...
| Code Block |
|---|
FROM ceptor-base MAINTAINER AssecoCeptor DenmarkApS <support@asseco<support@ceptor.dk>io> LABEL description="Ceptor Demonstration" EXPOSE 4243 8443 9443 COPY pp/testdatabase /ceptor/template/testdatabase COPY pp/config /ceptor/template/config COPY docker/cfg /ceptor/template/config COPY docker/ceptor_demo.sh /ceptor/ceptor.sh RUN tr -d '\r' < /ceptor/ceptor.sh > /usr/local/bin/ceptor-entrypoint.sh \ && chmod +x /usr/local/bin/ceptor-entrypoint.sh \ && rm /ceptor/ceptor.sh \ && mkdir /ceptor/testdatabase \ #Allow it to be run by non-root users && chgrp -R 0 /ceptor/template/testdatabase \ && chmod -R g=u /ceptor/template/testdatabase \ && chgrp -R 0 /ceptor/template/config \ && chmod -R g=u /ceptor/template/config ENV elasticsearch_server=elasticsearch ENV elasticsearch_enabled=false VOLUME ["/ceptor/logs", "/ceptor/statistics", "/ceptor/config", "/ceptor/testdatabase"] |
...
| Code Block | ||
|---|---|---|
| ||
base_env: &base_env
- name: TENANT_NAME
value: "${TENANT_NAME}"
apiVersion: v1
kind: Template
metadata:
name: Ceptor
description: Ceptor - more info at https://ceptor.io
objects:
- apiVersion: v1
kind: ImageStream
metadata:
annotations:
openshift.io/generated-by: AssecoCeptor DenmarkApS
labels:
app: ceptor-demo
name: ceptor-demo
spec:
lookupPolicy:
local: false
tags:
- annotations:
openshift.io/imported-from: ceptor/ceptor_docker
from:
kind: DockerImage
name: ${CEPTOR_IMAGE}
generation: 2
importPolicy: {}
name: latest
referencePolicy:
type: Source
- apiVersion: v1
kind: Service
metadata:
annotations:
openshift.io/generated-by: AssecoCeptor DenmarkApS
labels:
app: ceptor-demo
name: ceptor-demo
spec:
ports:
- name: 4243-tcp
port: 4243
protocol: TCP
targetPort: 4243
- name: 8443-tcp
port: 8443
protocol: TCP
targetPort: 8443
selector:
app: ceptor-demo
deploymentconfig: ceptor-demo
sessionAffinity: None
type: ClusterIP
status:
loadBalancer: {}
- apiVersion: "v1"
kind: "PersistentVolumeClaim"
metadata:
name: "ceptor-persistent"
spec:
accessModes:
- "ReadWriteOnce"
resources:
requests:
storage: "1Gi"
- apiVersion: v1
kind: DeploymentConfig
metadata:
annotations:
openshift.io/generated-by: AssecoCeptor DenmarkApS
labels:
app: ceptor-demo
name: ceptor-demo
spec:
replicas: 1
revisionHistoryLimit: 10
selector:
app: ceptor-demo
deploymentconfig: ceptor-demo
strategy:
activeDeadlineSeconds: 21600
resources: {}
rollingParams:
intervalSeconds: 1
maxSurge: 25%
maxUnavailable: 25%
timeoutSeconds: 600
updatePeriodSeconds: 1
type: Rolling
template:
metadata:
annotations:
openshift.io/generated-by: OpenShiftNewApp
creationTimestamp: null
labels:
app: ceptor-demo
deploymentconfig: ceptor-demo
spec:
containers:
- image: ${CEPTOR_IMAGE}
imagePullPolicy: IfNotPresent
name: ceptor-demo
ports:
- containerPort: 4243
protocol: TCP
- containerPort: 8443
protocol: TCP
resources:
requests:
cpu: 2000m
memory: 2000Mi
limits:
cpu: 4000m
memory: 3000Mi
# livenessProbe:
# initialDelaySeconds: 30
# periodSeconds: 10
# tcpSocket:
# port: 8443
# readinessProbe:
# tcpSocket:
# port: 8443
# initialDelaySeconds: 30
# timeoutSeconds: 5
volumeMounts:
- mountPath: /ceptor/config
name: ceptor-volume
subPath: config
- mountPath: /ceptor/logs
name: ceptor-volume
subPath: logs
- mountPath: /ceptor/statistics
name: ceptor-volume
subPath: statistics
- mountPath: /ceptor/testdatabase
name: ceptor-volume
subPath: testdatabase
- mountPath: /ceptor/work
name: ceptor-volume
subPath: work
env:
- name: POSTGRESQL_USER
valueFrom:
secretKeyRef:
key: database-user
name: "${DATABASE_SERVICE_NAME}"
- name: POSTGRESQL_PASSWORD
valueFrom:
secretKeyRef:
key: database-password
name: "${DATABASE_SERVICE_NAME}"
dnsPolicy: ClusterFirst
restartPolicy: Always
terminationGracePeriodSeconds: 30
volumes:
- name: ceptor-volume
persistentVolumeClaim:
claimName: ceptor-persistent
test: false
triggers:
- type: ConfigChange
- imageChangeParams:
automatic: true
containerNames:
- ceptor-demo
from:
kind: ImageStreamTag
name: ceptor-demo:latest
type: ImageChange
- apiVersion: v1
kind: Route
metadata:
labels:
app: ceptor-demo
name: console
spec:
host: console-${TENANT_NAME}.${WILDCARD_DOMAIN}
port:
targetPort: 4243-tcp
tls:
termination: passthrough
to:
kind: Service
name: ceptor-demo
weight: 100
wildcardPolicy: None
- apiVersion: v1
kind: Route
metadata:
labels:
app: ceptor-demo
name: gateway
spec:
host: gateway-${TENANT_NAME}.${WILDCARD_DOMAIN}
port:
targetPort: 8443-tcp
tls:
