| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138 |
- apiVersion: template.openshift.io/v1
- kind: Template
- metadata:
- name: openshift-web-console
- annotations:
- openshift.io/display-name: OpenShift Web Console
- description: The server for the OpenShift web console.
- iconClass: icon-openshift
- tags: openshift,infra
- openshift.io/documentation-url: https://github.com/openshift/origin-web-console-server
- openshift.io/support-url: https://access.redhat.com
- openshift.io/provider-display-name: Red Hat, Inc.
- parameters:
- - name: IMAGE
- value: docker.io/openshift/origin-web-console:latest
- - name: NAMESPACE
- # This namespace cannot be changed. Only `openshift-web-console` is supported.
- value: openshift-web-console
- - name: LOGLEVEL
- value: "0"
- - name: API_SERVER_CONFIG
- - name: NODE_SELECTOR
- value: "{}"
- - name: REPLICA_COUNT
- value: "1"
- objects:
- # to create the web console server
- - apiVersion: apps/v1beta1
- kind: Deployment
- metadata:
- namespace: ${NAMESPACE}
- name: webconsole
- labels:
- app: openshift-web-console
- webconsole: "true"
- spec:
- replicas: "${{REPLICA_COUNT}}"
- strategy:
- type: RollingUpdate
- rollingUpdate:
- # behave like a recreate deployment, but don't wait for pods to terminate
- maxUnavailable: 100%
- template:
- metadata:
- name: webconsole
- labels:
- app: openshift-web-console
- webconsole: "true"
- spec:
- serviceAccountName: webconsole
- containers:
- - name: webconsole
- image: ${IMAGE}
- imagePullPolicy: IfNotPresent
- command:
- - "/usr/bin/origin-web-console"
- - "--audit-log-path=-"
- - "-v=${LOGLEVEL}"
- - "--config=/var/webconsole-config/webconsole-config.yaml"
- ports:
- - containerPort: 8443
- volumeMounts:
- - mountPath: /var/serving-cert
- name: serving-cert
- - mountPath: /var/webconsole-config
- name: webconsole-config
- readinessProbe:
- httpGet:
- path: /healthz
- port: 8443
- scheme: HTTPS
- livenessProbe:
- exec:
- command:
- - /bin/sh
- - -c
- - |-
- if [[ ! -f /tmp/webconsole-config.hash ]]; then \
- md5sum /var/webconsole-config/webconsole-config.yaml > /tmp/webconsole-config.hash; \
- elif [[ $(md5sum /var/webconsole-config/webconsole-config.yaml) != $(cat /tmp/webconsole-config.hash) ]]; then \
- echo 'webconsole-config.yaml has changed.'; \
- exit 1; \
- fi && curl -k -f https://0.0.0.0:8443/console/
- resources:
- requests:
- cpu: 100m
- memory: 100Mi
- nodeSelector: "${{NODE_SELECTOR}}"
- volumes:
- - name: serving-cert
- secret:
- defaultMode: 0440
- secretName: webconsole-serving-cert
- - name: webconsole-config
- configMap:
- defaultMode: 0440
- name: webconsole-config
- # to create the config for the web console
- - apiVersion: v1
- kind: ConfigMap
- metadata:
- namespace: ${NAMESPACE}
- name: webconsole-config
- labels:
- app: openshift-web-console
- data:
- webconsole-config.yaml: ${API_SERVER_CONFIG}
- # to be able to assign powers to the process
- - apiVersion: v1
- kind: ServiceAccount
- metadata:
- namespace: ${NAMESPACE}
- name: webconsole
- labels:
- app: openshift-web-console
- # to be able to expose web console inside the cluster
- - apiVersion: v1
- kind: Service
- metadata:
- namespace: ${NAMESPACE}
- name: webconsole
- labels:
- app: openshift-web-console
- annotations:
- service.alpha.openshift.io/serving-cert-secret-name: webconsole-serving-cert
- prometheus.io/scrape: "true"
- prometheus.io/scheme: https
- spec:
- selector:
- webconsole: "true"
- ports:
- - name: https
- port: 443
- targetPort: 8443
|
