| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719 |
- {
- "kind": "Template",
- "apiVersion": "v1",
- "metadata": {
- "annotations": {
- "description": "Application template for SSO 7.0 MySQL applications",
- "iconClass" : "icon-jboss",
- "tags" : "sso,keycloak,mysql,java,database,jboss,xpaas",
- "version" : "1.3.2"
- },
- "name": "sso70-mysql"
- },
- "labels": {
- "template": "sso70-mysql",
- "xpaas" : "1.3.2"
- },
- "parameters": [
- {
- "description": "The name for the application.",
- "name": "APPLICATION_NAME",
- "value": "sso",
- "required": true
- },
- {
- "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTP",
- "value": "",
- "required": false
- },
- {
- "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: <application-name>.<project>.<default-domain-suffix>",
- "name": "HOSTNAME_HTTPS",
- "value": "",
- "required": false
- },
- {
- "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/mysql",
- "name": "DB_JNDI",
- "value": "java:jboss/datasources/KeycloakDS",
- "required": false
- },
- {
- "description": "Database name",
- "name": "DB_DATABASE",
- "value": "root",
- "required": true
- },
- {
- "description": "The name of the service account to use for the deployment. The service account should be configured to allow useage of the secret(s) specified by HTTPS_SECRET and JGROUPS_ENCRYPT_SECRET.",
- "name": "SERVICE_ACCOUNT_NAME",
- "value": "sso-service-account",
- "required": true
- },
- {
- "description": "The name of the secret containing the keystore file",
- "name": "HTTPS_SECRET",
- "value": "sso-app-secret",
- "required": false
- },
- {
- "description": "The name of the keystore file within the secret",
- "name": "HTTPS_KEYSTORE",
- "value": "keystore.jks",
- "required": false
- },
- {
- "description": "The type of the keystore file (JKS or JCEKS)",
- "name": "HTTPS_KEYSTORE_TYPE",
- "value": "",
- "required": false
- },
- {
- "description": "The name associated with the server certificate (e.g. jboss)",
- "name": "HTTPS_NAME",
- "value": "",
- "required": false
- },
- {
- "description": "The password for the keystore and certificate (e.g. mykeystorepass)",
- "name": "HTTPS_PASSWORD",
- "value": "",
- "required": false
- },
- {
- "description": "Sets xa-pool/min-pool-size for the configured datasource.",
- "name": "DB_MIN_POOL_SIZE",
- "required": false
- },
- {
- "description": "Sets xa-pool/max-pool-size for the configured datasource.",
- "name": "DB_MAX_POOL_SIZE",
- "required": false
- },
- {
- "description": "Sets transaction-isolation for the configured datasource.",
- "name": "DB_TX_ISOLATION",
- "required": false
- },
- {
- "description": "Sets how the table names are stored and compared.",
- "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
- "required": false
- },
- {
- "description": "The maximum permitted number of simultaneous client connections.",
- "name": "MYSQL_MAX_CONNECTIONS",
- "required": false
- },
- {
- "description": "The minimum length of the word to be included in a FULLTEXT index.",
- "name": "MYSQL_FT_MIN_WORD_LEN",
- "required": false
- },
- {
- "description": "The maximum length of the word to be included in a FULLTEXT index.",
- "name": "MYSQL_FT_MAX_WORD_LEN",
- "required": false
- },
- {
- "description": "Controls the innodb_use_native_aio setting value if the native AIO is broken.",
- "name": "MYSQL_AIO",
- "required": false
- },
- {
- "description": "Database user name",
- "name": "DB_USERNAME",
- "from": "user[a-zA-Z0-9]{3}",
- "generate": "expression",
- "required": true
- },
- {
- "description": "Database user password",
- "name": "DB_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "description": "The name of the secret containing the keystore file",
- "name": "JGROUPS_ENCRYPT_SECRET",
