{ "kind": "Template", "apiVersion": "v1", "metadata": { "annotations": { "iconClass": "icon-datagrid", "tags": "datagrid,jboss", "version": "1.4.17", "openshift.io/display-name": "JBoss Data Grid 7.1 + PostgreSQL (with https)", "openshift.io/provider-display-name": "Red Hat, Inc.", "description": "An example JBoss Data Grid application with a PostgreSQL database. For more information about using this template, see https://github.com/jboss-openshift/application-templates.", "template.openshift.io/long-description": "This template defines resources needed to develop Red Hat JBoss Data Grid 7.1 based application, including a deployment configuration, using PostgreSQL database using persistence and secure communication using https.", "template.openshift.io/documentation-url": "https://access.redhat.com/documentation/en/red-hat-jboss-data-grid/", "template.openshift.io/support-url": "https://access.redhat.com" }, "name": "datagrid71-postgresql-persistent" }, "labels": { "template": "datagrid71-postgresql-persistent", "xpaas": "1.4.17" }, "message": "A new data grid service (using PostgreSQL with persistent storage) has been created in your project. It supports connector type(s) \"${INFINISPAN_CONNECTORS}\". The username/password for accessing the MySQL database \"${DB_DATABASE}\" is ${DB_USERNAME}/${DB_PASSWORD}. Please be sure to create the following secrets: \"${HTTPS_SECRET}\" containing the ${HTTPS_KEYSTORE} file used for serving secure content; \"${JGROUPS_ENCRYPT_SECRET}\" containing the ${JGROUPS_ENCRYPT_KEYSTORE} file used for securing JGroups communications.", "parameters": [ { "displayName": "Application Name", "description": "The name for the application.", "name": "APPLICATION_NAME", "value": "datagrid-app", "required": true }, { "displayName": "Custom http Route Hostname", "description": "Custom hostname for http service route. Leave blank for default hostname, e.g.: -.", "name": "HOSTNAME_HTTP", "value": "", "required": false }, { "displayName": "Custom https Route Hostname", "description": "Custom hostname for https service route. Leave blank for default hostname, e.g.: secure--.", "name": "HOSTNAME_HTTPS", "value": "", "required": false }, { "displayName": "Username", "description": "User name for JDG user.", "name": "USERNAME", "value": "", "required": false }, { "displayName": "Password", "description": "The password to access the JDG Caches. Must be different than username; must not be root, admin, or administrator; must contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), and 1 non-alphanumeric symbol(s). (optional)", "name": "PASSWORD", "value": "", "required": false }, { "displayName": "JDG User Roles/Groups", "description": "Comma delimited list of roles/groups associated with the JDG user", "name": "ADMIN_GROUP", "value": "", "required": false }, { "displayName": "Hotrod Authentication", "description": "Enable Hotrod Authentication", "name": "HOTROD_AUTHENTICATION", "value": "", "required": false }, { "displayName": "Container Security Role Mapper", "description": "Defines which role mapper to use for cache authentication", "name": "CONTAINER_SECURITY_ROLE_MAPPER", "value": "", "required": false }, { "displayName": "Container Security Roles", "description": "Comma delimited list of role names and assigned permissions", "name": "CONTAINER_SECURITY_ROLES", "value": "", "required": false }, { "displayName": "Server Keystore Secret Name", "description": "The name of the secret containing the keystore file", "name": "HTTPS_SECRET", "value": "datagrid-app-secret", "required": true }, { "displayName": "Server Keystore Filename", "description": "The name of the keystore file within the secret", "name": "HTTPS_KEYSTORE", "value": "keystore.jks", "required": false }, { "displayName": "Server Certificate Name", "description": "The name associated with the server certificate", "name": "HTTPS_NAME", "value": "", "required": false }, { "displayName": "Server Keystore Password", "description": "The password for the keystore and certificate", "name": "HTTPS_PASSWORD", "value": "", "required": false }, { "displayName": "Database JNDI Name", "description": "Database JNDI name used by application to resolve the datasource, e.g. java:/jboss/datasources/postgresql", "name": "DB_JNDI", "value": "java:jboss/datasources/postgresql", "required": false }, { "displayName": "Database Name", "description": "Database name", "name": "DB_DATABASE", "value": "root", "required": true }, { "displayName": "Database Username", "description": "Database user name", "name": "DB_USERNAME", "from": "user[a-zA-Z0-9]{3}", "generate": "expression", "required": true }, { "displayName": "Database Password", "description": "Database user password", "name": "DB_PASSWORD", "from": "[a-zA-Z0-9]{8}", "generate": "expression", "required": true }, { "displayName": "Datasource Minimum Pool Size", "description": "Sets xa-pool/min-pool-size for the configured datasource.", "name": "DB_MIN_POOL_SIZE", "required": false }, { "displayName": "Datasource Maximum Pool Size", "description": "Sets xa-pool/max-pool-size for the configured datasource.", "name": "DB_MAX_POOL_SIZE", "required": false }, { "displayName": "Datasource Transaction Isolation", "description": "Sets transaction-isolation for the configured datasource.", "name": "DB_TX_ISOLATION", "required": false }, { "displayName": "PostgreSQL Maximum number of connections", "description": "The maximum number of client connections allowed. This also sets the maximum number of prepared transactions.", "name": "POSTGRESQL_MAX_CONNECTIONS", "required": false }, { "displayName": "PostgreSQL Shared Buffers", "description": "Configures how much memory is dedicated to PostgreSQL for caching data.", "name": "POSTGRESQL_SHARED_BUFFERS", "required": false }, { "displayName": "Database Volume Capacity", "description": "Size of persistent storage for database volume.", "name": "VOLUME_CAPACITY", "value": "1Gi", "required": true }, { "displayName": "ImageStream Namespace", "description": "Namespace in which the ImageStreams for Red Hat Middleware images are installed. These ImageStreams are normally installed in the openshift namespace. You should only need to modify this if you've installed the ImageStreams in a different namespace/project.", "name": "IMAGE_STREAM_NAMESPACE", "value": "openshift", "required": true }, { "displayName": "Infinispan Connectors", "description": "Comma-separated list of connector types that should be configured (defaults to 'memcached,hotrod,rest')", "name": "INFINISPAN_CONNECTORS", "value": "hotrod,memcached,rest", "required": false }, { "displayName": "Cache Names", "description": "Comma-separated list of caches to configure. By default, a distributed-cache, with a mode of SYNC will be configured for each entry.", "name": "CACHE_NAMES", "value": "", "required": false }, { "displayName": "Datavirt Cache Names", "description": "Comma-separated list of caches to configure for use by Red Hat JBoss Data Virtualization for materialization of views. Three caches will be created for each named cache: , _staging and _alias.", "name": "DATAVIRT_CACHE_NAMES", "value": "", "required": false }, { "displayName": "Default Cache Type", "description": "Default cache type for all caches. If empty then distributed will be the default", "name": "CACHE_TYPE_DEFAULT", "value": "", "required": false }, { "displayName": "Encryption Requires SSL Client Authentication?", "description": "", "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH", "value": "", "required": false }, { "displayName": "Memcached Cache Name", "description": "The name of the cache to expose through this memcached connector (defaults to 'default')", "name": "MEMCACHED_CACHE", "value": "default", "required": false }, { "displayName": "REST Security Domain", "description": "The