| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631 |
- {
- "kind": "Template",
- "apiVersion": "v1",
- "metadata": {
- "annotations": {
- "description": "Application template for SSO 7.0 PostgreSQL applications with persistent storage",
- "iconClass" : "icon-jboss",
- "tags" : "sso,keycloak,postrgresql,java,database,jboss,xpaas",
- "version" : "1.3"
- },
- "name": "sso70-postgresql-persistent"
- },
- "labels": {
- "template": "sso70-postgresql-persistent",
- "xpaas" : "1.3.0"
- },
- "parameters": [
- {
- "description": "The name for the application.",
- "name": "APPLICATION_NAME",
- "value": "sso",
- "required": true
- },
- {
- "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTP",
- "value": "",
- "required": false
- },
- {
- "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTPS",
- "value": "",
- "required": false
- },
- {
- "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql",
- "name": "DB_JNDI",
- "value": "java:jboss/datasources/KeycloakDS",
- "required": false
- },
- {
- "description": "Database name",
- "name": "DB_DATABASE",
- "value": "root",
- "required": true
- },
- {
- "description": "The name of the secret containing the keystore file",
- "name": "HTTPS_SECRET",
- "value": "sso-app-secret",
- "required": false
- },
- {
- "description": "The name of the keystore file within the secret",
- "name": "HTTPS_KEYSTORE",
- "value": "keystore.jks",
- "required": false
- },
- {
- "description": "The name associated with the server certificate",
- "name": "HTTPS_NAME",
- "value": "jboss",
- "required": false
- },
- {
- "description": "The password for the keystore and certificate",
- "name": "HTTPS_PASSWORD",
- "value": "mykeystorepass",
- "required": false
- },
- {
- "description": "Sets xa-pool/min-pool-size for the configured datasource.",
- "name": "DB_MIN_POOL_SIZE",
- "required": false
- },
- {
- "description": "Sets xa-pool/max-pool-size for the configured datasource.",
- "name": "DB_MAX_POOL_SIZE",
- "required": false
- },
- {
- "description": "Sets transaction-isolation for the configured datasource.",
- "name": "DB_TX_ISOLATION",
- "required": false
- },
- {
- "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.",
- "name": "POSTGRESQL_MAX_CONNECTIONS",
- "required": false
- },
- {
- "description": "Configures how much memory is dedicated to PostgreSQL for caching data.",
- "name": "POSTGRESQL_SHARED_BUFFERS",
- "required": false
- },
- {
- "description": "HornetQ cluster admin password",
- "name": "HORNETQ_CLUSTER_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "description": "Database user name",
- "name": "DB_USERNAME",
- "from": "user[a-zA-Z0-9]{3}",
- "generate": "expression",
- "required": true
- },
- {
- "description": "Database user password",
- "name": "DB_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "description": "Queue names",
- "name": "HORNETQ_QUEUES",
- "value": "",
- "required": false
- },
- {
- "description": "Topic names",
- "name": "HORNETQ_TOPICS",
- "value": "",
- "required": false
- },
- {
- "description": "Size of persistent storage for database volume.",
- "name": "VOLUME_CAPACITY",
- "value": "512Mi",
- "required": true
- },
- {
- "description": "The name of the secret containing the keystore file",
- "name": "JGROUPS_ENCRYPT_SECRET",
- "value": "eap-app-secret",
- "required": false
- },
- {
- "description": "The name of the keystore file within the secret",
- "name": "JGROUPS_ENCRYPT_KEYSTORE",
- "value": "jgroups.jceks",
- "required": false
- },
- {
- "description": "The name associated with the server certificate",
- "name": "JGROUPS_ENCRYPT_NAME",
- "value": "",
- "required": false
- },
- {
- "description": "The password for the keystore and certificate",
- "name": "JGROUPS_ENCRYPT_PASSWORD",
- "value": "",
- "required": false
- },
- {
- "description": "JGroups cluster password",
- "name": "JGROUPS_CLUSTER_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
- "name": "IMAGE_STREAM_NAMESPACE",
- "value": "openshift",
- "required": true
- }
- ],
- "objects": [
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8080,
- "targetPort": 8080
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's http port."
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8443,
- "targetPort": 8443
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The web server's https port."
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 5432,
- "targetPort": 5432
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-postgresql"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}-postgresql",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "The database server's port."