termination: passthrough
to:
kind: Service
name: ceptor-demo
weight: 100
wildcardPolicy: None
- apiVersion: v1
kind: Secret
metadata:
annotations:
template.openshift.io/expose-database_name: "{.data['database-name']}"
template.openshift.io/expose-password: "{.data['database-password']}"
template.openshift.io/expose-username: "{.data['database-user']}"
name: "${DATABASE_SERVICE_NAME}"
stringData:
database-name: "${POSTGRESQL_DATABASE}"
database-password: "${POSTGRESQL_PASSWORD}"
database-user: "${POSTGRESQL_USER}"
- apiVersion: v1
kind: Service
metadata:
annotations:
template.openshift.io/expose-uri: postgres://{.spec.clusterIP}:{.spec.ports[?(.name=="postgresql")].port}
name: "${DATABASE_SERVICE_NAME}"
spec:
ports:
- name: postgresql
nodePort: 0
port: 5432
protocol: TCP
targetPort: 5432
selector:
name: "${DATABASE_SERVICE_NAME}"
sessionAffinity: None
type: ClusterIP
status:
loadBalancer: {}
- apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: "${DATABASE_SERVICE_NAME}"
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: "${VOLUME_CAPACITY}"
- apiVersion: v1
kind: DeploymentConfig
metadata:
annotations:
template.alpha.openshift.io/wait-for-ready: 'true'
name: "${DATABASE_SERVICE_NAME}"
spec:
replicas: 1
selector:
name: "${DATABASE_SERVICE_NAME}"
strategy:
type: Recreate
template:
metadata:
labels:
name: "${DATABASE_SERVICE_NAME}"
spec:
containers:
- capabilities: {}
env:
- name: POSTGRESQL_USER
valueFrom:
secretKeyRef:
key: database-user
name: "${DATABASE_SERVICE_NAME}"
- name: POSTGRESQL_PASSWORD
valueFrom:
secretKeyRef:
key: database-password
name: "${DATABASE_SERVICE_NAME}"
- name: POSTGRESQL_DATABASE
valueFrom:
secretKeyRef:
key: database-name
name: "${DATABASE_SERVICE_NAME}"
image: " "
imagePullPolicy: IfNotPresent
livenessProbe:
exec:
command:
- "/usr/libexec/check-container"
- "--live"
initialDelaySeconds: 120
timeoutSeconds: 10
name: postgresql
ports:
- containerPort: 5432
protocol: TCP
readinessProbe:
exec:
command:
- "/usr/libexec/check-container"
initialDelaySeconds: 5
timeoutSeconds: 1
resources:
limits:
memory: "${MEMORY_LIMIT}"
securityContext:
capabilities: {}
privileged: false
terminationMessagePath: "/dev/termination-log"
volumeMounts:
- mountPath: "/var/lib/pgsql/data"
name: "${DATABASE_SERVICE_NAME}-data"
dnsPolicy: ClusterFirst
restartPolicy: Always
volumes:
- name: "${DATABASE_SERVICE_NAME}-data"
persistentVolumeClaim:
claimName: "${DATABASE_SERVICE_NAME}"
triggers:
- imageChangeParams:
automatic: true
containerNames:
- postgresql
from:
kind: ImageStreamTag
name: postgresql:${POSTGRESQL_VERSION}
namespace: "${NAMESPACE}"
lastTriggeredImage: ''
type: ImageChange
- type: ConfigChange
status: {}
parameters:
- description: Maximum amount of memory the container can use.
displayName: Memory Limit
name: MEMORY_LIMIT
required: true
value: 512Mi
- description: The OpenShift Namespace where the ImageStream resides.
displayName: Namespace
name: NAMESPACE
value: openshift
- description: The name of the OpenShift Service exposed for the database.
displayName: Database Service Name
name: DATABASE_SERVICE_NAME
required: true
value: postgresql
- description: Username for PostgreSQL user that will be used for accessing the database.
displayName: PostgreSQL Connection Username
from: user[A-Z0-9]{3}
generate: expression
name: POSTGRESQL_USER
required: true
- description: Password for the PostgreSQL connection user.
displayName: PostgreSQL Connection Password
from: "[a-zA-Z0-9]{16}"
generate: expression
name: POSTGRESQL_PASSWORD
required: true
- description: Name of the PostgreSQL database accessed.
displayName: PostgreSQL Database Name
name: POSTGRESQL_DATABASE
required: true
value: ceptordb
- description: Volume space available for data, e.g. 512Mi, 2Gi.
displayName: Volume Capacity
name: VOLUME_CAPACITY
required: true
value: 1Gi
- description: Version of PostgreSQL image to be used (9.4, 9.5, 9.6 or latest).
displayName: Version of PostgreSQL Image
name: POSTGRESQL_VERSION
required: true
value: '9.6'
- name: WILDCARD_DOMAIN
description: Root domain for the wildcard routes. Eg. example.com will generate xxxxx.example.com.
displayName: Domain name
required: true
- name: TENANT_NAME
description: "Tenant name under the root"
displayName: Hostname
required: true
value: "ceptor"
- name: CEPTOR_IMAGE
displayName: Ceptor docker image name
description: Ceptor image to use
required: true
value: "ceptor/ceptor-demo:latest" |
...