domain, declared in the security subsystem, that should be used to authenticate access to the REST endpoint", "name": "REST_SECURITY_DOMAIN", "value": "", "required": false }, { "displayName": "JGroups Secret Name", "description": "The name of the secret containing the keystore file", "name": "JGROUPS_ENCRYPT_SECRET", "value": "datagrid-app-secret", "required": false }, { "displayName": "JGroups Keystore Filename", "description": "The name of the keystore file within the secret", "name": "JGROUPS_ENCRYPT_KEYSTORE", "value": "jgroups.jceks", "required": false }, { "displayName": "JGroups Certificate Name", "description": "The name associated with the server certificate", "name": "JGROUPS_ENCRYPT_NAME", "value": "", "required": false }, { "displayName": "JGroups Keystore Password", "description": "The password for the keystore and certificate", "name": "JGROUPS_ENCRYPT_PASSWORD", "value": "", "required": false }, { "displayName": "JGroups Cluster Password", "description": "JGroups cluster password", "name": "JGROUPS_CLUSTER_PASSWORD", "from": "[a-zA-Z0-9]{8}", "generate": "expression", "required": true }, { "displayName": "PostgreSQL Image Stream Tag", "description": "The tag to use for the \"postgresql\" image stream. Typically, this aligns with the major.minor version of PostgreSQL.", "name": "POSTGRESQL_IMAGE_STREAM_TAG", "value": "9.5", "required": true }, { "description": "Container memory limit", "name": "MEMORY_LIMIT", "value": "1Gi", "required": false } ], "objects": [ { "kind": "Service", "apiVersion": "v1", "spec": { "ports": [ { "port": 8080, "targetPort": 8080 } ], "selector": { "deploymentConfig": "${APPLICATION_NAME}" } }, "metadata": { "name": "${APPLICATION_NAME}", "labels": { "application": "${APPLICATION_NAME}" }, "annotations": { "description": "The web server's HTTP port.", "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]" } } }, { "kind": "Service", "apiVersion": "v1", "spec": { "ports": [ { "port": 8443, "targetPort": 8443 } ], "selector": { "deploymentConfig": "${APPLICATION_NAME}" } }, "metadata": { "name": "secure-${APPLICATION_NAME}", "labels": { "application": "${APPLICATION_NAME}" }, "annotations": { "description": "The web server's HTTPS port.", "service.alpha.openshift.io/dependencies": "[{\"name\": \"${APPLICATION_NAME}-postgresql\", \"kind\": \"Service\"}]" } } }, { "kind": "Service", "apiVersion": "v1", "spec": { "ports": [ { "port": 11211, "targetPort": 11211 } ], "selector": { "deploymentConfig": "${APPLICATION_NAME}" } }, "metadata": { "name": "${APPLICATION_NAME}-memcached", "labels": { "application": "${APPLICATION_NAME}" }, "annotations": { "description": "Memcached service for clustered applications." } } }, { "kind": "Service", "apiVersion": "v1", "spec": { "ports": [ { "port": 11333, "targetPort": 11333 } ], "selector": { "deploymentConfig": "${APPLICATION_NAME}" } }, "metadata": { "name": "${APPLICATION_NAME}-hotrod", "labels": { "application": "${APPLICATION_NAME}" }, "annotations": { "description": "Hot Rod service for clustered applications." } } }, { "kind": "Service", "apiVersion": "v1", "spec": { "ports": [ { "port": 5432, "targetPort": 5432 } ], "selector": { "deploymentConfig": "${APPLICATION_NAME}-postgresql" } }, "metadata": { "name": "${APPLICATION_NAME}-postgresql", "labels": { "application": "${APPLICATION_NAME}" }, "annotations": { "description": "The database server's port." } } }, { "kind": "Service", "apiVersion": "v1", "spec": { "clusterIP": "None", "ports": [ { "name": "ping", "port": 8888 } ], "selector": { "deploymentConfig": "${APPLICATION_NAME}" } }, "metadata": { "name": "${APPLICATION_NAME}-ping", "labels": { "application": "${APPLICATION_NAME}" }, "annotations": { "service.alpha.kubernetes.io/tolerate-unready-endpoints": "true", "description": "The JGroups ping port for