okd/roles/openshift_examples/files/examples/latest/xpaas-templates/rhpam70-prod.yaml

---
kind: Template
apiVersion: v1
metadata:
  annotations:
    description: Application template for a managed HA production runtime environment, for Red Hat Process Automation Manager 7.0
    iconClass: icon-jboss
    tags: rhpam,jboss,xpaas
    version: 1.4.0
    openshift.io/display-name: Red Hat Process Automation Manager 7.0 production environment
  name: rhpam70-prod
labels:
  template: rhpam70-prod
  xpaas: 1.4.0
message: A new environment has been set up for Red Hat Process Automation Manager 7. The username/password for accessing Business Central Monitoring is ${KIE_ADMIN_USER}/${KIE_ADMIN_PWD}. Both sets of KIE servers are configured with the username/password of ${KIE_SERVER_USER}/${KIE_SERVER_PWD}.
parameters:
- displayName: Application Name
  description: The name for the application.
  name: APPLICATION_NAME
  value: myapp
  required: true
- displayName: Maven repository URL
  description: Fully qualified URL to a Maven repository or service.
  name: MAVEN_REPO_URL
  example: http://nexus.nexus-project.svc.cluster.local:8081/nexus/content/groups/public/
  required: true
- displayName: Maven repository username
  description: Username to access the Maven repository, if required.
  name: MAVEN_REPO_USERNAME
  required: true
- displayName: Maven repository password
  description: Password to access the Maven repository, if required.
  name: MAVEN_REPO_PASSWORD
  required: true
- displayName: EAP Admin User
  description: EAP administrator username
  name: ADMIN_USERNAME
  value: eapadmin
  required: false
- displayName: EAP Admin Password
  description: EAP administrator password
  name: ADMIN_PASSWORD
  from: "[a-zA-Z]{6}[0-9]{1}!"
  generate: expression
  required: false
- displayName: KIE Admin User
  description: KIE administrator username
  name: KIE_ADMIN_USER
  value: adminUser
  required: false
- displayName: KIE Admin Password
  description: KIE administrator password
  name: KIE_ADMIN_PWD
  from: "[a-zA-Z]{6}[0-9]{1}!"
  generate: expression
  required: false
- displayName: KIE Server User
  description: KIE execution server username (Sets the org.kie.server.user system property)
  name: KIE_SERVER_USER
  value: executionUser
  required: false
- displayName: KIE Server Password
  description: KIE execution server password (Sets the org.kie.server.pwd system property)
  name: KIE_SERVER_PWD
  from: "[a-zA-Z]{6}[0-9]{1}!"
  generate: expression
  required: false
- displayName: ImageStream Namespace
  description: Namespace in which the ImageStreams for Red Hat Middleware images are
    installed. These ImageStreams are normally installed in the openshift namespace.
    You should only need to modify this if you've installed the ImageStreams in a
    different namespace/project.
  name: IMAGE_STREAM_NAMESPACE
  value: openshift
  required: true
- displayName: ImageStream Tag
  description: A named pointer to an image in an image stream. Default is "1.0".
  name: IMAGE_STREAM_TAG
  value: "1.0"
  required: false
- displayName: Smart Router Custom http Route Hostname
  description: Custom hostname for http service route.  Leave blank for default hostname, e.g. <application-name>-smartrouter-<project>.<default-domain-suffix>'
  name: SMART_ROUTER_HOSTNAME_HTTP
  value: ''
  required: false
- displayName: Smart Router ID
  description: Router ID used when connecting to the controller (router property org.kie.server.router.id)
  name: KIE_SERVER_ROUTER_ID
  value: kie-server-router
- displayName: Smart Router listening port
  description: Port in which the smart router server listens (router property org.kie.server.router.port)
  name: KIE_SERVER_ROUTER_PORT
  example: "9000"
  required: false
- displayName: Smart Router protocol
  description: KIE server router protocol (Used to build the org.kie.server.router.url.external property)
  name: KIE_SERVER_ROUTER_PROTOCOL
  example: "http"
  required: false
- displayName: Smart Router external URL
  description: Public URL where the router can be found. Format http://<host>:<port>  (router property org.kie.server.router.url.external)
  name: KIE_SERVER_ROUTER_URL_EXTERNAL
- displayName: Smart Router name
  description: Router name used when connecting to the controller (router property org.kie.server.router.name)
  name: KIE_SERVER_ROUTER_NAME
  value: KIE Server Router
- displayName: KIE Server Controller User
  description: KIE server controller username (Sets the org.kie.server.controller.user system property)
  name: KIE_SERVER_CONTROLLER_USER
  value: controllerUser
  required: false
- displayName: KIE Server Controller Password
  description: KIE server controller password (Sets the org.kie.server.controller.pwd system property)
  name: KIE_SERVER_CONTROLLER_PWD
  from: "[a-zA-Z]{6}[0-9]{1}!"
  generate: expression
  required: false
- displayName: KIE Server Persistence DS
  description: KIE execution server persistence datasource (Sets the org.kie.server.persistence.ds system property)
  name: KIE_SERVER_PERSISTENCE_DS
  value: java:/jboss/datasources/rhpam
  required: false
## PostgreSQL database parameters BEGIN
- displayName: PostgreSQL ImageStream Tag
  description: The PostgreSQL image version, which is intended to correspond to the PostgreSQL version. Default is "9.6".
  name: POSTGRESQL_IMAGE_STREAM_TAG
  value: "9.6"
  required: false
- displayName: KIE Server PostgreSQL Database User
  description: KIE execution server PostgreSQL database username
  name: KIE_SERVER_POSTGRESQL_USER
  value: rhpam
  required: false
- displayName: KIE Server PostgreSQL Database Password
  description: KIE execution server PostgreSQL database password
  name: KIE_SERVER_POSTGRESQL_PWD
  from: "[a-zA-Z]{6}[0-9]{1}!"
  generate: expression
  required: false
- displayName: KIE Server PostgreSQL Database Name
  description: KIE execution server PostgreSQL database name
  name: KIE_SERVER_POSTGRESQL_DB
  value: rhpam7
  required: false
- displayName: PostgreSQL Database max prepared connections
  description: Allows the PostgreSQL to handle XA transactions.
  name: POSTGRESQL_MAX_PREPARED_TRANSACTIONS
  value: '100'
  required: true
- displayName: Database Volume Capacity
  description: Size of persistent storage for database volume.
