + }, + { + "name": "JWS_HTTPS_CERTIFICATE_KEY", + "value": "${JWS_HTTPS_CERTIFICATE_KEY}" + }, + { + "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", + "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}" + }, + { + "name": "JWS_ADMIN_USERNAME", + "value": "${JWS_ADMIN_USERNAME}" + }, + { + "name": "JWS_ADMIN_PASSWORD", + "value": "${JWS_ADMIN_PASSWORD}" + } + ] + } + ], + "volumes": [ + { + "name": "jws-certificate-volume", + "secret": { + "secretName": "${JWS_HTTPS_SECRET}" + } + } + ] + } + } + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}-mysql", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}-mysql" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "mysql:latest" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-mysql" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}-mysql", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}-mysql", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}-mysql", + "image": "mysql", + "ports": [ + { + "containerPort": 3306, + "protocol": "TCP" + } + ], + "volumeMounts": [ + { + "mountPath": "/var/lib/mysql/data", + "name": "${APPLICATION_NAME}-mysql-pvol" + } + ], + "env": [ + { + "name": "MYSQL_USER", + "value": "${DB_USERNAME}" + }, + { + "name": "MYSQL_PASSWORD", + "value": "${DB_PASSWORD}" + }, + { + "name": "MYSQL_DATABASE", + "value": "${DB_DATABASE}" + }, + { + "name": "MYSQL_LOWER_CASE_TABLE_NAMES", + "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}" + }, + { + "name": "MYSQL_MAX_CONNECTIONS", + "value": "${MYSQL_MAX_CONNECTIONS}" + }, + { + "name": "MYSQL_FT_MIN_WORD_LEN", + "value": "${MYSQL_FT_MIN_WORD_LEN}" + }, + { + "name": "MYSQL_FT_MAX_WORD_LEN", + "value": "${MYSQL_FT_MAX_WORD_LEN}" + }, + { + "name": "MYSQL_AIO", + "value": "${MYSQL_AIO}" + } + ] + } + ], + "volumes": [ + { + "name": "${APPLICATION_NAME}-mysql-pvol", + "persistentVolumeClaim": { + "claimName": "${APPLICATION_NAME}-mysql-claim" + } + } + ] + } + } + } + }, + { + "apiVersion": "v1", + "kind": "PersistentVolumeClaim", + "metadata": { + "name": "${APPLICATION_NAME}-mysql-claim", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "accessModes": [ + "ReadWriteOnce" + ], + "resources": { + "requests": { + "storage": "${VOLUME_CAPACITY}" + } + } + } + } + ] +} \ No newline at end of file diff --git a/roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat7-mysql-s2i.json b/roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat7-mysql-s2i.json new file mode 100644 index 000000000..f5309db60 --- /dev/null +++ b/roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat7-mysql-s2i.json @@ -0,0 +1,605 @@ +{ + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "annotations": { + "iconClass": "icon-tomcat", + "description": "Application template for JWS MySQL applications built using S2I.", + "tags": "tomcat,tomcat7,mysql,java,database,jboss,xpaas", + "version": "1.1.0" + }, + "name": "jws30-tomcat7-mysql-s2i" + }, + "labels": { + "template": "jws30-tomcat7-mysql-s2i", + "xpaas": "1.1.0" + }, + "parameters": [ + { + "description": "The name for the application.", + "name": "APPLICATION_NAME", + "value": "jws-app", + "required": true + }, + { + "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", + "name": "APPLICATION_DOMAIN", + "value": "", + "required": false + }, + { + "description": "Git source URI for application", + "name": "SOURCE_REPOSITORY_URL", + "value": "https://github.com/jboss-openshift/openshift-quickstarts", + "required": true + }, + { + "description": "Git branch/tag reference", + "name": "SOURCE_REPOSITORY_REF", + "value": "1.1", + "required": false + }, + { + "description": "Path within Git project to build; empty for root project directory.", + "name": "CONTEXT_DIR", + "value": "todolist/todolist-jdbc", + "required": false + }, + { + "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb", + "name": "DB_JNDI", + "value": "java:jboss/datasources/TodoListDS", + "required": false + }, + { + "description": "Database name", + "name": "DB_DATABASE", + "value": "root", + "required": true + }, + { + "description": "The name of the secret containing the certificate files", + "name": "JWS_HTTPS_SECRET", + "value": "jws-app-secret", + "required": true + }, + { + "description": "The name of the certificate file within the secret", + "name": "JWS_HTTPS_CERTIFICATE", + "value": "server.crt", + "required": false + }, + { + "description": "The name of the certificate key file within the secret", + "name": "JWS_HTTPS_CERTIFICATE_KEY", + "value": "server.key", + "required": false + }, + { + "description": "The certificate password", + "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", + "value": "", + "required": false + }, + { + "description": "Sets xa-pool/min-pool-size for the configured datasource.", + "name": "DB_MIN_POOL_SIZE", + "required": false + }, + { + "description": "Sets xa-pool/max-pool-size for the configured datasource.", + "name": "DB_MAX_POOL_SIZE", + "required": false + }, + { + "description": "Sets transaction-isolation for the configured datasource.", + "name": "DB_TX_ISOLATION", + "required": false + }, + { + "description": "Sets how the table names are stored and compared.", + "name": "MYSQL_LOWER_CASE_TABLE_NAMES", + "required": false + }, + { + "description": "The maximum permitted number of simultaneous client connections.", + "name": "MYSQL_MAX_CONNECTIONS", + "required": false + }, + { + "description": "The minimum length of the word to be included in a FULLTEXT index.", + "name": "MYSQL_FT_MIN_WORD_LEN", + "required": false + }, + { + "description": "The maximum length of the word to be included in a FULLTEXT index.", + "name": "MYSQL_FT_MAX_WORD_LEN", + "required": false + }, + { + "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.", + "name": "MYSQL_AIO", + "required": false + }, + { + "description": "Database user name", + "name": "DB_USERNAME", + "from": "user[a-zA-Z0-9]{3}", + "generate": "expression", + "required": true + }, + { + "description": "Database user password", + "name": "DB_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "JWS Admin User", + "name": "JWS_ADMIN_USERNAME", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "JWS Admin Password", + "name": "JWS_ADMIN_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "GitHub trigger secret", + "name": "GITHUB_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Generic build trigger secret", + "name": "GENERIC_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.", + "name": "IMAGE_STREAM_NAMESPACE", + "value": "openshift", + "required": true + } + ], + "objects": [ + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8080, + "targetPort": 8080 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's http port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8443, + "targetPort": 8443 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's https port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 3306, + "targetPort": 3306 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-mysql" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-mysql", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The database server's port." + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-http", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's http service." + } + }, + "spec": { + "host": "${APPLICATION_DOMAIN}", + "to": { + "name": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-https", + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's https service." + } + }, + "spec": { + "host": "${APPLICATION_DOMAIN}", + "to": { + "name": "secure-${APPLICATION_NAME}" + }, + "tls": { + "termination": "passthrough" + } + } + }, + { + "kind": "ImageStream", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "BuildConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "source": { + "type": "Git", + "git": { + "uri": "${SOURCE_REPOSITORY_URL}", + "ref": "${SOURCE_REPOSITORY_REF}" + }, + "contextDir": "${CONTEXT_DIR}" + }, + "strategy": { + "type": "Source", + "sourceStrategy": { + "forcePull": true, + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "jboss-webserver30-tomcat7-openshift:1.1" + } + } + }, + "output": { + "to": { + "kind": "ImageStreamTag", + "name": "${APPLICATION_NAME}:latest" + } + }, + "triggers": [ + { + "type": "GitHub", + "github": { + "secret": "${GITHUB_WEBHOOK_SECRET}" + } + }, + { + "type": "Generic", + "generic": { + "secret": "${GENERIC_WEBHOOK_SECRET}" + } + }, + { + "type": "ImageChange", + "imageChange": {} + }, + { + "type": "ConfigChange" + } + ] + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}" + ], + "from": { + "kind": "ImageStream", + "name": "${APPLICATION_NAME}" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "serviceAccount": "jws-service-account", + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}", + "image": "${APPLICATION_NAME}", + "imagePullPolicy": "Always", + "readinessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'" + ] + } + }, + "volumeMounts": [ + { + "name": "jws-certificate-volume", + "mountPath": "/etc/jws-secret-volume", + "readOnly": true + } + ], + "ports": [ + { + "name": "http", + "containerPort": 8080, + "protocol": "TCP" + }, + { + "name": "https", + "containerPort": 8443, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "DB_SERVICE_PREFIX_MAPPING", + "value": "${APPLICATION_NAME}-mysql=DB" + }, + { + "name": "DB_JNDI", + "value": "${DB_JNDI}" + }, + { + "name": "DB_USERNAME", + "value": "${DB_USERNAME}" + }, + { + "name": "DB_PASSWORD", + "value": "${DB_PASSWORD}" + }, + { + "name": "DB_DATABASE", + "value": "${DB_DATABASE}" + }, + { + "name": "DB_MIN_POOL_SIZE", + "value": "${DB_MIN_POOL_SIZE}" + }, + { + "name": "DB_MAX_POOL_SIZE", + "value": "${DB_MAX_POOL_SIZE}" + }, + { + "name": "DB_TX_ISOLATION", + "value": "${DB_TX_ISOLATION}" + }, + { + "name": "JWS_HTTPS_CERTIFICATE_DIR", + "value": "/etc/jws-secret-volume" + }, + { + "name": "JWS_HTTPS_CERTIFICATE", + "value": "${JWS_HTTPS_CERTIFICATE}" + }, + { + "name": "JWS_HTTPS_CERTIFICATE_KEY", + "value": "${JWS_HTTPS_CERTIFICATE_KEY}" + }, + { + "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", + "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}" + }, + { + "name": "JWS_ADMIN_USERNAME", + "value": "${JWS_ADMIN_USERNAME}" + }, + { + "name": "JWS_ADMIN_PASSWORD", + "value": "${JWS_ADMIN_PASSWORD}" + } + ] + } + ], + "volumes": [ + { + "name": "jws-certificate-volume", + "secret": { + "secretName": "${JWS_HTTPS_SECRET}" + } + } + ] + } + } + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}-mysql", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}-mysql" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "mysql:latest" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-mysql" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}-mysql", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}-mysql", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}-mysql", + "image": "mysql", + "ports": [ + { + "containerPort": 3306, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "MYSQL_USER", + "value": "${DB_USERNAME}" + }, + { + "name": "MYSQL_PASSWORD", + "value": "${DB_PASSWORD}" + }, + { + "name": "MYSQL_DATABASE", + "value": "${DB_DATABASE}" + }, + { + "name": "MYSQL_LOWER_CASE_TABLE_NAMES", + "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}" + }, + { + "name": "MYSQL_MAX_CONNECTIONS", + "value": "${MYSQL_MAX_CONNECTIONS}" + }, + { + "name": "MYSQL_FT_MIN_WORD_LEN", + "value": "${MYSQL_FT_MIN_WORD_LEN}" + }, + { + "name": "MYSQL_FT_MAX_WORD_LEN", + "value": "${MYSQL_FT_MAX_WORD_LEN}" + }, + { + "name": "MYSQL_AIO", + "value": "${MYSQL_AIO}" + } + ] + } + ] + } + } + } + } + ] +} \ No newline at end of file diff --git a/roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat7-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat7-postgresql-persistent-s2i.json new file mode 100644 index 000000000..ee88a4c69 --- /dev/null +++ b/roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat7-postgresql-persistent-s2i.json @@ -0,0 +1,618 @@ +{ + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "annotations": { + "iconClass": "icon-tomcat", + "description": "Application template for JWS PostgreSQL applications with persistent storage built using S2I.", + "tags": "tomcat,tomcat7,postgresql,java,database,jboss,xpaas", + "version": "1.1.0" + }, + "name": "jws30-tomcat7-postgresql-persistent-s2i" + }, + "labels": { + "template": "jws30-tomcat7-postgresql-persistent-s2i", + "xpaas": "1.1.0" + }, + "parameters": [ + { + "description": "The name for the application.", + "name": "APPLICATION_NAME", + "value": "jws-app", + "required": true + }, + { + "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", + "name": "APPLICATION_DOMAIN", + "value": "", + "required": false + }, + { + "description": "Git source URI for application", + "name": "SOURCE_REPOSITORY_URL", + "value": "https://github.com/jboss-openshift/openshift-quickstarts", + "required": true + }, + { + "description": "Git branch/tag reference", + "name": "SOURCE_REPOSITORY_REF", + "value": "1.1", + "required": false + }, + { + "description": "Path within Git project to build; empty for root project directory.", + "name": "CONTEXT_DIR", + "value": "todolist/todolist-jdbc", + "required": false + }, + { + "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb", + "name": "DB_JNDI", + "value": "java:jboss/datasources/TodoListDS", + "required": false + }, + { + "description": "Database name", + "name": "DB_DATABASE", + "value": "root", + "required": true + }, + { + "description": "Size of persistent storage for database volume.", + "name": "VOLUME_CAPACITY", + "value": "512Mi", + "required": true + }, + { + "description": "The name of the secret containing the certificate files", + "name": "JWS_HTTPS_SECRET", + "value": "jws-app-secret", + "required": true + }, + { + "description": "The name of the certificate file within the secret", + "name": "JWS_HTTPS_CERTIFICATE", + "value": "server.crt", + "required": false + }, + { + "description": "The name of the certificate key file within the secret", + "name": "JWS_HTTPS_CERTIFICATE_KEY", + "value": "server.key", + "required": false + }, + { + "description": "The certificate password", + "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", + "value": "", + "required": false + }, + { + "description": "Sets xa-pool/min-pool-size for the configured datasource.", + "name": "DB_MIN_POOL_SIZE", + "required": false + }, + { + "description": "Sets xa-pool/max-pool-size for the configured datasource.", + "name": "DB_MAX_POOL_SIZE", + "required": false + }, + { + "description": "Sets transaction-isolation for the configured datasource.", + "name": "DB_TX_ISOLATION", + "required": false + }, + { + "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.", + "name": "POSTGRESQL_MAX_CONNECTIONS", + "required": false + }, + { + "description": "Configures how much memory is dedicated to PostgreSQL for caching data.", + "name": "POSTGRESQL_SHARED_BUFFERS", + "required": false + }, + { + "description": "Database user name", + "name": "DB_USERNAME", + "from": "user[a-zA-Z0-9]{3}", + "generate": "expression", + "required": true + }, + { + "description": "Database user password", + "name": "DB_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "JWS Admin User", + "name": "JWS_ADMIN_USERNAME", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "JWS Admin Password", + "name": "JWS_ADMIN_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "GitHub trigger secret", + "name": "GITHUB_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Generic build trigger secret", + "name": "GENERIC_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.", + "name": "IMAGE_STREAM_NAMESPACE", + "value": "openshift", + "required": true + } + ], + "objects": [ + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8080, + "targetPort": 8080 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's http port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8443, + "targetPort": 8443 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's https port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 5432, + "targetPort": 5432 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-postgresql" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-postgresql", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The database server's port." + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-http", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's http service." + } + }, + "spec": { + "host": "${APPLICATION_DOMAIN}", + "to": { + "name": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-https", + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's https service." + } + }, + "spec": { + "host": "${APPLICATION_DOMAIN}", + "to": { + "name": "secure-${APPLICATION_NAME}" + }, + "tls": { + "termination": "passthrough" + } + } + }, + { + "kind": "ImageStream", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "BuildConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "source": { + "type": "Git", + "git": { + "uri": "${SOURCE_REPOSITORY_URL}", + "ref": "${SOURCE_REPOSITORY_REF}" + }, + "contextDir": "${CONTEXT_DIR}" + }, + "strategy": { + "type": "Source", + "sourceStrategy": { + "forcePull": true, + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "jboss-webserver30-tomcat7-openshift:1.1" + } + } + }, + "output": { + "to": { + "kind": "ImageStreamTag", + "name": "${APPLICATION_NAME}:latest" + } + }, + "triggers": [ + { + "type": "GitHub", + "github": { + "secret": "${GITHUB_WEBHOOK_SECRET}" + } + }, + { + "type": "Generic", + "generic": { + "secret": "${GENERIC_WEBHOOK_SECRET}" + } + }, + { + "type": "ImageChange", + "imageChange": {} + }, + { + "type": "ConfigChange" + } + ] + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}" + ], + "from": { + "kind": "ImageStream", + "name": "${APPLICATION_NAME}" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "serviceAccount": "jws-service-account", + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}", + "image": "${APPLICATION_NAME}", + "imagePullPolicy": "Always", + "readinessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'" + ] + } + }, + "volumeMounts": [ + { + "name": "jws-certificate-volume", + "mountPath": "/etc/jws-secret-volume", + "readOnly": true + } + ], + "ports": [ + { + "name": "http", + "containerPort": 8080, + "protocol": "TCP" + }, + { + "name": "https", + "containerPort": 8443, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "DB_SERVICE_PREFIX_MAPPING", + "value": "${APPLICATION_NAME}-postgresql=DB" + }, + { + "name": "DB_JNDI", + "value": "${DB_JNDI}" + }, + { + "name": "DB_USERNAME", + "value": "${DB_USERNAME}" + }, + { + "name": "DB_PASSWORD", + "value": "${DB_PASSWORD}" + }, + { + "name": "DB_DATABASE", + "value": "${DB_DATABASE}" + }, + { + "name": "DB_MIN_POOL_SIZE", + "value": "${DB_MIN_POOL_SIZE}" + }, + { + "name": "DB_MAX_POOL_SIZE", + "value": "${DB_MAX_POOL_SIZE}" + }, + { + "name": "DB_TX_ISOLATION", + "value": "${DB_TX_ISOLATION}" + }, + { + "name": "JWS_HTTPS_CERTIFICATE_DIR", + "value": "/etc/jws-secret-volume" + }, + { + "name": "JWS_HTTPS_CERTIFICATE", + "value": "${JWS_HTTPS_CERTIFICATE}" + }, + { + "name": "JWS_HTTPS_CERTIFICATE_KEY", + "value": "${JWS_HTTPS_CERTIFICATE_KEY}" + }, + { + "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", + "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}" + }, + { + "name": "JWS_ADMIN_USERNAME", + "value": "${JWS_ADMIN_USERNAME}" + }, + { + "name": "JWS_ADMIN_PASSWORD", + "value": "${JWS_ADMIN_PASSWORD}" + } + ] + } + ], + "volumes": [ + { + "name": "jws-certificate-volume", + "secret": { + "secretName": "${JWS_HTTPS_SECRET}" + } + } + ] + } + } + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}-postgresql", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}-postgresql" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "postgresql:latest" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-postgresql" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}-postgresql", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}-postgresql", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}-postgresql", + "image": "postgresql", + "ports": [ + { + "containerPort": 5432, + "protocol": "TCP" + } + ], + "volumeMounts": [ + { + "mountPath": "/var/lib/pgsql/data", + "name": "${APPLICATION_NAME}-postgresql-pvol" + } + ], + "env": [ + { + "name": "POSTGRESQL_USER", + "value": "${DB_USERNAME}" + }, + { + "name": "POSTGRESQL_PASSWORD", + "value": "${DB_PASSWORD}" + }, + { + "name": "POSTGRESQL_DATABASE", + "value": "${DB_DATABASE}" + }, + { + "name": "POSTGRESQL_MAX_CONNECTIONS", + "value": "${POSTGRESQL_MAX_CONNECTIONS}" + }, + { + "name": "POSTGRESQL_SHARED_BUFFERS", + "value": "${POSTGRESQL_SHARED_BUFFERS}" + } + ] + } + ], + "volumes": [ + { + "name": "${APPLICATION_NAME}-postgresql-pvol", + "persistentVolumeClaim": { + "claimName": "${APPLICATION_NAME}-postgresql-claim" + } + } + ] + } + } + } + }, + { + "apiVersion": "v1", + "kind": "PersistentVolumeClaim", + "metadata": { + "name": "${APPLICATION_NAME}-postgresql-claim", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "accessModes": [ + "ReadWriteOnce" + ], + "resources": { + "requests": { + "storage": "${VOLUME_CAPACITY}" + } + } + } + } + ] +} \ No newline at end of file diff --git a/roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat7-postgresql-s2i.json b/roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat7-postgresql-s2i.json new file mode 100644 index 000000000..f5940a7a1 --- /dev/null +++ b/roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat7-postgresql-s2i.json @@ -0,0 +1,578 @@ +{ + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "annotations": { + "iconClass": "icon-tomcat", + "description": "Application template for JWS PostgreSQL applications built using S2I.", + "tags": "tomcat,tomcat7,postgresql,java,database,jboss,xpaas", + "version": "1.1.0" + }, + "name": "jws30-tomcat7-postgresql-s2i" + }, + "labels": { + "template": "jws30-tomcat7-postgresql-s2i", + "xpaas": "1.1.0" + }, + "parameters": [ + { + "description": "The name for the application.", + "name": "APPLICATION_NAME", + "value": "jws-app", + "required": true + }, + { + "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", + "name": "APPLICATION_DOMAIN", + "value": "", + "required": false + }, + { + "description": "Git source URI for application", + "name": "SOURCE_REPOSITORY_URL", + "value": "https://github.com/jboss-openshift/openshift-quickstarts", + "required": true + }, + { + "description": "Git branch/tag reference", + "name": "SOURCE_REPOSITORY_REF", + "value": "1.1", + "required": false + }, + { + "description": "Path within Git project to build; empty for root project directory.", + "name": "CONTEXT_DIR", + "value": "todolist/todolist-jdbc", + "required": false + }, + { + "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb", + "name": "DB_JNDI", + "value": "java:jboss/datasources/TodoListDS", + "required": false + }, + { + "description": "Database name", + "name": "DB_DATABASE", + "value": "root", + "required": true + }, + { + "description": "The name of the secret containing the certificate files", + "name": "JWS_HTTPS_SECRET", + "value": "jws-app-secret", + "required": true + }, + { + "description": "The name of the certificate file within the secret", + "name": "JWS_HTTPS_CERTIFICATE", + "value": "server.crt", + "required": false + }, + { + "description": "The name of the certificate key file within the secret", + "name": "JWS_HTTPS_CERTIFICATE_KEY", + "value": "server.key", + "required": false + }, + { + "description": "The certificate password", + "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", + "value": "", + "required": false + }, + { + "description": "Sets xa-pool/min-pool-size for the configured datasource.", + "name": "DB_MIN_POOL_SIZE", + "required": false + }, + { + "description": "Sets xa-pool/max-pool-size for the configured datasource.", + "name": "DB_MAX_POOL_SIZE", + "required": false + }, + { + "description": "Sets transaction-isolation for the configured datasource.", + "name": "DB_TX_ISOLATION", + "required": false + }, + { + "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.", + "name": "POSTGRESQL_MAX_CONNECTIONS", + "required": false + }, + { + "description": "Configures how much memory is dedicated to PostgreSQL for caching data.", + "name": "POSTGRESQL_SHARED_BUFFERS", + "required": false + }, + { + "description": "Database user name", + "name": "DB_USERNAME", + "from": "user[a-zA-Z0-9]{3}", + "generate": "expression", + "required": true + }, + { + "description": "Database user password", + "name": "DB_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "JWS Admin User", + "name": "JWS_ADMIN_USERNAME", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "JWS Admin Password", + "name": "JWS_ADMIN_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "GitHub trigger secret", + "name": "GITHUB_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Generic build trigger secret", + "name": "GENERIC_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.", + "name": "IMAGE_STREAM_NAMESPACE", + "value": "openshift", + "required": true + } + ], + "objects": [ + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8080, + "targetPort": 8080 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's http port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8443, + "targetPort": 8443 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's https port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 5432, + "targetPort": 5432 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-postgresql" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-postgresql", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The database server's port." + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-http", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's http service." + } + }, + "spec": { + "host": "${APPLICATION_DOMAIN}", + "to": { + "name": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-https", + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's https service." + } + }, + "spec": { + "host": "${APPLICATION_DOMAIN}", + "to": { + "name": "secure-${APPLICATION_NAME}" + }, + "tls": { + "termination": "passthrough" + } + } + }, + { + "kind": "ImageStream", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "BuildConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "source": { + "type": "Git", + "git": { + "uri": "${SOURCE_REPOSITORY_URL}", + "ref": "${SOURCE_REPOSITORY_REF}" + }, + "contextDir": "${CONTEXT_DIR}" + }, + "strategy": { + "type": "Source", + "sourceStrategy": { + "forcePull": true, + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "jboss-webserver30-tomcat7-openshift:1.1" + } + } + }, + "output": { + "to": { + "kind": "ImageStreamTag", + "name": "${APPLICATION_NAME}:latest" + } + }, + "triggers": [ + { + "type": "GitHub", + "github": { + "secret": "${GITHUB_WEBHOOK_SECRET}" + } + }, + { + "type": "Generic", + "generic": { + "secret": "${GENERIC_WEBHOOK_SECRET}" + } + }, + { + "type": "ImageChange", + "imageChange": {} + }, + { + "type": "ConfigChange" + } + ] + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}" + ], + "from": { + "kind": "ImageStream", + "name": "${APPLICATION_NAME}" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "serviceAccount": "jws-service-account", + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}", + "image": "${APPLICATION_NAME}", + "imagePullPolicy": "Always", + "readinessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'" + ] + } + }, + "volumeMounts": [ + { + "name": "jws-certificate-volume", + "mountPath": "/etc/jws-secret-volume", + "readOnly": true + } + ], + "ports": [ + { + "name": "http", + "containerPort": 8080, + "protocol": "TCP" + }, + { + "name": "https", + "containerPort": 8443, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "DB_SERVICE_PREFIX_MAPPING", + "value": "${APPLICATION_NAME}-postgresql=DB" + }, + { + "name": "DB_JNDI", + "value": "${DB_JNDI}" + }, + { + "name": "DB_USERNAME", + "value": "${DB_USERNAME}" + }, + { + "name": "DB_PASSWORD", + "value": "${DB_PASSWORD}" + }, + { + "name": "DB_DATABASE", + "value": "${DB_DATABASE}" + }, + { + "name": "DB_MIN_POOL_SIZE", + "value": "${DB_MIN_POOL_SIZE}" + }, + { + "name": "DB_MAX_POOL_SIZE", + "value": "${DB_MAX_POOL_SIZE}" + }, + { + "name": "DB_TX_ISOLATION", + "value": "${DB_TX_ISOLATION}" + }, + { + "name": "JWS_HTTPS_CERTIFICATE_DIR", + "value": "/etc/jws-secret-volume" + }, + { + "name": "JWS_HTTPS_CERTIFICATE", + "value": "${JWS_HTTPS_CERTIFICATE}" + }, + { + "name": "JWS_HTTPS_CERTIFICATE_KEY", + "value": "${JWS_HTTPS_CERTIFICATE_KEY}" + }, + { + "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", + "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}" + }, + { + "name": "JWS_ADMIN_USERNAME", + "value": "${JWS_ADMIN_USERNAME}" + }, + { + "name": "JWS_ADMIN_PASSWORD", + "value": "${JWS_ADMIN_PASSWORD}" + } + ] + } + ], + "volumes": [ + { + "name": "jws-certificate-volume", + "secret": { + "secretName": "${JWS_HTTPS_SECRET}" + } + } + ] + } + } + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}-postgresql", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}-postgresql" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "postgresql:latest" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-postgresql" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}-postgresql", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}-postgresql", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}-postgresql", + "image": "postgresql", + "ports": [ + { + "containerPort": 5432, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "POSTGRESQL_USER", + "value": "${DB_USERNAME}" + }, + { + "name": "POSTGRESQL_PASSWORD", + "value": "${DB_PASSWORD}" + }, + { + "name": "POSTGRESQL_DATABASE", + "value": "${DB_DATABASE}" + }, + { + "name": "POSTGRESQL_MAX_CONNECTIONS", + "value": "${POSTGRESQL_MAX_CONNECTIONS}" + }, + { + "name": "POSTGRESQL_SHARED_BUFFERS", + "value": "${POSTGRESQL_SHARED_BUFFERS}" + } + ] + } + ] + } + } + } + } + ] +} \ No newline at end of file diff --git a/roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat8-basic-s2i.json b/roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat8-basic-s2i.json new file mode 100644 index 000000000..b24ce40ae --- /dev/null +++ b/roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat8-basic-s2i.json @@ -0,0 +1,279 @@ +{ + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "annotations": { + "iconClass": "icon-tomcat", + "description": "Application template for JWS applications built using S2I.", + "tags": "tomcat,tomcat8,java,jboss,xpaas", + "version": "1.1.0" + }, + "name": "jws30-tomcat8-basic-s2i" + }, + "labels": { + "template": "jws30-tomcat8-basic-s2i", + "xpaas": "1.1.0" + }, + "parameters": [ + { + "description": "The name for the application.", + "name": "APPLICATION_NAME", + "value": "jws-app", + "required": true + }, + { + "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", + "name": "APPLICATION_DOMAIN", + "value": "", + "required": false + }, + { + "description": "Git source URI for application", + "name": "SOURCE_REPOSITORY_URL", + "value": "https://github.com/jboss-openshift/openshift-quickstarts.git", + "required": true + }, + { + "description": "Git branch/tag reference", + "name": "SOURCE_REPOSITORY_REF", + "value": "1.1", + "required": false + }, + { + "description": "Path within Git project to build; empty for root project directory.", + "name": "CONTEXT_DIR", + "value": "tomcat-websocket-chat", + "required": false + }, + { + "description": "JWS Admin User", + "name": "JWS_ADMIN_USERNAME", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "JWS Admin Password", + "name": "JWS_ADMIN_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "GitHub trigger secret", + "name": "GITHUB_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Generic build trigger secret", + "name": "GENERIC_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.", + "name": "IMAGE_STREAM_NAMESPACE", + "value": "openshift", + "required": true + } + ], + "objects": [ + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8080, + "targetPort": 8080 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's http port." + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-http", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's http service." + } + }, + "spec": { + "host": "${APPLICATION_DOMAIN}", + "to": { + "name": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "ImageStream", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "BuildConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "source": { + "type": "Git", + "git": { + "uri": "${SOURCE_REPOSITORY_URL}", + "ref": "${SOURCE_REPOSITORY_REF}" + }, + "contextDir": "${CONTEXT_DIR}" + }, + "strategy": { + "type": "Source", + "sourceStrategy": { + "forcePull": true, + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "jboss-webserver30-tomcat8-openshift:1.1" + } + } + }, + "output": { + "to": { + "kind": "ImageStreamTag", + "name": "${APPLICATION_NAME}:latest" + } + }, + "triggers": [ + { + "type": "GitHub", + "github": { + "secret": "${GITHUB_WEBHOOK_SECRET}" + } + }, + { + "type": "Generic", + "generic": { + "secret": "${GENERIC_WEBHOOK_SECRET}" + } + }, + { + "type": "ImageChange", + "imageChange": {} + }, + { + "type": "ConfigChange" + } + ] + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}" + ], + "from": { + "kind": "ImageStream", + "name": "${APPLICATION_NAME}" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}", + "image": "${APPLICATION_NAME}", + "imagePullPolicy": "Always", + "readinessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'" + ] + } + }, + "ports": [ + { + "name": "http", + "containerPort": 8080, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "JWS_ADMIN_USERNAME", + "value": "${JWS_ADMIN_USERNAME}" + }, + { + "name": "JWS_ADMIN_PASSWORD", + "value": "${JWS_ADMIN_PASSWORD}" + } + ] + } + ] + } + } + } + } + ] +} diff --git a/roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat8-https-s2i.json b/roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat8-https-s2i.json new file mode 100644 index 000000000..7e788d0db --- /dev/null +++ b/roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat8-https-s2i.json @@ -0,0 +1,387 @@ +{ + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "annotations": { + "iconClass": "icon-tomcat", + "description": "Application template for JWS applications built using S2I.", + "tags": "tomcat,tomcat8,java,jboss,xpaas", + "version": "1.1.0" + }, + "name": "jws30-tomcat8-https-s2i" + }, + "labels": { + "template": "jws30-tomcat8-https-s2i", + "xpaas": "1.1.0" + }, + "parameters": [ + { + "description": "The name for the application.", + "name": "APPLICATION_NAME", + "value": "jws-app", + "required": true + }, + { + "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", + "name": "APPLICATION_DOMAIN", + "value": "", + "required": false + }, + { + "description": "Git source URI for application", + "name": "SOURCE_REPOSITORY_URL", + "value": "https://github.com/jboss-openshift/openshift-quickstarts.git", + "required": true + }, + { + "description": "Git branch/tag reference", + "name": "SOURCE_REPOSITORY_REF", + "value": "1.1", + "required": false + }, + { + "description": "Path within Git project to build; empty for root project directory.", + "name": "CONTEXT_DIR", + "value": "tomcat-websocket-chat", + "required": false + }, + { + "description": "The name of the secret containing the certificate files", + "name": "JWS_HTTPS_SECRET", + "value": "jws-app-secret", + "required": true + }, + { + "description": "The name of the certificate file within the secret", + "name": "JWS_HTTPS_CERTIFICATE", + "value": "server.crt", + "required": false + }, + { + "description": "The name of the certificate key file within the secret", + "name": "JWS_HTTPS_CERTIFICATE_KEY", + "value": "server.key", + "required": false + }, + { + "description": "The certificate password", + "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", + "value": "", + "required": false + }, + { + "description": "JWS Admin User", + "name": "JWS_ADMIN_USERNAME", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "JWS Admin Password", + "name": "JWS_ADMIN_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "GitHub trigger secret", + "name": "GITHUB_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Generic build trigger secret", + "name": "GENERIC_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.", + "name": "IMAGE_STREAM_NAMESPACE", + "value": "openshift", + "required": true + } + ], + "objects": [ + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8080, + "targetPort": 8080 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's http port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8443, + "targetPort": 8443 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's https port." + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-http", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's http service." + } + }, + "spec": { + "host": "${APPLICATION_DOMAIN}", + "to": { + "name": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-https", + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's https service." + } + }, + "spec": { + "host": "${APPLICATION_DOMAIN}", + "to": { + "name": "secure-${APPLICATION_NAME}" + }, + "tls": { + "termination": "passthrough" + } + } + }, + { + "kind": "ImageStream", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "BuildConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "source": { + "type": "Git", + "git": { + "uri": "${SOURCE_REPOSITORY_URL}", + "ref": "${SOURCE_REPOSITORY_REF}" + }, + "contextDir": "${CONTEXT_DIR}" + }, + "strategy": { + "type": "Source", + "sourceStrategy": { + "forcePull": true, + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "jboss-webserver30-tomcat8-openshift:1.1" + } + } + }, + "output": { + "to": { + "kind": "ImageStreamTag", + "name": "${APPLICATION_NAME}:latest" + } + }, + "triggers": [ + { + "type": "GitHub", + "github": { + "secret": "${GITHUB_WEBHOOK_SECRET}" + } + }, + { + "type": "Generic", + "generic": { + "secret": "${GENERIC_WEBHOOK_SECRET}" + } + }, + { + "type": "ImageChange", + "imageChange": {} + }, + { + "type": "ConfigChange" + } + ] + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}" + ], + "from": { + "kind": "ImageStream", + "name": "${APPLICATION_NAME}" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "serviceAccount": "jws-service-account", + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}", + "image": "${APPLICATION_NAME}", + "imagePullPolicy": "Always", + "readinessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'" + ] + } + }, + "volumeMounts": [ + { + "name": "jws-certificate-volume", + "mountPath": "/etc/jws-secret-volume", + "readOnly": true + } + ], + "ports": [ + { + "name": "http", + "containerPort": 8080, + "protocol": "TCP" + }, + { + "name": "https", + "containerPort": 8443, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "JWS_HTTPS_CERTIFICATE_DIR", + "value": "/etc/jws-secret-volume" + }, + { + "name": "JWS_HTTPS_CERTIFICATE", + "value": "${JWS_HTTPS_CERTIFICATE}" + }, + { + "name": "JWS_HTTPS_CERTIFICATE_KEY", + "value": "${JWS_HTTPS_CERTIFICATE_KEY}" + }, + { + "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", + "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}" + }, + { + "name": "JWS_ADMIN_USERNAME", + "value": "${JWS_ADMIN_USERNAME}" + }, + { + "name": "JWS_ADMIN_PASSWORD", + "value": "${JWS_ADMIN_PASSWORD}" + } + ] + } + ], + "volumes": [ + { + "name": "jws-certificate-volume", + "secret": { + "secretName": "${JWS_HTTPS_SECRET}" + } + } + ] + } + } + } + } + ] +} diff --git a/roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat8-mongodb-persistent-s2i.json b/roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat8-mongodb-persistent-s2i.json new file mode 100644 index 000000000..2f1d69c75 --- /dev/null +++ b/roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat8-mongodb-persistent-s2i.json @@ -0,0 +1,643 @@ +{ + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "annotations": { + "iconClass": "icon-tomcat", + "description": "Application template for JWS MongoDB applications with persistent storage built using S2I.", + "tags": "tomcat,tomcat8,mongodb,java,database,jboss,xpaas", + "version": "1.1.0" + }, + "name": "jws30-tomcat8-mongodb-persistent-s2i" + }, + "labels": { + "template": "jws30-tomcat8-mongodb-persistent-s2i", + "xpaas": "1.1.0" + }, + "parameters": [ + { + "description": "The name for the application.", + "name": "APPLICATION_NAME", + "value": "jws-app", + "required": true + }, + { + "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", + "name": "APPLICATION_DOMAIN", + "value": "", + "required": false + }, + { + "description": "Git source URI for application", + "name": "SOURCE_REPOSITORY_URL", + "value": "https://github.com/jboss-openshift/openshift-quickstarts", + "required": true + }, + { + "description": "Git branch/tag reference", + "name": "SOURCE_REPOSITORY_REF", + "value": "1.1", + "required": false + }, + { + "description": "Path within Git project to build; empty for root project directory.", + "name": "CONTEXT_DIR", + "value": "todolist/todolist-mongodb", + "required": false + }, + { + "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb", + "name": "DB_JNDI", + "value": "", + "required": false + }, + { + "description": "Database name", + "name": "DB_DATABASE", + "value": "root", + "required": true + }, + { + "description": "Size of persistent storage for database volume.", + "name": "VOLUME_CAPACITY", + "value": "512Mi", + "required": true + }, + { + "description": "The name of the secret containing the certificate files", + "name": "JWS_HTTPS_SECRET", + "value": "jws-app-secret", + "required": true + }, + { + "description": "The name of the certificate file within the secret", + "name": "JWS_HTTPS_CERTIFICATE", + "value": "server.crt", + "required": false + }, + { + "description": "The name of the certificate key file within the secret", + "name": "JWS_HTTPS_CERTIFICATE_KEY", + "value": "server.key", + "required": false + }, + { + "description": "The certificate password", + "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", + "value": "", + "required": false + }, + { + "description": "Sets xa-pool/min-pool-size for the configured datasource.", + "name": "DB_MIN_POOL_SIZE", + "required": false + }, + { + "description": "Sets xa-pool/max-pool-size for the configured datasource.", + "name": "DB_MAX_POOL_SIZE", + "required": false + }, + { + "description": "Sets transaction-isolation for the configured datasource.", + "name": "DB_TX_ISOLATION", + "required": false + }, + { + "description": "Disable data file preallocation.", + "name": "MONGODB_NOPREALLOC", + "required": false + }, + { + "description": "Set MongoDB to use a smaller default data file size.", + "name": "MONGODB_SMALLFILES", + "required": false + }, + { + "description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.", + "name": "MONGODB_QUIET", + "required": false + }, + { + "description": "Database user name", + "name": "DB_USERNAME", + "from": "user[a-zA-Z0-9]{3}", + "generate": "expression", + "required": true + }, + { + "description": "Database user password", + "name": "DB_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Database admin password", + "name": "DB_ADMIN_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "JWS Admin User", + "name": "JWS_ADMIN_USERNAME", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "JWS Admin Password", + "name": "JWS_ADMIN_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "GitHub trigger secret", + "name": "GITHUB_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Generic build trigger secret", + "name": "GENERIC_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.", + "name": "IMAGE_STREAM_NAMESPACE", + "value": "openshift", + "required": true + } + ], + "objects": [ + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8080, + "targetPort": 8080 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's http port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8443, + "targetPort": 8443 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's https port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 27017, + "targetPort": 27017 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-mongodb" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-mongodb", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The database server's port." + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-http", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's http service." + } + }, + "spec": { + "host": "${APPLICATION_DOMAIN}", + "to": { + "name": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-https", + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's https service." + } + }, + "spec": { + "host": "${APPLICATION_DOMAIN}", + "to": { + "name": "secure-${APPLICATION_NAME}" + }, + "tls": { + "termination": "passthrough" + } + } + }, + { + "kind": "ImageStream", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "BuildConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "source": { + "type": "Git", + "git": { + "uri": "${SOURCE_REPOSITORY_URL}", + "ref": "${SOURCE_REPOSITORY_REF}" + }, + "contextDir": "${CONTEXT_DIR}" + }, + "strategy": { + "type": "Source", + "sourceStrategy": { + "forcePull": true, + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "jboss-webserver30-tomcat8-openshift:1.1" + } + } + }, + "output": { + "to": { + "kind": "ImageStreamTag", + "name": "${APPLICATION_NAME}:latest" + } + }, + "triggers": [ + { + "type": "GitHub", + "github": { + "secret": "${GITHUB_WEBHOOK_SECRET}" + } + }, + { + "type": "Generic", + "generic": { + "secret": "${GENERIC_WEBHOOK_SECRET}" + } + }, + { + "type": "ImageChange", + "imageChange": {} + }, + { + "type": "ConfigChange" + } + ] + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}" + ], + "from": { + "kind": "ImageStream", + "name": "${APPLICATION_NAME}" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "serviceAccount": "jws-service-account", + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}", + "image": "${APPLICATION_NAME}", + "imagePullPolicy": "Always", + "readinessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'" + ] + } + }, + "volumeMounts": [ + { + "name": "jws-certificate-volume", + "mountPath": "/etc/jws-secret-volume", + "readOnly": true + } + ], + "ports": [ + { + "name": "http", + "containerPort": 8080, + "protocol": "TCP" + }, + { + "name": "https", + "containerPort": 8443, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "DB_SERVICE_PREFIX_MAPPING", + "value": "${APPLICATION_NAME}-mongodb=DB" + }, + { + "name": "DB_JNDI", + "value": "${DB_JNDI}" + }, + { + "name": "DB_USERNAME", + "value": "${DB_USERNAME}" + }, + { + "name": "DB_PASSWORD", + "value": "${DB_PASSWORD}" + }, + { + "name": "DB_DATABASE", + "value": "${DB_DATABASE}" + }, + { + "name": "DB_ADMIN_PASSWORD", + "value": "${DB_ADMIN_PASSWORD}" + }, + { + "name": "DB_MIN_POOL_SIZE", + "value": "${DB_MIN_POOL_SIZE}" + }, + { + "name": "DB_MAX_POOL_SIZE", + "value": "${DB_MAX_POOL_SIZE}" + }, + { + "name": "DB_TX_ISOLATION", + "value": "${DB_TX_ISOLATION}" + }, + { + "name": "JWS_HTTPS_CERTIFICATE_DIR", + "value": "/etc/jws-secret-volume" + }, + { + "name": "JWS_HTTPS_CERTIFICATE", + "value": "${JWS_HTTPS_CERTIFICATE}" + }, + { + "name": "JWS_HTTPS_CERTIFICATE_KEY", + "value": "${JWS_HTTPS_CERTIFICATE_KEY}" + }, + { + "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", + "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}" + }, + { + "name": "JWS_ADMIN_USERNAME", + "value": "${JWS_ADMIN_USERNAME}" + }, + { + "name": "JWS_ADMIN_PASSWORD", + "value": "${JWS_ADMIN_PASSWORD}" + } + ] + } + ], + "volumes": [ + { + "name": "jws-certificate-volume", + "secret": { + "secretName": "${JWS_HTTPS_SECRET}" + } + } + ] + } + } + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}-mongodb", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}-mongodb" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "mongodb:latest" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-mongodb" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}-mongodb", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}-mongodb", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}-mongodb", + "image": "mongodb", + "imagePullPolicy": "Always", + "ports": [ + { + "containerPort": 27017, + "protocol": "TCP" + } + ], + "volumeMounts": [ + { + "mountPath": "/var/lib/mongodb/data", + "name": "${APPLICATION_NAME}-mongodb-pvol" + } + ], + "env": [ + { + "name": "MONGODB_USER", + "value": "${DB_USERNAME}" + }, + { + "name": "MONGODB_PASSWORD", + "value": "${DB_PASSWORD}" + }, + { + "name": "MONGODB_DATABASE", + "value": "${DB_DATABASE}" + }, + { + "name": "MONGODB_ADMIN_PASSWORD", + "value": "${DB_ADMIN_PASSWORD}" + }, + { + "name": "MONGODB_NOPREALLOC", + "value": "${MONGODB_NOPREALLOC}" + }, + { + "name": "MONGODB_SMALLFILES", + "value": "${MONGODB_SMALLFILES}" + }, + { + "name": "MONGODB_QUIET", + "value": "${MONGODB_QUIET}" + } + ] + } + ], + "volumes": [ + { + "name": "${APPLICATION_NAME}-mongodb-pvol", + "persistentVolumeClaim": { + "claimName": "${APPLICATION_NAME}-mongodb-claim" + } + } + ] + } + } + } + }, + { + "apiVersion": "v1", + "kind": "PersistentVolumeClaim", + "metadata": { + "name": "${APPLICATION_NAME}-mongodb-claim", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "accessModes": [ + "ReadWriteOnce" + ], + "resources": { + "requests": { + "storage": "${VOLUME_CAPACITY}" + } + } + } + } + ] +} \ No newline at end of file diff --git a/roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat8-mongodb-s2i.json b/roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat8-mongodb-s2i.json new file mode 100644 index 000000000..bad676f2e --- /dev/null +++ b/roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat8-mongodb-s2i.json @@ -0,0 +1,603 @@ +{ + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "annotations": { + "iconClass": "icon-tomcat", + "description": "Application template for JWS MongoDB applications built using S2I.", + "tags": "tomcat,tomcat8,mongodb,java,database,jboss,xpaas", + "version": "1.1.0" + }, + "name": "jws30-tomcat8-mongodb-s2i" + }, + "labels": { + "template": "jws30-tomcat8-mongodb-s2i", + "xpaas": "1.1.0" + }, + "parameters": [ + { + "description": "The name for the application.", + "name": "APPLICATION_NAME", + "value": "jws-app", + "required": true + }, + { + "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", + "name": "APPLICATION_DOMAIN", + "value": "", + "required": false + }, + { + "description": "Git source URI for application", + "name": "SOURCE_REPOSITORY_URL", + "value": "https://github.com/jboss-openshift/openshift-quickstarts", + "required": true + }, + { + "description": "Git branch/tag reference", + "name": "SOURCE_REPOSITORY_REF", + "value": "1.1", + "required": false + }, + { + "description": "Path within Git project to build; empty for root project directory.", + "name": "CONTEXT_DIR", + "value": "todolist/todolist-mongodb", + "required": false + }, + { + "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb", + "name": "DB_JNDI", + "value": "", + "required": false + }, + { + "description": "Database name", + "name": "DB_DATABASE", + "value": "root", + "required": true + }, + { + "description": "The name of the secret containing the certificate files", + "name": "JWS_HTTPS_SECRET", + "value": "jws-app-secret", + "required": true + }, + { + "description": "The name of the certificate file within the secret", + "name": "JWS_HTTPS_CERTIFICATE", + "value": "server.crt", + "required": false + }, + { + "description": "The name of the certificate key file within the secret", + "name": "JWS_HTTPS_CERTIFICATE_KEY", + "value": "server.key", + "required": false + }, + { + "description": "The certificate password", + "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", + "value": "", + "required": false + }, + { + "description": "Sets xa-pool/min-pool-size for the configured datasource.", + "name": "DB_MIN_POOL_SIZE", + "required": false + }, + { + "description": "Sets xa-pool/max-pool-size for the configured datasource.", + "name": "DB_MAX_POOL_SIZE", + "required": false + }, + { + "description": "Sets transaction-isolation for the configured datasource.", + "name": "DB_TX_ISOLATION", + "required": false + }, + { + "description": "Disable data file preallocation.", + "name": "MONGODB_NOPREALLOC", + "required": false + }, + { + "description": "Set MongoDB to use a smaller default data file size.", + "name": "MONGODB_SMALLFILES", + "required": false + }, + { + "description": "Runs MongoDB in a quiet mode that attempts to limit the amount of output.", + "name": "MONGODB_QUIET", + "required": false + }, + { + "description": "Database user name", + "name": "DB_USERNAME", + "from": "user[a-zA-Z0-9]{3}", + "generate": "expression", + "required": true + }, + { + "description": "Database user password", + "name": "DB_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Database admin password", + "name": "DB_ADMIN_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "JWS Admin User", + "name": "JWS_ADMIN_USERNAME", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "JWS Admin Password", + "name": "JWS_ADMIN_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "GitHub trigger secret", + "name": "GITHUB_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Generic build trigger secret", + "name": "GENERIC_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.", + "name": "IMAGE_STREAM_NAMESPACE", + "value": "openshift", + "required": true + } + ], + "objects": [ + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8080, + "targetPort": 8080 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's http port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8443, + "targetPort": 8443 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's https port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 27017, + "targetPort": 27017 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-mongodb" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-mongodb", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The database server's port." + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-http", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's http service." + } + }, + "spec": { + "host": "${APPLICATION_DOMAIN}", + "to": { + "name": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-https", + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's https service." + } + }, + "spec": { + "host": "${APPLICATION_DOMAIN}", + "to": { + "name": "secure-${APPLICATION_NAME}" + }, + "tls": { + "termination": "passthrough" + } + } + }, + { + "kind": "ImageStream", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "BuildConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "source": { + "type": "Git", + "git": { + "uri": "${SOURCE_REPOSITORY_URL}", + "ref": "${SOURCE_REPOSITORY_REF}" + }, + "contextDir": "${CONTEXT_DIR}" + }, + "strategy": { + "type": "Source", + "sourceStrategy": { + "forcePull": true, + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "jboss-webserver30-tomcat8-openshift:1.1" + } + } + }, + "output": { + "to": { + "kind": "ImageStreamTag", + "name": "${APPLICATION_NAME}:latest" + } + }, + "triggers": [ + { + "type": "GitHub", + "github": { + "secret": "${GITHUB_WEBHOOK_SECRET}" + } + }, + { + "type": "Generic", + "generic": { + "secret": "${GENERIC_WEBHOOK_SECRET}" + } + }, + { + "type": "ImageChange", + "imageChange": {} + }, + { + "type": "ConfigChange" + } + ] + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}" + ], + "from": { + "kind": "ImageStream", + "name": "${APPLICATION_NAME}" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "serviceAccount": "jws-service-account", + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}", + "image": "${APPLICATION_NAME}", + "imagePullPolicy": "Always", + "readinessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'" + ] + } + }, + "volumeMounts": [ + { + "name": "jws-certificate-volume", + "mountPath": "/etc/jws-secret-volume", + "readOnly": true + } + ], + "ports": [ + { + "name": "http", + "containerPort": 8080, + "protocol": "TCP" + }, + { + "name": "https", + "containerPort": 8443, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "DB_SERVICE_PREFIX_MAPPING", + "value": "${APPLICATION_NAME}-mongodb=DB" + }, + { + "name": "DB_JNDI", + "value": "${DB_JNDI}" + }, + { + "name": "DB_USERNAME", + "value": "${DB_USERNAME}" + }, + { + "name": "DB_PASSWORD", + "value": "${DB_PASSWORD}" + }, + { + "name": "DB_DATABASE", + "value": "${DB_DATABASE}" + }, + { + "name": "DB_ADMIN_PASSWORD", + "value": "${DB_ADMIN_PASSWORD}" + }, + { + "name": "DB_MIN_POOL_SIZE", + "value": "${DB_MIN_POOL_SIZE}" + }, + { + "name": "DB_MAX_POOL_SIZE", + "value": "${DB_MAX_POOL_SIZE}" + }, + { + "name": "DB_TX_ISOLATION", + "value": "${DB_TX_ISOLATION}" + }, + { + "name": "JWS_HTTPS_CERTIFICATE_DIR", + "value": "/etc/jws-secret-volume" + }, + { + "name": "JWS_HTTPS_CERTIFICATE", + "value": "${JWS_HTTPS_CERTIFICATE}" + }, + { + "name": "JWS_HTTPS_CERTIFICATE_KEY", + "value": "${JWS_HTTPS_CERTIFICATE_KEY}" + }, + { + "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", + "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}" + }, + { + "name": "JWS_ADMIN_USERNAME", + "value": "${JWS_ADMIN_USERNAME}" + }, + { + "name": "JWS_ADMIN_PASSWORD", + "value": "${JWS_ADMIN_PASSWORD}" + } + ] + } + ], + "volumes": [ + { + "name": "jws-certificate-volume", + "secret": { + "secretName": "${JWS_HTTPS_SECRET}" + } + } + ] + } + } + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}-mongodb", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}-mongodb" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "mongodb:latest" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-mongodb" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}-mongodb", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}-mongodb", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}-mongodb", + "image": "mongodb", + "imagePullPolicy": "Always", + "ports": [ + { + "containerPort": 27017, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "MONGODB_USER", + "value": "${DB_USERNAME}" + }, + { + "name": "MONGODB_PASSWORD", + "value": "${DB_PASSWORD}" + }, + { + "name": "MONGODB_DATABASE", + "value": "${DB_DATABASE}" + }, + { + "name": "MONGODB_ADMIN_PASSWORD", + "value": "${DB_ADMIN_PASSWORD}" + }, + { + "name": "MONGODB_NOPREALLOC", + "value": "${MONGODB_NOPREALLOC}" + }, + { + "name": "MONGODB_SMALLFILES", + "value": "${MONGODB_SMALLFILES}" + }, + { + "name": "MONGODB_QUIET", + "value": "${MONGODB_QUIET}" + } + ] + } + ] + } + } + } + } + ] +} \ No newline at end of file diff --git a/roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat8-mysql-persistent-s2i.json b/roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat8-mysql-persistent-s2i.json new file mode 100644 index 000000000..e20a45982 --- /dev/null +++ b/roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat8-mysql-persistent-s2i.json @@ -0,0 +1,645 @@ +{ + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "annotations": { + "iconClass": "icon-tomcat", + "description": "Application template for JWS MySQL applications with persistent storage built using S2I.", + "tags": "tomcat,tomcat8,mysql,java,database,jboss,xpaas", + "version": "1.1.0" + }, + "name": "jws30-tomcat8-mysql-persistent-s2i" + }, + "labels": { + "template": "jws30-tomcat8-mysql-persistent-s2i", + "xpaas": "1.1.0" + }, + "parameters": [ + { + "description": "The name for the application.", + "name": "APPLICATION_NAME", + "value": "jws-app", + "required": true + }, + { + "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", + "name": "APPLICATION_DOMAIN", + "value": "", + "required": false + }, + { + "description": "Git source URI for application", + "name": "SOURCE_REPOSITORY_URL", + "value": "https://github.com/jboss-openshift/openshift-quickstarts", + "required": true + }, + { + "description": "Git branch/tag reference", + "name": "SOURCE_REPOSITORY_REF", + "value": "1.1", + "required": false + }, + { + "description": "Path within Git project to build; empty for root project directory.", + "name": "CONTEXT_DIR", + "value": "todolist/todolist-jdbc", + "required": false + }, + { + "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb", + "name": "DB_JNDI", + "value": "java:jboss/datasources/TodoListDS", + "required": false + }, + { + "description": "Database name", + "name": "DB_DATABASE", + "value": "root", + "required": true + }, + { + "description": "Size of persistent storage for database volume.", + "name": "VOLUME_CAPACITY", + "value": "512Mi", + "required": true + }, + { + "description": "The name of the secret containing the certificate files", + "name": "JWS_HTTPS_SECRET", + "value": "jws-app-secret", + "required": true + }, + { + "description": "The name of the certificate file within the secret", + "name": "JWS_HTTPS_CERTIFICATE", + "value": "server.crt", + "required": false + }, + { + "description": "The name of the certificate key file within the secret", + "name": "JWS_HTTPS_CERTIFICATE_KEY", + "value": "server.key", + "required": false + }, + { + "description": "The certificate password", + "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", + "value": "", + "required": false + }, + { + "description": "Sets xa-pool/min-pool-size for the configured datasource.", + "name": "DB_MIN_POOL_SIZE", + "required": false + }, + { + "description": "Sets xa-pool/max-pool-size for the configured datasource.", + "name": "DB_MAX_POOL_SIZE", + "required": false + }, + { + "description": "Sets transaction-isolation for the configured datasource.", + "name": "DB_TX_ISOLATION", + "required": false + }, + { + "description": "Sets how the table names are stored and compared.", + "name": "MYSQL_LOWER_CASE_TABLE_NAMES", + "required": false + }, + { + "description": "The maximum permitted number of simultaneous client connections.", + "name": "MYSQL_MAX_CONNECTIONS", + "required": false + }, + { + "description": "The minimum length of the word to be included in a FULLTEXT index.", + "name": "MYSQL_FT_MIN_WORD_LEN", + "required": false + }, + { + "description": "The maximum length of the word to be included in a FULLTEXT index.", + "name": "MYSQL_FT_MAX_WORD_LEN", + "required": false + }, + { + "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.", + "name": "MYSQL_AIO", + "required": false + }, + { + "description": "Database user name", + "name": "DB_USERNAME", + "from": "user[a-zA-Z0-9]{3}", + "generate": "expression", + "required": true + }, + { + "description": "Database user password", + "name": "DB_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "JWS Admin User", + "name": "JWS_ADMIN_USERNAME", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "JWS Admin Password", + "name": "JWS_ADMIN_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "GitHub trigger secret", + "name": "GITHUB_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Generic build trigger secret", + "name": "GENERIC_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.", + "name": "IMAGE_STREAM_NAMESPACE", + "value": "openshift", + "required": true + } + ], + "objects": [ + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8080, + "targetPort": 8080 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's http port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8443, + "targetPort": 8443 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's https port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 3306, + "targetPort": 3306 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-mysql" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-mysql", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The database server's port." + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-http", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's http service." + } + }, + "spec": { + "host": "${APPLICATION_DOMAIN}", + "to": { + "name": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-https", + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's https service." + } + }, + "spec": { + "host": "${APPLICATION_DOMAIN}", + "to": { + "name": "secure-${APPLICATION_NAME}" + }, + "tls": { + "termination": "passthrough" + } + } + }, + { + "kind": "ImageStream", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "BuildConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "source": { + "type": "Git", + "git": { + "uri": "${SOURCE_REPOSITORY_URL}", + "ref": "${SOURCE_REPOSITORY_REF}" + }, + "contextDir": "${CONTEXT_DIR}" + }, + "strategy": { + "type": "Source", + "sourceStrategy": { + "forcePull": true, + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "jboss-webserver30-tomcat8-openshift:1.1" + } + } + }, + "output": { + "to": { + "kind": "ImageStreamTag", + "name": "${APPLICATION_NAME}:latest" + } + }, + "triggers": [ + { + "type": "GitHub", + "github": { + "secret": "${GITHUB_WEBHOOK_SECRET}" + } + }, + { + "type": "Generic", + "generic": { + "secret": "${GENERIC_WEBHOOK_SECRET}" + } + }, + { + "type": "ImageChange", + "imageChange": {} + }, + { + "type": "ConfigChange" + } + ] + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}" + ], + "from": { + "kind": "ImageStream", + "name": "${APPLICATION_NAME}" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "serviceAccount": "jws-service-account", + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}", + "image": "${APPLICATION_NAME}", + "imagePullPolicy": "Always", + "readinessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'" + ] + } + }, + "volumeMounts": [ + { + "name": "jws-certificate-volume", + "mountPath": "/etc/jws-secret-volume", + "readOnly": true + } + ], + "ports": [ + { + "name": "http", + "containerPort": 8080, + "protocol": "TCP" + }, + { + "name": "https", + "containerPort": 8443, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "DB_SERVICE_PREFIX_MAPPING", + "value": "${APPLICATION_NAME}-mysql=DB" + }, + { + "name": "DB_JNDI", + "value": "${DB_JNDI}" + }, + { + "name": "DB_USERNAME", + "value": "${DB_USERNAME}" + }, + { + "name": "DB_PASSWORD", + "value": "${DB_PASSWORD}" + }, + { + "name": "DB_DATABASE", + "value": "${DB_DATABASE}" + }, + { + "name": "DB_MIN_POOL_SIZE", + "value": "${DB_MIN_POOL_SIZE}" + }, + { + "name": "DB_MAX_POOL_SIZE", + "value": "${DB_MAX_POOL_SIZE}" + }, + { + "name": "DB_TX_ISOLATION", + "value": "${DB_TX_ISOLATION}" + }, + { + "name": "JWS_HTTPS_CERTIFICATE_DIR", + "value": "/etc/jws-secret-volume" + }, + { + "name": "JWS_HTTPS_CERTIFICATE", + "value": "${JWS_HTTPS_CERTIFICATE}" + }, + { + "name": "JWS_HTTPS_CERTIFICATE_KEY", + "value": "${JWS_HTTPS_CERTIFICATE_KEY}" + }, + { + "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", + "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}" + }, + { + "name": "JWS_ADMIN_USERNAME", + "value": "${JWS_ADMIN_USERNAME}" + }, + { + "name": "JWS_ADMIN_PASSWORD", + "value": "${JWS_ADMIN_PASSWORD}" + } + ] + } + ], + "volumes": [ + { + "name": "jws-certificate-volume", + "secret": { + "secretName": "${JWS_HTTPS_SECRET}" + } + } + ] + } + } + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}-mysql", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}-mysql" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "mysql:latest" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-mysql" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}-mysql", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}-mysql", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}-mysql", + "image": "mysql", + "ports": [ + { + "containerPort": 3306, + "protocol": "TCP" + } + ], + "volumeMounts": [ + { + "mountPath": "/var/lib/mysql/data", + "name": "${APPLICATION_NAME}-mysql-pvol" + } + ], + "env": [ + { + "name": "MYSQL_USER", + "value": "${DB_USERNAME}" + }, + { + "name": "MYSQL_PASSWORD", + "value": "${DB_PASSWORD}" + }, + { + "name": "MYSQL_DATABASE", + "value": "${DB_DATABASE}" + }, + { + "name": "MYSQL_LOWER_CASE_TABLE_NAMES", + "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}" + }, + { + "name": "MYSQL_MAX_CONNECTIONS", + "value": "${MYSQL_MAX_CONNECTIONS}" + }, + { + "name": "MYSQL_FT_MIN_WORD_LEN", + "value": "${MYSQL_FT_MIN_WORD_LEN}" + }, + { + "name": "MYSQL_FT_MAX_WORD_LEN", + "value": "${MYSQL_FT_MAX_WORD_LEN}" + }, + { + "name": "MYSQL_AIO", + "value": "${MYSQL_AIO}" + } + ] + } + ], + "volumes": [ + { + "name": "${APPLICATION_NAME}-mysql-pvol", + "persistentVolumeClaim": { + "claimName": "${APPLICATION_NAME}-mysql-claim" + } + } + ] + } + } + } + }, + { + "apiVersion": "v1", + "kind": "PersistentVolumeClaim", + "metadata": { + "name": "${APPLICATION_NAME}-mysql-claim", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "accessModes": [ + "ReadWriteOnce" + ], + "resources": { + "requests": { + "storage": "${VOLUME_CAPACITY}" + } + } + } + } + ] +} \ No newline at end of file diff --git a/roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat8-mysql-s2i.json b/roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat8-mysql-s2i.json new file mode 100644 index 000000000..1b9624756 --- /dev/null +++ b/roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat8-mysql-s2i.json @@ -0,0 +1,605 @@ +{ + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "annotations": { + "iconClass": "icon-tomcat", + "description": "Application template for JWS MySQL applications built using S2I.", + "tags": "tomcat,tomcat8,mysql,java,database,jboss,xpaas", + "version": "1.1.0" + }, + "name": "jws30-tomcat8-mysql-s2i" + }, + "labels": { + "template": "jws30-tomcat8-mysql-s2i", + "xpaas": "1.1.0" + }, + "parameters": [ + { + "description": "The name for the application.", + "name": "APPLICATION_NAME", + "value": "jws-app", + "required": true + }, + { + "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", + "name": "APPLICATION_DOMAIN", + "value": "", + "required": false + }, + { + "description": "Git source URI for application", + "name": "SOURCE_REPOSITORY_URL", + "value": "https://github.com/jboss-openshift/openshift-quickstarts", + "required": true + }, + { + "description": "Git branch/tag reference", + "name": "SOURCE_REPOSITORY_REF", + "value": "1.1", + "required": false + }, + { + "description": "Path within Git project to build; empty for root project directory.", + "name": "CONTEXT_DIR", + "value": "todolist/todolist-jdbc", + "required": false + }, + { + "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb", + "name": "DB_JNDI", + "value": "java:jboss/datasources/TodoListDS", + "required": false + }, + { + "description": "Database name", + "name": "DB_DATABASE", + "value": "root", + "required": true + }, + { + "description": "The name of the secret containing the certificate files", + "name": "JWS_HTTPS_SECRET", + "value": "jws-app-secret", + "required": true + }, + { + "description": "The name of the certificate file within the secret", + "name": "JWS_HTTPS_CERTIFICATE", + "value": "server.crt", + "required": false + }, + { + "description": "The name of the certificate key file within the secret", + "name": "JWS_HTTPS_CERTIFICATE_KEY", + "value": "server.key", + "required": false + }, + { + "description": "The certificate password", + "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", + "value": "", + "required": false + }, + { + "description": "Sets xa-pool/min-pool-size for the configured datasource.", + "name": "DB_MIN_POOL_SIZE", + "required": false + }, + { + "description": "Sets xa-pool/max-pool-size for the configured datasource.", + "name": "DB_MAX_POOL_SIZE", + "required": false + }, + { + "description": "Sets transaction-isolation for the configured datasource.", + "name": "DB_TX_ISOLATION", + "required": false + }, + { + "description": "Sets how the table names are stored and compared.", + "name": "MYSQL_LOWER_CASE_TABLE_NAMES", + "required": false + }, + { + "description": "The maximum permitted number of simultaneous client connections.", + "name": "MYSQL_MAX_CONNECTIONS", + "required": false + }, + { + "description": "The minimum length of the word to be included in a FULLTEXT index.", + "name": "MYSQL_FT_MIN_WORD_LEN", + "required": false + }, + { + "description": "The maximum length of the word to be included in a FULLTEXT index.", + "name": "MYSQL_FT_MAX_WORD_LEN", + "required": false + }, + { + "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.", + "name": "MYSQL_AIO", + "required": false + }, + { + "description": "Database user name", + "name": "DB_USERNAME", + "from": "user[a-zA-Z0-9]{3}", + "generate": "expression", + "required": true + }, + { + "description": "Database user password", + "name": "DB_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "JWS Admin User", + "name": "JWS_ADMIN_USERNAME", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "JWS Admin Password", + "name": "JWS_ADMIN_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "GitHub trigger secret", + "name": "GITHUB_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Generic build trigger secret", + "name": "GENERIC_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.", + "name": "IMAGE_STREAM_NAMESPACE", + "value": "openshift", + "required": true + } + ], + "objects": [ + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8080, + "targetPort": 8080 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's http port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8443, + "targetPort": 8443 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's https port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 3306, + "targetPort": 3306 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-mysql" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-mysql", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The database server's port." + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-http", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's http service." + } + }, + "spec": { + "host": "${APPLICATION_DOMAIN}", + "to": { + "name": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-https", + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's https service." + } + }, + "spec": { + "host": "${APPLICATION_DOMAIN}", + "to": { + "name": "secure-${APPLICATION_NAME}" + }, + "tls": { + "termination": "passthrough" + } + } + }, + { + "kind": "ImageStream", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "BuildConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "source": { + "type": "Git", + "git": { + "uri": "${SOURCE_REPOSITORY_URL}", + "ref": "${SOURCE_REPOSITORY_REF}" + }, + "contextDir": "${CONTEXT_DIR}" + }, + "strategy": { + "type": "Source", + "sourceStrategy": { + "forcePull": true, + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "jboss-webserver30-tomcat8-openshift:1.1" + } + } + }, + "output": { + "to": { + "kind": "ImageStreamTag", + "name": "${APPLICATION_NAME}:latest" + } + }, + "triggers": [ + { + "type": "GitHub", + "github": { + "secret": "${GITHUB_WEBHOOK_SECRET}" + } + }, + { + "type": "Generic", + "generic": { + "secret": "${GENERIC_WEBHOOK_SECRET}" + } + }, + { + "type": "ImageChange", + "imageChange": {} + }, + { + "type": "ConfigChange" + } + ] + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}" + ], + "from": { + "kind": "ImageStream", + "name": "${APPLICATION_NAME}" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "serviceAccount": "jws-service-account", + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}", + "image": "${APPLICATION_NAME}", + "imagePullPolicy": "Always", + "readinessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'" + ] + } + }, + "volumeMounts": [ + { + "name": "jws-certificate-volume", + "mountPath": "/etc/jws-secret-volume", + "readOnly": true + } + ], + "ports": [ + { + "name": "http", + "containerPort": 8080, + "protocol": "TCP" + }, + { + "name": "https", + "containerPort": 8443, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "DB_SERVICE_PREFIX_MAPPING", + "value": "${APPLICATION_NAME}-mysql=DB" + }, + { + "name": "DB_JNDI", + "value": "${DB_JNDI}" + }, + { + "name": "DB_USERNAME", + "value": "${DB_USERNAME}" + }, + { + "name": "DB_PASSWORD", + "value": "${DB_PASSWORD}" + }, + { + "name": "DB_DATABASE", + "value": "${DB_DATABASE}" + }, + { + "name": "DB_MIN_POOL_SIZE", + "value": "${DB_MIN_POOL_SIZE}" + }, + { + "name": "DB_MAX_POOL_SIZE", + "value": "${DB_MAX_POOL_SIZE}" + }, + { + "name": "DB_TX_ISOLATION", + "value": "${DB_TX_ISOLATION}" + }, + { + "name": "JWS_HTTPS_CERTIFICATE_DIR", + "value": "/etc/jws-secret-volume" + }, + { + "name": "JWS_HTTPS_CERTIFICATE", + "value": "${JWS_HTTPS_CERTIFICATE}" + }, + { + "name": "JWS_HTTPS_CERTIFICATE_KEY", + "value": "${JWS_HTTPS_CERTIFICATE_KEY}" + }, + { + "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", + "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}" + }, + { + "name": "JWS_ADMIN_USERNAME", + "value": "${JWS_ADMIN_USERNAME}" + }, + { + "name": "JWS_ADMIN_PASSWORD", + "value": "${JWS_ADMIN_PASSWORD}" + } + ] + } + ], + "volumes": [ + { + "name": "jws-certificate-volume", + "secret": { + "secretName": "${JWS_HTTPS_SECRET}" + } + } + ] + } + } + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}-mysql", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}-mysql" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "mysql:latest" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-mysql" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}-mysql", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}-mysql", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}-mysql", + "image": "mysql", + "ports": [ + { + "containerPort": 3306, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "MYSQL_USER", + "value": "${DB_USERNAME}" + }, + { + "name": "MYSQL_PASSWORD", + "value": "${DB_PASSWORD}" + }, + { + "name": "MYSQL_DATABASE", + "value": "${DB_DATABASE}" + }, + { + "name": "MYSQL_LOWER_CASE_TABLE_NAMES", + "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}" + }, + { + "name": "MYSQL_MAX_CONNECTIONS", + "value": "${MYSQL_MAX_CONNECTIONS}" + }, + { + "name": "MYSQL_FT_MIN_WORD_LEN", + "value": "${MYSQL_FT_MIN_WORD_LEN}" + }, + { + "name": "MYSQL_FT_MAX_WORD_LEN", + "value": "${MYSQL_FT_MAX_WORD_LEN}" + }, + { + "name": "MYSQL_AIO", + "value": "${MYSQL_AIO}" + } + ] + } + ] + } + } + } + } + ] +} \ No newline at end of file diff --git a/roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat8-postgresql-persistent-s2i.json b/roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat8-postgresql-persistent-s2i.json new file mode 100644 index 000000000..dc492a38e --- /dev/null +++ b/roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat8-postgresql-persistent-s2i.json @@ -0,0 +1,618 @@ +{ + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "annotations": { + "iconClass": "icon-tomcat", + "description": "Application template for JWS PostgreSQL applications with persistent storage built using S2I.", + "tags": "tomcat,tomcat8,postgresql,java,database,jboss,xpaas", + "version": "1.1.0" + }, + "name": "jws30-tomcat8-postgresql-persistent-s2i" + }, + "labels": { + "template": "jws30-tomcat8-postgresql-persistent-s2i", + "xpaas": "1.1.0" + }, + "parameters": [ + { + "description": "The name for the application.", + "name": "APPLICATION_NAME", + "value": "jws-app", + "required": true + }, + { + "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", + "name": "APPLICATION_DOMAIN", + "value": "", + "required": false + }, + { + "description": "Git source URI for application", + "name": "SOURCE_REPOSITORY_URL", + "value": "https://github.com/jboss-openshift/openshift-quickstarts", + "required": true + }, + { + "description": "Git branch/tag reference", + "name": "SOURCE_REPOSITORY_REF", + "value": "1.1", + "required": false + }, + { + "description": "Path within Git project to build; empty for root project directory.", + "name": "CONTEXT_DIR", + "value": "todolist/todolist-jdbc", + "required": false + }, + { + "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb", + "name": "DB_JNDI", + "value": "java:jboss/datasources/TodoListDS", + "required": false + }, + { + "description": "Database name", + "name": "DB_DATABASE", + "value": "root", + "required": true + }, + { + "description": "Size of persistent storage for database volume.", + "name": "VOLUME_CAPACITY", + "value": "512Mi", + "required": true + }, + { + "description": "The name of the secret containing the certificate files", + "name": "JWS_HTTPS_SECRET", + "value": "jws-app-secret", + "required": true + }, + { + "description": "The name of the certificate file within the secret", + "name": "JWS_HTTPS_CERTIFICATE", + "value": "server.crt", + "required": false + }, + { + "description": "The name of the certificate key file within the secret", + "name": "JWS_HTTPS_CERTIFICATE_KEY", + "value": "server.key", + "required": false + }, + { + "description": "The certificate password", + "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", + "value": "", + "required": false + }, + { + "description": "Sets xa-pool/min-pool-size for the configured datasource.", + "name": "DB_MIN_POOL_SIZE", + "required": false + }, + { + "description": "Sets xa-pool/max-pool-size for the configured datasource.", + "name": "DB_MAX_POOL_SIZE", + "required": false + }, + { + "description": "Sets transaction-isolation for the configured datasource.", + "name": "DB_TX_ISOLATION", + "required": false + }, + { + "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.", + "name": "POSTGRESQL_MAX_CONNECTIONS", + "required": false + }, + { + "description": "Configures how much memory is dedicated to PostgreSQL for caching data.", + "name": "POSTGRESQL_SHARED_BUFFERS", + "required": false + }, + { + "description": "Database user name", + "name": "DB_USERNAME", + "from": "user[a-zA-Z0-9]{3}", + "generate": "expression", + "required": true + }, + { + "description": "Database user password", + "name": "DB_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "JWS Admin User", + "name": "JWS_ADMIN_USERNAME", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "JWS Admin Password", + "name": "JWS_ADMIN_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "GitHub trigger secret", + "name": "GITHUB_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Generic build trigger secret", + "name": "GENERIC_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.", + "name": "IMAGE_STREAM_NAMESPACE", + "value": "openshift", + "required": true + } + ], + "objects": [ + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8080, + "targetPort": 8080 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's http port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8443, + "targetPort": 8443 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's https port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 5432, + "targetPort": 5432 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-postgresql" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-postgresql", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The database server's port." + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-http", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's http service." + } + }, + "spec": { + "host": "${APPLICATION_DOMAIN}", + "to": { + "name": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-https", + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's https service." + } + }, + "spec": { + "host": "${APPLICATION_DOMAIN}", + "to": { + "name": "secure-${APPLICATION_NAME}" + }, + "tls": { + "termination": "passthrough" + } + } + }, + { + "kind": "ImageStream", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "BuildConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "source": { + "type": "Git", + "git": { + "uri": "${SOURCE_REPOSITORY_URL}", + "ref": "${SOURCE_REPOSITORY_REF}" + }, + "contextDir": "${CONTEXT_DIR}" + }, + "strategy": { + "type": "Source", + "sourceStrategy": { + "forcePull": true, + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "jboss-webserver30-tomcat8-openshift:1.1" + } + } + }, + "output": { + "to": { + "kind": "ImageStreamTag", + "name": "${APPLICATION_NAME}:latest" + } + }, + "triggers": [ + { + "type": "GitHub", + "github": { + "secret": "${GITHUB_WEBHOOK_SECRET}" + } + }, + { + "type": "Generic", + "generic": { + "secret": "${GENERIC_WEBHOOK_SECRET}" + } + }, + { + "type": "ImageChange", + "imageChange": {} + }, + { + "type": "ConfigChange" + } + ] + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}" + ], + "from": { + "kind": "ImageStream", + "name": "${APPLICATION_NAME}" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "serviceAccount": "jws-service-account", + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}", + "image": "${APPLICATION_NAME}", + "imagePullPolicy": "Always", + "readinessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'" + ] + } + }, + "volumeMounts": [ + { + "name": "jws-certificate-volume", + "mountPath": "/etc/jws-secret-volume", + "readOnly": true + } + ], + "ports": [ + { + "name": "http", + "containerPort": 8080, + "protocol": "TCP" + }, + { + "name": "https", + "containerPort": 8443, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "DB_SERVICE_PREFIX_MAPPING", + "value": "${APPLICATION_NAME}-postgresql=DB" + }, + { + "name": "DB_JNDI", + "value": "${DB_JNDI}" + }, + { + "name": "DB_USERNAME", + "value": "${DB_USERNAME}" + }, + { + "name": "DB_PASSWORD", + "value": "${DB_PASSWORD}" + }, + { + "name": "DB_DATABASE", + "value": "${DB_DATABASE}" + }, + { + "name": "DB_MIN_POOL_SIZE", + "value": "${DB_MIN_POOL_SIZE}" + }, + { + "name": "DB_MAX_POOL_SIZE", + "value": "${DB_MAX_POOL_SIZE}" + }, + { + "name": "DB_TX_ISOLATION", + "value": "${DB_TX_ISOLATION}" + }, + { + "name": "JWS_HTTPS_CERTIFICATE_DIR", + "value": "/etc/jws-secret-volume" + }, + { + "name": "JWS_HTTPS_CERTIFICATE", + "value": "${JWS_HTTPS_CERTIFICATE}" + }, + { + "name": "JWS_HTTPS_CERTIFICATE_KEY", + "value": "${JWS_HTTPS_CERTIFICATE_KEY}" + }, + { + "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", + "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}" + }, + { + "name": "JWS_ADMIN_USERNAME", + "value": "${JWS_ADMIN_USERNAME}" + }, + { + "name": "JWS_ADMIN_PASSWORD", + "value": "${JWS_ADMIN_PASSWORD}" + } + ] + } + ], + "volumes": [ + { + "name": "jws-certificate-volume", + "secret": { + "secretName": "${JWS_HTTPS_SECRET}" + } + } + ] + } + } + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}-postgresql", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}-postgresql" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "postgresql:latest" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-postgresql" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}-postgresql", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}-postgresql", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "terminationGracePeriodSeconds": 60, + "containers": [ + { + "name": "${APPLICATION_NAME}-postgresql", + "image": "postgresql", + "ports": [ + { + "containerPort": 5432, + "protocol": "TCP" + } + ], + "volumeMounts": [ + { + "mountPath": "/var/lib/pgsql/data", + "name": "${APPLICATION_NAME}-postgresql-pvol" + } + ], + "env": [ + { + "name": "POSTGRESQL_USER", + "value": "${DB_USERNAME}" + }, + { + "name": "POSTGRESQL_PASSWORD", + "value": "${DB_PASSWORD}" + }, + { + "name": "POSTGRESQL_DATABASE", + "value": "${DB_DATABASE}" + }, + { + "name": "POSTGRESQL_MAX_CONNECTIONS", + "value": "${POSTGRESQL_MAX_CONNECTIONS}" + }, + { + "name": "POSTGRESQL_SHARED_BUFFERS", + "value": "${POSTGRESQL_SHARED_BUFFERS}" + } + ] + } + ], + "volumes": [ + { + "name": "${APPLICATION_NAME}-postgresql-pvol", + "persistentVolumeClaim": { + "claimName": "${APPLICATION_NAME}-postgresql-claim" + } + } + ] + } + } + } + }, + { + "apiVersion": "v1", + "kind": "PersistentVolumeClaim", + "metadata": { + "name": "${APPLICATION_NAME}-postgresql-claim", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "accessModes": [ + "ReadWriteOnce" + ], + "resources": { + "requests": { + "storage": "${VOLUME_CAPACITY}" + } + } + } + } + ] +} \ No newline at end of file diff --git a/roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat8-postgresql-s2i.json b/roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat8-postgresql-s2i.json new file mode 100644 index 000000000..242b37a79 --- /dev/null +++ b/roles/openshift_examples/files/examples/xpaas-templates/jws30-tomcat8-postgresql-s2i.json @@ -0,0 +1,576 @@ +{ + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "annotations": { + "iconClass": "icon-tomcat", + "description": "Application template for JWS PostgreSQL applications built using S2I.", + "tags": "tomcat,tomcat8,postgresql,java,database,jboss,xpaas", + "version": "1.1.0" + }, + "name": "jws30-tomcat8-postgresql-s2i" + }, + "labels": { + "template": "jws30-tomcat8-postgresql-s2i", + "xpaas": "1.1.0" + }, + "parameters": [ + { + "description": "The name for the application.", + "name": "APPLICATION_NAME", + "value": "jws-app", + "required": true + }, + { + "description": "Custom hostname for service routes. Leave blank for default hostname, e.g.: ..", + "name": "APPLICATION_DOMAIN", + "value": "", + "required": false + }, + { + "description": "Git source URI for application", + "name": "SOURCE_REPOSITORY_URL", + "value": "https://github.com/jboss-openshift/openshift-quickstarts", + "required": true + }, + { + "description": "Git branch/tag reference", + "name": "SOURCE_REPOSITORY_REF", + "value": "1.1", + "required": false + }, + { + "description": "Path within Git project to build; empty for root project directory.", + "name": "CONTEXT_DIR", + "value": "todolist/todolist-jdbc", + "required": false + }, + { + "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mongodb", + "name": "DB_JNDI", + "value": "java:jboss/datasources/TodoListDS", + "required": false + }, + { + "description": "Database name", + "name": "DB_DATABASE", + "value": "root", + "required": true + }, + { + "description": "The name of the secret containing the certificate files", + "name": "JWS_HTTPS_SECRET", + "value": "jws-app-secret", + "required": true + }, + { + "description": "The name of the certificate file within the secret", + "name": "JWS_HTTPS_CERTIFICATE", + "value": "server.crt", + "required": false + }, + { + "description": "The name of the certificate key file within the secret", + "name": "JWS_HTTPS_CERTIFICATE_KEY", + "value": "server.key", + "required": false + }, + { + "description": "The certificate password", + "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", + "value": "", + "required": false + }, + { + "description": "Sets xa-pool/min-pool-size for the configured datasource.", + "name": "DB_MIN_POOL_SIZE", + "required": false + }, + { + "description": "Sets xa-pool/max-pool-size for the configured datasource.", + "name": "DB_MAX_POOL_SIZE", + "required": false + }, + { + "description": "Sets transaction-isolation for the configured datasource.", + "name": "DB_TX_ISOLATION", + "required": false + }, + { + "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.", + "name": "POSTGRESQL_MAX_CONNECTIONS", + "required": false + }, + { + "description": "Configures how much memory is dedicated to PostgreSQL for caching data.", + "name": "POSTGRESQL_SHARED_BUFFERS", + "required": false + }, + { + "description": "Database user name", + "name": "DB_USERNAME", + "from": "user[a-zA-Z0-9]{3}", + "generate": "expression", + "required": true + }, + { + "description": "Database user password", + "name": "DB_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "JWS Admin User", + "name": "JWS_ADMIN_USERNAME", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "JWS Admin Password", + "name": "JWS_ADMIN_PASSWORD", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "GitHub trigger secret", + "name": "GITHUB_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Generic build trigger secret", + "name": "GENERIC_WEBHOOK_SECRET", + "from": "[a-zA-Z0-9]{8}", + "generate": "expression", + "required": true + }, + { + "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.", + "name": "IMAGE_STREAM_NAMESPACE", + "value": "openshift", + "required": true + } + ], + "objects": [ + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8080, + "targetPort": 8080 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's http port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 8443, + "targetPort": 8443 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + } + }, + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The web server's https port." + } + } + }, + { + "kind": "Service", + "apiVersion": "v1", + "spec": { + "ports": [ + { + "port": 5432, + "targetPort": 5432 + } + ], + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-postgresql" + } + }, + "metadata": { + "name": "${APPLICATION_NAME}-postgresql", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "The database server's port." + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-http", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's http service." + } + }, + "spec": { + "host": "${APPLICATION_DOMAIN}", + "to": { + "name": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "Route", + "apiVersion": "v1", + "id": "${APPLICATION_NAME}-https", + "metadata": { + "name": "secure-${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + }, + "annotations": { + "description": "Route for application's https service." + } + }, + "spec": { + "host": "${APPLICATION_DOMAIN}", + "to": { + "name": "secure-${APPLICATION_NAME}" + }, + "tls": { + "termination": "passthrough" + } + } + }, + { + "kind": "ImageStream", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + } + }, + { + "kind": "BuildConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "source": { + "type": "Git", + "git": { + "uri": "${SOURCE_REPOSITORY_URL}", + "ref": "${SOURCE_REPOSITORY_REF}" + }, + "contextDir": "${CONTEXT_DIR}" + }, + "strategy": { + "type": "Source", + "sourceStrategy": { + "forcePull": true, + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "jboss-webserver30-tomcat8-openshift:1.1" + } + } + }, + "output": { + "to": { + "kind": "ImageStreamTag", + "name": "${APPLICATION_NAME}:latest" + } + }, + "triggers": [ + { + "type": "GitHub", + "github": { + "secret": "${GITHUB_WEBHOOK_SECRET}" + } + }, + { + "type": "Generic", + "generic": { + "secret": "${GENERIC_WEBHOOK_SECRET}" + } + }, + { + "type": "ImageChange", + "imageChange": {} + }, + { + "type": "ConfigChange" + } + ] + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}" + ], + "from": { + "kind": "ImageStream", + "name": "${APPLICATION_NAME}" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "serviceAccount": "jws-service-account", + "containers": [ + { + "name": "${APPLICATION_NAME}", + "image": "${APPLICATION_NAME}", + "imagePullPolicy": "Always", + "readinessProbe": { + "exec": { + "command": [ + "/bin/bash", + "-c", + "curl -s -u ${JWS_ADMIN_USERNAME}:${JWS_ADMIN_PASSWORD} 'http://localhost:8080/manager/jmxproxy/?get=Catalina%3Atype%3DServer&att=stateName' |grep -iq 'stateName *= *STARTED'" + ] + } + }, + "volumeMounts": [ + { + "name": "jws-certificate-volume", + "mountPath": "/etc/jws-secret-volume", + "readOnly": true + } + ], + "ports": [ + { + "name": "http", + "containerPort": 8080, + "protocol": "TCP" + }, + { + "name": "https", + "containerPort": 8443, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "DB_SERVICE_PREFIX_MAPPING", + "value": "${APPLICATION_NAME}-postgresql=DB" + }, + { + "name": "DB_JNDI", + "value": "${DB_JNDI}" + }, + { + "name": "DB_USERNAME", + "value": "${DB_USERNAME}" + }, + { + "name": "DB_PASSWORD", + "value": "${DB_PASSWORD}" + }, + { + "name": "DB_DATABASE", + "value": "${DB_DATABASE}" + }, + { + "name": "DB_MIN_POOL_SIZE", + "value": "${DB_MIN_POOL_SIZE}" + }, + { + "name": "DB_MAX_POOL_SIZE", + "value": "${DB_MAX_POOL_SIZE}" + }, + { + "name": "DB_TX_ISOLATION", + "value": "${DB_TX_ISOLATION}" + }, + { + "name": "JWS_HTTPS_CERTIFICATE_DIR", + "value": "/etc/jws-secret-volume" + }, + { + "name": "JWS_HTTPS_CERTIFICATE", + "value": "${JWS_HTTPS_CERTIFICATE}" + }, + { + "name": "JWS_HTTPS_CERTIFICATE_KEY", + "value": "${JWS_HTTPS_CERTIFICATE_KEY}" + }, + { + "name": "JWS_HTTPS_CERTIFICATE_PASSWORD", + "value": "${JWS_HTTPS_CERTIFICATE_PASSWORD}" + }, + { + "name": "JWS_ADMIN_USERNAME", + "value": "${JWS_ADMIN_USERNAME}" + }, + { + "name": "JWS_ADMIN_PASSWORD", + "value": "${JWS_ADMIN_PASSWORD}" + } + ] + } + ], + "volumes": [ + { + "name": "jws-certificate-volume", + "secret": { + "secretName": "${JWS_HTTPS_SECRET}" + } + } + ] + } + } + } + }, + { + "kind": "DeploymentConfig", + "apiVersion": "v1", + "metadata": { + "name": "${APPLICATION_NAME}-postgresql", + "labels": { + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "strategy": { + "type": "Recreate" + }, + "triggers": [ + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${APPLICATION_NAME}-postgresql" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_STREAM_NAMESPACE}", + "name": "postgresql:latest" + } + } + }, + { + "type": "ConfigChange" + } + ], + "replicas": 1, + "selector": { + "deploymentConfig": "${APPLICATION_NAME}-postgresql" + }, + "template": { + "metadata": { + "name": "${APPLICATION_NAME}-postgresql", + "labels": { + "deploymentConfig": "${APPLICATION_NAME}-postgresql", + "application": "${APPLICATION_NAME}" + } + }, + "spec": { + "containers": [ + { + "name": "${APPLICATION_NAME}-postgresql", + "image": "postgresql", + "ports": [ + { + "containerPort": 5432, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "POSTGRESQL_USER", + "value": "${DB_USERNAME}" + }, + { + "name": "POSTGRESQL_PASSWORD", + "value": "${DB_PASSWORD}" + }, + { + "name": "POSTGRESQL_DATABASE", + "value": "${DB_DATABASE}" + }, + { + "name": "POSTGRESQL_MAX_CONNECTIONS", + "value": "${POSTGRESQL_MAX_CONNECTIONS}" + }, + { + "name": "POSTGRESQL_SHARED_BUFFERS", + "value": "${POSTGRESQL_SHARED_BUFFERS}" + } + ] + } + ] + } + } + } + } + ] +} \ No newline at end of file -- cgit v1.2.3 From 18a1d80fd75d14b7a7a5463e5dfe7637b05aa222 Mon Sep 17 00:00:00 2001 From: Scott Dodson Date: Mon, 2 Nov 2015 09:12:44 -0500 Subject: Migrate xpaas content from pre v1.1.0 This removes existing templates from disk and from the openshift namespace. --- roles/openshift_examples/tasks/main.yml | 50 +++++++++++++++++++++++++++++++++ 1 file changed, 50 insertions(+) diff --git a/roles/openshift_examples/tasks/main.yml b/roles/openshift_examples/tasks/main.yml index f48e207e7..0b4784bae 100644 --- a/roles/openshift_examples/tasks/main.yml +++ b/roles/openshift_examples/tasks/main.yml @@ -53,6 +53,56 @@ failed_when: "'already exists' not in oex_import_infrastructure.stderr and oex_import_infrastructure.rc != 0" changed_when: false +# The 1.1 release of the xpaas content for OpenShift renamed all the templates +- name: Remove old xpaas templates from filesystem + file: + path: "{{ xpaas_templates_base }}/{{ item }}" + state: absent + with_items: + - amq6-persistent.json + - amq6.json + - eap6-amq-persistent-sti.json + - eap6-amq-sti.json + - eap6-basic-sti.json + - eap6-https-sti.json + - eap6-mongodb-persistent-sti.json + - eap6-mongodb-sti.json + - eap6-mysql-persistent-sti.json + - eap6-mysql-sti.json + - eap6-postgresql-persistent-sti.json + - eap6-postgresql-sti.json + - jws-tomcat7-basic-sti.json + - jws-tomcat7-https-sti.json + - jws-tomcat7-mongodb-sti.json + - jws-tomcat7-mongodb-persistent-sti.json + - jws-tomcat7-mysql-persistent-sti.json + - jws-tomcat7-mysql-sti.json + - jws-tomcat7-postgresql-persistent-sti.json + - jws-tomcat8-postgresql-persistent-sti.json + - jws-tomcat8-basic-sti.json + - jws-tomcat8-https-sti.json + - jws-tomcat8-mongodb-sti.json + - jws-tomcat8-mongodb-persistent-sti.json + - jws-tomcat8-mysql-sti.json + - jws-tomcat8-mysql-persistent-sti.json + - jws-tomcat8-postgresql-sti.json + - jws-tomcat7-postgresql-sti.json + +- name: Remove old xpaas templates from openshift namespace + command: > + {{ openshift.common.client_binary }} -n openshift delete + templates/amq6 templates/amq6-persistent templates/eap6-amq-persistent-sti templates/eap6-amq-sti \ + templates/eap6-basic-sti templates/eap6-basic-sti templates/eap6-mongodb-persistent-sti templates/eap6-mongodb-sti \ + templates/eap6-mysql-persistent-sti templates/eap6-mysql-sti templates/eap6-postgresql-persistent-sti \ + templates/eap6-postgresql-sti templates/jws-tomcat7-basic-sti templates/jws-tomcat7-basic-sti \ + templates/jws-tomcat7-mongodb-persistent-sti templates/jws-tomcat7-mongodb-sti \ + templates/jws-tomcat7-mysql-persistent-sti templates/jws-tomcat7-mysql-sti \ + templates/jws-tomcat7-postgresql-persistent-sti templates/jws-tomcat7-postgresql-sti \ + templates/jws-tomcat8-basic-sti templates/jws-tomcat8-basic-sti templates/jws-tomcat8-mongodb-persistent-sti + when: openshift_examples_load_xpaas | bool + register: oex_delete_old_xpaas_templates + failed_when: "'not found' not in oex_delete_old_xpaas_templates.stderr and oex_delete_old_xpaas_templates.rc != 0" + changed_when: false - name: Import xPaas image streams command: > -- cgit v1.2.3 From c9a52a1dc0415aa0aea44153ffaf733ee0c98963 Mon Sep 17 00:00:00 2001 From: Scott Dodson Date: Wed, 11 Nov 2015 14:16:06 -0500 Subject: Sync with the latest image streams --- .../image-streams/image-streams-centos7.json | 207 +++++++++++++++++---- .../image-streams/image-streams-rhel7.json | 196 +++++++++++++++---- 2 files changed, 327 insertions(+), 76 deletions(-) diff --git a/roles/openshift_examples/files/examples/image-streams/image-streams-centos7.json b/roles/openshift_examples/files/examples/image-streams/image-streams-centos7.json index 268d680f4..1a78b1279 100644 --- a/roles/openshift_examples/files/examples/image-streams/image-streams-centos7.json +++ b/roles/openshift_examples/files/examples/image-streams/image-streams-centos7.json @@ -11,10 +11,13 @@ "creationTimestamp": null }, "spec": { - "dockerImageRepository": "openshift/ruby-20-centos7", "tags": [ { - "name": "latest" + "name": "latest", + "from": { + "Kind": "ImageStreamTag", + "Name": "2.0" + } }, { "name": "2.0", @@ -27,8 +30,23 @@ "sampleRepo": "https://github.com/openshift/ruby-ex.git" }, "from": { - "Kind": "ImageStreamTag", - "Name": "latest" + "Kind": "DockerImage", + "Name": "openshift/ruby-20-centos7:latest" + } + }, + { + "name": "2.2", + "annotations": { + "description": "Build and run Ruby 2.2 applications", + "iconClass": "icon-ruby", + "tags": "builder,ruby", + "supports": "ruby:2.2,ruby", + "version": "2.2", + "sampleRepo": "https://github.com/openshift/ruby-ex.git" + }, + "from": { + "Kind": "DockerImage", + "Name": "centos/ruby-22-centos7:latest" } } ] @@ -42,10 +60,13 @@ "creationTimestamp": null }, "spec": { - "dockerImageRepository": "openshift/nodejs-010-centos7", "tags": [ { - "name": "latest" + "name": "latest", + "from": { + "Kind": "ImageStreamTag", + "Name": "0.10" + } }, { "name": "0.10", @@ -58,8 +79,8 @@ "sampleRepo": "https://github.com/openshift/nodejs-ex.git" }, "from": { - "Kind": "ImageStreamTag", - "Name": "latest" + "Kind": "DockerImage", + "Name": "openshift/nodejs-010-centos7:latest" } } ] @@ -73,10 +94,13 @@ "creationTimestamp": null }, "spec": { - "dockerImageRepository": "openshift/perl-516-centos7", "tags": [ { - "name": "latest" + "name": "latest", + "from": { + "Kind": "ImageStreamTag", + "Name": "5.16" + } }, { "name": "5.16", @@ -89,9 +113,25 @@ "sampleRepo": "https://github.com/openshift/dancer-ex.git" }, "from": { - "Kind": "ImageStreamTag", - "Name": "latest" + "Kind": "DockerImage", + "Name": "openshift/perl-516-centos7:latest" } + }, + { + "name": "5.20", + "annotations": { + "description": "Build and run Perl 5.20 applications", + "iconClass": "icon-perl", + "tags": "builder,perl", + "supports":"perl:5.20,perl", + "version": "5.20", + "sampleRepo": "https://github.com/openshift/dancer-ex.git" + }, + "from": { + "Kind": "DockerImage", + "Name": "centos/perl-520-centos7:latest" + } + } ] } @@ -104,10 +144,13 @@ "creationTimestamp": null }, "spec": { - "dockerImageRepository": "openshift/php-55-centos7", "tags": [ { - "name": "latest" + "name": "latest", + "from": { + "Kind": "ImageStreamTag", + "Name": "5.5" + } }, { "name": "5.5", @@ -120,8 +163,23 @@ "sampleRepo": "https://github.com/openshift/cakephp-ex.git" }, "from": { - "Kind": "ImageStreamTag", - "Name": "latest" + "Kind": "DockerImage", + "Name": "openshift/php-55-centos7:latest" + } + }, + { + "name": "5.6", + "annotations": { + "description": "Build and run PHP 5.6 applications", + "iconClass": "icon-php", + "tags": "builder,php", + "supports":"php:5.6,php", + "version": "5.6", + "sampleRepo": "https://github.com/openshift/cakephp-ex.git" + }, + "from": { + "Kind": "DockerImage", + "Name": "centos/php-56-centos7:latest" } } ] @@ -135,10 +193,13 @@ "creationTimestamp": null }, "spec": { - "dockerImageRepository": "openshift/python-33-centos7", "tags": [ { - "name": "latest" + "name": "latest", + "from": { + "Kind": "ImageStreamTag", + "Name": "3.3" + } }, { "name": "3.3", @@ -151,8 +212,38 @@ "sampleRepo": "https://github.com/openshift/django-ex.git" }, "from": { - "Kind": "ImageStreamTag", - "Name": "latest" + "Kind": "DockerImage", + "Name": "openshift/python-33-centos7:latest" + } + }, + { + "name": "2.7", + "annotations": { + "description": "Build and run Python 2.7 applications", + "iconClass": "icon-python", + "tags": "builder,python", + "supports":"python:2.7,python", + "version": "2.7", + "sampleRepo": "https://github.com/openshift/django-ex.git" + }, + "from": { + "Kind": "DockerImage", + "Name": "centos/python-27-centos7:latest" + } + }, + { + "name": "3.4", + "annotations": { + "description": "Build and run Python 3.4 applications", + "iconClass": "icon-python", + "tags": "builder,python", + "supports":"python:3.4,python", + "version": "3.4", + "sampleRepo": "https://github.com/openshift/django-ex.git" + }, + "from": { + "Kind": "DockerImage", + "Name": "centos/python-34-centos7:latest" } } ] @@ -166,10 +257,13 @@ "creationTimestamp": null }, "spec": { - "dockerImageRepository": "openshift/wildfly-81-centos7", "tags": [ { - "name": "latest" + "name": "latest", + "from": { + "Kind": "ImageStreamTag", + "Name": "8.1" + } }, { "name": "8.1", @@ -182,8 +276,8 @@ "sampleRepo": "https://github.com/bparees/openshift-jee-sample.git" }, "from": { - "Kind": "ImageStreamTag", - "Name": "latest" + "Kind": "DockerImage", + "Name": "openshift/wildfly-81-centos7:latest" } } ] @@ -197,16 +291,26 @@ "creationTimestamp": null }, "spec": { - "dockerImageRepository": "openshift/mysql-55-centos7", "tags": [ { - "name": "latest" + "name": "latest", + "from": { + "Kind": "ImageStreamTag", + "Name": "5.5" + } }, { "name": "5.5", "from": { - "Kind": "ImageStreamTag", - "Name": "latest" + "Kind": "DockerImage", + "Name": "openshift/mysql-55-centos7:latest" + } + }, + { + "name": "5.6", + "from": { + "Kind": "DockerImage", + "Name": "centos/mysql-56-centos7:latest" } } ] @@ -220,16 +324,26 @@ "creationTimestamp": null }, "spec": { - "dockerImageRepository": "openshift/postgresql-92-centos7", "tags": [ { - "name": "latest" + "name": "latest", + "from": { + "Kind": "ImageStreamTag", + "Name": "9.2" + } }, { "name": "9.2", "from": { - "Kind": "ImageStreamTag", - "Name": "latest" + "Kind": "DockerImage", + "Name": "openshift/postgresql-92-centos7:latest" + } + }, + { + "name": "9.4", + "from": { + "Kind": "DockerImage", + "Name": "centos/postgresql-94-centos7:latest" } } ] @@ -243,16 +357,26 @@ "creationTimestamp": null }, "spec": { - "dockerImageRepository": "openshift/mongodb-24-centos7", "tags": [ { - "name": "latest" + "name": "latest", + "from": { + "Kind": "ImageStreamTag", + "Name": "2.4" + } }, { "name": "2.4", "from": { - "Kind": "ImageStreamTag", - "Name": "latest" + "Kind": "DockerImage", + "Name": "openshift/mongodb-24-centos7:latest" + } + }, + { + "name": "2.6", + "from": { + "Kind": "DockerImage", + "Name": "centos/mongodb-26-centos7:latest" } } ] @@ -266,16 +390,19 @@ "creationTimestamp": null }, "spec": { - "dockerImageRepository": "openshift/jenkins-1-centos7", "tags": [ { - "name": "latest" + "name": "latest", + "from": { + "Kind": "ImageStreamTag", + "Name": "1" + } }, { "name": "1", "from": { - "Kind": "ImageStreamTag", - "Name": "latest" + "Kind": "DockerImage", + "Name": "openshift/jenkins-1-centos7:latest" } } ] diff --git a/roles/openshift_examples/files/examples/image-streams/image-streams-rhel7.json b/roles/openshift_examples/files/examples/image-streams/image-streams-rhel7.json index aa62ebd53..d2a8cfb1d 100644 --- a/roles/openshift_examples/files/examples/image-streams/image-streams-rhel7.json +++ b/roles/openshift_examples/files/examples/image-streams/image-streams-rhel7.json @@ -11,10 +11,13 @@ "creationTimestamp": null }, "spec": { - "dockerImageRepository": "registry.access.redhat.com/openshift3/ruby-20-rhel7", "tags": [ { - "name": "latest" + "name": "latest", + "from": { + "Kind": "ImageStreamTag", + "Name": "2.0" + } }, { "name": "2.0", @@ -27,8 +30,23 @@ "sampleRepo": "https://github.com/openshift/ruby-ex.git" }, "from": { - "Kind": "ImageStreamTag", - "Name": "latest" + "Kind": "DockerImage", + "Name": "registry.access.redhat.com/openshift3/ruby-20-rhel7:latest" + } + }, + { + "name": "2.2", + "annotations": { + "description": "Build and run Ruby 2.2 applications", + "iconClass": "icon-ruby", + "tags": "builder,ruby", + "supports": "ruby:2.2,ruby", + "version": "2.2", + "sampleRepo": "https://github.com/openshift/ruby-ex.git" + }, + "from": { + "Kind": "DockerImage", + "Name": "registry.access.redhat.com/rhscl/ruby-22-rhel7:latest" } } ] @@ -42,10 +60,13 @@ "creationTimestamp": null }, "spec": { - "dockerImageRepository": "registry.access.redhat.com/openshift3/nodejs-010-rhel7", "tags": [ { - "name": "latest" + "name": "latest", + "from": { + "Kind": "ImageStreamTag", + "Name": "0.10" + } }, { "name": "0.10", @@ -58,8 +79,8 @@ "sampleRepo": "https://github.com/openshift/nodejs-ex.git" }, "from": { - "Kind": "ImageStreamTag", - "Name": "latest" + "Kind": "DockerImage", + "Name": "registry.access.redhat.com/openshift3/nodejs-010-rhel7:latest" } } ] @@ -73,10 +94,13 @@ "creationTimestamp": null }, "spec": { - "dockerImageRepository": "registry.access.redhat.com/openshift3/perl-516-rhel7", "tags": [ { - "name": "latest" + "name": "latest", + "from": { + "Kind": "ImageStreamTag", + "Name": "5.16" + } }, { "name": "5.16", @@ -89,9 +113,25 @@ "sampleRepo": "https://github.com/openshift/dancer-ex.git" }, "from": { - "Kind": "ImageStreamTag", - "Name": "latest" + "Kind": "DockerImage", + "Name": "registry.access.redhat.com/openshift3/perl-516-rhel7:latest" + } + }, + { + "name": "5.20", + "annotations": { + "description": "Build and run Perl 5.20 applications", + "iconClass": "icon-perl", + "tags": "builder,perl", + "supports":"perl:5.20,perl", + "version": "5.20", + "sampleRepo": "https://github.com/openshift/dancer-ex.git" + }, + "from": { + "Kind": "DockerImage", + "Name": "registry.access.redhat.com/rhscl/perl-520-rhel7:latest" } + } ] } @@ -104,10 +144,13 @@ "creationTimestamp": null }, "spec": { - "dockerImageRepository": "registry.access.redhat.com/openshift3/php-55-rhel7", "tags": [ { - "name": "latest" + "name": "latest", + "from": { + "Kind": "ImageStreamTag", + "Name": "5.5" + } }, { "name": "5.5", @@ -120,8 +163,23 @@ "sampleRepo": "https://github.com/openshift/cakephp-ex.git" }, "from": { - "Kind": "ImageStreamTag", - "Name": "latest" + "Kind": "DockerImage", + "Name": "registry.access.redhat.com/openshift3/php-55-rhel7:latest" + } + }, + { + "name": "5.6", + "annotations": { + "description": "Build and run PHP 5.6 applications", + "iconClass": "icon-php", + "tags": "builder,php", + "supports":"php:5.6,php", + "version": "5.6", + "sampleRepo": "https://github.com/openshift/cakephp-ex.git" + }, + "from": { + "Kind": "DockerImage", + "Name": "registry.access.redhat.com/rhscl/php-56-rhel7:latest" } } ] @@ -135,10 +193,13 @@ "creationTimestamp": null }, "spec": { - "dockerImageRepository": "registry.access.redhat.com/openshift3/python-33-rhel7", "tags": [ { - "name": "latest" + "name": "latest", + "from": { + "Kind": "ImageStreamTag", + "Name": "3.3" + } }, { "name": "3.3", @@ -151,8 +212,38 @@ "sampleRepo": "https://github.com/openshift/django-ex.git" }, "from": { - "Kind": "ImageStreamTag", - "Name": "latest" + "Kind": "DockerImage", + "Name": "registry.access.redhat.com/openshift3/python-33-rhel7:latest" + } + }, + { + "name": "2.7", + "annotations": { + "description": "Build and run Python 2.7 applications", + "iconClass": "icon-python", + "tags": "builder,python", + "supports":"python:2.7,python", + "version": "2.7", + "sampleRepo": "https://github.com/openshift/django-ex.git" + }, + "from": { + "Kind": "DockerImage", + "Name": "registry.access.redhat.com/rhscl/python-27-rhel7:latest" + } + }, + { + "name": "3.4", + "annotations": { + "description": "Build and run Python 3.4 applications", + "iconClass": "icon-python", + "tags": "builder,python", + "supports":"python:3.4,python", + "version": "3.4", + "sampleRepo": "https://github.com/openshift/django-ex.git" + }, + "from": { + "Kind": "DockerImage", + "Name": "registry.access.redhat.com/rhscl/python-34-rhel7:latest" } } ] @@ -166,16 +257,26 @@ "creationTimestamp": null }, "spec": { - "dockerImageRepository": "registry.access.redhat.com/openshift3/mysql-55-rhel7", "tags": [ { - "name": "latest" + "name": "latest", + "from": { + "Kind": "ImageStreamTag", + "Name": "5.5" + } }, { "name": "5.5", "from": { - "Kind": "ImageStreamTag", - "Name": "latest" + "Kind": "DockerImage", + "Name": "registry.access.redhat.com/openshift3/mysql-55-rhel7:latest" + } + }, + { + "name": "5.6", + "from": { + "Kind": "DockerImage", + "Name": "registry.access.redhat.com/rhscl/mysql-56-rhel7:latest" } } ] @@ -189,16 +290,26 @@ "creationTimestamp": null }, "spec": { - "dockerImageRepository": "registry.access.redhat.com/openshift3/postgresql-92-rhel7", "tags": [ { - "name": "latest" + "name": "latest", + "from": { + "Kind": "ImageStreamTag", + "Name": "9.2" + } }, { "name": "9.2", "from": { - "Kind": "ImageStreamTag", - "Name": "latest" + "Kind": "DockerImage", + "Name": "registry.access.redhat.com/openshift3/postgresql-92-rhel7:latest" + } + }, + { + "name": "9.4", + "from": { + "Kind": "DockerImage", + "Name": "registry.access.redhat.com/rhscl/postgresql-94-rhel7:latest" } } ] @@ -212,16 +323,26 @@ "creationTimestamp": null }, "spec": { - "dockerImageRepository": "registry.access.redhat.com/openshift3/mongodb-24-rhel7", "tags": [ { - "name": "latest" + "name": "latest", + "from": { + "Kind": "ImageStreamTag", + "Name": "2.4" + } }, { "name": "2.4", "from": { - "Kind": "ImageStreamTag", - "Name": "latest" + "Kind": "DockerImage", + "Name": "registry.access.redhat.com/openshift3/mongodb-24-rhel7:latest" + } + }, + { + "name": "2.6", + "from": { + "Kind": "DockerImage", + "Name": "registry.access.redhat.com/rhscl/mongodb-26-rhel7:latest" } } ] @@ -235,16 +356,19 @@ "creationTimestamp": null }, "spec": { - "dockerImageRepository": "registry.access.redhat.com/openshift3/jenkins-1-rhel7", "tags": [ { - "name": "latest" + "name": "latest", + "from": { + "Kind": "ImageStreamTag", + "Name": "1" + } }, { "name": "1", "from": { - "Kind": "ImageStreamTag", - "Name": "latest" + "Kind": "DockerImage", + "Name": "registry.access.redhat.com/openshift3/jenkins-1-rhel7:latest" } } ] -- cgit v1.2.3 From 5561086ad55cac6605df515f09b04284890f0b2b Mon Sep 17 00:00:00 2001 From: Joel Diaz Date: Wed, 11 Nov 2015 15:28:43 -0500 Subject: Add zabbix pieces to hold AWS S3 bucket stats --- roles/os_zabbix/tasks/main.yml | 9 +++++++++ roles/os_zabbix/vars/template_aws.yml | 25 +++++++++++++++++++++++++ 2 files changed, 34 insertions(+) create mode 100644 roles/os_zabbix/vars/template_aws.yml diff --git a/roles/os_zabbix/tasks/main.yml b/roles/os_zabbix/tasks/main.yml index 82bf78b57..59c89bb02 100644 --- a/roles/os_zabbix/tasks/main.yml +++ b/roles/os_zabbix/tasks/main.yml @@ -16,6 +16,7 @@ - include_vars: template_app_zabbix_server.yml - include_vars: template_app_zabbix_agent.yml - include_vars: template_performance_copilot.yml +- include_vars: template_aws.yml - name: Include