Included persistent volume to deploy postgresql version of the KieServerAdd...

Ricardo Jun

2018-10-05 5889913bc2e1f30e09d7ee1472424ad56852005a

Included persistent volume to deploy postgresql version of the KieServerAdded template with postgresql version of KieServer supportUpdated script to create the lab environment

 extras/backup/execution.sh

@@ -1,6 +1,7 @@
ssh root@services mkdir -p /var/exports/vol01
ssh root@services mkdir -p /var/exports/vol02
ssh root@services mkdir -p /var/exports/vol03
ssh root@services mkdir -p /var/exports/vol04
ssh root@services chown nfsnobody:nfsnobody /var/exports/vol*
ssh root@services chmod a+rwx /var/exports/vol*

@@ -10,6 +11,7 @@
/var/exports/vol01 *(rw,root_squash)
/var/exports/vol02 *(rw,root_squash)
/var/exports/vol03 *(rw,root_squash)
/var/exports/vol04 *(rw,root_squash)


exportfs -a
@@ -19,18 +21,21 @@
ssh root@master oc create -f vol01-pv.yaml
ssh root@master oc create -f vol02-pv.yaml
ssh root@master oc create -f vol03-pv.yaml
ssh root@master oc create -f vol03-pv.yaml

# Create PAM without database

ssh root@master oc new-project bxms-pam-dc39
ssh root@master oc label namespace bxms-pam-dc39 AAD='dc39'
ssh root@master oc project default
ssh root@master mkdir /tmp/dc39
ssh root@master oc process -f https://raw.githubusercontent.com/jboss-container-images/rhpam-7-openshift-image/7.0.2.GA/templates/rhpam70-authoring.yaml \
          -p IMAGE_STREAM_NAMESPACE=bxms-pam-dc39 \
          -p KIE_ADMIN_PWD=test1234! \
          -p APPLICATION_NAME=rht \
          -p BUSINESS_CENTRAL_HTTPS_SECRET=businesscentral-app-secret \
          -p MAVEN_REPO_URL=http://services.lab.example.com:8081/nexus/content/groups/training-java \
          -p KIE_SERVER_HTTPS_SECRET=businesscentral-app-secret > /tmp/dc39/rhpam70-authoring.json 
#ssh root@master oc process -f https://raw.githubusercontent.com/jboss-container-images/rhpam-7-openshift-image/7.0.2.GA/templates/rhpam70-authoring.yaml \
#          -p IMAGE_STREAM_NAMESPACE=bxms-pam-dc39 \
#          -p KIE_ADMIN_PWD=test1234! \
#          -p APPLICATION_NAME=rht \
#          -p BUSINESS_CENTRAL_HTTPS_SECRET=businesscentral-app-secret \
#          -p MAVEN_REPO_URL=http://services.lab.example.com:8081/nexus/content/groups/training-java \
#          -p KIE_SERVER_HTTPS_SECRET=businesscentral-app-secret > /tmp/dc39/rhpam70-authoring.json 

#- name: Modify template with pause build configs
  #replace:
@@ -45,10 +50,6 @@
      -n bxms-pam-dc39
oc create -f /tmp/dc39/rhpam70-authoring.json -n bxms-pam-dc39
oc rollout resume dc/rht-rhpamcentr -n bxms-pam-dc39
#  get_url:
#    url: 'https://raw.githubusercontent.com/gpe-mw-training/rhpam-order-fulfillment/master/src/main/resources/products.txt'
#    dest: /tmp/dc39/products.txt

oc create configmap products-cm --from-file=/tmp/dc39/products.txt -n bxms-pam-dc39

oc volume dc/rht-kieserver -n bxms-pam-dc39 \
@@ -65,3 +66,43 @@
oc annotate namespace bxms-pam-dc39 openshift.io/requester=developer --overwrite

