--- kind: Template apiVersion: v1 metadata: annotations: description: Application template for an ephemeral authoring and testing environment, for Red Hat Process Automation Manager 7.0 iconClass: icon-jboss tags: rhpam,jboss,xpaas version: 1.4.0 openshift.io/display-name: Red Hat Process Automation Manager 7.0 ephemeral trial environment name: rhpam70-trial-ephemeral labels: template: rhpam70-trial-ephemeral xpaas: 1.4.0 message: "A new Process Automation Manager trial environment has been created. Please remember that this is an ephemeral enviornment and any work will be LOST with a simple pod restart." parameters: - displayName: Application Name description: The name for the application. name: APPLICATION_NAME value: myapp required: true - displayName: Default Password description: Default password used for multiple components for user convenience in this trial environment name: DEFAULT_PASSWORD value: RedHat required: true - displayName: EAP Admin User description: EAP administrator username name: ADMIN_USERNAME value: eapadmin required: false - displayName: KIE Admin User description: KIE administrator username name: KIE_ADMIN_USER value: adminUser required: false - displayName: KIE Server User description: KIE execution server username (Sets the org.kie.server.user system property) name: KIE_SERVER_USER value: executionUser required: false - displayName: KIE Server ID description: Business server identifier. Determines the template ID in Business Central or controller. If this parameter is left blank, it is set using the $HOSTNAME environment variable or a random value. (Sets the org.kie.server.id system property). name: KIE_SERVER_ID value: '' required: false - displayName: KIE Server Bypass Auth User description: KIE execution server bypass auth user (Sets the org.kie.server.bypass.auth.user system property) name: KIE_SERVER_BYPASS_AUTH_USER value: 'false' required: false - displayName: KIE Server Controller User description: KIE server controller username (Sets the org.kie.server.controller.user system property) name: KIE_SERVER_CONTROLLER_USER value: controllerUser required: false - displayName: KIE MBeans description: KIE execution server mbeans enabled/disabled (Sets the kie.mbeans and kie.scanner.mbeans system properties) name: KIE_MBEANS value: enabled required: false - displayName: Drools Server Filter Classes description: KIE execution server class filtering (Sets the org.drools.server.filter.classes system property) name: DROOLS_SERVER_FILTER_CLASSES value: 'true' required: false - displayName: Execution Server Custom http Route Hostname description: 'Custom hostname for http service route. Leave blank for default hostname, e.g.: -kieserver-.' name: EXECUTION_SERVER_HOSTNAME_HTTP value: '' required: false - displayName: Business Central Custom http Route Hostname description: 'Custom hostname for http service route. Leave blank for default hostname, e.g.: -rhpamcentr-.' name: BUSINESS_CENTRAL_HOSTNAME_HTTP value: '' required: false - displayName: ImageStream Namespace description: Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project. name: IMAGE_STREAM_NAMESPACE value: openshift required: true - displayName: ImageStream Tag description: A named pointer to an image in an image stream. Default is "1.0". name: IMAGE_STREAM_TAG value: "1.0" required: false - displayName: KIE Server Container Deployment description: 'KIE Server Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2' name: KIE_SERVER_CONTAINER_DEPLOYMENT value: '' required: false - displayName: Maven repository URL description: Fully qualified URL to a Maven repository or service. name: MAVEN_REPO_URL example: http://nexus.nexus-project.svc.cluster.local:8081/nexus/content/groups/public/ required: false - displayName: Maven repository username description: Username to access the Maven repository. name: MAVEN_REPO_USERNAME required: false - displayName: Maven repository password description: Password to access the Maven repository, if required. name: MAVEN_REPO_PASSWORD required: false - displayName: Username for the Maven service hosted by Business Central description: Username to access the Maven service hosted by Business Central inside EAP. name: BUSINESS_CENTRAL_MAVEN_USERNAME required: true value: mavenUser - displayName: Business Central Container Memory Limit description: Business Central Container memory limit name: BUSINESS_CENTRAL_MEMORY_LIMIT value: 2Gi required: false - displayName: Execution Server Container Memory Limit description: Execution Server Container memory limit name: EXCECUTION_SERVER_MEMORY_LIMIT value: 1Gi required: false - displayName: RH-SSO URL description: RH-SSO URL name: SSO_URL example: https://rh-sso.example.com/auth required: false - displayName: RH-SSO Realm name description: RH-SSO Realm name name: SSO_REALM required: false - displayName: Business Central RH-SSO Client name description: Business Central RH-SSO Client name name: BUSINESS_CENTRAL_SSO_CLIENT required: false - displayName: Business Central RH-SSO Client Secret description: Business Central RH-SSO Client Secret name: BUSINESS_CENTRAL_SSO_SECRET example: "252793ed-7118-4ca8-8dab-5622fa97d892" required: false - displayName: KIE Server RH-SSO Client name description: KIE Server RH-SSO Client name name: KIE_SERVER_SSO_CLIENT required: false - displayName: KIE Server RH-SSO Client Secret description: KIE Server RH-SSO Client Secret name: KIE_SERVER_SSO_SECRET example: "252793ed-7118-4ca8-8dab-5622fa97d892" required: false - displayName: RH-SSO Realm Admin Username description: RH-SSO Realm Admin Username used to create the Client if it doesn't exist name: SSO_USERNAME required: false - displayName: RH-SSO Realm Admin Password description: RH-SSO Realm Admin Password used to create the Client name: SSO_PASSWORD required: false - displayName: RH-SSO Disable SSL Certificate Validation description: RH-SSO Disable SSL Certificate Validation name: SSO_DISABLE_SSL_CERTIFICATE_VALIDATION value: "false" required: false objects: - kind: Service apiVersion: v1 spec: ports: - name: http port: 8080 targetPort: 8080 - name: git-ssh port: 8001 targetPort: 8001 selector: deploymentConfig: "${APPLICATION_NAME}-rhpamcentr" metadata: name: "${APPLICATION_NAME}-rhpamcentr" labels: application: "${APPLICATION_NAME}" service: "${APPLICATION_NAME}-rhpamcentr" annotations: description: All the Business Central web server's ports. - kind: Service apiVersion: v1 spec: ports: - port: 8080 targetPort: 8080 selector: deploymentConfig: "${APPLICATION_NAME}-kieserver" metadata: name: "${APPLICATION_NAME}-kieserver" labels: application: "${APPLICATION_NAME}" service: "${APPLICATION_NAME}-kieserver" annotations: description: All the KIE server web server's ports. - kind: Route apiVersion: v1 id: "${APPLICATION_NAME}-rhpamcentr-http" metadata: name: "${APPLICATION_NAME}-rhpamcentr" labels: application: "${APPLICATION_NAME}" service: "${APPLICATION_NAME}-rhpamcentr" annotations: description: Route for Business Central's http service. spec: host: "${BUSINESS_CENTRAL_HOSTNAME_HTTP}" to: name: "${APPLICATION_NAME}-rhpamcentr" port: targetPort: http - kind: Route apiVersion: v1 id: "${APPLICATION_NAME}-kieserver-http" metadata: name: "${APPLICATION_NAME}-kieserver" labels: application: "${APPLICATION_NAME}" service: "${APPLICATION_NAME}-kieserver" annotations: description: Route for execution server's http service. spec: host: "${EXECUTION_SERVER_HOSTNAME_HTTP}" to: name: "${APPLICATION_NAME}-kieserver" - kind: DeploymentConfig apiVersion: v1 metadata: name: "${APPLICATION_NAME}-rhpamcentr" labels: application: "${APPLICATION_NAME}" service: "${APPLICATION_NAME}-rhpamcentr" spec: strategy: type: Recreate triggers: - type: ImageChange imageChangeParams: automatic: true containerNames: - "${APPLICATION_NAME}-rhpamcentr" from: kind: ImageStreamTag namespace: "${IMAGE_STREAM_NAMESPACE}" name: "rhpam70-businesscentral-openshift:${IMAGE_STREAM_TAG}" - type: ConfigChange replicas: 1 selector: deploymentConfig: "${APPLICATION_NAME}-rhpamcentr" template: metadata: name: "${APPLICATION_NAME}-rhpamcentr" labels: deploymentConfig: "${APPLICATION_NAME}-rhpamcentr" application: "${APPLICATION_NAME}" service: "${APPLICATION_NAME}-rhpamcentr" spec: terminationGracePeriodSeconds: 60 containers: - name: "${APPLICATION_NAME}-rhpamcentr" image: rhpam70-businesscentral-openshift imagePullPolicy: Always resources: limits: memory: "${BUSINESS_CENTRAL_MEMORY_LIMIT}" livenessProbe: exec: command: - "/bin/bash" - "-c" - "curl --fail --silent -u '${KIE_ADMIN_USER}:${KIE_ADMIN_PWD}' http://localhost:8080/kie-wb.jsp" initialDelaySeconds: 180 timeoutSeconds: 2 periodSeconds: 15 readinessProbe: exec: command: - "/bin/bash" - "-c" - "curl --fail --silent -u '${KIE_ADMIN_USER}:${KIE_ADMIN_PWD}' http://localhost:8080/kie-wb.jsp" initialDelaySeconds: 60 timeoutSeconds: 2 periodSeconds: 30 failureThreshold: 6 ports: - name: jolokia containerPort: 8778 protocol: TCP - name: http containerPort: 8080 protocol: TCP - name: git-ssh containerPort: 8001 protocol: TCP env: - name: KIE_ADMIN_USER value: "${KIE_ADMIN_USER}" - name: KIE_ADMIN_PWD value: "${DEFAULT_PASSWORD}" - name: KIE_MBEANS value: "${KIE_MBEANS}" - name: KIE_SERVER_CONTROLLER_USER value: "${KIE_SERVER_CONTROLLER_USER}" - name: KIE_SERVER_CONTROLLER_PWD value: "${DEFAULT_PASSWORD}" - name: KIE_SERVER_USER value: "${KIE_SERVER_USER}" - name: KIE_SERVER_PWD value: "${DEFAULT_PASSWORD}" - name: MAVEN_REPO_URL value: "${MAVEN_REPO_URL}" - name: MAVEN_REPO_USERNAME value: "${MAVEN_REPO_USERNAME}" - name: MAVEN_REPO_PASSWORD value: "${MAVEN_REPO_PASSWORD}" - name: KIE_MAVEN_USER value: "${BUSINESS_CENTRAL_MAVEN_USERNAME}" - name: KIE_MAVEN_PWD value: "${DEFAULT_PASSWORD}" - name: ADMIN_USERNAME value: "${ADMIN_USERNAME}" - name: ADMIN_PASSWORD value: "${DEFAULT_PASSWORD}" - name: PROBE_IMPL value: probe.eap.jolokia.EapProbe - name: PROBE_DISABLE_BOOT_ERRORS_CHECK value: 'true' - name: SSO_URL value: "${SSO_URL}" - name: SSO_OPENIDCONNECT_DEPLOYMENTS value: "ROOT.war" - name: SSO_REALM value: "${SSO_REALM}" - name: SSO_SECRET value: "${BUSINESS_CENTRAL_SSO_SECRET}" - name: SSO_CLIENT value: "${BUSINESS_CENTRAL_SSO_CLIENT}" - name: SSO_USERNAME value: "${SSO_USERNAME}" - name: SSO_PASSWORD value: "${SSO_PASSWORD}" - name: SSO_DISABLE_SSL_CERTIFICATE_VALIDATION value: "${SSO_DISABLE_SSL_CERTIFICATE_VALIDATION}" - name: HOSTNAME_HTTP value: "${BUSINESS_CENTRAL_HOSTNAME_HTTP}" - kind: DeploymentConfig apiVersion: v1 metadata: name: "${APPLICATION_NAME}-kieserver" labels: application: "${APPLICATION_NAME}" service: "${APPLICATION_NAME}-kieserver" spec: strategy: type: Recreate triggers: - type: ImageChange imageChangeParams: automatic: true containerNames: - "${APPLICATION_NAME}-kieserver" from: kind: ImageStreamTag namespace: "${IMAGE_STREAM_NAMESPACE}" name: "rhpam70-kieserver-openshift:${IMAGE_STREAM_TAG}" - type: ConfigChange replicas: 1 selector: deploymentConfig: "${APPLICATION_NAME}-kieserver" template: metadata: name: "${APPLICATION_NAME}-kieserver" labels: deploymentConfig: "${APPLICATION_NAME}-kieserver" application: "${APPLICATION_NAME}" service: "${APPLICATION_NAME}-kieserver" spec: terminationGracePeriodSeconds: 60 containers: - name: "${APPLICATION_NAME}-kieserver" image: rhpam70-kieserver-openshift imagePullPolicy: Always resources: limits: memory: "${EXCECUTION_SERVER_MEMORY_LIMIT}" livenessProbe: exec: command: - "/bin/bash" - "-c" - "curl --fail --silent -u ${KIE_ADMIN_USER}:${DEFAULT_PASSWORD} http://localhost:8080/services/rest/server/healthcheck" initialDelaySeconds: 180 timeoutSeconds: 2 periodSeconds: 15 failureThreshold: 3 readinessProbe: exec: command: - "/bin/bash" - "-c" - "curl --fail --silent -u ${KIE_ADMIN_USER}:${DEFAULT_PASSWORD} http://localhost:8080/services/rest/server/readycheck" initialDelaySeconds: 60 timeoutSeconds: 2 periodSeconds: 30 failureThreshold: 6 ports: - name: jolokia containerPort: 8778 protocol: TCP - name: http containerPort: 8080 protocol: TCP env: - name: DROOLS_SERVER_FILTER_CLASSES value: "${DROOLS_SERVER_FILTER_CLASSES}" - name: KIE_ADMIN_USER value: "${KIE_ADMIN_USER}" - name: KIE_ADMIN_PWD value: "${DEFAULT_PASSWORD}" - name: KIE_MBEANS value: "${KIE_MBEANS}" - name: KIE_SERVER_BYPASS_AUTH_USER value: "${KIE_SERVER_BYPASS_AUTH_USER}" - name: KIE_SERVER_CONTROLLER_USER value: "${KIE_SERVER_CONTROLLER_USER}" - name: KIE_SERVER_CONTROLLER_PWD value: "${DEFAULT_PASSWORD}" - name: KIE_SERVER_CONTROLLER_SERVICE value: "${APPLICATION_NAME}-rhpamcentr" - name: KIE_SERVER_ID value: "${KIE_SERVER_ID}" - name: KIE_SERVER_HOST valueFrom: fieldRef: fieldPath: status.podIP - name: KIE_SERVER_USER value: "${KIE_SERVER_USER}" - name: KIE_SERVER_PWD value: "${DEFAULT_PASSWORD}" - name: KIE_SERVER_CONTAINER_DEPLOYMENT value: "${KIE_SERVER_CONTAINER_DEPLOYMENT}" - name: MAVEN_REPOS value: "RHPAMCENTR,EXTERNAL" - name: RHPAMCENTR_MAVEN_REPO_SERVICE value: "${APPLICATION_NAME}-rhpamcentr" - name: RHPAMCENTR_MAVEN_REPO_PATH value: "/maven2/" - name: RHPAMCENTR_MAVEN_REPO_USERNAME value: "${BUSINESS_CENTRAL_MAVEN_USERNAME}" - name: RHPAMCENTR_MAVEN_REPO_PASSWORD value: "${DEFAULT_PASSWORD}" - name: EXTERNAL_MAVEN_REPO_URL value: "${MAVEN_REPO_URL}" - name: EXTERNAL_MAVEN_REPO_USERNAME value: "${MAVEN_REPO_USERNAME}" - name: MAVEN_REPO_PASSWORD value: "${MAVEN_REPO_USERNAME}" - name: SSO_URL value: "${SSO_URL}" - name: SSO_OPENIDCONNECT_DEPLOYMENTS value: "ROOT.war" - name: SSO_REALM value: "${SSO_REALM}" - name: SSO_SECRET value: "${KIE_SERVER_SSO_SECRET}" - name: SSO_CLIENT value: "${KIE_SERVER_SSO_CLIENT}" - name: SSO_USERNAME value: "${SSO_USERNAME}" - name: SSO_PASSWORD value: "${SSO_PASSWORD}" - name: SSO_DISABLE_SSL_CERTIFICATE_VALIDATION value: "${SSO_DISABLE_SSL_CERTIFICATE_VALIDATION}" - name: HOSTNAME_HTTP value: "${EXECUTION_SERVER_HOSTNAME_HTTP}"