okd/roles/openshift_management/files/templates/manageiq/miq-template.yaml

apiVersion: v1
kind: Template
labels:
  template: manageiq
metadata:
  name: manageiq
  annotations:
    description: ManageIQ appliance with persistent storage
    tags: instant-app,manageiq,miq
    iconClass: icon-rails
objects:
- apiVersion: v1
  kind: ServiceAccount
  metadata:
    name: miq-orchestrator
- apiVersion: v1
  kind: ServiceAccount
  metadata:
    name: miq-anyuid
- apiVersion: v1
  kind: ServiceAccount
  metadata:
    name: miq-privileged
- apiVersion: v1
  kind: ServiceAccount
  metadata:
    name: miq-httpd
- apiVersion: v1
  kind: Secret
  metadata:
    name: "${NAME}-secrets"
  stringData:
    pg-password: "${DATABASE_PASSWORD}"
    database-url: postgresql://${DATABASE_USER}:${DATABASE_PASSWORD}@${DATABASE_SERVICE_NAME}/${DATABASE_NAME}?encoding=utf8&pool=5&wait_timeout=5
    v2-key: "${V2_KEY}"
- apiVersion: v1
  kind: Secret
  metadata:
    name: "${ANSIBLE_SERVICE_NAME}-secrets"
  stringData:
    rabbit-password: "${ANSIBLE_RABBITMQ_PASSWORD}"
    secret-key: "${ANSIBLE_SECRET_KEY}"
    admin-password: "${ANSIBLE_ADMIN_PASSWORD}"
- apiVersion: v1
  kind: ConfigMap
  metadata:
    name: "${DATABASE_SERVICE_NAME}-configs"
  data:
    01_miq_overrides.conf: |
      #------------------------------------------------------------------------------
      # CONNECTIONS AND AUTHENTICATION
      #------------------------------------------------------------------------------

      tcp_keepalives_count = 9
      tcp_keepalives_idle = 3
      tcp_keepalives_interval = 75

      #------------------------------------------------------------------------------
      # RESOURCE USAGE (except WAL)
      #------------------------------------------------------------------------------

      shared_preload_libraries = 'pglogical,repmgr_funcs'
      max_worker_processes = 10

      #------------------------------------------------------------------------------
      # WRITE AHEAD LOG
      #------------------------------------------------------------------------------

      wal_level = 'logical'
      wal_log_hints = on
      wal_buffers = 16MB
      checkpoint_completion_target = 0.9

      #------------------------------------------------------------------------------
      # REPLICATION
      #------------------------------------------------------------------------------

      max_wal_senders = 10
      wal_sender_timeout = 0
      max_replication_slots = 10
      hot_standby = on

      #------------------------------------------------------------------------------
      # ERROR REPORTING AND LOGGING
      #------------------------------------------------------------------------------

      log_filename = 'postgresql.log'
      log_rotation_age = 0
      log_min_duration_statement = 5000
      log_connections = on
      log_disconnections = on
      log_line_prefix = '%t:%r:%c:%u@%d:[%p]:'
      log_lock_waits = on

      #------------------------------------------------------------------------------
      # AUTOVACUUM PARAMETERS
      #------------------------------------------------------------------------------

      log_autovacuum_min_duration = 0
      autovacuum_naptime = 5min
      autovacuum_vacuum_threshold = 500
      autovacuum_analyze_threshold = 500
      autovacuum_vacuum_scale_factor = 0.05

      #------------------------------------------------------------------------------
      # LOCK MANAGEMENT
      #------------------------------------------------------------------------------

      deadlock_timeout = 5s

      #------------------------------------------------------------------------------
      # VERSION/PLATFORM COMPATIBILITY
      #------------------------------------------------------------------------------

      escape_string_warning = off
      standard_conforming_strings = off
- apiVersion: v1
  kind: ConfigMap
  metadata:
    name: "${HTTPD_SERVICE_NAME}-configs"
  data:
    application.conf: |
      # Timeout: The number of seconds before receives and sends time out.
      Timeout 120