oc policy add-role-to-user admin developer -n bxms-pam-dc39

# Create PAM with Postgresql

ssh root@master oc new-project bxms-pamdb-dc39
ssh root@master oc label namespace bxms-pamdb-dc39 AAD='dc39'
ssh root@master oc project default
ssh root@master mkdir /tmp/dc39
#ssh root@master oc process -f https://raw.githubusercontent.com/jboss-container-images/rhpam-7-openshift-image/7.0.2.GA/templates/rhpam70-authoring.yaml \
#          -p IMAGE_STREAM_NAMESPACE=bxms-pam-dc39 \
#          -p KIE_ADMIN_PWD=test1234! \
#          -p APPLICATION_NAME=rht \
#          -p BUSINESS_CENTRAL_HTTPS_SECRET=businesscentral-app-secret \
#          -p MAVEN_REPO_URL=http://services.lab.example.com:8081/nexus/content/groups/training-java \
#          -p KIE_SERVER_HTTPS_SECRET=businesscentral-app-secret > /tmp/dc39/rhpam70-authoring.json 


oc create -f https://raw.githubusercontent.com/jboss-container-images/rhpam-7-openshift-image/7.0.2.GA/example-app-secret-template.yaml -n bxms-pamdb-dc39
oc create -f /tmp/dc39/rhpam70-image-streams.yaml -n bxms-pamdb-dc39
oc new-app --template=example-app-secret \
      -p SECRET_NAME=businesscentral-app-secret \
      -n bxms-pamdb-dc39
oc create -f /tmp/dc39/rhpam70-authoring.json -n bxms-pamdb-dc39
oc rollout resume dc/rht-rhpamcentr -n bxms-pamdb-dc39
oc create configmap products-cm --from-file=/tmp/dc39/products.txt -n bxms-pamdb-dc39

oc volume dc/rht-kieserver -n bxms-pam-dc39 \
        --overwrite --add -t configmap -m /data --name=products-volume --configmap-name=products-cm

oc rollout resume dc/rht-kieserver -n bxms-pamdb-dc39

#- include_tasks: ./wait_for_deploy.yml
#static: no
#  vars:
#    pod_to_wait:
#      - "rht-kieserver"

oc annotate namespace bxms-pamdb-dc39 openshift.io/requester=developer --overwrite

