| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116 |
- kind: Template
- apiVersion: v1
- metadata:
- name: "registry-console"
- annotations:
- description: "Template for deploying registry web console. Requires cluster-admin."
- tags: infrastructure
- labels:
- createdBy: "registry-console-template"
- objects:
- - kind: DeploymentConfig
- apiVersion: v1
- metadata:
- name: "registry-console"
- labels:
- name: "registry-console"
- spec:
- triggers:
- - type: ConfigChange
- replicas: 1
- selector:
- name: "registry-console"
- template:
- metadata:
- labels:
- name: "registry-console"
- spec:
- nodeSelector:
- node-role.kubernetes.io/master: 'true'
- containers:
- - name: registry-console
- image: ${IMAGE_PREFIX}${IMAGE_BASENAME}:${IMAGE_VERSION}
- ports:
- - containerPort: 9090
- protocol: TCP
- livenessProbe:
- failureThreshold: 3
- httpGet:
- path: /ping
- port: 9090
- scheme: HTTP
- initialDelaySeconds: 10
- periodSeconds: 10
- successThreshold: 1
- timeoutSeconds: 5
- readinessProbe:
- failureThreshold: 3
- httpGet:
- path: /ping
- port: 9090
- scheme: HTTP
- periodSeconds: 10
- successThreshold: 1
- timeoutSeconds: 5
- env:
- - name: OPENSHIFT_OAUTH_PROVIDER_URL
- value: "${OPENSHIFT_OAUTH_PROVIDER_URL}"
- - name: OPENSHIFT_OAUTH_CLIENT_ID
- value: "${OPENSHIFT_OAUTH_CLIENT_ID}"
- - name: KUBERNETES_INSECURE
- value: "false"
- - name: COCKPIT_KUBE_INSECURE
- value: "false"
- - name: REGISTRY_ONLY
- value: "true"
- - name: REGISTRY_HOST
- value: "${REGISTRY_HOST}"
- - kind: Service
- apiVersion: v1
- metadata:
- name: "registry-console"
- labels:
- name: "registry-console"
- spec:
- type: ClusterIP
- ports:
- - name: registry-console
- protocol: TCP
- port: 9000
- targetPort: 9090
- selector:
- name: "registry-console"
- - kind: OAuthClient
- apiVersion: v1
- metadata:
- name: "${OPENSHIFT_OAUTH_CLIENT_ID}"
- respondWithChallenges: false
- secret: "${OPENSHIFT_OAUTH_CLIENT_SECRET}"
- redirectURIs:
- - "${COCKPIT_KUBE_URL}"
- parameters:
- - description: 'Specify "registry/repository" prefix for container image; e.g. for "registry.access.redhat.com/openshift3/registry-console:latest", set prefix "registry.access.redhat.com/openshift3/"'
- name: IMAGE_PREFIX
- value: "registry.access.redhat.com/openshift3/"
- - description: 'Specify component name for container image; e.g. for "registry.access.redhat.com/openshift3/registry-console:latest", use base name "registry-console"'
- name: IMAGE_BASENAME
- value: "registry-console"
- - description: 'Specify image version; e.g. for "registry.access.redhat.com/openshift3/registry-console:v3.10", set version "v3.10"'
- name: IMAGE_VERSION
- value: "v3.10"
- - description: "The public URL for the Openshift OAuth Provider, e.g. https://openshift.example.com:8443"
- name: OPENSHIFT_OAUTH_PROVIDER_URL
- required: true
- - description: "The registry console URL. This should be created beforehand using 'oc create route passthrough --service registry-console --port registry-console -n default', e.g. https://registry-console-default.example.com"
- name: COCKPIT_KUBE_URL
- required: true
- - description: "Oauth client secret"
- name: OPENSHIFT_OAUTH_CLIENT_SECRET
- from: "user[a-zA-Z0-9]{64}"
- generate: expression
- - description: "Oauth client id"
- name: OPENSHIFT_OAUTH_CLIENT_ID
- value: "cockpit-oauth-client"
- - description: "The integrated registry hostname exposed via route, e.g. registry.example.com"
- name: REGISTRY_HOST
- required: true
|