  name: DB_VOLUME_CAPACITY
  value: 1Gi
  required: true
## PostgreSQL database parameters END
- displayName: Drools Server Filter Classes
  description: KIE execution server class filtering (Sets the org.drools.server.filter.classes system property)
  name: DROOLS_SERVER_FILTER_CLASSES
  value: 'true'
  required: false
- displayName: KIE MBeans
  description: KIE execution server mbeans enabled/disabled (Sets the kie.mbeans and kie.scanner.mbeans system properties)
  name: KIE_MBEANS
  value: enabled
  required: false
- displayName: Business Central Monitoring Custom http Route Hostname
  description: 'Custom hostname for http service route.  Leave blank for default hostname,
    e.g.: <application-name>-rhpamcentrmon-<project>.<default-domain-suffix>'
  name: BUSINESS_CENTRAL_HOSTNAME_HTTP
  value: ''
  required: false
- displayName: Business Central Monitoring Custom https Route Hostname
  description: 'Custom hostname for https service route.  Leave blank for default
    hostname, e.g.: secure-<application-name>-rhpamcentrmon-<project>.<default-domain-suffix>'
  name: BUSINESS_CENTRAL_HOSTNAME_HTTPS
  value: ''
  required: false
- displayName: Execution Server 1 Custom http Route Hostname
  description: 'Custom hostname for http service route.  Leave blank for default hostname,
    e.g.: <application-name>-kieserver-<project>.<default-domain-suffix>'
  name: EXECUTION_SERVER1_HOSTNAME_HTTP
  value: ''
  required: false
- displayName: Execution Server 1 Custom https Route Hostname
  description: 'Custom hostname for https service route.  Leave blank for default
    hostname, e.g.: secure-<application-name>-kieserver-<project>.<default-domain-suffix>'
  name: EXECUTION_SERVER1_HOSTNAME_HTTPS
  value: ''
  required: false
- displayName: Execution Server 2 Custom http Route Hostname
  description: 'Custom hostname for http service route.  Leave blank for default hostname,
    e.g.: <application-name>-kieserver-<project>.<default-domain-suffix>'
  name: EXECUTION_SERVER2_HOSTNAME_HTTP
  value: ''
  required: false
- displayName: Execution Server 2 Custom https Route Hostname
  description: 'Custom hostname for https service route.  Leave blank for default
    hostname, e.g.: secure-<application-name>-kieserver-<project>.<default-domain-suffix>'
  name: EXECUTION_SERVER2_HOSTNAME_HTTPS
  value: ''
  required: false
- displayName: Business Central Monitoring Server Keystore Secret Name
  description: The name of the secret containing the keystore file
  name: BUSINESS_CENTRAL_HTTPS_SECRET
  example: businesscentral-app-secret
  required: true
- displayName: Business Central Monitoring Server Keystore Filename
  description: The name of the keystore file within the secret
  name: BUSINESS_CENTRAL_HTTPS_KEYSTORE
  value: keystore.jks
  required: false
- displayName: Business Central Monitoring Server Certificate Name
  description: The name associated with the server certificate
  name: BUSINESS_CENTRAL_HTTPS_NAME
  value: jboss
  required: false
- displayName: Business Central Monitoring Server Keystore Password
  description: The password for the keystore and certificate
  name: BUSINESS_CENTRAL_HTTPS_PASSWORD
  value: mykeystorepass
  required: false
- displayName: KIE Server Keystore Secret Name
  description: The name of the secret containing the keystore file
  name: KIE_SERVER_HTTPS_SECRET
  example: kieserver-app-secret
  required: true
- displayName: KIE Server Keystore Filename
  description: The name of the keystore file within the secret
  name: KIE_SERVER_HTTPS_KEYSTORE
  value: keystore.jks
  required: false
- displayName: KIE Server Certificate Name
  description: The name associated with the server certificate
  name: KIE_SERVER_HTTPS_NAME
  value: jboss
  required: false
- displayName: KIE Server Keystore Password
  description: The password for the keystore and certificate
  name: KIE_SERVER_HTTPS_PASSWORD
  value: mykeystorepass
  required: false
- displayName: KIE Server Bypass Auth User
  description: KIE execution server bypass auth user (Sets the org.kie.server.bypass.auth.user system property)
  name: KIE_SERVER_BYPASS_AUTH_USER
  value: 'false'
  required: false
- displayName: "Timer service data store refresh interval (in milliseconds)"
  description: "Sets refresh-interval for the EJB timer service database-data-store."
  name: TIMER_SERVICE_DATA_STORE_REFRESH_INTERVAL
  value: '30000'
  required: false
- displayName: Business Central Monitoring Container Memory Limit
  description: Business Central Monitoring Container memory limit
  name: BUSINESS_CENTRAL_MEMORY_LIMIT
  value: 2Gi
  required: false
- displayName: Execution Server Container Memory Limit
  description: Execution Server Container memory limit
  name: EXECUTION_SERVER_MEMORY_LIMIT
  value: 1Gi
  required: false
- displayName: Smart Router Container Memory Limit
  description: Smart Router Container memory limit
  name: SMART_ROUTER_MEMORY_LIMIT
  value: 512Mi
  required: false
- displayName: RH-SSO URL
  description: RH-SSO URL
  name: SSO_URL
  example: https://rh-sso.example.com/auth
  required: false
- displayName: RH-SSO Realm name
  description: RH-SSO Realm name
  name: SSO_REALM
  required: false
- displayName: Business Central Monitoring RH-SSO Client name
  description: Business Central Monitoring RH-SSO Client name
  name: BUSINESS_CENTRAL_SSO_CLIENT
  required: false
- displayName: Business Central Monitoring RH-SSO Client Secret
  description: Business Central Monitoring RH-SSO Client Secret
  name: BUSINESS_CENTRAL_SSO_SECRET
  example: "252793ed-7118-4ca8-8dab-5622fa97d892"
  required: false
- displayName: KIE Server 1 RH-SSO Client name
  description: KIE Server 1 RH-SSO Client name
  name: KIE_SERVER1_SSO_CLIENT
  required: false
- displayName: KIE Server 1 RH-SSO Client Secret
  description: KIE Server 1 RH-SSO Client Secret
  name: KIE_SERVER1_SSO_SECRET
  example: "252793ed-7118-4ca8-8dab-5622fa97d892"
  required: false
- displayName: KIE Server 2 RH-SSO Client name
  description: KIE Server 2 RH-SSO Client name
  name: KIE_SERVER2_SSO_CLIENT
  required: false
- displayName: KIE Server 2 RH-SSO Client Secret
  description: KIE Server 2 RH-SSO Client Secret
  name: KIE_SERVER2_SSO_SECRET
  example: "252793ed-7118-4ca8-8dab-5622fa97d892"
  required: false
- displayName: RH-SSO Realm Admin Username
  description: RH-SSO Realm Admin Username used to create the Client if it doesn't exist
  name: SSO_USERNAME
  required: false
- displayName: RH-SSO Realm Admin Password
  description: RH-SSO Realm Admin Password used to create the Client
  name: SSO_PASSWORD
  required: false
- displayName: RH-SSO Disable SSL Certificate Validation
  description: RH-SSO Disable SSL Certificate Validation
  name: SSO_DISABLE_SSL_CERTIFICATE_VALIDATION
  value: "false"
  required: false
objects:
- kind: Service
  apiVersion: v1
  spec:
    ports:
    - name: http
      port: 8080
      targetPort: 8080
    - name: https
      port: 8443
      targetPort: 8443
    selector:
      deploymentConfig: "${APPLICATION_NAME}-rhpamcentrmon"
  metadata:
    name: "${APPLICATION_NAME}-rhpamcentrmon"
    labels:
      application: "${APPLICATION_NAME}"
      service: "${APPLICATION_NAME}-rhpamcentrmon"
    annotations:
      description: All the Business Central Monitoring web server's ports.
