Home Explore Help
Register Sign In
shixiong
/
okd
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: dcbe4b2fac
Branches Tags
okd
/
roles
/
openshift_monitor_availability
/
files
/
monitor-app-create.yaml

monitor-app-create.yaml 4.5 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170 
  1. ---
    2. 

  2. apiVersion: template.openshift.io/v1
    3. 

  3. kind: Template
    4. 

  4. metadata:
    5. 

  5.   name: openshift-monitor-app-create
    6. 

  6.   annotations:
    7. 

  7.     openshift.io/display-name: OpenShift App Create Availability Monitor
    8. 

  8.     description: Measures app create operation availability.
    9. 

  9.     iconClass: icon-openshift
    10. 

  10.     tags: openshift,infra,monitoring
    11. 

  11.     openshift.io/documentation-url: https://github.com/openshift/monitor-project-lifecycle
    12. 

  12.     openshift.io/support-url: https://access.redhat.com
    13. 

  13. openshift.io/provider-display-name: Red Hat, Inc.
    14. 

  14. parameters:
    15. 

  15. - name: IMAGE
    16. 

  16.   description: The application container image to use.
    17. 

  17.   required: true
    18. 

  18. - name: LOG_LEVEL
    19. 

  19.   value: "0"
    20. 

  20.   description: Application logging level.
    21. 

  21. - name: RUN_INTERVAL
    22. 

  22.   value: "5m"
    23. 

  23.   description: How often to run the measurement loop, as a duration string.
    24. 

  24. - name: TIMEOUT
    25. 

  25.   value: "5m"
    26. 

  26.   description: How long to wait for the test app to become available before giving up.
    27. 

  27. - name: NAMESPACE
    28. 

  28.   # This namespace cannot be changed.
    29. 

  29.   value: openshift-monitor-availability
    30. 

  30. objects:
    31. 

  31. - apiVersion: rbac.authorization.k8s.io/v1beta1
    32. 

  32.   kind: ClusterRole
    33. 

  33.   metadata: {name: monitor-app-create}
    34. 

  34.   rules:
    35. 

  35.   # These are for the auth proxy.
    36. 

  36.   - apiGroups: ["authentication.k8s.io"]
    37. 

  37.     resources:
    38. 

  38.     - tokenreviews
    39. 

  39.     verbs: ["create"]
    40. 

  40.   - apiGroups: ["authorization.k8s.io"]
    41. 

  41.     resources:
    42. 

  42.     - subjectaccessreviews
    43. 

  43.     verbs: ["create"]
    44. 

  44.   # These are for the app itself.
    45. 

  45.   - apiGroups: [project.openshift.io]
    46. 

  46.     resources: [projects, projectrequests]
    47. 

  47.     verbs: ['*']
    48. 

  48. 

  49. - apiVersion: v1
    50. 

  50.   kind: ServiceAccount
    51. 

  51.   metadata:
    52. 

  52.     name: monitor-app-create
    53. 

  53.     namespace: ${NAMESPACE}
    54. 

  54. 

  55. - apiVersion: rbac.authorization.k8s.io/v1beta1
    56. 

  56.   kind: ClusterRoleBinding
    57. 

  57.   metadata:
    58. 

  58.     name: monitor-app-create
    59. 

  59.   roleRef:
    60. 

  60.     apiGroup: rbac.authorization.k8s.io
    61. 

  61.     kind: ClusterRole
    62. 

  62.     name: monitor-app-create
    63. 

  63.   subjects:
    64. 

  64.   - kind: ServiceAccount
    65. 

  65.     name: monitor-app-create
    66. 

  66.     namespace: ${NAMESPACE}
    67. 

  67. 

  68. - apiVersion: v1
    69. 

  69.   kind: Service
    70. 

  70.   metadata:
    71. 

  71.     name: monitor-app-create
    72. 

  72.     namespace: ${NAMESPACE}
    73. 

  73.     labels:
    74. 

  74.       k8s-app: monitor-app-create
    75. 

  75.     annotations:
    76. 

  76.       service.alpha.openshift.io/serving-cert-secret-name: monitor-app-create-tls
    77. 

  77.   spec:
    78. 

  78.     ports:
    79. 

  79.     - name: http-metrics
    80. 