      RewriteEngine On
      Options SymLinksIfOwnerMatch

      <VirtualHost *:80>
        KeepAlive on
        ProxyPreserveHost on
        ProxyPass        /ws/ ws://${NAME}/ws/
        ProxyPassReverse /ws/ ws://${NAME}/ws/
        ProxyPass        / http://${NAME}/
        ProxyPassReverse / http://${NAME}/
      </VirtualHost>
- apiVersion: v1
  kind: ConfigMap
  metadata:
    name: "${HTTPD_SERVICE_NAME}-auth-configs"
  data:
    auth-type: internal
    auth-configuration.conf: |
      # External Authentication Configuration File
      #
      # For details on usage please see https://github.com/ManageIQ/manageiq-pods/blob/master/README.md#configuring-external-authentication
- apiVersion: v1
  kind: Service
  metadata:
    annotations:
      description: Exposes and load balances ManageIQ pods
      service.alpha.openshift.io/dependencies: '[{"name":"${DATABASE_SERVICE_NAME}","namespace":"","kind":"Service"},{"name":"${MEMCACHED_SERVICE_NAME}","namespace":"","kind":"Service"}]'
    name: "${NAME}"
  spec:
    clusterIP: None
    ports:
    - name: http
      port: 80
      protocol: TCP
      targetPort: 80
    selector:
      name: "${NAME}"
- apiVersion: v1
  kind: Route
  metadata:
    name: "${HTTPD_SERVICE_NAME}"
  spec:
    host: "${APPLICATION_DOMAIN}"
    port:
      targetPort: http
    tls:
      termination: edge
      insecureEdgeTerminationPolicy: Redirect
    to:
      kind: Service
      name: "${HTTPD_SERVICE_NAME}"
- apiVersion: v1
  kind: PersistentVolumeClaim
  metadata:
    name: "${NAME}-${DATABASE_SERVICE_NAME}"
  spec:
    accessModes:
    - ReadWriteOnce
    resources:
      requests:
        storage: "${DATABASE_VOLUME_CAPACITY}"
- apiVersion: apps/v1beta1
  kind: StatefulSet
  metadata:
    name: "${NAME}"
    annotations:
      description: Defines how to deploy the ManageIQ appliance
  spec:
    serviceName: "${NAME}"
    replicas: "${APPLICATION_REPLICA_COUNT}"
    template:
      metadata:
        labels:
          name: "${NAME}"
        name: "${NAME}"
      spec:
        containers:
        - name: manageiq
          image: "${APPLICATION_IMG_NAME}:${FRONTEND_APPLICATION_IMG_TAG}"
          livenessProbe:
            tcpSocket:
              port: 80
            initialDelaySeconds: 480
            timeoutSeconds: 3
          readinessProbe:
            httpGet:
              path: "/"
              port: 80
              scheme: HTTP
            initialDelaySeconds: 200
            timeoutSeconds: 3
          ports:
          - containerPort: 80
            protocol: TCP
          volumeMounts:
          - name: "${NAME}-server"
            mountPath: "/persistent"
          env:
          - name: MY_POD_NAMESPACE
            valueFrom:
              fieldRef:
                fieldPath: metadata.namespace
          - name: APPLICATION_INIT_DELAY
            value: "${APPLICATION_INIT_DELAY}"
          - name: DATABASE_SERVICE_NAME
            value: "${DATABASE_SERVICE_NAME}"
          - name: DATABASE_REGION
            value: "${DATABASE_REGION}"
          - name: DATABASE_URL
            valueFrom:
              secretKeyRef:
                name: "${NAME}-secrets"
                key: database-url
          - name: MEMCACHED_SERVER
            value: "${MEMCACHED_SERVICE_NAME}:11211"
          - name: MEMCACHED_SERVICE_NAME
            value: "${MEMCACHED_SERVICE_NAME}"
          - name: V2_KEY
            valueFrom:
              secretKeyRef:
                name: "${NAME}-secrets"
                key: v2-key
          - name: ANSIBLE_SERVICE_NAME
            value: "${ANSIBLE_SERVICE_NAME}"
          - name: ANSIBLE_ADMIN_PASSWORD
            valueFrom:
              secretKeyRef:
                name: "${ANSIBLE_SERVICE_NAME}-secrets"