- kind: Service
  apiVersion: v1
  spec:
    clusterIP: "None"
    ports:
    - name: "ping"
      port: 8888
    selector:
      deploymentConfig: "${APPLICATION_NAME}-rhpamcentrmon"
  metadata:
    name: "${APPLICATION_NAME}-rhpamcentrmon-ping"
    labels:
      application: "${APPLICATION_NAME}"
      service: "${APPLICATION_NAME}-rhpamcentrmon"
    annotations:
      service.alpha.kubernetes.io/tolerate-unready-endpoints: "true"
      description: "The JGroups ping port for clustering."
- kind: Service
  apiVersion: v1
  spec:
    ports:
    - port: 9000
      targetPort: 9000
    selector:
      deploymentConfig: "${APPLICATION_NAME}-smartrouter"
  metadata:
    name: "${APPLICATION_NAME}-smartrouter"
    labels:
      application: "${APPLICATION_NAME}"
      service: "${APPLICATION_NAME}-smartrouter"
    annotations:
      description: The smart router server http port.
## KIE server services 1 BEGIN
- kind: Service
  apiVersion: v1
  spec:
    ports:
    - name: http
      port: 8080
      targetPort: 8080
    - name: https
      port: 8443
      targetPort: 8443
    selector:
      deploymentConfig: "${APPLICATION_NAME}-kieserver-1"
  metadata:
    name: "${APPLICATION_NAME}-kieserver-1"
    labels:
      application: "${APPLICATION_NAME}"
      service: "${APPLICATION_NAME}-kieserver-1"
    annotations:
      description: All the KIE server web server's ports. (First execution server)
- kind: Service
  apiVersion: v1
  spec:
    clusterIP: "None"
    ports:
    - name: "ping"
      port: 8888
    selector:
      deploymentConfig: "${APPLICATION_NAME}-kieserver-1"
  metadata:
    name: "${APPLICATION_NAME}-kieserver-1-ping"
    labels:
      application: "${APPLICATION_NAME}"
      service: "${APPLICATION_NAME}-kieserver-1"
    annotations:
      service.alpha.kubernetes.io/tolerate-unready-endpoints: "true"
      description: "The JGroups ping port for clustering."
## KIE server services 1 END
## KIE server services 2 BEGIN
- kind: Service
  apiVersion: v1
  spec:
    ports:
    - name: http
      port: 8080
      targetPort: 8080
    - name: https
      port: 8443
      targetPort: 8443
    selector:
      deploymentConfig: "${APPLICATION_NAME}-kieserver-2"
  metadata:
    name: "${APPLICATION_NAME}-kieserver-2"
    labels:
      application: "${APPLICATION_NAME}"
      service: "${APPLICATION_NAME}-kieserver-2"
    annotations:
      description: All the KIE server web server's ports. (Second execution server)
- kind: Service
  apiVersion: v1
  spec:
    clusterIP: "None"
    ports:
    - name: "ping"
      port: 8888
    selector:
      deploymentConfig: "${APPLICATION_NAME}-kieserver-2"
  metadata:
    name: "${APPLICATION_NAME}-kieserver-2-ping"
    labels:
      application: "${APPLICATION_NAME}"
      service: "${APPLICATION_NAME}-kieserver-2"
    annotations:
      service.alpha.kubernetes.io/tolerate-unready-endpoints: "true"
      description: "The JGroups ping port for clustering."
## KIE server services 2 END
## PostgreSQL service 1 BEGIN
- apiVersion: v1
  kind: Service
  metadata:
    annotations:
      description: The first database server's port.
    labels:
      application: ${APPLICATION_NAME}
      service: "${APPLICATION_NAME}-postgresql-1"
    name: ${APPLICATION_NAME}-postgresql-1
  spec:
    ports:
    - port: 5432
      targetPort: 5432
    selector:
      deploymentConfig: ${APPLICATION_NAME}-postgresql-1
## PostgreSQL service 1 END
## PostgreSQL service 2 BEGIN
- apiVersion: v1
  kind: Service
  metadata:
    annotations:
      description: The second database server's port.
    labels:
      application: ${APPLICATION_NAME}
      service: "${APPLICATION_NAME}-postgresql-2"
    name: ${APPLICATION_NAME}-postgresql-2
  spec:
    ports:
    - port: 5432
      targetPort: 5432
    selector:
      deploymentConfig: ${APPLICATION_NAME}-postgresql-2
## PostgreSQL service 2 END
- kind: Route
  apiVersion: v1
  id: "${APPLICATION_NAME}-rhpamcentrmon-http"
  metadata:
    name: "${APPLICATION_NAME}-rhpamcentrmon"
    labels:
      application: "${APPLICATION_NAME}"
      service: "${APPLICATION_NAME}-rhpamcentrmon"
    annotations:
      description: Route for Business Central Monitoring's http service.
      haproxy.router.openshift.io/timeout: 60s
  spec:
    host: "${BUSINESS_CENTRAL_HOSTNAME_HTTP}"
    to:
      name: "${APPLICATION_NAME}-rhpamcentrmon"
    port:
      targetPort: http
- kind: Route
  apiVersion: v1
  id: "${APPLICATION_NAME}-rhpamcentrmon-https"
  metadata:
    name: "secure-${APPLICATION_NAME}-rhpamcentrmon"
    labels:
      application: "${APPLICATION_NAME}"
      service: "${APPLICATION_NAME}-rhpamcentrmon"
    annotations:
      description: Route for Business Central Monitoring's https service.
      haproxy.router.openshift.io/timeout: 60s
  spec:
    host: "${BUSINESS_CENTRAL_HOSTNAME_HTTPS}"
    to:
      name: "${APPLICATION_NAME}-rhpamcentrmon"
    port:
      targetPort: https
    tls:
      termination: passthrough
## KIE server routes 1 BEGIN
- kind: Route
  apiVersion: v1
  id: "${APPLICATION_NAME}-kieserver-1-http"
  metadata:
    name: "${APPLICATION_NAME}-kieserver-1"
    labels:
      application: "${APPLICATION_NAME}"
      service: "${APPLICATION_NAME}-kieserver-1"
    annotations:
      description: Route for First KIE server's http service.
  spec:
    host: "${EXECUTION_SERVER1_HOSTNAME_HTTP}"
    to:
      name: "${APPLICATION_NAME}-kieserver-1"
    port:
      targetPort: http
- kind: Route
  apiVersion: v1
  id: "${APPLICATION_NAME}-kieserver-1-https"
  metadata:
    name: "secure-${APPLICATION_NAME}-kieserver-1"
    labels:
      application: "${APPLICATION_NAME}"
      service: "${APPLICATION_NAME}-kieserver-1"
    annotations:
      description: Route for First KIE server's https service.