  80.       port: 443
    81. 

  81.       protocol: TCP
    82. 

  82.       targetPort: https
    83. 

  83.     selector:
    84. 

  84.       k8s-app: monitor-app-create
    85. 

  85. 

  86. - apiVersion: v1
    87. 

  87.   kind: ConfigMap
    88. 

  88.   metadata:
    89. 

  89.     name: monitor-app-create
    90. 

  90.     namespace: ${NAMESPACE}
    91. 

  91.     labels:
    92. 

  92.       k8s-app: monitor-app-create
    93. 

  93.   data:
    94. 

  94.     config.yaml: |
    95. 

  95.       listenAddress: "127.0.0.1:8080"
    96. 

  96.       runInterval: "${RUN_INTERVAL}"
    97. 

  97.       availabilityTimeout: "${TIMEOUT}"
    98. 

  98.       template:
    99. 

  99.         namespace: openshift
    100. 

  100.         name: django-psql-persistent
    101. 

  101.         availabilityRoute: django-psql-persistent
    102. 

  102.         parameters: # Empty, use template defaults
    103. 

  103. 

  104. - apiVersion: extensions/v1beta1
    105. 

  105.   kind: Deployment
    106. 

  106.   metadata:
    107. 

  107.     name: monitor-app-create
    108. 

  108.     namespace: ${NAMESPACE}
    109. 

  109.     labels:
    110. 

  110.       k8s-app: monitor-app-create
    111. 

  111.   spec:
    112. 

  112.     replicas: 1
    113. 

  113.     selector:
    114. 

  114.       matchLabels:
    115. 

  115.         k8s-app: monitor-app-create
    116. 

  116.     template:
    117. 

  117.       metadata:
    118. 

  118.         labels:
    119. 

  119.           k8s-app: monitor-app-create
    120. 

  120.       spec:
    121. 

  121.         serviceAccountName: monitor-app-create
    122. 

  122.         volumes:
    123. 

  123.         - name: config
    124. 

  124.           configMap:
    125. 

  125.             name: monitor-app-create
    126. 

  126.         - name: tls
    127. 

  127.           secret:
    128. 

  128.             secretName: monitor-app-create-tls
    129. 

  129.         containers:
    130. 

  130.         - name: monitor-app-create
    131. 

  131.           image: ${IMAGE}
    132. 

  132.           command:
    133. 

  133.           - "/usr/bin/monitor"
    134. 

  134.           - "run"
    135. 

  135.           - "--alsologtostderr"
    136. 

  136.           - "--v"
    137. 

  137.           - "${LOG_LEVEL}"
    138. 

  138.           - "--config"
    139. 

  139.           - "/etc/monitor-app-create/config.yaml"
    140. 

  140.           volumeMounts:
    141. 

  141.           - name: config
    142. 

  142.             mountPath: /etc/monitor-app-create
    143. 

  143.           resources:
    144. 

  144.             limits:
    145. 

  145.               cpu: 20m
    146. 

  146.               memory: 50Mi
    147. 

  147.             requests:
    148. 

  148.               cpu: 20m
    149. 

  149.               memory: 50Mi
    150. 

  150.         - name: kube-rbac-proxy
    151. 

  151.           image: quay.io/coreos/kube-rbac-proxy:v0.3.0
    152. 

  152.           args:
    153. 

  153.           - "--secure-listen-address=:8081"
    154. 

  154.           - "--upstream=http://127.0.0.1:8080/"
    155. 

  155.           - "--tls-cert-file=/etc/tls/private/tls.crt"
    156. 

  156.           - "--tls-private-key-file=/etc/tls/private/tls.key"
    157. 

  157.           ports:
    158. 

  158.           - name: https
    159. 

  159.             containerPort: 8081
    160. 

  160.             protocol: TCP
    161. 

  161.           resources:
    162. 

  162.             requests:
    163. 

  163.               memory: 20Mi
    164. 

  164.               cpu: 10m
    165. 

  165.             limits:
    166. 

  166.               memory: 40Mi
    167. 

  167.               cpu: 20m
    168. 

  168.           volumeMounts:
    169. 

  169.           - mountPath: /etc/tls/private
    170. 

  170.             name: tls
    171.