From 5889913bc2e1f30e09d7ee1472424ad56852005a Mon Sep 17 00:00:00 2001
From: Ricardo Jun <jtaniguc@redhat.com>
Date: Fri, 05 Oct 2018 14:47:30 +0200
Subject: [PATCH] Included persistent volume to deploy postgresql version of the KieServerAdded template with postgresql version of KieServer supportUpdated script to create the lab environment
---
extras/backup/execution.sh | 63 ++++
extras/backup/vol04-pv.yaml | 13 +
extras/backup/rhpam70-kieserver-postgresql.yaml | 640 +++++++++++++++++++++++++++++++++++++++++++++++++++++
3 files changed, 705 insertions(+), 11 deletions(-)
diff --git a/extras/backup/execution.sh b/extras/backup/execution.sh
index 42612d7..6d5497a 100644
--- a/extras/backup/execution.sh
+++ b/extras/backup/execution.sh
@@ -1,6 +1,7 @@
ssh root@services mkdir -p /var/exports/vol01
ssh root@services mkdir -p /var/exports/vol02
ssh root@services mkdir -p /var/exports/vol03
+ssh root@services mkdir -p /var/exports/vol04
ssh root@services chown nfsnobody:nfsnobody /var/exports/vol*
ssh root@services chmod a+rwx /var/exports/vol*
@@ -10,6 +11,7 @@
/var/exports/vol01 *(rw,root_squash)
/var/exports/vol02 *(rw,root_squash)
/var/exports/vol03 *(rw,root_squash)
+/var/exports/vol04 *(rw,root_squash)
exportfs -a
@@ -19,18 +21,21 @@
ssh root@master oc create -f vol01-pv.yaml
ssh root@master oc create -f vol02-pv.yaml
ssh root@master oc create -f vol03-pv.yaml
+ssh root@master oc create -f vol03-pv.yaml
+
+# Create PAM without database
ssh root@master oc new-project bxms-pam-dc39
ssh root@master oc label namespace bxms-pam-dc39 AAD='dc39'
ssh root@master oc project default
ssh root@master mkdir /tmp/dc39
-ssh root@master oc process -f https://raw.githubusercontent.com/jboss-container-images/rhpam-7-openshift-image/7.0.2.GA/templates/rhpam70-authoring.yaml \
- -p IMAGE_STREAM_NAMESPACE=bxms-pam-dc39 \
- -p KIE_ADMIN_PWD=test1234! \
- -p APPLICATION_NAME=rht \
- -p BUSINESS_CENTRAL_HTTPS_SECRET=businesscentral-app-secret \
- -p MAVEN_REPO_URL=http://services.lab.example.com:8081/nexus/content/groups/training-java \
- -p KIE_SERVER_HTTPS_SECRET=businesscentral-app-secret > /tmp/dc39/rhpam70-authoring.json
+#ssh root@master oc process -f https://raw.githubusercontent.com/jboss-container-images/rhpam-7-openshift-image/7.0.2.GA/templates/rhpam70-authoring.yaml \
+# -p IMAGE_STREAM_NAMESPACE=bxms-pam-dc39 \
+# -p KIE_ADMIN_PWD=test1234! \
+# -p APPLICATION_NAME=rht \
+# -p BUSINESS_CENTRAL_HTTPS_SECRET=businesscentral-app-secret \
+# -p MAVEN_REPO_URL=http://services.lab.example.com:8081/nexus/content/groups/training-java \
+# -p KIE_SERVER_HTTPS_SECRET=businesscentral-app-secret > /tmp/dc39/rhpam70-authoring.json
#- name: Modify template with pause build configs
#replace:
@@ -45,10 +50,6 @@
-n bxms-pam-dc39
oc create -f /tmp/dc39/rhpam70-authoring.json -n bxms-pam-dc39
oc rollout resume dc/rht-rhpamcentr -n bxms-pam-dc39
-# get_url:
-# url: 'https://raw.githubusercontent.com/gpe-mw-training/rhpam-order-fulfillment/master/src/main/resources/products.txt'