oc policy add-role-to-user admin developer -n bxms-pamdb-dc39


 extras/backup/rhpam70-kieserver-postgresql.yaml

New file
@@ -0,0 +1,640 @@
---
kind: Template
apiVersion: v1
metadata:
  annotations:
    description: Application template for a managed KIE server with a PostgreSQL database, for Red Hat Process Automation Manager 7.0
    iconClass: icon-jboss
    tags: rhpam,jboss,kieserver,postgresql
    version: "1.2"
    openshift.io/display-name: Red Hat Process Automation Manager 7.0 managed KIE server with a PostgreSQL database
    template.openshift.io/bindable: "false"
  name: rhpam70-kieserver-postgresql
labels:
  template: rhpam70-kieserver-postgresql
  rhpam: "1.2"
message: A new environment has been set up for Red Hat Process Automation Manager 7. The username/password for accessing the KIE server is ${KIE_SERVER_USER}/${KIE_SERVER_PWD}.
parameters:
- displayName: Application Name
  description: The name for the application.
  name: APPLICATION_NAME
  value: myapp
  required: true
- displayName: Maven repository URL
  description: Fully qualified URL to a Maven repository or service.
  name: MAVEN_REPO_URL
  example: http://nexus.nexus-project.svc.cluster.local:8081/nexus/content/groups/public/
  required: true
- displayName: Maven repository username
  description: Username to access the Maven repository, if required.
  name: MAVEN_REPO_USERNAME
  required: false
- displayName: Maven repository password
  description: Password to access the Maven repository, if required.
  name: MAVEN_REPO_PASSWORD
  required: false
- displayName: Name of the Maven service hosted by Business Central
  description: The service name for the optional business central, where it can be reached, to allow service lookups (for maven repo usage), if required
  name: BUSINESS_CENTRAL_MAVEN_SERVICE
  example: "myapp-rhpamcentr"
  required: false
- displayName: Username for the Maven service hosted by Business Central
  description: Username to access the Maven service hosted by Business Central inside EAP.
  name: BUSINESS_CENTRAL_MAVEN_USERNAME
  example: "mavenUser"
  required: false
- displayName: Password for the Maven service hosted by Business Central
  description: Password to access the Maven service hosted by Business Central inside EAP.
  name: BUSINESS_CENTRAL_MAVEN_PASSWORD
  example: "maven1!"
  required: false
- displayName: KIE Admin User
  description: KIE administrator username
  name: KIE_ADMIN_USER
  value: adminUser
  required: false
- displayName: KIE Admin Password
  description: KIE administrator password
  name: KIE_ADMIN_PWD
  from: "[a-zA-Z]{6}[0-9]{1}!"
  generate: expression
  required: false
- displayName: KIE Server ID
  description: The KIE server ID to use, which defaults to ${APPLICATION_NAME}-kieserver if not specified (Sets the org.kie.server.id system property).
  name: KIE_SERVER_ID
  required: false
- displayName: KIE Server User
  description: KIE execution server username (Sets the org.kie.server.user system property)
  name: KIE_SERVER_USER
  value: executionUser
  required: false
- displayName: KIE Server Password
  description: KIE execution server password (Sets the org.kie.server.pwd system property)
  name: KIE_SERVER_PWD
  from: "[a-zA-Z]{6}[0-9]{1}!"
  generate: expression
  required: false
- displayName: ImageStream Namespace
  description: Namespace in which the ImageStreams for Red Hat Middleware images are
    installed. These ImageStreams are normally installed in the openshift namespace.
    You should only need to modify this if you've installed the ImageStreams in a
    different namespace/project.
  name: IMAGE_STREAM_NAMESPACE
  value: openshift
  required: true
- displayName: KIE Server ImageStream Name
  description: The name of the image stream to use for KIE Execution Server. Default is "rhpam70-kieserver-openshift".
  name: KIE_SERVER_IMAGE_STREAM_NAME
  value: "rhpam70-kieserver-openshift"
  required: true
- displayName: ImageStream Tag
  description: A named pointer to an image in an image stream. Default is "1.2".
  name: IMAGE_STREAM_TAG
  value: "1.2"
  required: true
- displayName: Smart Router Service