                key: admin-password
          resources:
            requests:
              memory: "${APPLICATION_MEM_REQ}"
              cpu: "${APPLICATION_CPU_REQ}"
            limits:
              memory: "${APPLICATION_MEM_LIMIT}"
          lifecycle:
            preStop:
              exec:
                command:
                - "/opt/manageiq/container-scripts/sync-pv-data"
        serviceAccount: miq-orchestrator
        serviceAccountName: miq-orchestrator
        terminationGracePeriodSeconds: 90
    volumeClaimTemplates:
    - metadata:
        name: "${NAME}-server"
        annotations:
      spec:
        accessModes:
        - ReadWriteOnce
        resources:
          requests:
            storage: "${APPLICATION_VOLUME_CAPACITY}"
- apiVersion: v1
  kind: Service
  metadata:
    annotations:
      description: Headless service for ManageIQ backend pods
    name: "${NAME}-backend"
  spec:
    clusterIP: None
    selector:
      name: "${NAME}-backend"
- apiVersion: apps/v1beta1
  kind: StatefulSet
  metadata:
    name: "${NAME}-backend"
    annotations:
      description: Defines how to deploy the ManageIQ appliance
  spec:
    serviceName: "${NAME}-backend"
    replicas: 0
    template:
      metadata:
        labels:
          name: "${NAME}-backend"
        name: "${NAME}-backend"
      spec:
        containers:
        - name: manageiq
          image: "${APPLICATION_IMG_NAME}:${BACKEND_APPLICATION_IMG_TAG}"
          livenessProbe:
            exec:
              command:
              - pidof
              - MIQ Server
            initialDelaySeconds: 480
            timeoutSeconds: 3
          volumeMounts:
          - name: "${NAME}-server"
            mountPath: "/persistent"
          env:
          - name: APPLICATION_INIT_DELAY
            value: "${APPLICATION_INIT_DELAY}"
          - name: DATABASE_URL
            valueFrom:
              secretKeyRef:
                name: "${NAME}-secrets"
                key: database-url
          - name: MIQ_SERVER_DEFAULT_ROLES
            value: database_operations,event,reporting,scheduler,smartstate,ems_operations,ems_inventory,automate
          - name: FRONTEND_SERVICE_NAME
            value: "${NAME}"
          - name: MEMCACHED_SERVER
            value: "${MEMCACHED_SERVICE_NAME}:11211"
          - name: V2_KEY
            valueFrom:
              secretKeyRef:
                name: "${NAME}-secrets"
                key: v2-key
          - name: ANSIBLE_SERVICE_NAME
            value: "${ANSIBLE_SERVICE_NAME}"
          - name: ANSIBLE_ADMIN_PASSWORD
            valueFrom:
              secretKeyRef:
                name: "${ANSIBLE_SERVICE_NAME}-secrets"
                key: admin-password
          resources:
            requests:
              memory: "${APPLICATION_MEM_REQ}"
              cpu: "${APPLICATION_CPU_REQ}"
            limits:
              memory: "${APPLICATION_MEM_LIMIT}"
          lifecycle:
            preStop:
              exec:
                command:
                - "/opt/manageiq/container-scripts/sync-pv-data"
        serviceAccount: miq-orchestrator
        serviceAccountName: miq-orchestrator
        terminationGracePeriodSeconds: 90
    volumeClaimTemplates:
    - metadata:
        name: "${NAME}-server"
        annotations:
      spec:
        accessModes:
        - ReadWriteOnce
        resources:
          requests:
            storage: "${APPLICATION_VOLUME_CAPACITY}"
- apiVersion: v1
  kind: Service
  metadata:
    name: "${MEMCACHED_SERVICE_NAME}"
    annotations:
      description: Exposes the memcached server
  spec:
    ports:
    - name: memcached
      port: 11211
      targetPort: 11211
    selector:
      name: "${MEMCACHED_SERVICE_NAME}"
- apiVersion: v1
  kind: DeploymentConfig
  metadata:
    name: "${MEMCACHED_SERVICE_NAME}"
    annotations:
      description: Defines how to deploy memcached
  spec:
    strategy:
      type: Recreate
    triggers:
    - type: ConfigChange
    replicas: 1
    selector:
      name: "${MEMCACHED_SERVICE_NAME}"
    template:
      metadata:
        name: "${MEMCACHED_SERVICE_NAME}"
        labels:
          name: "${MEMCACHED_SERVICE_NAME}"
      spec:
        volumes: []
        containers:
        - name: memcached
          image: "${MEMCACHED_IMG_NAME}:${MEMCACHED_IMG_TAG}"
          ports:
          - containerPort: 11211
          readinessProbe:
            timeoutSeconds: 1
            initialDelaySeconds: 5
            tcpSocket:
              port: 11211
          livenessProbe:
            timeoutSeconds: 1
            initialDelaySeconds: 30
            tcpSocket:
              port: 11211
          volumeMounts: []
          env:
          - name: MEMCACHED_MAX_MEMORY
            value: "${MEMCACHED_MAX_MEMORY}"
          - name: MEMCACHED_MAX_CONNECTIONS
            value: "${MEMCACHED_MAX_CONNECTIONS}"
          - name: MEMCACHED_SLAB_PAGE_SIZE
            value: "${MEMCACHED_SLAB_PAGE_SIZE}"
          resources:
            requests:
              memory: "${MEMCACHED_MEM_REQ}"
              cpu: "${MEMCACHED_CPU_REQ}"
            limits:
              memory: "${MEMCACHED_MEM_LIMIT}"
- apiVersion: v1
  kind: Service
  metadata:
    name: "${DATABASE_SERVICE_NAME}"
    annotations:
      description: Exposes the database server
  spec:
    ports:
    - name: postgresql
      port: 5432
      targetPort: 5432
    selector:
      name: "${DATABASE_SERVICE_NAME}"
- apiVersion: v1
  kind: DeploymentConfig
  metadata:
    name: "${DATABASE_SERVICE_NAME}"
    annotations:
      description: Defines how to deploy the database
  spec:
    strategy:
      type: Recreate
    triggers:
    - type: ConfigChange
    replicas: 1
    selector:
      name: "${DATABASE_SERVICE_NAME}"
    template:
      metadata:
        name: "${DATABASE_SERVICE_NAME}"
        labels:
          name: "${DATABASE_SERVICE_NAME}"
      spec:
        volumes:
        - name: miq-pgdb-volume
          persistentVolumeClaim:
            claimName: "${NAME}-${DATABASE_SERVICE_NAME}"
        - name: miq-pg-configs
          configMap:
            name: "${DATABASE_SERVICE_NAME}-configs"
        containers:
        - name: postgresql
          image: "${POSTGRESQL_IMG_NAME}:${POSTGRESQL_IMG_TAG}"
          ports:
          - containerPort: 5432
          readinessProbe:
            timeoutSeconds: 1
            initialDelaySeconds: 15
            exec:
              command:
              - "/bin/sh"
              - "-i"
              - "-c"
              - psql -h 127.0.0.1 -U ${POSTGRESQL_USER} -q -d ${POSTGRESQL_DATABASE} -c 'SELECT 1'
          livenessProbe:
            timeoutSeconds: 1
            initialDelaySeconds: 60
            tcpSocket:
              port: 5432
          volumeMounts:
          - name: miq-pgdb-volume
            mountPath: "/var/lib/pgsql/data"
          - name: miq-pg-configs
            mountPath: "${POSTGRESQL_CONFIG_DIR}"
          env:
          - name: POSTGRESQL_USER
            value: "${DATABASE_USER}"
          - name: POSTGRESQL_PASSWORD
            valueFrom:
              secretKeyRef:
                name: "${NAME}-secrets"
                key: pg-password
          - name: POSTGRESQL_DATABASE
            value: "${DATABASE_NAME}"
          - name: POSTGRESQL_MAX_CONNECTIONS
            value: "${POSTGRESQL_MAX_CONNECTIONS}"
          - name: POSTGRESQL_SHARED_BUFFERS
            value: "${POSTGRESQL_SHARED_BUFFERS}"