clustering." } } }, { "kind": "Route", "apiVersion": "v1", "id": "${APPLICATION_NAME}-http", "metadata": { "name": "${APPLICATION_NAME}", "labels": { "application": "${APPLICATION_NAME}" }, "annotations": { "description": "Route for application's HTTP service." } }, "spec": { "host": "${HOSTNAME_HTTP}", "to": { "name": "${APPLICATION_NAME}" } } }, { "kind": "Route", "apiVersion": "v1", "id": "${APPLICATION_NAME}-https", "metadata": { "name": "secure-${APPLICATION_NAME}", "labels": { "application": "${APPLICATION_NAME}" }, "annotations": { "description": "Route for application's HTTPS service." } }, "spec": { "host": "${HOSTNAME_HTTPS}", "to": { "name": "secure-${APPLICATION_NAME}" }, "tls": { "termination": "passthrough" } } }, { "kind": "DeploymentConfig", "apiVersion": "v1", "metadata": { "name": "${APPLICATION_NAME}", "labels": { "application": "${APPLICATION_NAME}" } }, "spec": { "strategy": { "type": "Recreate" }, "triggers": [ { "type": "ImageChange", "imageChangeParams": { "automatic": true, "containerNames": [ "${APPLICATION_NAME}" ], "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", "name": "jboss-datagrid71-openshift:1.3" } } }, { "type": "ConfigChange" } ], "replicas": 1, "selector": { "deploymentConfig": "${APPLICATION_NAME}" }, "template": { "metadata": { "name": "${APPLICATION_NAME}", "labels": { "deploymentConfig": "${APPLICATION_NAME}", "application": "${APPLICATION_NAME}" } }, "spec": { "terminationGracePeriodSeconds": 60, "containers": [ { "name": "${APPLICATION_NAME}", "image": "jboss-datagrid71-openshift", "imagePullPolicy": "Always", "resources": { "limits": { "memory": "${MEMORY_LIMIT}" } }, "volumeMounts": [ { "name": "datagrid-keystore-volume", "mountPath": "/etc/datagrid-secret-volume", "readOnly": true }, { "name": "datagrid-jgroups-keystore-volume", "mountPath": "/etc/jgroups-encrypt-secret-volume", "readOnly": true } ], "livenessProbe": { "exec": { "command": [ "/bin/bash", "-c", "/opt/datagrid/bin/livenessProbe.sh" ] }, "initialDelaySeconds": 60 }, "readinessProbe": { "exec": { "command": [ "/bin/bash", "-c", "/opt/datagrid/bin/readinessProbe.sh" ] } }, "ports": [ { "name": "jolokia", "containerPort": 8778, "protocol": "TCP" }, { "name": "http", "containerPort": 8080, "protocol": "TCP" }, { "name": "https", "containerPort": 8443, "protocol": "TCP" }, { "name": "ping", "containerPort": 8888, "protocol": "TCP" }, { "name": "memcached", "containerPort": 11211, "protocol": "TCP" }, { "name": "hotrod-internal", "containerPort": 11222, "protocol": "TCP" }, { "name": "hotrod", "containerPort": 11333, "protocol": "TCP" } ], "env": [ { "name": "USERNAME", "value": "${USERNAME}" }, { "name": "PASSWORD", "value": "${PASSWORD}" }, { "name": "ADMIN_GROUP", "value": "${ADMIN_GROUP}" }, { "name": "HOTROD_AUTHENTICATION", "value": "${HOTROD_AUTHENTICATION}" }, { "name": "CONTAINER_SECURITY_ROLE_MAPPER", "value": "${CONTAINER_SECURITY_ROLE_MAPPER}" }, { "name": "CONTAINER_SECURITY_ROLES", "value": "${CONTAINER_SECURITY_ROLES}" }, { "name": "HTTPS_KEYSTORE_DIR", "value": "/etc/datagrid-secret-volume" }, { "name": "HTTPS_KEYSTORE", "value": "${HTTPS_KEYSTORE}" }, { "name": "HTTPS_NAME", "value": "${HTTPS_NAME}" }, { "name": "HTTPS_PASSWORD", "value": "${HTTPS_PASSWORD}" }, { "name": "DB_SERVICE_PREFIX_MAPPING", "value": "${APPLICATION_NAME}-postgresql=DB" }, { "name": "DB_JNDI", "value": "${DB_JNDI}" }, { "name": "DB_USERNAME", "value": "${DB_USERNAME}" }, { "name": "DB_PASSWORD", "value": "${DB_PASSWORD}" }, { "name": "DB_DATABASE", "value": "${DB_DATABASE}" }, { "name": "TX_DATABASE_PREFIX_MAPPING", "value": "${APPLICATION_NAME}-postgresql=DB" }, { "name": "DB_MIN_POOL_SIZE", "value": "${DB_MIN_POOL_SIZE}" }, { "name": "DB_MAX_POOL_SIZE", "value": "${DB_MAX_POOL_SIZE}" }, { "name": "DB_TX_ISOLATION", "value": "${DB_TX_ISOLATION}" }, { "name": "DEFAULT_JDBC_STORE_TYPE", "value": "string" }, { "name": "DEFAULT_JDBC_STORE_DATASOURCE", "value": "${DB_JNDI}" }, { "name": "MEMCACHED_JDBC_STORE_TYPE", "value": "string" }, { "name