  description: The service name for the optional smart router, where it can be reached, to allow smart routing
  name: KIE_SERVER_ROUTER_SERVICE
  required: false
- displayName: Smart Router Host
  description: "The host name of the smart router, which could be the service name resolved by OpenShift or a globally resolvable domain name"
  name: KIE_SERVER_ROUTER_HOST
  example: "myapp-smartrouter"
  required: false
- displayName: Smart Router listening port
  description: Port in which the smart router server listens (router property org.kie.server.router.port)
  name: KIE_SERVER_ROUTER_PORT
  example: "9000"
  required: false
- displayName: Smart Router protocol
  description: KIE server router protocol (Used to build the org.kie.server.router.url.external property)
  name: KIE_SERVER_ROUTER_PROTOCOL
  example: "http"
  required: false
- displayName: KIE Server Controller Service
  description: The service name for the optional business-central-monitor, where it can be reached and registered with, to allow monitoring console functionality
  name: KIE_SERVER_CONTROLLER_SERVICE
  required: false
- displayName: KIE Server Controller User
  description: KIE server controller username (Sets the org.kie.server.controller.user system property)
  name: KIE_SERVER_CONTROLLER_USER
  value: controllerUser
  required: false
- displayName: KIE Server Controller Password
  description: KIE server controller password (Sets the org.kie.server.controller.pwd system property)
  name: KIE_SERVER_CONTROLLER_PWD
  required: false
- displayName: KIE server controller host
  description: KIE server controller host (Used to set the org.kie.server.controller system property)
  name: KIE_SERVER_CONTROLLER_HOST
  example: my-app-controller-ocpuser.os.example.com
  required: false
- displayName: KIE server controller port
  description: KIE server controller port (Used to set the org.kie.server.controller system property)
  name: KIE_SERVER_CONTROLLER_PORT
  example: '8080'
  required: false
- displayName: KIE server controller protocol
  description: KIE server controller protocol (Used to set the org.kie.server.controller system property)
  name: KIE_SERVER_CONTROLLER_PROTOCOL
  example: http
  required: false
- displayName: KIE Server controller token
  description: KIE server controller token for bearer authentication (Sets the org.kie.server.controller.token system property)
  name: KIE_SERVER_CONTROLLER_TOKEN
  required: false
- displayName: KIE Server Persistence DS
  description: KIE execution server persistence datasource (Sets the org.kie.server.persistence.ds system property)
  name: KIE_SERVER_PERSISTENCE_DS
  value: java:/jboss/datasources/rhpam
  required: false
## PostgreSQL database parameters BEGIN
- displayName: KIE Server PostgreSQL Database User
  description: KIE execution server PostgreSQL database username
  name: KIE_SERVER_POSTGRESQL_USER
  value: rhpam
  required: false
- displayName: KIE Server PostgreSQL Database Password
  description: KIE execution server PostgreSQL database password
  name: KIE_SERVER_POSTGRESQL_PWD
  from: "[a-zA-Z]{6}[0-9]{1}!"
  generate: expression
  required: false
- displayName: KIE Server PostgreSQL Database Name
  description: KIE execution server PostgreSQL database name
  name: KIE_SERVER_POSTGRESQL_DB
  value: rhpam7
  required: false
- displayName: PostgreSQL ImageStream Tag
  description: The PostgreSQL image version, which is intended to correspond to the PostgreSQL version. Default is "9.6".
  name: POSTGRESQL_IMAGE_STREAM_TAG
  value: "9.6"
- displayName: PostgreSQL Database max prepared connections
  description: Allows the PostgreSQL to handle XA transactions.
  name: POSTGRESQL_MAX_PREPARED_TRANSACTIONS
  value: '100'
  required: true
- displayName: Database Volume Capacity
  description: Size of persistent storage for database volume.
  name: DB_VOLUME_CAPACITY
  value: 1Gi
## PostgreSQL database parameters END
- displayName: Drools Server Filter Classes
  description: KIE execution server class filtering (Sets the org.drools.server.filter.classes system property)
  name: DROOLS_SERVER_FILTER_CLASSES
  value: 'true'
  required: false