-# dest: /tmp/dc39/products.txt
-
oc create configmap products-cm --from-file=/tmp/dc39/products.txt -n bxms-pam-dc39
oc volume dc/rht-kieserver -n bxms-pam-dc39 \
@@ -65,3 +66,43 @@
oc annotate namespace bxms-pam-dc39 openshift.io/requester=developer --overwrite
oc policy add-role-to-user admin developer -n bxms-pam-dc39
+
+# Create PAM with Postgresql
+
+ssh root@master oc new-project bxms-pamdb-dc39
+ssh root@master oc label namespace bxms-pamdb-dc39 AAD='dc39'
+ssh root@master oc project default
+ssh root@master mkdir /tmp/dc39
+#ssh root@master oc process -f https://raw.githubusercontent.com/jboss-container-images/rhpam-7-openshift-image/7.0.2.GA/templates/rhpam70-authoring.yaml \
+# -p IMAGE_STREAM_NAMESPACE=bxms-pam-dc39 \
+# -p KIE_ADMIN_PWD=test1234! \
+# -p APPLICATION_NAME=rht \
+# -p BUSINESS_CENTRAL_HTTPS_SECRET=businesscentral-app-secret \
+# -p MAVEN_REPO_URL=http://services.lab.example.com:8081/nexus/content/groups/training-java \
+# -p KIE_SERVER_HTTPS_SECRET=businesscentral-app-secret > /tmp/dc39/rhpam70-authoring.json
+
+
+oc create -f https://raw.githubusercontent.com/jboss-container-images/rhpam-7-openshift-image/7.0.2.GA/example-app-secret-template.yaml -n bxms-pamdb-dc39
+oc create -f /tmp/dc39/rhpam70-image-streams.yaml -n bxms-pamdb-dc39
+oc new-app --template=example-app-secret \
+ -p SECRET_NAME=businesscentral-app-secret \
+ -n bxms-pamdb-dc39
+oc create -f /tmp/dc39/rhpam70-authoring.json -n bxms-pamdb-dc39
+oc rollout resume dc/rht-rhpamcentr -n bxms-pamdb-dc39
+oc create configmap products-cm --from-file=/tmp/dc39/products.txt -n bxms-pamdb-dc39
+
+oc volume dc/rht-kieserver -n bxms-pam-dc39 \
+ --overwrite --add -t configmap -m /data --name=products-volume --configmap-name=products-cm
+
+oc rollout resume dc/rht-kieserver -n bxms-pamdb-dc39
+
+#- include_tasks: ./wait_for_deploy.yml
+#static: no
+# vars:
+# pod_to_wait:
+# - "rht-kieserver"
+
+oc annotate namespace bxms-pamdb-dc39 openshift.io/requester=developer --overwrite
+
+oc policy add-role-to-user admin developer -n bxms-pamdb-dc39
+
diff --git a/extras/backup/rhpam70-kieserver-postgresql.yaml b/extras/backup/rhpam70-kieserver-postgresql.yaml
new file mode 100644
index 0000000..f2fb600
--- /dev/null
+++ b/extras/backup/rhpam70-kieserver-postgresql.yaml
@@ -0,0 +1,640 @@
+---
+kind: Template
+apiVersion: v1
+metadata:
+ annotations:
+ description: Application template for a managed KIE server with a PostgreSQL database, for Red Hat Process Automation Manager 7.0
+ iconClass: icon-jboss
+ tags: rhpam,jboss,kieserver,postgresql
+ version: "1.2"
+ openshift.io/display-name: Red Hat Process Automation Manager 7.0 managed KIE server with a PostgreSQL database
+ template.openshift.io/bindable: "false"
+ name: rhpam70-kieserver-postgresql
+labels:
+ template: rhpam70-kieserver-postgresql
+ rhpam: "1.2"
+message: A new environment has been set up for Red Hat Process Automation Manager 7. The username/password for accessing the KIE server is ${KIE_SERVER_USER}/${KIE_SERVER_PWD}.