  spec:
    host: "${EXECUTION_SERVER1_HOSTNAME_HTTPS}"
    to:
      name: "${APPLICATION_NAME}-kieserver-1"
    port:
      targetPort: https
    tls:
      termination: passthrough
## KIE server routes 1 END
## KIE server routes 2 BEGIN
- kind: Route
  apiVersion: v1
  id: "${APPLICATION_NAME}-kieserver-2-http"
  metadata:
    name: "${APPLICATION_NAME}-kieserver-2"
    labels:
      application: "${APPLICATION_NAME}"
      service: "${APPLICATION_NAME}-kieserver-2"
    annotations:
      description: Route for Second KIE server's http service.
  spec:
    host: "${EXECUTION_SERVER2_HOSTNAME_HTTP}"
    to:
      name: "${APPLICATION_NAME}-kieserver-2"
    port:
      targetPort: http
- kind: Route
  apiVersion: v1
  id: "${APPLICATION_NAME}-kieserver-2-https"
  metadata:
    name: "secure-${APPLICATION_NAME}-kieserver-2"
    labels:
      application: "${APPLICATION_NAME}"
      service: "${APPLICATION_NAME}-kieserver-2"
    annotations:
      description: Route for Second KIE server's https service.
  spec:
    host: "${EXECUTION_SERVER2_HOSTNAME_HTTPS}"
    to:
      name: "${APPLICATION_NAME}-kieserver-2"
    port:
      targetPort: https
    tls:
      termination: passthrough
## KIE server routes 2 BEGIN
- kind: Route
  apiVersion: v1
  id: "${APPLICATION_NAME}-smartrouter-http"
  metadata:
    name: "${APPLICATION_NAME}-smartrouter"
    labels:
      application: "${APPLICATION_NAME}"
      service: "${APPLICATION_NAME}-smartrouter"
    annotations:
      description: Route for Smart Router's http service.
  spec:
    host: "${SMART_ROUTER_HOSTNAME_HTTP}"
    to:
      name: "${APPLICATION_NAME}-smartrouter"
- kind: DeploymentConfig
  apiVersion: v1
  metadata:
    name: "${APPLICATION_NAME}-rhpamcentrmon"
    labels:
      application: "${APPLICATION_NAME}"
      service: "${APPLICATION_NAME}-rhpamcentrmon"
  spec:
    strategy:
      type: Recreate
    triggers:
    - type: ImageChange
      imageChangeParams:
        automatic: true
        containerNames:
        - "${APPLICATION_NAME}-rhpamcentrmon"
        from:
          kind: ImageStreamTag
          namespace: "${IMAGE_STREAM_NAMESPACE}"
          name: "rhpam70-businesscentral-monitoring-openshift:${IMAGE_STREAM_TAG}"
    - type: ConfigChange
## Replicas for Business Central Monitoring
    replicas: 3
    selector:
      deploymentConfig: "${APPLICATION_NAME}-rhpamcentrmon"
    template:
      metadata:
        name: "${APPLICATION_NAME}-rhpamcentrmon"
        labels:
          deploymentConfig: "${APPLICATION_NAME}-rhpamcentrmon"
          application: "${APPLICATION_NAME}"
          service: "${APPLICATION_NAME}-rhpamcentrmon"
      spec:
        terminationGracePeriodSeconds: 60
        containers:
        - name: "${APPLICATION_NAME}-rhpamcentrmon"
          image: rhpam70-businesscentral-monitoring-openshift
          imagePullPolicy: Always
          resources:
            limits:
              memory: "${BUSINESS_CENTRAL_MEMORY_LIMIT}"
          volumeMounts:
          - name: businesscentral-keystore-volume
            mountPath: "/etc/businesscentral-secret-volume"
            readOnly: true
          - name: "${APPLICATION_NAME}-rhpamcentr-pvol"
            mountPath: "/opt/eap/standalone/data/bpmsuite"
          livenessProbe:
            exec:
              command:
              - "/bin/bash"
              - "-c"
              - "curl --fail --silent -u '${KIE_ADMIN_USER}:${KIE_ADMIN_PWD}' http://localhost:8080/kie-wb.jsp"
            initialDelaySeconds: 180
            timeoutSeconds: 2
            periodSeconds: 15
          readinessProbe:
            exec:
              command:
              - "/bin/bash"
              - "-c"
              - "curl --fail --silent -u '${KIE_ADMIN_USER}:${KIE_ADMIN_PWD}' http://localhost:8080/kie-wb.jsp"
            initialDelaySeconds: 60
            timeoutSeconds: 2
            periodSeconds: 30
            failureThreshold: 6
          ports:
          - name: jolokia
            containerPort: 8778
            protocol: TCP
          - name: http
            containerPort: 8080
            protocol: TCP
          - name: https
            containerPort: 8443
            protocol: TCP
          - name: ping
            containerPort: 8888
            protocol: TCP
          env:
          - name: KIE_ADMIN_PWD
            value: "${KIE_ADMIN_PWD}"
          - name: KIE_ADMIN_USER
            value: "${KIE_ADMIN_USER}"
          - name: KIE_SERVER_PWD
            value: "${KIE_SERVER_PWD}"
          - name: KIE_SERVER_USER
            value: "${KIE_SERVER_USER}"
          - name: MAVEN_REPO_URL
            value: "${MAVEN_REPO_URL}"
          - name: MAVEN_REPO_USERNAME
            value: "${MAVEN_REPO_USERNAME}"
          - name: MAVEN_REPO_PASSWORD
            value: "${MAVEN_REPO_PASSWORD}"
          - name: ADMIN_USERNAME
            value: "${ADMIN_USERNAME}"
          - name: ADMIN_PASSWORD
            value: "${ADMIN_PASSWORD}"
          - name: KIE_SERVER_CONTROLLER_PWD
            value: ${KIE_SERVER_CONTROLLER_PWD}
          - name: KIE_SERVER_CONTROLLER_USER
            value: ${KIE_SERVER_CONTROLLER_USER}
          - name: PROBE_IMPL
            value: probe.eap.jolokia.EapProbe
          - name: PROBE_DISABLE_BOOT_ERRORS_CHECK
            value: 'true'
          - name: HTTPS_KEYSTORE_DIR
            value: "/etc/businesscentral-secret-volume"
          - name: HTTPS_KEYSTORE
            value: "${BUSINESS_CENTRAL_HTTPS_KEYSTORE}"
          - name: HTTPS_NAME
            value: "${BUSINESS_CENTRAL_HTTPS_NAME}"
          - name: HTTPS_PASSWORD
            value: "${BUSINESS_CENTRAL_HTTPS_PASSWORD}"
          - name: JGROUPS_PING_PROTOCOL
            value: "openshift.DNS_PING"
          - name: OPENSHIFT_DNS_PING_SERVICE_NAME
            value: "${APPLICATION_NAME}-rhpamcentrmon-ping"