": "MEMCACHED_JDBC_STORE_DATASOURCE", "value": "${DB_JNDI}" }, { "name": "JGROUPS_PING_PROTOCOL", "value": "openshift.DNS_PING" }, { "name": "OPENSHIFT_DNS_PING_SERVICE_NAME", "value": "${APPLICATION_NAME}-ping" }, { "name": "OPENSHIFT_DNS_PING_SERVICE_PORT", "value": "8888" }, { "name": "INFINISPAN_CONNECTORS", "value": "${INFINISPAN_CONNECTORS}" }, { "name": "CACHE_NAMES", "value": "${CACHE_NAMES}" }, { "name": "DATAVIRT_CACHE_NAMES", "value": "${DATAVIRT_CACHE_NAMES}" }, { "name": "CACHE_TYPE_DEFAULT", "value": "${CACHE_TYPE_DEFAULT}" }, { "name": "ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH", "value": "${ENCRYPTION_REQUIRE_SSL_CLIENT_AUTH}" }, { "name": "HOTROD_SERVICE_NAME", "value": "${APPLICATION_NAME}-hotrod" }, { "name": "HOTROD_ENCRYPTION", "value": "${HTTPS_NAME}" }, { "name": "MEMCACHED_CACHE", "value": "${MEMCACHED_CACHE}" }, { "name": "REST_SECURITY_DOMAIN", "value": "${REST_SECURITY_DOMAIN}" }, { "name": "JGROUPS_ENCRYPT_SECRET", "value": "${JGROUPS_ENCRYPT_SECRET}" }, { "name": "JGROUPS_ENCRYPT_KEYSTORE", "value": "${JGROUPS_ENCRYPT_KEYSTORE}" }, { "name": "JGROUPS_ENCRYPT_KEYSTORE_DIR", "value": "/etc/jgroups-encrypt-secret-volume" }, { "name": "JGROUPS_ENCRYPT_NAME", "value": "${JGROUPS_ENCRYPT_NAME}" }, { "name": "JGROUPS_ENCRYPT_PASSWORD", "value": "${JGROUPS_ENCRYPT_PASSWORD}" }, { "name": "JGROUPS_CLUSTER_PASSWORD", "value": "${JGROUPS_CLUSTER_PASSWORD}" } ] } ], "volumes": [ { "name": "datagrid-keystore-volume", "secret": { "secretName": "${HTTPS_SECRET}" } }, { "name": "datagrid-jgroups-keystore-volume", "secret": { "secretName": "${JGROUPS_ENCRYPT_SECRET}" } } ] } } } }, { "kind": "DeploymentConfig", "apiVersion": "v1", "metadata": { "name": "${APPLICATION_NAME}-postgresql", "labels": { "application": "${APPLICATION_NAME}" } }, "spec": { "strategy": { "type": "Recreate" }, "triggers": [ { "type": "ImageChange", "imageChangeParams": { "automatic": true, "containerNames": [ "${APPLICATION_NAME}-postgresql" ], "from": { "kind": "ImageStreamTag", "namespace": "${IMAGE_STREAM_NAMESPACE}", "name": "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}" } } }, { "type": "ConfigChange" } ], "replicas": 1, "selector": { "deploymentConfig": "${APPLICATION_NAME}-postgresql" }, "template": { "metadata": { "name": "${APPLICATION_NAME}-postgresql", "labels": { "deploymentConfig": "${APPLICATION_NAME}-postgresql", "application": "${APPLICATION_NAME}" } }, "spec": { "containers": [ { "name": "${APPLICATION_NAME}-postgresql", "image": "postgresql", "imagePullPolicy": "Always", "ports": [ { "containerPort": 5432, "protocol": "TCP" } ], "readinessProbe": { "timeoutSeconds": 1, "initialDelaySeconds": 5, "exec": { "command": [ "/bin/sh", "-i", "-c", "psql -h 127.0.0.1 -U $POSTGRESQL_USER -q -d $POSTGRESQL_DATABASE -c 'SELECT 1'"] } }, "livenessProbe": { "timeoutSeconds": 1, "initialDelaySeconds": 30, "tcpSocket": { "port": 5432 } }, "volumeMounts": [ { "mountPath": "/var/lib/pgsql/data", "name": "${APPLICATION_NAME}-postgresql-pvol" } ], "env": [ { "name": "POSTGRESQL_USER", "value": "${DB_USERNAME}" }, { "name": "POSTGRESQL_PASSWORD", "value": "${DB_PASSWORD}" }, { "name": "POSTGRESQL_DATABASE", "value": "${DB_DATABASE}" }, { "name": "POSTGRESQL_MAX_CONNECTIONS", "value": "${POSTGRESQL_MAX_CONNECTIONS}" }, { "name": "POSTGRESQL_MAX_PREPARED_TRANSACTIONS", "value": "${POSTGRESQL_MAX_CONNECTIONS}" }, { "name": "POSTGRESQL_SHARED_BUFFERS", "value": "${POSTGRESQL_SHARED_BUFFERS}" } ] } ], "volumes": [ { "name": "${APPLICATION_NAME}-postgresql-pvol", "persistentVolumeClaim": { "claimName": "${APPLICATION_NAME}-postgresql-claim" } } ] } } } }, { "apiVersion": "v1", "kind": "PersistentVolumeClaim", "metadata": { "name": "${APPLICATION_NAME}-postgresql-claim", "labels": { "application": "${APPLICATION_NAME}" } }, "spec": { "accessModes": [ "ReadWriteOnce" ], "resources": { "requests": { "storage": "${VOLUME_CAPACITY}" } } } } ] }