- "value": "sso-app-secret",
- "required": false
- },
- {
- "description": "The name of the keystore file within the secret",
- "name": "JGROUPS_ENCRYPT_KEYSTORE",
- "value": "jgroups.jceks",
- "required": false
- },
- {
- "description": "The name associated with the server certificate (e.g. secret-key)",
- "name": "JGROUPS_ENCRYPT_NAME",
- "value": "",
- "required": false
- },
- {
- "description": "The password for the keystore and certificate (e.g. password)",
- "name": "JGROUPS_ENCRYPT_PASSWORD",
- "value": "",
- "required": false
- },
- {
- "description": "JGroups cluster password",
- "name": "JGROUPS_CLUSTER_PASSWORD",
- "from": "[a-zA-Z0-9]{8}",
- "generate": "expression",
- "required": true
- },
- {
- "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.",
- "name": "IMAGE_STREAM_NAMESPACE",
- "value": "openshift",
- "required": true
- },
- {
- "description": "SSO Server admin username",
- "name": "SSO_ADMIN_USERNAME",
- "value": "admin",
- "required": false
- },
- {
- "description": "SSO Server admin password",
- "name": "SSO_ADMIN_PASSWORD",
- "value": "admin",
- "required": false
- },
- {
- "description": "Realm to be created in the SSO server (e.g. demo).",
- "name": "SSO_REALM",
- "value": "",
- "required": false
- },
- {
- "description": "The username used to access the SSO service. This is used by clients to create the appliction client(s) within the specified SSO realm.",
- "name": "SSO_SERVICE_USERNAME",
- "value": "",
- "required": false
- },
- {
- "description": "The password for the SSO service user.",
- "name": "SSO_SERVICE_PASSWORD",
- "value": "",
- "required": false
- },
- {
- "description": "The name of the truststore file within the secret (e.g. truststore.jks)",
- "name": "SSO_TRUSTSTORE",
- "value": "",
- "required": false
- },
- {
- "description": "The password for the truststore and certificate (e.g. mykeystorepass)",
- "name": "SSO_TRUSTSTORE_PASSWORD",
- "value": "",
- "required": false
- },
- {
- "description": "The name of the secret containing the truststore file (e.g. truststore-secret). Used for volume secretName",
- "name": "SSO_TRUSTSTORE_SECRET",
- "value": "sso-app-secret",
- "required": false
- }
- ],
- "objects": [
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8080,
- "targetPort": 8080
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}",
- "component": "server"
- },
- "annotations": {
- "description": "The web server's http port."
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 8443,
- "targetPort": 8443
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- }
- },
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}",
- "component": "server"
- },
- "annotations": {
- "description": "The web server's https port."
- }
- }
- },
- {
- "kind": "Service",
- "apiVersion": "v1",
- "spec": {
- "ports": [
- {
- "port": 3306,
- "targetPort": 3306
- }
- ],
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-mysql"
- }
- },
- "metadata": {
- "name": "${APPLICATION_NAME}-mysql",
- "labels": {
- "application": "${APPLICATION_NAME}",
- "component": "database"
- },
- "annotations": {
- "description": "The database server's port."
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-http",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}",
- "component": "server"
- },
- "annotations": {
- "description": "Route for application's http service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTP}",
- "to": {
- "name": "${APPLICATION_NAME}"
- }
- }
- },
- {
- "kind": "Route",
- "apiVersion": "v1",
- "id": "${APPLICATION_NAME}-https",
- "metadata": {
- "name": "secure-${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}",
- "component": "server"
- },
- "annotations": {
- "description": "Route for application's https service."