+parameters:
+- displayName: Application Name
+ description: The name for the application.
+ name: APPLICATION_NAME
+ value: myapp
+ required: true
+- displayName: Maven repository URL
+ description: Fully qualified URL to a Maven repository or service.
+ name: MAVEN_REPO_URL
+ example: http://nexus.nexus-project.svc.cluster.local:8081/nexus/content/groups/public/
+ required: true
+- displayName: Maven repository username
+ description: Username to access the Maven repository, if required.
+ name: MAVEN_REPO_USERNAME
+ required: false
+- displayName: Maven repository password
+ description: Password to access the Maven repository, if required.
+ name: MAVEN_REPO_PASSWORD
+ required: false
+- displayName: Name of the Maven service hosted by Business Central
+ description: The service name for the optional business central, where it can be reached, to allow service lookups (for maven repo usage), if required
+ name: BUSINESS_CENTRAL_MAVEN_SERVICE
+ example: "myapp-rhpamcentr"
+ required: false
+- displayName: Username for the Maven service hosted by Business Central
+ description: Username to access the Maven service hosted by Business Central inside EAP.
+ name: BUSINESS_CENTRAL_MAVEN_USERNAME
+ example: "mavenUser"
+ required: false
+- displayName: Password for the Maven service hosted by Business Central
+ description: Password to access the Maven service hosted by Business Central inside EAP.
+ name: BUSINESS_CENTRAL_MAVEN_PASSWORD
+ example: "maven1!"
+ required: false
+- displayName: KIE Admin User
+ description: KIE administrator username
+ name: KIE_ADMIN_USER
+ value: adminUser
+ required: false
+- displayName: KIE Admin Password
+ description: KIE administrator password
+ name: KIE_ADMIN_PWD
+ from: "[a-zA-Z]{6}[0-9]{1}!"
+ generate: expression
+ required: false
+- displayName: KIE Server ID
+ description: The KIE server ID to use, which defaults to ${APPLICATION_NAME}-kieserver if not specified (Sets the org.kie.server.id system property).
+ name: KIE_SERVER_ID
+ required: false
+- displayName: KIE Server User
+ description: KIE execution server username (Sets the org.kie.server.user system property)
+ name: KIE_SERVER_USER
+ value: executionUser
+ required: false
+- displayName: KIE Server Password
+ description: KIE execution server password (Sets the org.kie.server.pwd system property)
+ name: KIE_SERVER_PWD
+ from: "[a-zA-Z]{6}[0-9]{1}!"
+ generate: expression
+ required: false
+- displayName: ImageStream Namespace
+ description: Namespace in which the ImageStreams for Red Hat Middleware images are
+ installed. These ImageStreams are normally installed in the openshift namespace.
+ You should only need to modify this if you've installed the ImageStreams in a
+ different namespace/project.
+ name: IMAGE_STREAM_NAMESPACE
+ value: openshift
+ required: true
+- displayName: KIE Server ImageStream Name
+ description: The name of the image stream to use for KIE Execution Server. Default is "rhpam70-kieserver-openshift".
+ name: KIE_SERVER_IMAGE_STREAM_NAME
+ value: "rhpam70-kieserver-openshift"
+ required: true
+- displayName: ImageStream Tag
+ description: A named pointer to an image in an image stream. Default is "1.2".