          - name: OPENSHIFT_DNS_PING_SERVICE_PORT
            value: "8888"
          - name: SSO_URL
            value: "${SSO_URL}"
          - name: SSO_OPENIDCONNECT_DEPLOYMENTS
            value: "ROOT.war"
          - name: SSO_REALM
            value: "${SSO_REALM}"
          - name: SSO_SECRET
            value: "${BUSINESS_CENTRAL_SSO_SECRET}"
          - name: SSO_CLIENT
            value: "${BUSINESS_CENTRAL_SSO_CLIENT}"
          - name: SSO_USERNAME
            value: "${SSO_USERNAME}"
          - name: SSO_PASSWORD
            value: "${SSO_PASSWORD}"
          - name: SSO_DISABLE_SSL_CERTIFICATE_VALIDATION
            value: "${SSO_DISABLE_SSL_CERTIFICATE_VALIDATION}"
          - name: HOSTNAME_HTTP
            value: "${BUSINESS_CENTRAL_HOSTNAME_HTTP}"
          - name: HOSTNAME_HTTPS
            value: "${BUSINESS_CENTRAL_HOSTNAME_HTTPS}"
        volumes:
        - name: businesscentral-keystore-volume
          secret:
            secretName: "${BUSINESS_CENTRAL_HTTPS_SECRET}"
        - name: "${APPLICATION_NAME}-rhpamcentr-pvol"
          persistentVolumeClaim:
            claimName: "${APPLICATION_NAME}-rhpamcentr-claim"
- kind: DeploymentConfig
  apiVersion: v1
  metadata:
    name: ${APPLICATION_NAME}-smartrouter
    labels:
      application: "${APPLICATION_NAME}"
      service: "${APPLICATION_NAME}-smartrouter"
  spec:
    strategy:
      type: Recreate
    triggers:
    - type: ImageChange
      imageChangeParams:
        automatic: true
        containerNames:
        - "${APPLICATION_NAME}-smartrouter"
        from:
          kind: ImageStreamTag
          namespace: "${IMAGE_STREAM_NAMESPACE}"
          name: "rhpam70-smartrouter-openshift:${IMAGE_STREAM_TAG}"
    - type: ConfigChange
    replicas: 2
    selector:
      deploymentConfig: "${APPLICATION_NAME}-smartrouter"
    template:
      metadata:
        name: "${APPLICATION_NAME}-smartrouter"
        labels:
          application: "${APPLICATION_NAME}"
          deploymentConfig: "${APPLICATION_NAME}-smartrouter"
          service: "${APPLICATION_NAME}-smartrouter"
      spec:
        terminationGracePeriodSeconds: 60
        containers:
        - name: "${APPLICATION_NAME}-smartrouter"
          image: rhpam70-smartrouter-openshift
          imagePullPolicy: Always
          resources:
            limits:
              memory: "${SMART_ROUTER_MEMORY_LIMIT}"
          ports:
          - name: http
            containerPort: 9000
            protocol: TCP
          env:
          - name: KIE_SERVER_ROUTER_HOST
            valueFrom:
              fieldRef:
                fieldPath: status.podIP
          - name: KIE_SERVER_ROUTER_PORT
            value: "${KIE_SERVER_ROUTER_PORT}"
          - name: KIE_SERVER_ROUTER_URL_EXTERNAL
            value: "${KIE_SERVER_ROUTER_URL_EXTERNAL}"
          - name: KIE_SERVER_ROUTER_ID
            value: "${KIE_SERVER_ROUTER_ID}"
          - name: KIE_SERVER_ROUTER_NAME
            value: "${KIE_SERVER_ROUTER_NAME}"
          - name: KIE_SERVER_ROUTER_PROTOCOL
            value: "${KIE_SERVER_ROUTER_PROTOCOL}"
          - name: KIE_SERVER_CONTROLLER_USER
            value: "${KIE_SERVER_CONTROLLER_USER}"
          - name: KIE_SERVER_CONTROLLER_PWD
            value: "${KIE_SERVER_CONTROLLER_PWD}"
          - name: KIE_SERVER_CONTROLLER_SERVICE
            value: "${APPLICATION_NAME}-rhpamcentrmon"
          - name: KIE_SERVER_ROUTER_REPO
            value: "/opt/rhpam-smartrouter/data"
          - name: KIE_SERVER_ROUTER_CONFIG_WATCHER_ENABLED
            value: "true"
          volumeMounts:
          - name: "${APPLICATION_NAME}-smartrouter"
            mountPath: "/opt/rhpam-smartrouter/data"
        volumes:
        - name: "${APPLICATION_NAME}-smartrouter"
          persistentVolumeClaim:
            claimName: "${APPLICATION_NAME}-smartrouter-claim"
## KIE server deployment config 1 BEGIN
- kind: DeploymentConfig
  apiVersion: v1
  metadata:
    name: "${APPLICATION_NAME}-kieserver-1"
    labels:
      application: "${APPLICATION_NAME}"
      service: "${APPLICATION_NAME}-kieserver-1"
  spec:
    strategy:
      type: Recreate
    triggers:
    - type: ImageChange
      imageChangeParams:
        automatic: true
        containerNames:
        - "${APPLICATION_NAME}-kieserver-1"
        from:
          kind: ImageStreamTag
          namespace: "${IMAGE_STREAM_NAMESPACE}"
          name: "rhpam70-kieserver-openshift:${IMAGE_STREAM_TAG}"
    - type: ConfigChange
    replicas: 3
    selector:
      deploymentConfig: "${APPLICATION_NAME}-kieserver-1"
    template:
      metadata:
        name: "${APPLICATION_NAME}-kieserver-1"
        labels:
          deploymentConfig: "${APPLICATION_NAME}-kieserver-1"
          application: "${APPLICATION_NAME}"
          service: "${APPLICATION_NAME}-kieserver-1"
      spec:
        terminationGracePeriodSeconds: 60
        containers:
        - name: "${APPLICATION_NAME}-kieserver-1"
          image: rhpam70-kieserver-openshift
          imagePullPolicy: Always
          resources:
            limits:
              memory: "${EXECUTION_SERVER_MEMORY_LIMIT}"
          volumeMounts:
          - name: kieserver-keystore-volume
            mountPath: "/etc/kieserver-secret-volume"
            readOnly: true
          livenessProbe:
            exec:
              command:
              - "/bin/bash"
              - "-c"
              - "curl --fail --silent -u '${KIE_ADMIN_USER}:${KIE_ADMIN_PWD}' http://localhost:8080/services/rest/server/healthcheck"
            initialDelaySeconds: 180
            timeoutSeconds: 2
            periodSeconds: 15
            failureThreshold: 3
          readinessProbe:
            exec:
              command:
              - "/bin/bash"
              - "-c"