- }
- },
- "spec": {
- "host": "${HOSTNAME_HTTPS}",
- "to": {
- "name": "secure-${APPLICATION_NAME}"
- },
- "tls": {
- "termination": "passthrough"
- }
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "application": "${APPLICATION_NAME}",
- "component": "server"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "redhat-sso70-openshift:1.3"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}",
- "application": "${APPLICATION_NAME}",
- "component": "server"
- }
- },
- "spec": {
- "serviceAccountName": "${SERVICE_ACCOUNT_NAME}",
- "terminationGracePeriodSeconds": 75,
- "containers": [
- {
- "name": "${APPLICATION_NAME}",
- "image": "${APPLICATION_NAME}",
- "imagePullPolicy": "Always",
- "volumeMounts": [
- {
- "name": "eap-keystore-volume",
- "mountPath": "/etc/eap-secret-volume",
- "readOnly": true
- },
- {
- "name": "eap-jgroups-keystore-volume",
- "mountPath": "/etc/jgroups-encrypt-secret-volume",
- "readOnly": true
- },
- {
- "name": "sso-truststore-volume",
- "mountPath": "/etc/sso-secret-volume",
- "readOnly": true
- }
- ],
- "lifecycle": {
- "preStop": {
- "exec": {
- "command": [
- "/opt/eap/bin/jboss-cli.sh",
- "-c",
- ":shutdown(timeout=60)"
- ]
- }
- }
- },
- "livenessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/eap/bin/livenessProbe.sh"
- ]
- }
- },
- "readinessProbe": {
- "exec": {
- "command": [
- "/bin/bash",
- "-c",
- "/opt/eap/bin/readinessProbe.sh"
- ]
- }
- },
- "ports": [
- {
- "name": "jolokia",
- "containerPort": 8778,
- "protocol": "TCP"
- },
- {
- "name": "http",
- "containerPort": 8080,
- "protocol": "TCP"
- },
- {
- "name": "https",
- "containerPort": 8443,
- "protocol": "TCP"
- },
- {
- "name": "ping",
- "containerPort": 8888,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "DB_SERVICE_PREFIX_MAPPING",
- "value": "${APPLICATION_NAME}-mysql=DB"
- },
- {
- "name": "DB_JNDI",
- "value": "${DB_JNDI}"
- },
- {
- "name": "DB_USERNAME",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "DB_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "DB_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "TX_DATABASE_PREFIX_MAPPING",
- "value": "${APPLICATION_NAME}-mysql=DB"
- },
- {
- "name": "DB_MIN_POOL_SIZE",
- "value": "${DB_MIN_POOL_SIZE}"
- },
- {
- "name": "DB_MAX_POOL_SIZE",
- "value": "${DB_MAX_POOL_SIZE}"
- },
- {
- "name": "DB_TX_ISOLATION",
- "value": "${DB_TX_ISOLATION}"
- },
- {
- "name": "OPENSHIFT_KUBE_PING_LABELS",
- "value": "application=${APPLICATION_NAME}"
- },
- {
- "name": "OPENSHIFT_KUBE_PING_NAMESPACE",
- "valueFrom": {
- "fieldRef": {
- "fieldPath": "metadata.namespace"
- }
- }
- },
- {
- "name": "HTTPS_KEYSTORE_DIR",
- "value": "/etc/eap-secret-volume"
- },
- {
- "name": "HTTPS_KEYSTORE",
- "value": "${HTTPS_KEYSTORE}"
- },
- {
- "name": "HTTPS_KEYSTORE_TYPE",
- "value": "${HTTPS_KEYSTORE_TYPE}"
- },
- {
- "name": "HTTPS_NAME",
- "value": "${HTTPS_NAME}"
- },
- {
- "name": "HTTPS_PASSWORD",
- "value": "${HTTPS_PASSWORD}"
- },
- {
- "name": "JGROUPS_ENCRYPT_SECRET",
- "value": "${JGROUPS_ENCRYPT_SECRET}"
- },
- {
- "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR",