          - name: POSTGRESQL_CONFIG_DIR
            value: "${POSTGRESQL_CONFIG_DIR}"
          resources:
            requests:
              memory: "${POSTGRESQL_MEM_REQ}"
              cpu: "${POSTGRESQL_CPU_REQ}"
            limits:
              memory: "${POSTGRESQL_MEM_LIMIT}"
- apiVersion: v1
  kind: Service
  metadata:
    annotations:
      description: Exposes and load balances Ansible pods
      service.alpha.openshift.io/dependencies: '[{"name":"${DATABASE_SERVICE_NAME}","namespace":"","kind":"Service"}]'
    name: "${ANSIBLE_SERVICE_NAME}"
  spec:
    ports:
    - name: http
      port: 80
      protocol: TCP
      targetPort: 80
    - name: https
      port: 443
      protocol: TCP
      targetPort: 443
    selector:
      name: "${ANSIBLE_SERVICE_NAME}"
- apiVersion: v1
  kind: DeploymentConfig
  metadata:
    name: "${ANSIBLE_SERVICE_NAME}"
    annotations:
      description: Defines how to deploy the Ansible appliance
  spec:
    strategy:
      type: Recreate
    serviceName: "${ANSIBLE_SERVICE_NAME}"
    replicas: 0
    template:
      metadata:
        labels:
          name: "${ANSIBLE_SERVICE_NAME}"
        name: "${ANSIBLE_SERVICE_NAME}"
      spec:
        containers:
        - name: ansible
          image: "${ANSIBLE_IMG_NAME}:${ANSIBLE_IMG_TAG}"
          livenessProbe:
            tcpSocket:
              port: 443
            initialDelaySeconds: 480
            timeoutSeconds: 3
          readinessProbe:
            httpGet:
              path: "/"
              port: 443
              scheme: HTTPS
            initialDelaySeconds: 200
            timeoutSeconds: 3
          ports:
          - containerPort: 80
            protocol: TCP
          - containerPort: 443
            protocol: TCP
          securityContext:
            privileged: true
          env:
          - name: ADMIN_PASSWORD
            valueFrom:
              secretKeyRef:
                name: "${ANSIBLE_SERVICE_NAME}-secrets"
                key: admin-password
          - name: RABBITMQ_USER_NAME
            value: "${ANSIBLE_RABBITMQ_USER_NAME}"
          - name: RABBITMQ_PASSWORD
            valueFrom:
              secretKeyRef:
                name: "${ANSIBLE_SERVICE_NAME}-secrets"
                key: rabbit-password
          - name: ANSIBLE_SECRET_KEY
            valueFrom:
              secretKeyRef:
                name: "${ANSIBLE_SERVICE_NAME}-secrets"
                key: secret-key
          - name: DATABASE_SERVICE_NAME
            value: "${DATABASE_SERVICE_NAME}"
          - name: POSTGRESQL_USER
            value: "${DATABASE_USER}"
          - name: POSTGRESQL_PASSWORD
            valueFrom:
              secretKeyRef:
                name: "${NAME}-secrets"
                key: pg-password
          - name: POSTGRESQL_DATABASE
            value: "${ANSIBLE_DATABASE_NAME}"
          resources:
            requests:
              memory: "${ANSIBLE_MEM_REQ}"
              cpu: "${ANSIBLE_CPU_REQ}"
            limits:
              memory: "${ANSIBLE_MEM_LIMIT}"
        serviceAccount: miq-privileged
        serviceAccountName: miq-privileged
- apiVersion: v1
  kind: Service
  metadata:
    name: "${HTTPD_SERVICE_NAME}"
    annotations:
      description: Exposes the httpd server
      service.alpha.openshift.io/dependencies: '[{"name":"${NAME}","namespace":"","kind":"Service"}]'
  spec:
    ports:
    - name: http
      port: 80
      targetPort: 80
    selector:
      name: httpd
- apiVersion: v1
  kind: DeploymentConfig
  metadata:
    name: "${HTTPD_SERVICE_NAME}"
    annotations:
      description: Defines how to deploy httpd
  spec:
    strategy:
      type: Recreate
      recreateParams:
        timeoutSeconds: 1200
    triggers:
    - type: ConfigChange
    replicas: 1
    selector:
      name: "${HTTPD_SERVICE_NAME}"
    template:
      metadata:
        name: "${HTTPD_SERVICE_NAME}"
        labels:
          name: "${HTTPD_SERVICE_NAME}"
      spec:
        volumes:
        - name: httpd-config
          configMap:
            name: "${HTTPD_SERVICE_NAME}-configs"
        - name: httpd-auth-config
          configMap:
            name: "${HTTPD_SERVICE_NAME}-auth-configs"
        containers:
        - name: httpd
          image: "${HTTPD_IMG_NAME}:${HTTPD_IMG_TAG}"
          ports:
          - containerPort: 80
          livenessProbe:
            exec:
              command:
              - pidof
              - httpd
            initialDelaySeconds: 15
            timeoutSeconds: 3
          readinessProbe:
            tcpSocket:
              port: 80
            initialDelaySeconds: 10
            timeoutSeconds: 3
          volumeMounts:
          - name: httpd-config
            mountPath: "${HTTPD_CONFIG_DIR}"
          - name: httpd-auth-config
            mountPath: "${HTTPD_AUTH_CONFIG_DIR}"
          resources:
            requests:
              memory: "${HTTPD_MEM_REQ}"
              cpu: "${HTTPD_CPU_REQ}"
            limits:
              memory: "${HTTPD_MEM_LIMIT}"
          env:
          - name: HTTPD_AUTH_TYPE
            valueFrom:
              configMapKeyRef:
                name: "${HTTPD_SERVICE_NAME}-auth-configs"
                key: auth-type
          lifecycle:
            postStart:
              exec:
                command:
                - "/usr/bin/save-container-environment"
        serviceAccount: miq-anyuid
        serviceAccountName: miq-anyuid
parameters:
- name: NAME
  displayName: Name
  required: true
  description: The name assigned to all of the frontend objects defined in this template.
  value: manageiq
- name: V2_KEY
  displayName: ManageIQ Encryption Key
  required: true
  description: Encryption Key for ManageIQ Passwords
  from: "[a-zA-Z0-9]{43}"
  generate: expression
- name: DATABASE_SERVICE_NAME
  displayName: PostgreSQL Service Name
  required: true
  description: The name of the OpenShift Service exposed for the PostgreSQL container.
  value: postgresql
- name: DATABASE_USER
  displayName: PostgreSQL User
  required: true
  description: PostgreSQL user that will access the database.
  value: root
- name: DATABASE_PASSWORD
  displayName: PostgreSQL Password
  required: true
  description: Password for the PostgreSQL user.
  from: "[a-zA-Z0-9]{8}"
  generate: expression
- name: DATABASE_NAME
  required: true
  displayName: PostgreSQL Database Name
  description: Name of the PostgreSQL database accessed.
  value: vmdb_production
- name: DATABASE_REGION
  required: true
  displayName: Application Database Region
  description: Database region that will be used for application.
  value: '0'
- name: ANSIBLE_DATABASE_NAME
  displayName: Ansible PostgreSQL database name
  required: true
  description: The database to be used by the Ansible continer
  value: awx
- name: MEMCACHED_SERVICE_NAME
  required: true
  displayName: Memcached Service Name
  description: The name of the OpenShift Service exposed for the Memcached container.
  value: memcached
- name: MEMCACHED_MAX_MEMORY
  displayName: Memcached Max Memory
  description: Memcached maximum memory for memcached object storage in MB.
  value: '64'
- name: MEMCACHED_MAX_CONNECTIONS
  displayName: Memcached Max Connections
  description: Memcached maximum number of connections allowed.
  value: '1024'
- name: MEMCACHED_SLAB_PAGE_SIZE
  displayName: Memcached Slab Page Size
  description: Memcached size of each slab page.
  value: 1m
- name: POSTGRESQL_CONFIG_DIR