              - "curl --fail --silent -u '${KIE_ADMIN_USER}:${KIE_ADMIN_PWD}' http://localhost:8080/services/rest/server/readycheck"
            initialDelaySeconds: 60
            timeoutSeconds: 2
            periodSeconds: 30
            failureThreshold: 6
          ports:
          - name: jolokia
            containerPort: 8778
            protocol: TCP
          - name: http
            containerPort: 8080
            protocol: TCP
          - name: https
            containerPort: 8443
            protocol: TCP
          - name: ping
            containerPort: 8888
            protocol: TCP
          env:
          - name: DROOLS_SERVER_FILTER_CLASSES
            value: "${DROOLS_SERVER_FILTER_CLASSES}"
          - name: KIE_ADMIN_USER
            value: "${KIE_ADMIN_USER}"
          - name: KIE_ADMIN_PWD
            value: "${KIE_ADMIN_PWD}"
          - name: KIE_MBEANS
            value: "${KIE_MBEANS}"
          - name: KIE_SERVER_BYPASS_AUTH_USER
            value: "${KIE_SERVER_BYPASS_AUTH_USER}"
          - name: KIE_SERVER_CONTROLLER_USER
            value: "${KIE_SERVER_CONTROLLER_USER}"
          - name: KIE_SERVER_CONTROLLER_PWD
            value: "${KIE_SERVER_CONTROLLER_PWD}"
          - name: KIE_SERVER_CONTROLLER_SERVICE
            value: "${APPLICATION_NAME}-rhpamcentrmon"
          - name: KIE_SERVER_ID
            value: "kie-server-1"
          - name: KIE_SERVER_HOST
            valueFrom:
              fieldRef:
                fieldPath: status.podIP
          - name: KIE_SERVER_USER
            value: "${KIE_SERVER_USER}"
          - name: KIE_SERVER_PWD
            value: "${KIE_SERVER_PWD}"
          - name: KIE_SERVER_CONTAINER_DEPLOYMENT
            value: ""
          - name: MAVEN_REPO_URL
            value: "${MAVEN_REPO_URL}"
          - name: MAVEN_REPO_USERNAME
            value: "${MAVEN_REPO_USERNAME}"
          - name: MAVEN_REPO_PASSWORD
            value: "${MAVEN_REPO_PASSWORD}"
          - name: MAVEN_REPO_PATH
            value: "/maven2/"
          - name: KIE_SERVER_ROUTER_SERVICE
            value: "${APPLICATION_NAME}-smartrouter"
          - name: KIE_SERVER_ROUTER_PORT
            value: "${KIE_SERVER_ROUTER_PORT}"
          - name: KIE_SERVER_ROUTER_PROTOCOL
            value: "${KIE_SERVER_ROUTER_PROTOCOL}"
          - name: KIE_SERVER_PERSISTENCE_DS
            value: "${KIE_SERVER_PERSISTENCE_DS}"
          - name: DATASOURCES
            value: "RHPAM"
          - name: RHPAM_JNDI
            value: "${KIE_SERVER_PERSISTENCE_DS}"
          - name: RHPAM_JTA
            value: "true"
          - name: RHPAM_TX_ISOLATION
            value: "TRANSACTION_READ_UNCOMMITTED"
## PostgreSQL driver settings 1 BEGIN
          - name: RHPAM_DATABASE
            value: "${KIE_SERVER_POSTGRESQL_DB}"
          - name: RHPAM_DRIVER
            value: "postgresql"
          - name: KIE_SERVER_PERSISTENCE_DIALECT
            value: "org.hibernate.dialect.PostgreSQLDialect"
          - name: RHPAM_USERNAME
            value: "${KIE_SERVER_POSTGRESQL_USER}"
          - name: RHPAM_PASSWORD
            value: "${KIE_SERVER_POSTGRESQL_PWD}"
          - name: RHPAM_SERVICE_HOST
            value: "${APPLICATION_NAME}-postgresql-1"
          - name: RHPAM_SERVICE_PORT
            value: "5432"
          - name: TIMER_SERVICE_DATA_STORE
            value: "${APPLICATION_NAME}-postgresql-1"
## PostgreSQL driver settings 1 END
          - name: TIMER_SERVICE_DATA_STORE_REFRESH_INTERVAL
            value: "${TIMER_SERVICE_DATA_STORE_REFRESH_INTERVAL}"
          - name: HTTPS_KEYSTORE_DIR
            value: "/etc/kieserver-secret-volume"
          - name: HTTPS_KEYSTORE
            value: "${KIE_SERVER_HTTPS_KEYSTORE}"
          - name: HTTPS_NAME
            value: "${KIE_SERVER_HTTPS_NAME}"
          - name: HTTPS_PASSWORD
            value: "${KIE_SERVER_HTTPS_PASSWORD}"
          - name: JGROUPS_PING_PROTOCOL
            value: "openshift.DNS_PING"
          - name: OPENSHIFT_DNS_PING_SERVICE_NAME
            value: "${APPLICATION_NAME}-kieserver-1-ping"
          - name: OPENSHIFT_DNS_PING_SERVICE_PORT
            value: "8888"
          - name: SSO_URL
            value: "${SSO_URL}"
          - name: SSO_OPENIDCONNECT_DEPLOYMENTS
            value: "ROOT.war"
          - name: SSO_REALM
            value: "${SSO_REALM}"
          - name: SSO_SECRET
            value: "${KIE_SERVER1_SSO_SECRET}"
          - name: SSO_CLIENT
            value: "${KIE_SERVER1_SSO_CLIENT}"
          - name: SSO_USERNAME
            value: "${SSO_USERNAME}"
          - name: SSO_PASSWORD
            value: "${SSO_PASSWORD}"
          - name: SSO_DISABLE_SSL_CERTIFICATE_VALIDATION
            value: "${SSO_DISABLE_SSL_CERTIFICATE_VALIDATION}"
          - name: HOSTNAME_HTTP
            value: "${EXECUTION_SERVER1_HOSTNAME_HTTP}"
          - name: HOSTNAME_HTTPS
            value: "${EXECUTION_SERVER1_HOSTNAME_HTTPS}"
        volumes:
        - name: kieserver-keystore-volume
          secret:
            secretName: "${KIE_SERVER_HTTPS_SECRET}"
## KIE server deployment config 1 END
## PostgreSQL deployment config 1 BEGIN
- kind: DeploymentConfig
  apiVersion: v1
  metadata:
    name: "${APPLICATION_NAME}-postgresql-1"
    labels:
      application: "${APPLICATION_NAME}"
      service: "${APPLICATION_NAME}-postgresql-1"
  spec:
    strategy:
      type: Recreate
    triggers:
    - type: ImageChange
      imageChangeParams:
        automatic: true
        containerNames:
        - "${APPLICATION_NAME}-postgresql-1"
        from:
          kind: ImageStreamTag
          namespace: "${IMAGE_STREAM_NAMESPACE}"
          name: "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
    - type: ConfigChange
    replicas: 1
    selector:
      deploymentConfig: "${APPLICATION_NAME}-postgresql-1"
    template:
      metadata:
        name: "${APPLICATION_NAME}-postgresql-1"
        labels:
          deploymentConfig: "${APPLICATION_NAME}-postgresql-1"
          application: "${APPLICATION_NAME}"
          service: "${APPLICATION_NAME}-postgresql-1"
      spec:
        terminationGracePeriodSeconds: 60
        containers:
        - name: "${APPLICATION_NAME}-postgresql-1"
          image: postgresql
          imagePullPolicy: Always
          ports:
          - containerPort: 5432
            protocol: TCP
          volumeMounts:
          - mountPath: "/var/lib/postgresql/data"
            name: "${APPLICATION_NAME}-postgresql-pvol"
          env:
          - name: POSTGRESQL_USER
            value: "${KIE_SERVER_POSTGRESQL_USER}"
          - name: POSTGRESQL_PASSWORD
            value: "${KIE_SERVER_POSTGRESQL_PWD}"
          - name: POSTGRESQL_DATABASE
            value: "${KIE_SERVER_POSTGRESQL_DB}"
          - name: POSTGRESQL_MAX_PREPARED_TRANSACTIONS
            value: "${POSTGRESQL_MAX_PREPARED_TRANSACTIONS}"
        volumes:
        - name: "${APPLICATION_NAME}-postgresql-pvol"
          persistentVolumeClaim:
            claimName: "${APPLICATION_NAME}-postgresql-claim-1"
## PostgreSQL deployment config 1 END
## KIE server deployment config 2 BEGIN
- kind: DeploymentConfig
  apiVersion: v1
  metadata:
    name: "${APPLICATION_NAME}-kieserver-2"
    labels:
      application: "${APPLICATION_NAME}"
      service: "${APPLICATION_NAME}-kieserver-2"
  spec:
    strategy:
      type: Recreate
    triggers:
    - type: ImageChange
      imageChangeParams:
        automatic: true
        containerNames:
        - "${APPLICATION_NAME}-kieserver-2"
        from:
          kind: ImageStreamTag
          namespace: "${IMAGE_STREAM_NAMESPACE}"
          name: "rhpam70-kieserver-openshift:${IMAGE_STREAM_TAG}"
    - type: ConfigChange
    replicas: 3
    selector:
      deploymentConfig: "${APPLICATION_NAME}-kieserver-2"
    template:
      metadata:
        name: "${APPLICATION_NAME}-kieserver-2"
        labels:
          deploymentConfig: "${APPLICATION_NAME}-kieserver-2"
          application: "${APPLICATION_NAME}"
          service: "${APPLICATION_NAME}-kieserver-2"
      spec:
        terminationGracePeriodSeconds: 60
        containers:
        - name: "${APPLICATION_NAME}-kieserver-2"
          image: rhpam70-kieserver-openshift
          imagePullPolicy: Always
          resources:
            limits:
              memory: "${EXECUTION_SERVER_MEMORY_LIMIT}"
          volumeMounts:
          - name: kieserver-keystore-volume
            mountPath: "/etc/kieserver-secret-volume"
            readOnly: true
          livenessProbe:
            exec:
              command:
              - "/bin/bash"
              - "-c"
              - "curl --fail --silent -u '${KIE_ADMIN_USER}:${KIE_ADMIN_PWD}' http://localhost:8080/services/rest/server/healthcheck"
            initialDelaySeconds: 180
            timeoutSeconds: 2
            periodSeconds: 15
            failureThreshold: 3
          readinessProbe:
            exec:
              command:
              - "/bin/bash"
              - "-c"
              - "curl --fail --silent -u '${KIE_ADMIN_USER}:${KIE_ADMIN_PWD}' http://localhost:8080/services/rest/server/readycheck"
            initialDelaySeconds: 60
            timeoutSeconds: 2
            periodSeconds: 30
            failureThreshold: 6
          ports:
          - name: jolokia
            containerPort: 8778
            protocol: TCP
          - name: http
            containerPort: 8080
            protocol: TCP
          - name: https
            containerPort: 8443
            protocol: TCP
          - name: ping
            containerPort: 8888
            protocol: TCP
          env:
          - name: DROOLS_SERVER_FILTER_CLASSES
            value: "${DROOLS_SERVER_FILTER_CLASSES}"
          - name: KIE_ADMIN_USER
            value: "${KIE_ADMIN_USER}"
          - name: KIE_ADMIN_PWD
            value: "${KIE_ADMIN_PWD}"
          - name: KIE_MBEANS
            value: "${KIE_MBEANS}"
          - name: KIE_SERVER_BYPASS_AUTH_USER
            value: "${KIE_SERVER_BYPASS_AUTH_USER}"
          - name: KIE_SERVER_CONTROLLER_USER
            value: "${KIE_SERVER_CONTROLLER_USER}"
          - name: KIE_SERVER_CONTROLLER_PWD
            value: "${KIE_SERVER_CONTROLLER_PWD}"
          - name: KIE_SERVER_CONTROLLER_SERVICE
            value: "${APPLICATION_NAME}-rhpamcentrmon"
          - name: KIE_SERVER_ID
            value: "kie-server-2"
          - name: KIE_SERVER_HOST
            valueFrom:
              fieldRef:
                fieldPath: status.podIP
          - name: KIE_SERVER_USER
            value: "${KIE_SERVER_USER}"
          - name: KIE_SERVER_PWD
            value: "${KIE_SERVER_PWD}"
          - name: KIE_SERVER_CONTAINER_DEPLOYMENT
            value: ""
          - name: MAVEN_REPO_URL
            value: "${MAVEN_REPO_URL}"
          - name: MAVEN_REPO_USERNAME
            value: "${MAVEN_REPO_USERNAME}"
          - name: MAVEN_REPO_PASSWORD
            value: "${MAVEN_REPO_PASSWORD}"
          - name: MAVEN_REPO_PATH
            value: "/maven2/"
          - name: KIE_SERVER_ROUTER_SERVICE
            value: "${APPLICATION_NAME}-smartrouter"
          - name: KIE_SERVER_ROUTER_PORT
            value: "${KIE_SERVER_ROUTER_PORT}"
          - name: KIE_SERVER_ROUTER_PROTOCOL
            value: "${KIE_SERVER_ROUTER_PROTOCOL}"
          - name: KIE_SERVER_PERSISTENCE_DS
            value: "${KIE_SERVER_PERSISTENCE_DS}"
          - name: DATASOURCES
            value: "RHPAM"
          - name: RHPAM_JNDI
            value: "${KIE_SERVER_PERSISTENCE_DS}"
          - name: RHPAM_JTA
            value: "true"
          - name: RHPAM_TX_ISOLATION
            value: "TRANSACTION_READ_UNCOMMITTED"