- "value": "/etc/jgroups-encrypt-secret-volume"
- },
- {
- "name": "JGROUPS_ENCRYPT_KEYSTORE",
- "value": "${JGROUPS_ENCRYPT_KEYSTORE}"
- },
- {
- "name": "JGROUPS_ENCRYPT_NAME",
- "value": "${JGROUPS_ENCRYPT_NAME}"
- },
- {
- "name": "JGROUPS_ENCRYPT_PASSWORD",
- "value": "${JGROUPS_ENCRYPT_PASSWORD}"
- },
- {
- "name": "JGROUPS_CLUSTER_PASSWORD",
- "value": "${JGROUPS_CLUSTER_PASSWORD}"
- },
- {
- "name": "SSO_ADMIN_USERNAME",
- "value": "${SSO_ADMIN_USERNAME}"
- },
- {
- "name": "SSO_ADMIN_PASSWORD",
- "value": "${SSO_ADMIN_PASSWORD}"
- },
- {
- "name": "SSO_REALM",
- "value": "${SSO_REALM}"
- },
- {
- "name": "SSO_SERVICE_USERNAME",
- "value": "${SSO_SERVICE_USERNAME}"
- },
- {
- "name": "SSO_SERVICE_PASSWORD",
- "value": "${SSO_SERVICE_PASSWORD}"
- },
- {
- "name": "SSO_TRUSTSTORE",
- "value": "${SSO_TRUSTSTORE}"
- },
- {
- "name": "SSO_TRUSTSTORE_DIR",
- "value": "/etc/sso-secret-volume"
- },
- {
- "name": "SSO_TRUSTSTORE_PASSWORD",
- "value": "${SSO_TRUSTSTORE_PASSWORD}"
- }
- ]
- }
- ],
- "volumes": [
- {
- "name": "eap-keystore-volume",
- "secret": {
- "secretName": "${HTTPS_SECRET}"
- }
- },
- {
- "name": "eap-jgroups-keystore-volume",
- "secret": {
- "secretName": "${JGROUPS_ENCRYPT_SECRET}"
- }
- },
- {
- "name": "sso-truststore-volume",
- "secret": {
- "secretName": "${SSO_TRUSTSTORE_SECRET}"
- }
- }
- ]
- }
- }
- }
- },
- {
- "kind": "DeploymentConfig",
- "apiVersion": "v1",
- "metadata": {
- "name": "${APPLICATION_NAME}-mysql",
- "labels": {
- "application": "${APPLICATION_NAME}",
- "component": "database"
- }
- },
- "spec": {
- "strategy": {
- "type": "Recreate"
- },
- "triggers": [
- {
- "type": "ImageChange",
- "imageChangeParams": {
- "automatic": true,
- "containerNames": [
- "${APPLICATION_NAME}-mysql"
- ],
- "from": {
- "kind": "ImageStreamTag",
- "namespace": "${IMAGE_STREAM_NAMESPACE}",
- "name": "mysql:latest"
- }
- }
- },
- {
- "type": "ConfigChange"
- }
- ],
- "replicas": 1,
- "selector": {
- "deploymentConfig": "${APPLICATION_NAME}-mysql"
- },
- "template": {
- "metadata": {
- "name": "${APPLICATION_NAME}-mysql",
- "labels": {
- "deploymentConfig": "${APPLICATION_NAME}-mysql",
- "application": "${APPLICATION_NAME}",
- "component": "database"
- }
- },
- "spec": {
- "terminationGracePeriodSeconds": 60,
- "containers": [
- {
- "name": "${APPLICATION_NAME}-mysql",
- "image": "mysql",
- "imagePullPolicy": "Always",
- "ports": [
- {
- "containerPort": 3306,
- "protocol": "TCP"
- }
- ],
- "env": [
- {
- "name": "MYSQL_USER",
- "value": "${DB_USERNAME}"
- },
- {
- "name": "MYSQL_PASSWORD",
- "value": "${DB_PASSWORD}"
- },
- {
- "name": "MYSQL_DATABASE",
- "value": "${DB_DATABASE}"
- },
- {
- "name": "MYSQL_LOWER_CASE_TABLE_NAMES",
- "value": "${MYSQL_LOWER_CASE_TABLE_NAMES}"
- },
- {
- "name": "MYSQL_MAX_CONNECTIONS",
- "value": "${MYSQL_MAX_CONNECTIONS}"
- },
- {
- "name": "MYSQL_FT_MIN_WORD_LEN",
- "value": "${MYSQL_FT_MIN_WORD_LEN}"
- },
- {
- "name": "MYSQL_FT_MAX_WORD_LEN",
- "value": "${MYSQL_FT_MAX_WORD_LEN}"
- },
- {
- "name": "MYSQL_AIO",
- "value": "${MYSQL_AIO}"
- }
- ]
- }
- ]
- }
- }
- }
- }
- ]
- }
|