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-http",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's http service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTP}",
- "to": {
- "name": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-https",
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- },
- "annotations": {
- "description": "Route for application's https service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTPS}",
- "to": {
- "name": "secure-${APPLICATION_NAME}"
- },
- "tls": {
- "termination": "passthrough"
- }
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "redhat-sso70-openshift:1.3-TP"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "serviceAccountName": "sso-service-account",
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}",
- "image": "${APPLICATION_NAME}",
- "imagePullPolicy": "Always",
- "volumeMounts": [
- {
- "name": "eap-keystore-volume",
- "mountPath": "/etc/eap-secret-volume",
- "readOnly": true
- },
- {
- "name": "eap-jgroups-keystore-volume",
- "mountPath": "/etc/jgroups-encrypt-secret-volume",
- "readOnly": true
- }
- ],
- "livenessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/eap/bin/livenessProbe.sh"
- ]
- }
- },
- "readinessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/eap/bin/readinessProbe.sh"
- ]
- }
- },
- "ports": [
- {
- "name": "jolokia",
- "containerPort": 8778,
- "protocol": "TCP"
- },
- {
- "name": "http",
- "containerPort": 8080,
- "protocol": "TCP"
- },
- {
- "name": "https",
- "containerPort": 8443,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "DB_SERVICE_PREFIX_MAPPING",
- "value": "${APPLICATION_NAME}-postgresql=DB"
- },
- {
- "name": "DB_JNDI",
- "value": "${DB_JNDI}"
- },
- {
- "name": "DB_USERNAME",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "DB_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "DB_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "TX_DATABASE_PREFIX_MAPPING",
- "value": "${APPLICATION_NAME}-postgresql=DB"
- },
- {
- "name": "DB_MIN_POOL_SIZE",
- "value": "${DB_MIN_POOL_SIZE}"
- },
- {
- "name": "DB_MAX_POOL_SIZE",
- "value": "${DB_MAX_POOL_SIZE}"
- },
- {
- "name": "DB_TX_ISOLATION",
- "value": "${DB_TX_ISOLATION}"
- },
- {
- "name": "OPENSHIFT_KUBE_PING_LABELS",
- "value": "application=${APPLICATION_NAME}"
- },
- {
- "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
- "valueFrom": {
- "fieldRef": {
- "fieldPath": "metadata.namespace"
- }
- }
- },
- {
- "name": "EAP_HTTPS_KEYSTORE_DIR",
- "value": "/etc/eap-secret-volume"
- },
- {
- "name": "EAP_HTTPS_KEYSTORE",
- "value": "${HTTPS_KEYSTORE}"
- },
- {
- "name": "EAP_HTTPS_NAME",
- "value": "${HTTPS_NAME}"
- },
- {
- "name": "EAP_HTTPS_PASSWORD",
- "value": "${HTTPS_PASSWORD}"
- },
- {
- "name": "HORNETQ_CLUSTER_PASSWORD",
- "value": "${HORNETQ_CLUSTER_PASSWORD}"
- },
- {
- "name": "HORNETQ_QUEUES",
- "value": "${HORNETQ_QUEUES}"
- },
- {
- "name": "HORNETQ_TOPICS",
- "value": "${HORNETQ_TOPICS}"
- },
- {
- "name": "JGROUPS_ENCRYPT_SECRET",
- "value": "${JGROUPS_ENCRYPT_SECRET}"
- },
- {
- "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
- "value": "/etc/jgroups-encrypt-secret-volume"
- },
- {
- "name": "JGROUPS_ENCRYPT_KEYSTORE",
- "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
- },
- {
- "name": "JGROUPS_ENCRYPT_NAME",
- "value": "${JGROUPS_ENCRYPT_NAME}"
- },
- {
- "name": "JGROUPS_ENCRYPT_PASSWORD",
- "value": "${JGROUPS_ENCRYPT_PASSWORD}"
- },
- {
- "name": "JGROUPS_CLUSTER_PASSWORD",
- "value": "${JGROUPS_CLUSTER_PASSWORD}"
- }
- ]
- }
- ],
- "volumes": [
- {
- "name": "eap-keystore-volume",
- "secret": {
- "secretName": "${HTTPS_SECRET}"
- }
- },
- {
- "name": "eap-jgroups-keystore-volume",
- "secret": {
- "secretName": "${JGROUPS_ENCRYPT_SECRET}"
- }
- }
- ]
- }
- }
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}-postgresql",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}-postgresql"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "postgresql:latest"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-postgresql"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}-postgresql",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}-postgresql",
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}-postgresql",
- "image": "postgresql",
- "imagePullPolicy": "Always",
- "ports": [
- {
- "containerPort": 5432,
- "protocol": "TCP"
- }
- ],
- "volumeMounts": [
- {
- "mountPath": "/var/lib/pgsql/data",
- "name": "${APPLICATION_NAME}-postgresql-pvol"
- }
- ],
- "env": [
- {
- "name": "POSTGRESQL_USER",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "POSTGRESQL_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "POSTGRESQL_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "POSTGRESQL_MAX_CONNECTIONS",
- "value": "${POSTGRESQL_MAX_CONNECTIONS}"
- },
- {
- "name": "POSTGRESQL_SHARED_BUFFERS",
- "value": "${POSTGRESQL_SHARED_BUFFERS}"
- }
- ]
- }
- ],
- "volumes": [
- {
- "name": "${APPLICATION_NAME}-postgresql-pvol",
- "persistentVolumeClaim": {
- "claimName": "${APPLICATION_NAME}-postgresql-claim"
- }
- }
- ]
- }
- }
- }
- },
- {
- "apiVersion": "v1",
- "kind": "PersistentVolumeClaim",
- "metadata": {
- "name": "${APPLICATION_NAME}-postgresql-claim",
- "labels": {
- "application": "${APPLICATION_NAME}"
- }
- },
- "spec": {
- "accessModes": [
- "ReadWriteOnce"
- ],
- "resources": {
- "requests": {
- "storage": "${VOLUME_CAPACITY}"
- }
- }
- }
- }
- ]
- }
|