- displayName: KIE MBeans
  description: KIE execution server mbeans enabled/disabled (Sets the kie.mbeans and kie.scanner.mbeans system properties)
  name: KIE_MBEANS
  value: enabled
  required: false
- displayName: Execution Server Custom http Route Hostname
  description: 'Custom hostname for http service route, if set will also configure the KIE_SERVER_HOST. Leave blank for default hostname,
    e.g.: <application-name>-kieserver-<project>.<default-domain-suffix>'
  name: EXECUTION_SERVER_HOSTNAME_HTTP
  value: ''
  required: false
- displayName: Execution Server Custom https Route Hostname
  description: 'Custom hostname for https service route.  Leave blank for default
    hostname, e.g.: secure-<application-name>-kieserver-<project>.<default-domain-suffix>'
  name: EXECUTION_SERVER_HOSTNAME_HTTPS
  value: ''
  required: false
- displayName: Use the secure route name to set KIE_SERVER_HOST.
  description: Use https for the KIE_SERVER_HOST when it is not explicit configured to a custom value.
  name: EXECUTION_SERVER_USE_SECURE_ROUTE_NAME
  value: 'false'
  required: false
- displayName: KIE Server Keystore Secret Name
  description: The name of the secret containing the keystore file
  name: KIE_SERVER_HTTPS_SECRET
  example: kieserver-app-secret
  required: true
- displayName: KIE Server Keystore Filename
  description: The name of the keystore file within the secret
  name: KIE_SERVER_HTTPS_KEYSTORE
  value: keystore.jks
  required: false
- displayName: KIE Server Certificate Name
  description: The name associated with the server certificate
  name: KIE_SERVER_HTTPS_NAME
  value: jboss
  required: false
- displayName: KIE Server Keystore Password
  description: The password for the keystore and certificate
  name: KIE_SERVER_HTTPS_PASSWORD
  value: mykeystorepass
  required: false
- displayName: KIE Server Bypass Auth User
  description: KIE execution server bypass auth user (Sets the org.kie.server.bypass.auth.user system property)
  name: KIE_SERVER_BYPASS_AUTH_USER
  value: 'false'
  required: false
- displayName: "Timer service data store refresh interval (in milliseconds)"
  description: "Sets refresh-interval for the EJB timer database data-store service."
  name: TIMER_SERVICE_DATA_STORE_REFRESH_INTERVAL
  value: '30000'
  required: false
- displayName: Execution Server Container Memory Limit
  description: Execution Server Container memory limit
  name: EXECUTION_SERVER_MEMORY_LIMIT
  value: 1Gi
  required: false
- displayName: KIE Server Container Deployment
  description: 'KIE Server Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2'
  name: KIE_SERVER_CONTAINER_DEPLOYMENT
  example: rhpam-kieserver-library=org.openshift.quickstarts:rhpam-kieserver-library:1.4.0-SNAPSHOT
  required: false
- displayName: Disable KIE Server Management
  description: "When set to LocalContainersStartupStrategy, allows KIE server to start up and function with local config, even when a controller is configured and unavailable"
  name: KIE_SERVER_MGMT_DISABLED
  example: "true"
  required: false
- displayName: KIE Server Startup Strategy
  description: "When set to LocalContainersStartupStrategy, allows KIE server to start up and function with local config, even when a controller is configured and unavailable."
  name: KIE_SERVER_STARTUP_STRATEGY
  example: "LocalContainersStartupStrategy"
  required: false
objects:
- kind: ServiceAccount
  apiVersion: v1
  metadata:
    name: "${APPLICATION_NAME}-kieserver"
    labels:
      application: "${APPLICATION_NAME}"
- kind: RoleBinding
  apiVersion: v1
  metadata:
     name: "${APPLICATION_NAME}-kieserver-view"
  subjects:
  - kind: ServiceAccount
    name: "${APPLICATION_NAME}-kieserver"
  roleRef:
    name: view
- kind: Service
  apiVersion: v1
  spec:
    ports:
    - name: http
      port: 8080
      targetPort: 8080
    - name: https
      port: 8443
      targetPort: 8443
    selector:
      deploymentConfig: "${APPLICATION_NAME}-kieserver"
  metadata:
    name: "${APPLICATION_NAME}-kieserver"
    labels:
      application: "${APPLICATION_NAME}"
      service: "${APPLICATION_NAME}-kieserver"
    annotations:
      description: All the KIE server web server's ports.
- kind: Service
  apiVersion: v1
  spec:
    clusterIP: "None"
    ports:
    - name: "ping"
      port: 8888
    selector:
      deploymentConfig: "${APPLICATION_NAME}-kieserver"
  metadata:
    name: "${APPLICATION_NAME}-kieserver-ping"
    labels:
      application: "${APPLICATION_NAME}"
      service: "${APPLICATION_NAME}-kieserver"
    annotations:
      service.alpha.kubernetes.io/tolerate-unready-endpoints: "true"
      description: "The JGroups ping port for clustering."
## PostgreSQL service BEGIN
- apiVersion: v1
  kind: Service
  metadata:
    annotations:
      description: The database server's port.
    labels:
      application: ${APPLICATION_NAME}
      service: "${APPLICATION_NAME}-postgresql"
    name: ${APPLICATION_NAME}-postgresql
  spec:
    ports:
    - port: 5432
      targetPort: 5432
    selector:
      deploymentConfig: ${APPLICATION_NAME}-postgresql
## PostgreSQL service END
- kind: Route
  apiVersion: v1
  id: "${APPLICATION_NAME}-kieserver-http"
  metadata:
    name: "${APPLICATION_NAME}-kieserver"
    labels:
      application: "${APPLICATION_NAME}"
      service: "${APPLICATION_NAME}-kieserver"
    annotations:
      description: Route for KIE server's http service.
  spec:
    host: "${EXECUTION_SERVER_HOSTNAME_HTTP}"
    to:
      name: "${APPLICATION_NAME}-kieserver"
    port:
      targetPort: http
- kind: Route
  apiVersion: v1
  id: "${APPLICATION_NAME}-kieserver-https"
  metadata:
    name: "secure-${APPLICATION_NAME}-kieserver"
    labels:
      application: "${APPLICATION_NAME}"
      service: "${APPLICATION_NAME}-kieserver"
    annotations:
      description: Route for KIE server's https service.
  spec:
    host: "${EXECUTION_SERVER_HOSTNAME_HTTPS}"
    to:
      name: "${APPLICATION_NAME}-kieserver"
    port:
      targetPort: https
    tls:
      termination: passthrough
- kind: DeploymentConfig
  apiVersion: v1
  metadata:
    name: "${APPLICATION_NAME}-kieserver"
    labels:
      application: "${APPLICATION_NAME}"
      service: "${APPLICATION_NAME}-kieserver"
  spec:
    strategy:
      type: Recreate
    triggers:
    - type: ImageChange
      imageChangeParams:
        automatic: true
        containerNames:
        - "${APPLICATION_NAME}-kieserver"
        from:
          kind: ImageStreamTag
          namespace: "${IMAGE_STREAM_NAMESPACE}"
          name: "${KIE_SERVER_IMAGE_STREAM_NAME}:${IMAGE_STREAM_TAG}"
    - type: ConfigChange
    replicas: 1
    selector:
      deploymentConfig: "${APPLICATION_NAME}-kieserver"
    template:
      metadata:
        name: "${APPLICATION_NAME}-kieserver"
        labels:
          deploymentConfig: "${APPLICATION_NAME}-kieserver"
          application: "${APPLICATION_NAME}"
          service: "${APPLICATION_NAME}-kieserver"
      spec:
        serviceAccountName: "${APPLICATION_NAME}-kieserver"
        terminationGracePeriodSeconds: 60
        containers:
        - name: "${APPLICATION_NAME}-kieserver"
          image: "${KIE_SERVER_IMAGE_STREAM_NAME}"
          imagePullPolicy: Always
          resources:
            limits:
              memory: "${EXECUTION_SERVER_MEMORY_LIMIT}"
          volumeMounts:
          - name: kieserver-keystore-volume
            mountPath: "/etc/kieserver-secret-volume"
            readOnly: true
          livenessProbe:
            exec:
              command:
              - "/bin/bash"
              - "-c"
              - "curl --fail --silent -u '${KIE_ADMIN_USER}:${KIE_ADMIN_PWD}' http://localhost:8080/services/rest/server/healthcheck"
            initialDelaySeconds: 180
            timeoutSeconds: 2
            periodSeconds: 15
            failureThreshold: 3
          readinessProbe:
            exec:
              command:
              - "/bin/bash"
              - "-c"
              - "curl --fail --silent -u '${KIE_ADMIN_USER}:${KIE_ADMIN_PWD}' http://localhost:8080/services/rest/server/readycheck"
            initialDelaySeconds: 60
            timeoutSeconds: 2
            periodSeconds: 30
            failureThreshold: 6
          ports:
          - name: jolokia