Template Heartbeat include: ../../lib_zabbix/tasks/create_template.yml @@ -88,3 +89,11 @@ server: "{{ ozb_server }}" user: "{{ ozb_user }}" password: "{{ ozb_password }}" + +- name: Include Template AWS + include: ../../lib_zabbix/tasks/create_template.yml + vars: + template: "{{ g_template_aws }}" + server: "{{ ozb_server }}" + user: "{{ ozb_user }}" + password: "{{ ozb_password }}" diff --git a/roles/os_zabbix/vars/template_aws.yml b/roles/os_zabbix/vars/template_aws.yml new file mode 100644 index 000000000..0ed682128 --- /dev/null +++ b/roles/os_zabbix/vars/template_aws.yml @@ -0,0 +1,25 @@ +--- +g_template_aws: + name: Template AWS + zdiscoveryrules: + - name: disc.aws + key: disc.aws + lifetime: 1 + description: "Dynamically register AWS bucket info" + + zitemprototypes: + - discoveryrule_key: disc.aws + name: "S3 bucket size (GB) [{#S3_BUCKET}]" + key: "disc.aws.size[{#S3_BUCKET}]" + value_type: int + description: "Size of S3 bucket" + applications: + - AWS + + - discoveryrule_key: disc.aws + name: "S3 bucket object count [{#S3_BUCKET}]" + key: "disc.aws.objects[{#S3_BUCKET}]" + value_type: int + description: "Objects in S3 bucket" + applications: + - AWS -- cgit v1.2.3 From 32596e5b6440ca7e1cc53aba36c0b4c50fa528f1 Mon Sep 17 00:00:00 2001 From: Jason DeTiberus Date: Wed, 11 Nov 2015 14:07:39 -0500 Subject: General cleanup of v3_0_to_v3_1/upgrade.yml - Reorder to push all non-changing checks first - Remove multiple plays where possible - Make formatting more consistent - Add additional comments to break up the different stages of the upgrade. - Use group names more consistently - Add package version checking to nodes --- .../upgrades/v3_0_to_v3_1/upgrade.yml | 435 +++++++++++---------- 1 file changed, 225 insertions(+), 210 deletions(-) diff --git a/playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml b/playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml index dd6979ab7..1cd7327cb 100644 --- a/playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml +++ b/playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml @@ -1,27 +1,45 @@ --- +############################################################################### +# Evaluate host groups and gather facts +############################################################################### - name: Evaluate host groups include: ../../evaluate_groups.yml -- name: Load openshift_facts from the environment - hosts: oo_masters_to_config oo_nodes_to_config oo_etcd_to_config oo_lb_to_config +- name: Load openshift_facts + hosts: oo_masters_to_config:oo_nodes_to_config:oo_etcd_to_config:oo_lb_to_config roles: - openshift_facts +- name: Evaluate etcd_hosts_to_backup + hosts: localhost + tasks: + - name: Evaluate etcd_hosts_to_backup + add_host: + name: "{{ item }}" + groups: etcd_hosts_to_backup + with_items: groups.oo_etcd_to_config if groups.oo_etcd_to_config is defined and groups.oo_etcd_to_config | length > 0 else groups.oo_first_master + + +############################################################################### +# Pre-upgrade checks +############################################################################### - name: Verify upgrade can proceed hosts: oo_first_master vars: - openshift_master_ha: "{{ groups['masters'] | length > 1 }}" + openshift_master_ha: "{{ groups.oo_masters_to_config | length > 1 }}" gather_facts: no tasks: # Pacemaker is currently the only supported upgrade path for multiple masters - fail: msg: "openshift_master_cluster_method must be set to 'pacemaker'" when: openshift_master_ha | bool and ((openshift_master_cluster_method is not defined) or (openshift_master_cluster_method is defined and openshift_master_cluster_method != "pacemaker")) + - fail: msg: > This upgrade is only supported for origin and openshift-enterprise deployment types when: deployment_type not in ['origin','openshift-enterprise'] + - fail: msg: > openshift_pkg_version is {{ openshift_pkg_version }} which is not a @@ -32,15 +50,38 @@ # which contains details for the user: - script: ../files/pre-upgrade-check -- name: Evaluate etcd_hosts_to_backup - hosts: localhost + +- name: Verify upgrade can proceed + hosts: masters:nodes tasks: - - name: Evaluate etcd_hosts_to_backup - add_host: - name: "{{ item }}" - groups: etcd_hosts_to_backup - with_items: groups.oo_etcd_to_config if groups.oo_etcd_to_config is defined and groups.oo_etcd_to_config | length > 0 else groups.oo_first_master + - name: Clean yum cache + command: yum clean all + + - set_fact: + g_new_service_name: "{{ 'origin' if deployment_type =='origin' else 'atomic-openshift' }}" + + - name: Determine available versions + script: ../files/versions.sh {{ g_new_service_name }} openshift + register: g_versions_result + + - set_fact: + g_aos_versions: "{{ g_versions_result.stdout | from_yaml }}" + + - set_fact: + g_new_version: "{{ g_aos_versions.curr_version.split('-', 1).0 if g_aos_versions.avail_version is none else g_aos_versions.avail_version.split('-', 1).0 }}" + + - fail: + msg: This playbook requires Origin 1.0.6 or later + when: deployment_type == 'origin' and g_aos_versions.curr_version | version_compare('1.0.6','<') + - fail: + msg: Atomic OpenShift 3.1 packages not found + when: g_aos_versions.curr_version | version_compare('3.0.2.900','<') and (g_aos_versions.avail_version is none or g_aos_versions.avail_version | version_compare('3.0.2.900','<')) + + +############################################################################### +# Backup etcd +############################################################################### - name: Backup etcd hosts: etcd_hosts_to_backup vars: @@ -64,15 +105,15 @@ file: src=/var/lib/openshift/ dest=/var/lib/origin state=link when: var_lib_openshift.stat.exists == True and var_lib_origin.stat.exists == False + # TODO: replace shell module with command and update later checks + # We assume to be using the data dir for all backups. - name: Check available disk space for etcd backup - # We assume to be using the data dir for all backups. - shell: > - df --output=avail -k {{ openshift.common.data_dir }} | tail -n 1 + shell: df --output=avail -k {{ openshift.common.data_dir }} | tail -n 1 register: avail_disk + # TODO: replace shell module with command and update later checks - name: Check current embedded etcd disk usage - shell: > - du -k {{ openshift.etcd.etcd_data_dir }} | tail -n 1 | cut -f1 + shell: du -k {{ openshift.etcd.etcd_data_dir }} | tail -n 1 | cut -f1 register: etcd_disk_usage when: embedded_etcd | bool @@ -98,6 +139,18 @@ msg: "Etcd backup created in {{ openshift.common.data_dir }}/etcd-backup-{{ timestamp }}" +############################################################################### +# Upgrade Masters +############################################################################### +- name: Create temp directory for syncing certs + hosts: localhost + gather_facts: no + tasks: + - name: Create local temp directory for syncing certs + local_action: command mktemp -d /tmp/openshift-ansible-XXXXXXX + register: g_master_mktemp + changed_when: False + - name: Update deployment type hosts: OSEv3 roles: @@ -108,81 +161,48 @@ local_facts: deployment_type: "{{ deployment_type }}" - -- name: Perform upgrade version checking - hosts: masters[0] +- name: Upgrade master packages and configuration + hosts: oo_masters_to_config + vars: + openshift_version: "{{ openshift_pkg_version | default('') }}" tasks: - - name: Clean yum cache - command: yum clean all - - - name: Determine available versions - script: ../files/versions.sh {{ openshift.common.service_type }} openshift - register: g_versions_result - - - set_fact: - g_aos_versions: "{{ g_versions_result.stdout | from_yaml }}" + - name: Upgrade to latest available kernel + yum: + pkg: kernel + state: latest - - set_fact: - g_new_version: "{{ g_aos_versions.curr_version.split('-', 1).0 if g_aos_versions.avail_version is none else g_aos_versions.avail_version.split('-', 1).0 }}" + - name: Upgrade master packages + command: yum update -y {{ openshift.common.service_type }}-master{{ openshift_version }} - - fail: - msg: This playbook requires Origin 1.0.6 or later - when: deployment_type == 'origin' and g_aos_versions.curr_version | version_compare('1.0.6','<') + - name: Ensure python-yaml present for config upgrade + yum: + pkg: PyYAML + state: installed - - fail: - msg: Atomic OpenShift 3.1 packages not found - when: g_aos_versions.curr_version | version_compare('3.0.2.900','<') and (g_aos_versions.avail_version is none or g_aos_versions.avail_version | version_compare('3.0.2.900','<')) + - name: Upgrade master configuration + openshift_upgrade_config: + from_version: '3.0' + to_version: '3.1' + role: master + config_base: "{{ hostvars[inventory_hostname].openshift.common.config_base }}" -- name: Upgrade masters - hosts: masters - vars: - openshift_version: "{{ openshift_pkg_version | default('') }}" - tasks: - - name: Upgrade to latest available kernel - yum: - pkg: kernel - state: latest - - - name: Upgrade master packages - command: yum update -y {{ openshift.common.service_type }}-master{{ openshift_version }} - - - name: Ensure python-yaml present for config upgrade - yum: - pkg: PyYAML - state: installed - - - name: Upgrade master configuration - openshift_upgrade_config: - from_version: '3.0' - to_version: '3.1' - role: master - config_base: "{{ hostvars[inventory_hostname].openshift.common.config_base }}" - - - set_fact: - master_certs_missing: True - master_cert_subdir: master-{{ openshift.common.hostname }} - master_cert_config_dir: "{{ openshift.common.config_base }}/master" + - set_fact: + master_certs_missing: True + master_cert_subdir: master-{{ openshift.common.hostname }} + master_cert_config_dir: "{{ openshift.common.config_base }}/master" -- name: Create temp directory for syncing certs - hosts: localhost - gather_facts: no - tasks: - - name: Create local temp directory for syncing certs - local_action: command mktemp -d /tmp/openshift-ansible-XXXXXXX - register: g_master_mktemp - changed_when: False - name: Generate missing master certificates - hosts: masters[0] + hosts: oo_first_master vars: master_hostnames: "{{ hostvars - | oo_select_keys(groups.masters) + | oo_select_keys(groups.oo_masters_to_config) | oo_collect('openshift.common.all_hostnames') | oo_flatten | unique }}" master_generated_certs_dir: "{{ openshift.common.config_base }}/generated-configs" masters_needing_certs: "{{ hostvars - | oo_select_keys(groups.masters) - | difference([groups.masters.0]) }}" + | oo_select_keys(groups.oo_masters_to_config) + | difference([groups.oo_first_master.0]) }}" sync_tmpdir: "{{ hostvars.localhost.g_master_mktemp.stdout }}" openshift_deployment_type: "{{ deployment_type }}" roles: @@ -213,56 +233,55 @@ validate_checksum: yes with_items: masters_needing_certs -- name: Sync certs and restart masters post configuration change - hosts: masters + +- name: Sync generated certs, update service config and restart master services + hosts: oo_masters_to_config vars: sync_tmpdir: "{{ hostvars.localhost.g_master_mktemp.stdout }}" - openshift_master_ha: "{{ groups['masters'] | length > 1 }}" + openshift_master_ha: "{{ groups.oo_masters_to_config | length > 1 }}" + openshift_deployment_type: "{{ deployment_type }}" tasks: - name: Unarchive the tarball on the master unarchive: src: "{{ sync_tmpdir }}/{{ master_cert_subdir }}.tgz" dest: "{{ master_cert_config_dir }}" - when: inventory_hostname != groups.masters.0 + when: inventory_hostname != groups.oo_first_master.0 - - name: Restart master services + - name: Restart master service service: name="{{ openshift.common.service_type}}-master" state=restarted when: not openshift_master_ha | bool -- name: Destroy cluster - hosts: masters[0] - vars: - openshift_master_ha: "{{ groups['masters'] | length > 1 }}" - openshift_deployment_type: "{{ deployment_type }}" - pre_tasks: + - name: Ensure the master service is enabled + service: name="{{ openshift.common.service_type}}-master" state=started enabled=yes + when: not openshift_master_ha | bool + - name: Check for configured cluster stat: path: /etc/corosync/corosync.conf register: corosync_conf when: openshift_master_ha | bool + - name: Destroy cluster command: pcs cluster destroy --all when: openshift_master_ha | bool and corosync_conf.stat.exists == true + run_once: true -- name: Start pcsd on masters - hosts: masters - vars: - openshift_master_ha: "{{ groups['masters'] | length > 1 }}" - tasks: - name: Start pcsd service: name=pcsd enabled=yes state=started when: openshift_master_ha | bool + - name: Re-create cluster - hosts: masters[0] + hosts: oo_first_master vars: - openshift_master_ha: "{{ groups['masters'] | length > 1 }}" + openshift_master_ha: "{{ groups.oo_masters_to_config | length > 1 }}" openshift_deployment_type: "{{ deployment_type }}" - omc_cluster_hosts: "{{ groups.masters | join(' ') }}" + omc_cluster_hosts: "{{ groups.oo_masters_to_config | join(' ') }}" roles: - role: openshift_master_cluster when: openshift_master_ha | bool + - name: Delete temporary directory on localhost hosts: localhost gather_facts: no @@ -271,137 +290,133 @@ changed_when: False +############################################################################### +# Upgrade Nodes +############################################################################### - name: Upgrade nodes - hosts: nodes + hosts: oo_nodes_to_config vars: openshift_version: "{{ openshift_pkg_version | default('') }}" roles: - openshift_facts tasks: - - name: Upgrade node packages - command: yum update -y {{ openshift.common.service_type }}-node{{ openshift_version }} - - name: Restart node services - service: name="{{ openshift.common.service_type }}-node" state=restarted + - name: Upgrade node packages + command: yum update -y {{ openshift.common.service_type }}-node{{ openshift_version }} -- name: Update cluster policy and policy bindings - hosts: masters[0] + - name: Restart node service + service: name="{{ openshift.common.service_type }}-node" state=restarted + + - name: Ensure node service enabled + service: name="{{ openshift.common.service_type }}-node" state=started enabled=yes + + +############################################################################### +# Post upgrade - Reconcile Cluster Roles and Cluster Role Bindings +############################################################################### +- name: Reconcile Cluster Roles and Cluster Role Bindings + hosts: oo_masters_to_config vars: origin_reconcile_bindings: "{{ deployment_type == 'origin' and g_new_version | version_compare('1.0.6', '>') }}" ent_reconcile_bindings: true + openshift_master_ha: "{{ groups.oo_masters_to_config | length > 1 }}" tasks: - - name: oadm policy reconcile-cluster-roles --confirm - command: > - {{ openshift.common.admin_binary}} --config={{ openshift.common.config_base }}/master/admin.kubeconfig - policy reconcile-cluster-roles --confirm - - - name: oadm policy reconcile-cluster-role-bindings --confirm - command: > - {{ openshift.common.admin_binary}} --config={{ openshift.common.config_base }}/master/admin.kubeconfig - policy reconcile-cluster-role-bindings - --exclude-groups=system:authenticated - --exclude-groups=system:unauthenticated - --exclude-users=system:anonymous - --additive-only=true --confirm - when: origin_reconcile_bindings | bool or ent_reconcile_bindings | bool - - -- name: Restart masters post reconcile - hosts: masters - vars: - openshift_master_ha: "{{ groups['masters'] | length > 1 }}" - tasks: - - name: Restart master services - service: name="{{ openshift.common.service_type}}-master" state=restarted - when: not openshift_master_ha | bool + - name: Reconcile Cluster Roles + command: > + {{ openshift.common.admin_binary}} --config={{ openshift.common.config_base }}/master/admin.kubeconfig + policy reconcile-cluster-roles --confirm + run_once: true -- name: Restart cluster post reconcile - hosts: masters[0] - vars: - openshift_master_ha: "{{ groups['masters'] | length > 1 }}" - tasks: - - name: Restart master cluster - command: pcs resource restart master - when: openshift_master_ha | bool - - name: Wait for the clustered master service to be available - wait_for: - host: "{{ openshift_master_cluster_vip }}" - port: 8443 - state: started - timeout: 180 - delay: 90 - when: openshift_master_ha | bool - -- name: Upgrade default router and registry - hosts: masters[0] - vars: - - registry_image: "{{ openshift.master.registry_url | replace( '${component}', 'docker-registry' ) | replace ( '${version}', 'v' + g_new_version ) }}" - - router_image: "{{ openshift.master.registry_url | replace( '${component}', 'haproxy-router' ) | replace ( '${version}', 'v' + g_new_version ) }}" - - oc_cmd: "{{ openshift.common.client_binary }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig" - tasks: - - name: Check for default router - command: > - {{ oc_cmd }} get -n default dc/router - register: _default_router - failed_when: false - changed_when: false - - name: Check for allowHostNetwork and allowHostPorts - when: _default_router.rc == 0 - shell: > - {{ oc_cmd }} get -o yaml scc/privileged | /usr/bin/grep -e allowHostPorts -e allowHostNetwork - register: _scc - - name: Grant allowHostNetwork and allowHostPorts - when: - - _default_router.rc == 0 - - "'false' in _scc.stdout" - command: > - {{ oc_cmd }} patch scc/privileged -p '{"allowHostPorts":true,"allowHostNetwork":true}' --loglevel=9 - - name: Update deployment config to 1.0.4/3.0.1 spec - when: _default_router.rc == 0 - command: > - {{ oc_cmd }} patch dc/router -p - '{"spec":{"strategy":{"rollingParams":{"updatePercent":-10},"spec":{"serviceAccount":"router","serviceAccountName":"router"}}}}' - - name: Switch to hostNetwork=true - when: _default_router.rc == 0 - command: > - {{ oc_cmd }} patch dc/router -p '{"spec":{"template":{"spec":{"hostNetwork":true}}}}' - - name: Update router image to current version - when: _default_router.rc == 0 - command: > - {{ oc_cmd }} patch dc/router -p - '{"spec":{"template":{"spec":{"containers":[{"name":"router","image":"{{ router_image }}"}]}}}}' - - - name: Check for default registry - command: > - {{ oc_cmd }} get -n default dc/docker-registry - register: _default_registry - failed_when: false - changed_when: false - - name: Update registry image to current version - when: _default_registry.rc == 0 - command: > - {{ oc_cmd }} patch dc/docker-registry -p - '{"spec":{"template":{"spec":{"containers":[{"name":"registry","image":"{{ registry_image }}"}]}}}}' - -- name: Update image streams and templates - hosts: masters[0] + - name: Reconcile Cluster Role Bindings + command: > + {{ openshift.common.admin_binary}} --config={{ openshift.common.config_base }}/master/admin.kubeconfig + policy reconcile-cluster-role-bindings + --exclude-groups=system:authenticated + --exclude-groups=system:unauthenticated + --exclude-users=system:anonymous + --additive-only=true --confirm + when: origin_reconcile_bindings | bool or ent_reconcile_bindings | bool + run_once: true + + - name: Restart master services + service: name="{{ openshift.common.service_type}}-master" state=restarted + when: not openshift_master_ha | bool + + - name: Restart master cluster + command: pcs resource restart master + when: openshift_master_ha | bool + run_once: true + + - name: Wait for the clustered master service to be available + wait_for: + host: "{{ openshift_master_cluster_vip }}" + port: 8443 + state: started + timeout: 180 + delay: 90 + when: openshift_master_ha | bool + run_once: true + + +############################################################################### +# Post upgrade - Upgrade default router, default registry and examples +############################################################################### +- name: Upgrade default router and default registry + hosts: oo_first_master vars: openshift_examples_import_command: "update" openshift_deployment_type: "{{ deployment_type }}" + registry_image: "{{ openshift.master.registry_url | replace( '${component}', 'docker-registry' ) | replace ( '${version}', 'v' + g_new_version ) }}" + router_image: "{{ openshift.master.registry_url | replace( '${component}', 'haproxy-router' ) | replace ( '${version}', 'v' + g_new_version ) }}" + oc_cmd: "{{ openshift.common.client_binary }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig" roles: - - openshift_examples + - openshift_examples + pre_tasks: + - name: Check for default router + command: > + {{ oc_cmd }} get -n default dc/router + register: _default_router + failed_when: false + changed_when: false -- name: Ensure master services enabled - hosts: masters - vars: - openshift_master_ha: "{{ groups['masters'] | length > 1 }}" - tasks: - - name: Enable master services - service: name="{{ openshift.common.service_type}}-master" state=started enabled=yes - when: not openshift_master_ha | bool + - name: Check for allowHostNetwork and allowHostPorts + when: _default_router.rc == 0 + shell: > + {{ oc_cmd }} get -o yaml scc/privileged | /usr/bin/grep -e allowHostPorts -e allowHostNetwork + register: _scc -- name: Ensure node services enabled - hosts: nodes - tasks: - - name: Restart node services - service: name="{{ openshift.common.service_type }}-node" state=started enabled=yes + - name: Grant allowHostNetwork and allowHostPorts + when: + - _default_router.rc == 0 + - "'false' in _scc.stdout" + command: > + {{ oc_cmd }} patch scc/privileged -p '{"allowHostPorts":true,"allowHostNetwork":true}' --loglevel=9 + - name: Update deployment config to 1.0.4/3.0.1 spec + when: _default_router.rc == 0 + command: > + {{ oc_cmd }} patch dc/router -p + '{"spec":{"strategy":{"rollingParams":{"updatePercent":-10},"spec":{"serviceAccount":"router","serviceAccountName":"router"}}}}' + + - name: Switch to hostNetwork=true + when: _default_router.rc == 0 + command: > + {{ oc_cmd }} patch dc/router -p '{"spec":{"template":{"spec":{"hostNetwork":true}}}}' + + - name: Update router image to current version + when: _default_router.rc == 0 + command: > + {{ oc_cmd }} patch dc/router -p + '{"spec":{"template":{"spec":{"containers":[{"name":"router","image":"{{ router_image }}"}]}}}}' + + - name: Check for default registry + command: > + {{ oc_cmd }} get -n default dc/docker-registry + register: _default_registry + failed_when: false + changed_when: false + + - name: Update registry image to current version + when: _default_registry.rc == 0 + command: > + {{ oc_cmd }} patch dc/docker-registry -p + '{"spec":{"template":{"spec":{"containers":[{"name":"registry","image":"{{ registry_image }}"}]}}}}' -- cgit v1.2.3 From 35e52819020fbf6925bbc7b43c9a5ca40e3eb6a5 Mon Sep 17 00:00:00 2001 From: Jason DeTiberus Date: Wed, 11 Nov 2015 15:27:57 -0500 Subject: Fix update error for templates that didn't previously exist --- .../common/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml b/playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml index 1cd7327cb..78797f8b8 100644 --- a/playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml +++ b/playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml @@ -363,13 +363,20 @@ - name: Upgrade default router and default registry hosts: oo_first_master vars: - openshift_examples_import_command: "update" openshift_deployment_type: "{{ deployment_type }}" registry_image: "{{ openshift.master.registry_url | replace( '${component}', 'docker-registry' ) | replace ( '${version}', 'v' + g_new_version ) }}" router_image: "{{ openshift.master.registry_url | replace( '${component}', 'haproxy-router' ) | replace ( '${version}', 'v' + g_new_version ) }}" oc_cmd: "{{ openshift.common.client_binary }} --config={{ openshift.common.config_base }}/master/admin.kubeconfig" roles: + # Create the new templates shipped in 3.1, existing templates are left + # unmodified. This prevents the subsequent role definition for + # openshift_examples from failing when trying to replace templates that do + # not already exist. We could have potentially done a replace --force to + # create and update in one step. - openshift_examples + # Update the existing templates + - role: openshift_examples + openshift_examples_import_command: replace pre_tasks: - name: Check for default router command: > -- cgit v1.2.3 From 99c5d5ad378e731acad0bcf9e3ceacc00fb1e37d Mon Sep 17 00:00:00 2001 From: Brenton Leanhardt Date: Wed, 11 Nov 2015 17:07:15 -0500 Subject: Automatic commit of package [openshift-ansible] release [3.0.10-1]. --- .tito/packages/openshift-ansible | 2 +- openshift-ansible.spec | 10 +++++++++- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/.tito/packages/openshift-ansible b/.tito/packages/openshift-ansible index abeaa06a3..260798fdf 100644 --- a/.tito/packages/openshift-ansible +++ b/.tito/packages/openshift-ansible @@ -1 +1 @@ -3.0.9-1 ./ +3.0.10-1 ./ diff --git a/openshift-ansible.spec b/openshift-ansible.spec index 8b69c4926..7eb008831 100644 --- a/openshift-ansible.spec +++ b/openshift-ansible.spec @@ -5,7 +5,7 @@ } Name: openshift-ansible -Version: 3.0.9 +Version: 3.0.10 Release: 1%{?dist} Summary: Openshift and Atomic Enterprise Ansible License: ASL 2.0 @@ -258,6 +258,14 @@ Atomic OpenShift Utilities includes %changelog +* Wed Nov 11 2015 Brenton Leanhardt 3.0.10-1 +- Fix update error for templates that didn't previously exist + (jdetiber@redhat.com) +- General cleanup of v3_0_to_v3_1/upgrade.yml (jdetiber@redhat.com) +- Add zabbix pieces to hold AWS S3 bucket stats (jdiaz@redhat.com) +- add ansible dep to vagrant doc (jdetiber@redhat.com) +- oo_filter: don't fail when attribute is not defined (tob@butter.sh) + * Wed Nov 11 2015 Brenton Leanhardt 3.0.9-1 - Refactor upgrade playbook(s) (jdetiber@redhat.com) -- cgit v1.2.3 From fd09e6f9bd13c4b8e883a3e79a00d850659f11fb Mon Sep 17 00:00:00 2001 From: Brenton Leanhardt Date: Wed, 11 Nov 2015 17:12:27 -0500 Subject: Automatic commit of package [openshift-ansible] release [3.0.11-1]. --- .tito/packages/openshift-ansible | 2 +- openshift-ansible.spec | 6 +++++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/.tito/packages/openshift-ansible b/.tito/packages/openshift-ansible index 260798fdf..f48d4c4db 100644 --- a/.tito/packages/openshift-ansible +++ b/.tito/packages/openshift-ansible @@ -1 +1 @@ -3.0.10-1 ./ +3.0.11-1 ./ diff --git a/openshift-ansible.spec b/openshift-ansible.spec index 7eb008831..d6f842ac5 100644 --- a/openshift-ansible.spec +++ b/openshift-ansible.spec @@ -5,7 +5,7 @@ } Name: openshift-ansible -Version: 3.0.10 +Version: 3.0.11 Release: 1%{?dist} Summary: Openshift and Atomic Enterprise Ansible License: ASL 2.0 @@ -258,6 +258,10 @@ Atomic OpenShift Utilities includes %changelog +* Wed Nov 11 2015 Brenton Leanhardt 3.0.11-1 +- Migrate xpaas content from pre v1.1.0 (sdodson@redhat.com) +- Import latest xpaas templates and image streams (sdodson@redhat.com) + * Wed Nov 11 2015 Brenton Leanhardt 3.0.10-1 - Fix update error for templates that didn't previously exist (jdetiber@redhat.com) -- cgit v1.2.3 From 4c09c5be50e6361cf472d0703a2cde7924a030ed Mon Sep 17 00:00:00 2001 From: Brenton Leanhardt Date: Wed, 11 Nov 2015 17:17:52 -0500 Subject: Automatic commit of package [openshift-ansible] release [3.0.12-1]. --- .tito/packages/openshift-ansible | 2 +- openshift-ansible.spec | 5 ++++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/.tito/packages/openshift-ansible b/.tito/packages/openshift-ansible index f48d4c4db..c2f5784ce 100644 --- a/.tito/packages/openshift-ansible +++ b/.tito/packages/openshift-ansible @@ -1 +1 @@ -3.0.11-1 ./ +3.0.12-1 ./ diff --git a/openshift-ansible.spec b/openshift-ansible.spec index d6f842ac5..21f624400 100644 --- a/openshift-ansible.spec +++ b/openshift-ansible.spec @@ -5,7 +5,7 @@ } Name: openshift-ansible -Version: 3.0.11 +Version: 3.0.12 Release: 1%{?dist} Summary: Openshift and Atomic Enterprise Ansible License: ASL 2.0 @@ -258,6 +258,9 @@ Atomic OpenShift Utilities includes %changelog +* Wed Nov 11 2015 Brenton Leanhardt 3.0.12-1 +- Sync with the latest image streams (sdodson@redhat.com) + * Wed Nov 11 2015 Brenton Leanhardt 3.0.11-1 - Migrate xpaas content from pre v1.1.0 (sdodson@redhat.com) - Import latest xpaas templates and image streams (sdodson@redhat.com) -- cgit v1.2.3 From d1d0bb94e2d2b12b857c51076b6b429d02f411c5 Mon Sep 17 00:00:00 2001 From: Kenny Woodson Date: Wed, 11 Nov 2015 10:25:37 -0500 Subject: adding itservice --- filter_plugins/oo_zabbix_filters.py | 51 ++++++ roles/lib_zabbix/library/zbx_itservice.py | 262 ++++++++++++++++++++++++++++++ roles/lib_zabbix/library/zbx_trigger.py | 5 +- 3 files changed, 317 insertions(+), 1 deletion(-) create mode 100644 roles/lib_zabbix/library/zbx_itservice.py diff --git a/filter_plugins/oo_zabbix_filters.py b/filter_plugins/oo_zabbix_filters.py index c44b874e8..fcfe43777 100644 --- a/filter_plugins/oo_zabbix_filters.py +++ b/filter_plugins/oo_zabbix_filters.py @@ -95,6 +95,54 @@ class FilterModule(object): return data + @staticmethod + def itservice_results_builder(data, clusters, keys): + '''Take a list of dict results, + loop through each results and create a hash + of: + [{clusterid: cluster1, key: 111 }] + ''' + r_list = [] + for cluster in clusters: + for results in data: + if cluster == results['item'][0]: + results = results['results'] + if results and len(results) > 0 and all([results[0].has_key(_key) for _key in keys]): + tmp = {} + tmp['clusterid'] = cluster + for key in keys: + tmp[key] = results[0][key] + r_list.append(tmp) + + return r_list + + @staticmethod + def itservice_dependency_builder(data, cluster): + '''Take a list of dict results, + loop through each results and create a hash + of: + [{clusterid: cluster1, key: 111 }] + ''' + r_list = [] + for dep in data: + if cluster == dep['clusterid']: + r_list.append({'name': '%s - %s' % (dep['clusterid'], dep['description']), 'dep_type': 'hard'}) + + return r_list + + @staticmethod + def itservice_dep_builder_list(data): + '''Take a list of dict results, + loop through each results and create a hash + of: + [{clusterid: cluster1, key: 111 }] + ''' + r_list = [] + for dep in data: + r_list.append({'name': '%s' % dep, 'dep_type': 'hard'}) + + return r_list + def filters(self): ''' returns a mapping of filters to methods ''' return { @@ -105,4 +153,7 @@ class FilterModule(object): "create_data": self.create_data, "oo_build_zabbix_collect": self.oo_build_zabbix_collect, "oo_remove_attr_from_list_dict": self.oo_remove_attr_from_list_dict, + "itservice_results_builder": self.itservice_results_builder, + "itservice_dependency_builder": self.itservice_dependency_builder, + "itservice_dep_builder_list": self.itservice_dep_builder_list, } diff --git a/roles/lib_zabbix/library/zbx_itservice.py b/roles/lib_zabbix/library/zbx_itservice.py new file mode 100644 index 000000000..37aea1494 --- /dev/null +++ b/roles/lib_zabbix/library/zbx_itservice.py @@ -0,0 +1,262 @@ +#!/usr/bin/env python +''' + Ansible module for zabbix itservices +''' +# vim: expandtab:tabstop=4:shiftwidth=4 +# +# Zabbix itservice ansible module +# +# +# Copyright 2015 Red Hat Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +# This is in place because each module looks similar to each other. +# These need duplicate code as their behavior is very similar +# but different for each zabbix class. +# pylint: disable=duplicate-code + +# pylint: disable=import-error +from openshift_tools.monitoring.zbxapi import ZabbixAPI, ZabbixConnection + +def exists(content, key='result'): + ''' Check if key exists in content or the size of content[key] > 0 + ''' + if not content.has_key(key): + return False + + if not content[key]: + return False + + return True + +def get_parent(dependencies): + '''Put dependencies into the proper update format''' + rval = None + for dep in dependencies: + if dep['relationship'] == 'parent': + return dep + return rval + +def format_dependencies(dependencies): + '''Put dependencies into the proper update format''' + rval = [] + for dep in dependencies: + rval.append({'dependsOnServiceid': dep['serviceid'], + 'soft': get_dependency_type(dep['dep_type']), + }) + + return rval + +def get_dependency_type(dep_type): + '''Determine the dependency type''' + rval = 0 + if 'soft' == dep_type: + rval = 1 + + return rval + +def get_service_id_by_name(zapi, dependencies): + '''Fetch the service id for an itservice''' + deps = [] + for dep in dependencies: + if dep['name'] == 'root': + deps.append(dep) + continue + + content = zapi.get_content('service', + 'get', + {'filter': {'name': dep['name']}, + 'selectDependencies': 'extend', + }) + if content.has_key('result') and content['result']: + dep['serviceid'] = content['result'][0]['serviceid'] + deps.append(dep) + + return deps + +def add_dependencies(zapi, service_name, dependencies): + '''Fetch the service id for an itservice + + Add a dependency on the parent for this current service item. + ''' + + results = get_service_id_by_name(zapi, [{'name': service_name}]) + + content = {} + for dep in dependencies: + content = zapi.get_content('service', + 'adddependencies', + {'serviceid': results[0]['serviceid'], + 'dependsOnServiceid': dep['serviceid'], + 'soft': get_dependency_type(dep['dep_type']), + }) + if content.has_key('result') and content['result']: + continue + else: + break + + return content + +def get_show_sla(inc_sla): + ''' Determine the showsla paramter + ''' + rval = 1 + if 'do not cacluate' in inc_sla: + rval = 0 + return rval + +def get_algorithm(inc_algorithm_str): + ''' + Determine which type algorithm + ''' + rval = 0 + if 'at least one' in inc_algorithm_str: + rval = 1 + elif 'all' in inc_algorithm_str: + rval = 2 + + return rval + +# The branches are needed for CRUD and error handling +# pylint: disable=too-many-branches +def main(): + ''' + ansible zabbix module for zbx_itservice + ''' + + module = AnsibleModule( + argument_spec=dict( + zbx_server=dict(default='https://localhost/zabbix/api_jsonrpc.php', type='str'), + zbx_user=dict(default=os.environ.get('ZABBIX_USER', None), type='str'), + zbx_password=dict(default=os.environ.get('ZABBIX_PASSWORD', None), type='str'), + zbx_debug=dict(default=False, type='bool'), + name=dict(default=None, type='str'), + algorithm=dict(default='do not calculate', choices=['do not calculate', 'at least one', 'all'], type='str'), + show_sla=dict(default='calculate', choices=['do not calculate', 'calculate'], type='str'), + good_sla=dict(default='99.9', type='float'), + sort_order=dict(default=1, type='int'), + state=dict(default='present', type='str'), + trigger_id=dict(default=None, type='int'), + dependencies=dict(default=[], type='list'), + dep_type=dict(default='hard', choices=['hard', 'soft'], type='str'), + ), + #supports_check_mode=True + ) + + zapi = ZabbixAPI(ZabbixConnection(module.params['zbx_server'], + module.params['zbx_user'], + module.params['zbx_password'], + module.params['zbx_debug'])) + + #Set the instance and the template for the rest of the calls + zbx_class_name = 'service' + state = module.params['state'] + + content = zapi.get_content(zbx_class_name, + 'get', + {'filter': {'name': module.params['name']}, + 'selectDependencies': 'extend', + }) + + #******# + # GET + #******# + if state == 'list': + module.exit_json(changed=False, results=content['result'], state="list") + + #******# + # DELETE + #******# + if state == 'absent': + if not exists(content): + module.exit_json(changed=False, state="absent") + + content = zapi.get_content(zbx_class_name, 'delete', [content['result'][0]['itemid']]) + module.exit_json(changed=True, results=content['result'], state="absent") + + # Create and Update + if state == 'present': + + dependencies = get_service_id_by_name(zapi, module.params['dependencies']) + params = {'name': module.params['name'], + 'algorithm': get_algorithm(module.params['algorithm']), + 'showsla': get_show_sla(module.params['show_sla']), + 'goodsla': module.params['good_sla'], + 'sortorder': module.params['sort_order'], + 'triggerid': module.params['trigger_id'] + } + + # Remove any None valued params + _ = [params.pop(key, None) for key in params.keys() if params[key] is None] + + #******# + # CREATE + #******# + if not exists(content): + content = zapi.get_content(zbx_class_name, 'create', params) + + if content.has_key('error'): + module.exit_json(failed=True, changed=True, results=content['error'], state="present") + + content = add_dependencies(zapi, module.params['name'], dependencies) + + if content.has_key('error'): + module.exit_json(failed=True, changed=True, results=content['error'], state="present") + + module.exit_json(changed=True, results=content['result'], state='present') + + + ######## + # UPDATE + ######## + params['dependencies'] = dependencies + differences = {} + zab_results = content['result'][0] + for key, value in params.items(): + + if key == 'goodsla': + if float(value) != float(zab_results[key]): + differences[key] = value + + elif key == 'dependencies': + zab_dep_ids = [item['serviceid'] for item in zab_results[key]] + user_dep_ids = [item['serviceid'] for item in dependencies] + if set(zab_dep_ids) != set(user_dep_ids): + differences[key] = format_dependencies(dependencies) + + elif zab_results[key] != value and zab_results[key] != str(value): + differences[key] = value + + if not differences: + module.exit_json(changed=False, results=zab_results, state="present") + + differences['serviceid'] = zab_results['serviceid'] + content = zapi.get_content(zbx_class_name, 'update', differences) + + if content.has_key('error'): + module.exit_json(failed=True, changed=False, results=content['error'], state="present") + + module.exit_json(changed=True, results=content['result'], state="present") + + module.exit_json(failed=True, + changed=False, + results='Unknown state passed. %s' % state, + state="unknown") + +# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled +# import module snippets. This are required +from ansible.module_utils.basic import * + +main() diff --git a/roles/lib_zabbix/library/zbx_trigger.py b/roles/lib_zabbix/library/zbx_trigger.py index ab7731faa..b5faefa70 100644 --- a/roles/lib_zabbix/library/zbx_trigger.py +++ b/roles/lib_zabbix/library/zbx_trigger.py @@ -136,6 +136,8 @@ def main(): status=dict(default=None, type='str'), state=dict(default='present', type='str'), template_name=dict(default=None, type='str'), + hostgroup_name=dict(default=None, type='str'), + query_type=dict(default='filter', choices=['filter', 'search'], type='str'), ), #supports_check_mode=True ) @@ -157,10 +159,11 @@ def main(): content = zapi.get_content(zbx_class_name, 'get', - {'filter': {'description': tname}, + {module.params['query_type']: {'description': tname}, 'expandExpression': True, 'selectDependencies': 'triggerid', 'templateids': templateid, + 'group': module.params['hostgroup_name'], }) # Get -- cgit v1.2.3