+ name: IMAGE_STREAM_TAG
+ value: "1.2"
+ required: true
+- displayName: Smart Router Service
+ description: The service name for the optional smart router, where it can be reached, to allow smart routing
+ name: KIE_SERVER_ROUTER_SERVICE
+ required: false
+- displayName: Smart Router Host
+ description: "The host name of the smart router, which could be the service name resolved by OpenShift or a globally resolvable domain name"
+ name: KIE_SERVER_ROUTER_HOST
+ example: "myapp-smartrouter"
+ required: false
+- displayName: Smart Router listening port
+ description: Port in which the smart router server listens (router property org.kie.server.router.port)
+ name: KIE_SERVER_ROUTER_PORT
+ example: "9000"
+ required: false
+- displayName: Smart Router protocol
+ description: KIE server router protocol (Used to build the org.kie.server.router.url.external property)
+ name: KIE_SERVER_ROUTER_PROTOCOL
+ example: "http"
+ required: false
+- displayName: KIE Server Controller Service
+ description: The service name for the optional business-central-monitor, where it can be reached and registered with, to allow monitoring console functionality
+ name: KIE_SERVER_CONTROLLER_SERVICE
+ required: false
+- displayName: KIE Server Controller User
+ description: KIE server controller username (Sets the org.kie.server.controller.user system property)
+ name: KIE_SERVER_CONTROLLER_USER
+ value: controllerUser
+ required: false
+- displayName: KIE Server Controller Password
+ description: KIE server controller password (Sets the org.kie.server.controller.pwd system property)
+ name: KIE_SERVER_CONTROLLER_PWD
+ required: false
+- displayName: KIE server controller host
+ description: KIE server controller host (Used to set the org.kie.server.controller system property)
+ name: KIE_SERVER_CONTROLLER_HOST
+ example: my-app-controller-ocpuser.os.example.com
+ required: false
+- displayName: KIE server controller port
+ description: KIE server controller port (Used to set the org.kie.server.controller system property)
+ name: KIE_SERVER_CONTROLLER_PORT
+ example: '8080'
+ required: false
+- displayName: KIE server controller protocol
+ description: KIE server controller protocol (Used to set the org.kie.server.controller system property)
+ name: KIE_SERVER_CONTROLLER_PROTOCOL
+ example: http
+ required: false
+- displayName: KIE Server controller token
+ description: KIE server controller token for bearer authentication (Sets the org.kie.server.controller.token system property)
+ name: KIE_SERVER_CONTROLLER_TOKEN
+ required: false
+- displayName: KIE Server Persistence DS
+ description: KIE execution server persistence datasource (Sets the org.kie.server.persistence.ds system property)
+ name: KIE_SERVER_PERSISTENCE_DS
+ value: java:/jboss/datasources/rhpam
+ required: false
+## PostgreSQL database parameters BEGIN
+- displayName: KIE Server PostgreSQL Database User
+ description: KIE execution server PostgreSQL database username
+ name: KIE_SERVER_POSTGRESQL_USER
+ value: rhpam
+ required: false
+- displayName: KIE Server PostgreSQL Database Password
+ description: KIE execution server PostgreSQL database password
+ name: KIE_SERVER_POSTGRESQL_PWD
+ from: "[a-zA-Z]{6}[0-9]{1}!"
+ generate: expression
+ required: false
+- displayName: KIE Server PostgreSQL Database Name
+ description: KIE execution server PostgreSQL database name
+ name: KIE_SERVER_POSTGRESQL_DB
+ value: rhpam7
+ required: false
+- displayName: PostgreSQL ImageStream Tag
+ description: The PostgreSQL image version, which is intended to correspond to the PostgreSQL version. Default is "9.6".
+ name: POSTGRESQL_IMAGE_STREAM_TAG
+ value: "9.6"
+- displayName: PostgreSQL Database max prepared connections
+ description: Allows the PostgreSQL to handle XA transactions.
+ name: POSTGRESQL_MAX_PREPARED_TRANSACTIONS
+ value: '100'
+ required: true
+- displayName: Database Volume Capacity
+ description: Size of persistent storage for database volume.