            containerPort: 8778
            protocol: TCP
          - name: http
            containerPort: 8080
            protocol: TCP
          - name: https
            containerPort: 8443
            protocol: TCP
          - name: ping
            containerPort: 8888
            protocol: TCP
          env:
          - name: DROOLS_SERVER_FILTER_CLASSES
            value: "${DROOLS_SERVER_FILTER_CLASSES}"
          - name: KIE_ADMIN_USER
            value: "${KIE_ADMIN_USER}"
          - name: KIE_ADMIN_PWD
            value: "${KIE_ADMIN_PWD}"
          - name: KIE_MBEANS
            value: "${KIE_MBEANS}"
          - name: KIE_SERVER_BYPASS_AUTH_USER
            value: "${KIE_SERVER_BYPASS_AUTH_USER}"
          - name: KIE_SERVER_CONTROLLER_USER
            value: "${KIE_SERVER_CONTROLLER_USER}"
          - name: KIE_SERVER_CONTROLLER_PWD
            value: "${KIE_SERVER_CONTROLLER_PWD}"
          - name: KIE_SERVER_CONTROLLER_SERVICE
            value: "${KIE_SERVER_CONTROLLER_SERVICE}"
          - name: KIE_SERVER_CONTROLLER_HOST
            value: "${KIE_SERVER_CONTROLLER_HOST}"
          - name: KIE_SERVER_CONTROLLER_PORT
            value: "${KIE_SERVER_CONTROLLER_PORT}"
          - name: KIE_SERVER_CONTROLLER_PROTOCOL
            value: "${KIE_SERVER_CONTROLLER_PROTOCOL}"
          - name: KIE_SERVER_CONTROLLER_TOKEN
            value: "${KIE_SERVER_CONTROLLER_TOKEN}"
          - name: KIE_SERVER_CONTROLLER_PROTOCOL
            value: "ws"
          - name: KIE_SERVER_ID
            value: "${KIE_SERVER_ID}"
          - name: KIE_SERVER_HOST
            value: "${EXECUTION_SERVER_HOSTNAME_HTTP}"
          - name: EXECUTION_SERVER_ROUTE_NAME
            value: "${APPLICATION_NAME}-kieserver"
          - name: EXECUTION_SERVER_USE_SECURE_ROUTE_NAME
            value: "${EXECUTION_SERVER_USE_SECURE_ROUTE_NAME}"
          - name: KIE_SERVER_USER
            value: "${KIE_SERVER_USER}"
          - name: KIE_SERVER_PWD
            value: "${KIE_SERVER_PWD}"
          - name: KIE_SERVER_CONTAINER_DEPLOYMENT
            value: "${KIE_SERVER_CONTAINER_DEPLOYMENT}"
          - name: MAVEN_REPOS
            value: "RHPAMCENTR,EXTERNAL"
          - name: RHPAMCENTR_MAVEN_REPO_SERVICE
            value: "${BUSINESS_CENTRAL_MAVEN_SERVICE}"
          - name: RHPAMCENTR_MAVEN_REPO_PATH
            value: "/maven2/"
          - name: RHPAMCENTR_MAVEN_REPO_USERNAME
            value: "${BUSINESS_CENTRAL_MAVEN_USERNAME}"
          - name: RHPAMCENTR_MAVEN_REPO_PASSWORD
            value: "${BUSINESS_CENTRAL_MAVEN_PASSWORD}"
          - name: EXTERNAL_MAVEN_REPO_URL
            value: "${MAVEN_REPO_URL}"
          - name: EXTERNAL_MAVEN_REPO_USERNAME
            value: "${MAVEN_REPO_USERNAME}"
          - name: EXTERNAL_MAVEN_REPO_PASSWORD
            value: "${MAVEN_REPO_PASSWORD}"
          - name: KIE_SERVER_ROUTER_SERVICE
            value: "${KIE_SERVER_ROUTER_SERVICE}"
          - name: KIE_SERVER_ROUTER_HOST
            value: "${KIE_SERVER_ROUTER_HOST}"
          - name: KIE_SERVER_ROUTER_PORT
            value: "${KIE_SERVER_ROUTER_PORT}"
          - name: KIE_SERVER_ROUTER_PROTOCOL
            value: "${KIE_SERVER_ROUTER_PROTOCOL}"
          - name: KIE_SERVER_MGMT_DISABLED
            value: "${KIE_SERVER_MGMT_DISABLED}"
          - name: KIE_SERVER_STARTUP_STRATEGY
            value: "${KIE_SERVER_STARTUP_STRATEGY}"
          - name: KIE_SERVER_PERSISTENCE_DS
            value: "${KIE_SERVER_PERSISTENCE_DS}"
          - name: DATASOURCES
            value: "RHPAM"
## PostgreSQL driver settings BEGIN
          - name: RHPAM_DATABASE
            value: "${KIE_SERVER_POSTGRESQL_DB}"
          - name: RHPAM_DRIVER
            value: "postgresql"
          - name: RHPAM_USERNAME
            value: "${KIE_SERVER_POSTGRESQL_USER}"
          - name: RHPAM_PASSWORD
            value: "${KIE_SERVER_POSTGRESQL_PWD}"
          - name: RHPAM_SERVICE_HOST
            value: "${APPLICATION_NAME}-postgresql"
          - name: RHPAM_SERVICE_PORT
            value: "5432"
          - name: TIMER_SERVICE_DATA_STORE
            value: "${APPLICATION_NAME}-postgresql"