## PostgreSQL driver settings 2 BEGIN
          - name: RHPAM_DATABASE
            value: "${KIE_SERVER_POSTGRESQL_DB}"
          - name: RHPAM_DRIVER
            value: "postgresql"
          - name: KIE_SERVER_PERSISTENCE_DIALECT
            value: "org.hibernate.dialect.PostgreSQLDialect"
          - name: RHPAM_USERNAME
            value: "${KIE_SERVER_POSTGRESQL_USER}"
          - name: RHPAM_PASSWORD
            value: "${KIE_SERVER_POSTGRESQL_PWD}"
          - name: RHPAM_SERVICE_HOST
            value: "${APPLICATION_NAME}-postgresql-2"
          - name: RHPAM_SERVICE_PORT
            value: "5432"
          - name: TIMER_SERVICE_DATA_STORE
            value: "${APPLICATION_NAME}-postgresql-2"
## PostgreSQL driver settings 2 END
          - name: TIMER_SERVICE_DATA_STORE_REFRESH_INTERVAL
            value: "${TIMER_SERVICE_DATA_STORE_REFRESH_INTERVAL}"
          - name: HTTPS_KEYSTORE_DIR
            value: "/etc/kieserver-secret-volume"
          - name: HTTPS_KEYSTORE
            value: "${KIE_SERVER_HTTPS_KEYSTORE}"
          - name: HTTPS_NAME
            value: "${KIE_SERVER_HTTPS_NAME}"
          - name: HTTPS_PASSWORD
            value: "${KIE_SERVER_HTTPS_PASSWORD}"
          - name: JGROUPS_PING_PROTOCOL
            value: "openshift.DNS_PING"
          - name: OPENSHIFT_DNS_PING_SERVICE_NAME
            value: "${APPLICATION_NAME}-kieserver-2-ping"
          - name: OPENSHIFT_DNS_PING_SERVICE_PORT
            value: "8888"
          - name: SSO_URL
            value: "${SSO_URL}"
          - name: SSO_OPENIDCONNECT_DEPLOYMENTS
            value: "ROOT.war"
          - name: SSO_REALM
            value: "${SSO_REALM}"
          - name: SSO_SECRET
            value: "${KIE_SERVER2_SSO_SECRET}"
          - name: SSO_CLIENT
            value: "${KIE_SERVER2_SSO_CLIENT}"
          - name: SSO_USERNAME
            value: "${SSO_USERNAME}"
          - name: SSO_PASSWORD
            value: "${SSO_PASSWORD}"
          - name: SSO_DISABLE_SSL_CERTIFICATE_VALIDATION
            value: "${SSO_DISABLE_SSL_CERTIFICATE_VALIDATION}"
          - name: HOSTNAME_HTTP
            value: "${EXECUTION_SERVER2_HOSTNAME_HTTP}"
          - name: HOSTNAME_HTTPS
            value: "${EXECUTION_SERVER2_HOSTNAME_HTTPS}"
        volumes:
        - name: kieserver-keystore-volume
          secret:
            secretName: "${KIE_SERVER_HTTPS_SECRET}"
## KIE server deployment config 2 END
## PostgreSQL deployment config 2 BEGIN
- kind: DeploymentConfig
  apiVersion: v1
  metadata:
    name: "${APPLICATION_NAME}-postgresql-2"
    labels:
      application: "${APPLICATION_NAME}"
      service: "${APPLICATION_NAME}-postgresql-2"
  spec:
    strategy:
      type: Recreate
    triggers:
    - type: ImageChange
      imageChangeParams:
        automatic: true
        containerNames:
        - "${APPLICATION_NAME}-postgresql-2"
        from:
          kind: ImageStreamTag
          namespace: "${IMAGE_STREAM_NAMESPACE}"
          name: "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
    - type: ConfigChange
    replicas: 1
    selector:
      deploymentConfig: "${APPLICATION_NAME}-postgresql-2"
    template:
      metadata:
        name: "${APPLICATION_NAME}-postgresql-2"
        labels:
          deploymentConfig: "${APPLICATION_NAME}-postgresql-2"
          application: "${APPLICATION_NAME}"
          service: "${APPLICATION_NAME}-postgresql-2"
      spec:
        terminationGracePeriodSeconds: 60
        containers:
        - name: "${APPLICATION_NAME}-postgresql-2"
          image: postgresql
          imagePullPolicy: Always
          ports:
          - containerPort: 5432
            protocol: TCP
          volumeMounts:
          - mountPath: "/var/lib/postgresql/data"
            name: "${APPLICATION_NAME}-postgresql-pvol"
          env:
          - name: POSTGRESQL_USER
            value: "${KIE_SERVER_POSTGRESQL_USER}"
          - name: POSTGRESQL_PASSWORD
            value: "${KIE_SERVER_POSTGRESQL_PWD}"
          - name: POSTGRESQL_DATABASE
            value: "${KIE_SERVER_POSTGRESQL_DB}"
          - name: POSTGRESQL_MAX_PREPARED_TRANSACTIONS
            value: "${POSTGRESQL_MAX_PREPARED_TRANSACTIONS}"
        volumes:
        - name: "${APPLICATION_NAME}-postgresql-pvol"
          persistentVolumeClaim:
            claimName: "${APPLICATION_NAME}-postgresql-claim-2"
## PostgreSQL deployment config 2 END
## PostgreSQL persistent volume claim 1 BEGIN
- apiVersion: v1
  kind: PersistentVolumeClaim
  metadata:
    name: "${APPLICATION_NAME}-postgresql-claim-1"
    labels:
      application: "${APPLICATION_NAME}"
      service: "${APPLICATION_NAME}-postgresql-1"
  spec:
    accessModes:
    - ReadWriteOnce
    resources:
      requests:
        storage: "${DB_VOLUME_CAPACITY}"
## PostgreSQL persistent volume claim 1 END
## PostgreSQL persistent volume claim 2 BEGIN
- apiVersion: v1
  kind: PersistentVolumeClaim
  metadata:
    name: "${APPLICATION_NAME}-postgresql-claim-2"
    labels:
      application: "${APPLICATION_NAME}"
      service: "${APPLICATION_NAME}-postgresql-2"
  spec:
    accessModes:
    - ReadWriteOnce
    resources:
      requests:
        storage: "${DB_VOLUME_CAPACITY}"
## PostgreSQL persistent volume claim 2 END
- apiVersion: v1
  kind: PersistentVolumeClaim
  metadata:
    name: "${APPLICATION_NAME}-smartrouter-claim"
    labels:
      application: "${APPLICATION_NAME}"
      service: "${APPLICATION_NAME}-smartrouter"
  spec:
    accessModes:
    - ReadWriteMany
    resources:
      requests:
        storage: "64Mi"
- apiVersion: v1
  kind: PersistentVolumeClaim
  metadata:
    name: "${APPLICATION_NAME}-rhpamcentr-claim"
    labels:
      application: "${APPLICATION_NAME}"
      service: "${APPLICATION_NAME}-rhpamcentrmon"
  spec:
    accessModes:
    - ReadWriteMany
    resources:
      requests:
        storage: "64Mi"