+ name: DB_VOLUME_CAPACITY
+ value: 1Gi
+## PostgreSQL database parameters END
+- displayName: Drools Server Filter Classes
+ description: KIE execution server class filtering (Sets the org.drools.server.filter.classes system property)
+ name: DROOLS_SERVER_FILTER_CLASSES
+ value: 'true'
+ required: false
+- displayName: KIE MBeans
+ description: KIE execution server mbeans enabled/disabled (Sets the kie.mbeans and kie.scanner.mbeans system properties)
+ name: KIE_MBEANS
+ value: enabled
+ required: false
+- displayName: Execution Server Custom http Route Hostname
+ description: 'Custom hostname for http service route, if set will also configure the KIE_SERVER_HOST. Leave blank for default hostname,
+ e.g.: <application-name>-kieserver-<project>.<default-domain-suffix>'
+ name: EXECUTION_SERVER_HOSTNAME_HTTP
+ value: ''
+ required: false
+- displayName: Execution Server Custom https Route Hostname
+ description: 'Custom hostname for https service route. Leave blank for default
+ hostname, e.g.: secure-<application-name>-kieserver-<project>.<default-domain-suffix>'
+ name: EXECUTION_SERVER_HOSTNAME_HTTPS
+ value: ''
+ required: false
+- displayName: Use the secure route name to set KIE_SERVER_HOST.
+ description: Use https for the KIE_SERVER_HOST when it is not explicit configured to a custom value.
+ name: EXECUTION_SERVER_USE_SECURE_ROUTE_NAME
+ value: 'false'
+ required: false
+- displayName: KIE Server Keystore Secret Name
+ description: The name of the secret containing the keystore file
+ name: KIE_SERVER_HTTPS_SECRET
+ example: kieserver-app-secret
+ required: true
+- displayName: KIE Server Keystore Filename
+ description: The name of the keystore file within the secret
+ name: KIE_SERVER_HTTPS_KEYSTORE
+ value: keystore.jks
+ required: false
+- displayName: KIE Server Certificate Name
+ description: The name associated with the server certificate
+ name: KIE_SERVER_HTTPS_NAME
+ value: jboss
+ required: false
+- displayName: KIE Server Keystore Password
+ description: The password for the keystore and certificate
+ name: KIE_SERVER_HTTPS_PASSWORD
+ value: mykeystorepass
+ required: false
+- displayName: KIE Server Bypass Auth User
+ description: KIE execution server bypass auth user (Sets the org.kie.server.bypass.auth.user system property)
+ name: KIE_SERVER_BYPASS_AUTH_USER
+ value: 'false'
+ required: false
+- displayName: "Timer service data store refresh interval (in milliseconds)"
+ description: "Sets refresh-interval for the EJB timer database data-store service."
+ name: TIMER_SERVICE_DATA_STORE_REFRESH_INTERVAL
+ value: '30000'
+ required: false
+- displayName: Execution Server Container Memory Limit
+ description: Execution Server Container memory limit
+ name: EXECUTION_SERVER_MEMORY_LIMIT
+ value: 1Gi
+ required: false
+- displayName: KIE Server Container Deployment
+ description: 'KIE Server Container deployment configuration in format: containerId=groupId:artifactId:version|c2=g2:a2:v2'
+ name: KIE_SERVER_CONTAINER_DEPLOYMENT
+ example: rhpam-kieserver-library=org.openshift.quickstarts:rhpam-kieserver-library:1.4.0-SNAPSHOT
+ required: false
+- displayName: Disable KIE Server Management
+ description: "When set to LocalContainersStartupStrategy, allows KIE server to start up and function with local config, even when a controller is configured and unavailable"
+ name: KIE_SERVER_MGMT_DISABLED
+ example: "true"
+ required: false
+- displayName: KIE Server Startup Strategy
+ description: "When set to LocalContainersStartupStrategy, allows KIE server to start up and function with local config, even when a controller is configured and unavailable."