  displayName: PostgreSQL Configuration Overrides
  description: Directory used to store PostgreSQL configuration overrides.
  value: "/var/lib/pgsql/conf.d"
- name: POSTGRESQL_MAX_CONNECTIONS
  displayName: PostgreSQL Max Connections
  description: PostgreSQL maximum number of database connections allowed.
  value: '1000'
- name: POSTGRESQL_SHARED_BUFFERS
  displayName: PostgreSQL Shared Buffer Amount
  description: Amount of memory dedicated for PostgreSQL shared memory buffers.
  value: 1GB
- name: ANSIBLE_SERVICE_NAME
  displayName: Ansible Service Name
  description: The name of the OpenShift Service exposed for the Ansible container.
  value: ansible
- name: ANSIBLE_ADMIN_PASSWORD
  displayName: Ansible admin User password
  required: true
  description: The password for the Ansible container admin user
  from: "[a-zA-Z0-9]{32}"
  generate: expression
- name: ANSIBLE_SECRET_KEY
  displayName: Ansible Secret Key
  required: true
  description: Encryption key for the Ansible container
  from: "[a-f0-9]{32}"
  generate: expression
- name: ANSIBLE_RABBITMQ_USER_NAME
  displayName: RabbitMQ Username
  required: true
  description: Username for the Ansible RabbitMQ Server
  value: ansible
- name: ANSIBLE_RABBITMQ_PASSWORD
  displayName: RabbitMQ Server Password
  required: true
  description: Password for the Ansible RabbitMQ Server
  from: "[a-zA-Z0-9]{32}"
  generate: expression
- name: APPLICATION_CPU_REQ
  displayName: Application Min CPU Requested
  required: true
  description: Minimum amount of CPU time the Application container will need (expressed in millicores).
  value: 1000m
- name: POSTGRESQL_CPU_REQ
  displayName: PostgreSQL Min CPU Requested
  required: true
  description: Minimum amount of CPU time the PostgreSQL container will need (expressed in millicores).
  value: 500m
- name: MEMCACHED_CPU_REQ
  displayName: Memcached Min CPU Requested
  required: true
  description: Minimum amount of CPU time the Memcached container will need (expressed in millicores).
  value: 200m
- name: ANSIBLE_CPU_REQ
  displayName: Ansible Min CPU Requested
  required: true
  description: Minimum amount of CPU time the Ansible container will need (expressed in millicores).
  value: 1000m
- name: APPLICATION_MEM_REQ
  displayName: Application Min RAM Requested
  required: true
  description: Minimum amount of memory the Application container will need.
  value: 6144Mi
- name: POSTGRESQL_MEM_REQ
  displayName: PostgreSQL Min RAM Requested
  required: true
  description: Minimum amount of memory the PostgreSQL container will need.
  value: 4Gi
- name: MEMCACHED_MEM_REQ
  displayName: Memcached Min RAM Requested
  required: true
  description: Minimum amount of memory the Memcached container will need.
  value: 64Mi
- name: ANSIBLE_MEM_REQ
  displayName: Ansible Min RAM Requested
  required: true
  description: Minimum amount of memory the Ansible container will need.
  value: 2048Mi
- name: APPLICATION_MEM_LIMIT
  displayName: Application Max RAM Limit
  required: true
  description: Maximum amount of memory the Application container can consume.
  value: 16384Mi
- name: POSTGRESQL_MEM_LIMIT
  displayName: PostgreSQL Max RAM Limit
  required: true
  description: Maximum amount of memory the PostgreSQL container can consume.
  value: 8Gi
- name: MEMCACHED_MEM_LIMIT
  displayName: Memcached Max RAM Limit
  required: true
  description: Maximum amount of memory the Memcached container can consume.
  value: 256Mi
- name: ANSIBLE_MEM_LIMIT
  displayName: Ansible Max RAM Limit
  required: true
  description: Maximum amount of memory the Ansible container can consume.
  value: 8096Mi
- name: POSTGRESQL_IMG_NAME
  displayName: PostgreSQL Image Name
  description: This is the PostgreSQL image name requested to deploy.