          - name: KIE_SERVER_PERSISTENCE_DIALECT
            value: "org.hibernate.dialect.PostgreSQLDialect"
## PostgreSQL driver settings END
          - name: RHPAM_JTA
            value: "true"
          - name: RHPAM_JNDI
            value: "${KIE_SERVER_PERSISTENCE_DS}"
          - name: TIMER_SERVICE_DATA_STORE_REFRESH_INTERVAL
            value: "${TIMER_SERVICE_DATA_STORE_REFRESH_INTERVAL}"
          - name: HTTPS_KEYSTORE_DIR
            value: "/etc/kieserver-secret-volume"
          - name: HTTPS_KEYSTORE
            value: "${KIE_SERVER_HTTPS_KEYSTORE}"
          - name: HTTPS_NAME
            value: "${KIE_SERVER_HTTPS_NAME}"
          - name: HTTPS_PASSWORD
            value: "${KIE_SERVER_HTTPS_PASSWORD}"
          - name: JGROUPS_PING_PROTOCOL
            value: "openshift.DNS_PING"
          - name: OPENSHIFT_DNS_PING_SERVICE_NAME
            value: "${APPLICATION_NAME}-kieserver-ping"
          - name: OPENSHIFT_DNS_PING_SERVICE_PORT
            value: "8888"
        volumes:
        - name: kieserver-keystore-volume
          secret:
            secretName: "${KIE_SERVER_HTTPS_SECRET}"
## PostgreSQL deployment config BEGIN
- kind: DeploymentConfig
  apiVersion: v1
  metadata:
    name: "${APPLICATION_NAME}-postgresql"
    labels:
      application: "${APPLICATION_NAME}"
      service: "${APPLICATION_NAME}-postgresql"
  spec:
    strategy:
      type: Recreate
    triggers:
    - type: ImageChange
      imageChangeParams:
        automatic: true
        containerNames:
        - "${APPLICATION_NAME}-postgresql"
        from:
          kind: ImageStreamTag
          namespace: "${IMAGE_STREAM_NAMESPACE}"
          name: "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
    - type: ConfigChange
    replicas: 1
    selector:
      deploymentConfig: "${APPLICATION_NAME}-postgresql"
    template:
      metadata:
        name: "${APPLICATION_NAME}-postgresql"
        labels:
          deploymentConfig: "${APPLICATION_NAME}-postgresql"
          application: "${APPLICATION_NAME}"
          service: "${APPLICATION_NAME}-postgresql"
      spec:
        terminationGracePeriodSeconds: 60
        containers:
        - name: "${APPLICATION_NAME}-postgresql"
          image: postgresql
          imagePullPolicy: Always
          livenessProbe:
            exec:
              command:
              - "/usr/libexec/check-container"
              - "--live"
            initialDelaySeconds: 120
            timeoutSeconds: 10
          readinessProbe:
            exec:
              command:
              - "/usr/libexec/check-container"
            initialDelaySeconds: 5
            timeoutSeconds: 1
          ports:
          - containerPort: 5432
            protocol: TCP
          volumeMounts:
          - mountPath: "/var/lib/pgsql/data"
            name: "${APPLICATION_NAME}-postgresql-pvol"
          env:
          - name: POSTGRESQL_USER
            value: "${KIE_SERVER_POSTGRESQL_USER}"
          - name: POSTGRESQL_PASSWORD
            value: "${KIE_SERVER_POSTGRESQL_PWD}"
          - name: POSTGRESQL_DATABASE
            value: "${KIE_SERVER_POSTGRESQL_DB}"
          - name: POSTGRESQL_MAX_PREPARED_TRANSACTIONS
            value: "${POSTGRESQL_MAX_PREPARED_TRANSACTIONS}"
        volumes:
        - name: "${APPLICATION_NAME}-postgresql-pvol"
          persistentVolumeClaim:
            claimName: "${APPLICATION_NAME}-postgresql-claim"
## PostgreSQL deployment config END
## PostgreSQL persistent volume claim BEGIN
- apiVersion: v1
  kind: PersistentVolumeClaim
  metadata:
    name: "${APPLICATION_NAME}-postgresql-claim"
    labels:
      application: "${APPLICATION_NAME}"
      service: "${APPLICATION_NAME}-postgresql"
  spec:
    accessModes:
    - ReadWriteOnce
    resources:
      requests:
        storage: "${DB_VOLUME_CAPACITY}"
## PostgreSQL persistent volume claim END

 extras/backup/vol04-pv.yaml

New file
@@ -0,0 +1,13 @@
apiVersion: v1
kind: PersistentVolume
metadata:
  name: vol04
spec:
  capacity:
    storage: 1Gi
  accessModes:
  - ReadWriteOnce
  persistentVolumeReclaimPolicy: Retain
  nfs:
    path: /var/exports/vol04
    server: services.lab.example.com