  value: docker.io/manageiq/postgresql
- name: POSTGRESQL_IMG_TAG
  displayName: PostgreSQL Image Tag
  description: This is the PostgreSQL image tag/version requested to deploy.
  value: latest
- name: MEMCACHED_IMG_NAME
  displayName: Memcached Image Name
  description: This is the Memcached image name requested to deploy.
  value: docker.io/manageiq/memcached
- name: MEMCACHED_IMG_TAG
  displayName: Memcached Image Tag
  description: This is the Memcached image tag/version requested to deploy.
  value: latest
- name: APPLICATION_IMG_NAME
  displayName: Application Image Name
  description: This is the Application image name requested to deploy.
  value: docker.io/manageiq/manageiq-pods
- name: FRONTEND_APPLICATION_IMG_TAG
  displayName: Front end Application Image Tag
  description: This is the ManageIQ Frontend Application image tag/version requested to deploy.
  value: frontend-latest
- name: BACKEND_APPLICATION_IMG_TAG
  displayName: Back end Application Image Tag
  description: This is the ManageIQ Backend Application image tag/version requested to deploy.
  value: backend-latest
- name: ANSIBLE_IMG_NAME
  displayName: Ansible Image Name
  description: This is the Ansible image name requested to deploy.
  value: docker.io/manageiq/embedded-ansible
- name: ANSIBLE_IMG_TAG
  displayName: Ansible Image Tag
  description: This is the Ansible image tag/version requested to deploy.
  value: latest
- name: APPLICATION_DOMAIN
  displayName: Application Hostname
  description: The exposed hostname that will route to the application service, if left blank a value will be defaulted.
  value: ''
- name: APPLICATION_REPLICA_COUNT
  displayName: Application Replica Count
  description: This is the number of Application replicas requested to deploy.
  value: '1'
- name: APPLICATION_INIT_DELAY
  displayName: Application Init Delay
  required: true
  description: Delay in seconds before we attempt to initialize the application.
  value: '15'
- name: APPLICATION_VOLUME_CAPACITY
  displayName: Application Volume Capacity
  required: true
  description: Volume space available for application data.
  value: 5Gi
- name: DATABASE_VOLUME_CAPACITY
  displayName: Database Volume Capacity
  required: true
  description: Volume space available for database.
  value: 15Gi
- name: HTTPD_SERVICE_NAME
  required: true
  displayName: Apache httpd Service Name
  description: The name of the OpenShift Service exposed for the httpd container.
  value: httpd
- name: HTTPD_IMG_NAME
  displayName: Apache httpd Image Name
  description: This is the httpd image name requested to deploy.
  value: docker.io/manageiq/httpd
- name: HTTPD_IMG_TAG
  displayName: Apache httpd Image Tag
  description: This is the httpd image tag/version requested to deploy.
  value: latest
- name: HTTPD_CONFIG_DIR
  displayName: Apache Configuration Directory
  description: Directory used to store the Apache configuration files.
  value: "/etc/httpd/conf.d"
- name: HTTPD_AUTH_CONFIG_DIR
  displayName: External Authentication Configuration Directory
  description: Directory used to store the external authentication configuration files.
  value: "/etc/httpd/auth-conf.d"
- name: HTTPD_CPU_REQ
  displayName: Apache httpd Min CPU Requested
  required: true
  description: Minimum amount of CPU time the httpd container will need (expressed in millicores).
  value: 500m
- name: HTTPD_MEM_REQ
  displayName: Apache httpd Min RAM Requested
  required: true
  description: Minimum amount of memory the httpd container will need.
  value: 512Mi
- name: HTTPD_MEM_LIMIT
  displayName: Apache httpd Max RAM Limit
  required: true
  description: Maximum amount of memory the httpd container can consume.
  value: 8192Mi