+ name: KIE_SERVER_STARTUP_STRATEGY
+ example: "LocalContainersStartupStrategy"
+ required: false
+objects:
+- kind: ServiceAccount
+ apiVersion: v1
+ metadata:
+ name: "${APPLICATION_NAME}-kieserver"
+ labels:
+ application: "${APPLICATION_NAME}"
+- kind: RoleBinding
+ apiVersion: v1
+ metadata:
+ name: "${APPLICATION_NAME}-kieserver-view"
+ subjects:
+ - kind: ServiceAccount
+ name: "${APPLICATION_NAME}-kieserver"
+ roleRef:
+ name: view
+- kind: Service
+ apiVersion: v1
+ spec:
+ ports:
+ - name: http
+ port: 8080
+ targetPort: 8080
+ - name: https
+ port: 8443
+ targetPort: 8443
+ selector:
+ deploymentConfig: "${APPLICATION_NAME}-kieserver"
+ metadata:
+ name: "${APPLICATION_NAME}-kieserver"
+ labels:
+ application: "${APPLICATION_NAME}"
+ service: "${APPLICATION_NAME}-kieserver"
+ annotations:
+ description: All the KIE server web server's ports.
+- kind: Service
+ apiVersion: v1
+ spec:
+ clusterIP: "None"
+ ports:
+ - name: "ping"
+ port: 8888
+ selector:
+ deploymentConfig: "${APPLICATION_NAME}-kieserver"
+ metadata:
+ name: "${APPLICATION_NAME}-kieserver-ping"
+ labels:
+ application: "${APPLICATION_NAME}"
+ service: "${APPLICATION_NAME}-kieserver"
+ annotations:
+ service.alpha.kubernetes.io/tolerate-unready-endpoints: "true"
+ description: "The JGroups ping port for clustering."
+## PostgreSQL service BEGIN
+- apiVersion: v1
+ kind: Service
+ metadata:
+ annotations:
+ description: The database server's port.
+ labels:
+ application: ${APPLICATION_NAME}
+ service: "${APPLICATION_NAME}-postgresql"
+ name: ${APPLICATION_NAME}-postgresql
+ spec:
+ ports:
+ - port: 5432
+ targetPort: 5432
+ selector:
+ deploymentConfig: ${APPLICATION_NAME}-postgresql
+## PostgreSQL service END
+- kind: Route
+ apiVersion: v1
+ id: "${APPLICATION_NAME}-kieserver-http"
+ metadata:
+ name: "${APPLICATION_NAME}-kieserver"
+ labels:
+ application: "${APPLICATION_NAME}"
+ service: "${APPLICATION_NAME}-kieserver"
+ annotations:
+ description: Route for KIE server's http service.
+ spec:
+ host: "${EXECUTION_SERVER_HOSTNAME_HTTP}"
+ to:
+ name: "${APPLICATION_NAME}-kieserver"
+ port:
+ targetPort: http
+- kind: Route
+ apiVersion: v1
+ id: "${APPLICATION_NAME}-kieserver-https"
+ metadata:
+ name: "secure-${APPLICATION_NAME}-kieserver"
+ labels:
+ application: "${APPLICATION_NAME}"
+ service: "${APPLICATION_NAME}-kieserver"
+ annotations:
+ description: Route for KIE server's https service.
+ spec:
+ host: "${EXECUTION_SERVER_HOSTNAME_HTTPS}"
+ to:
+ name: "${APPLICATION_NAME}-kieserver"
+ port:
+ targetPort: https
+ tls:
+ termination: passthrough
+- kind: DeploymentConfig
+ apiVersion: v1
+ metadata:
+ name: "${APPLICATION_NAME}-kieserver"
+ labels:
+ application: "${APPLICATION_NAME}"
+ service: "${APPLICATION_NAME}-kieserver"
+ spec:
+ strategy:
+ type: Recreate
+ triggers:
+ - type: ImageChange
+ imageChangeParams:
+ automatic: true
+ containerNames:
+ - "${APPLICATION_NAME}-kieserver"
+ from:
+ kind: ImageStreamTag
+ namespace: "${IMAGE_STREAM_NAMESPACE}"
+ name: "${KIE_SERVER_IMAGE_STREAM_NAME}:${IMAGE_STREAM_TAG}"
+ - type: ConfigChange
+ replicas: 1
+ selector:
+ deploymentConfig: "${APPLICATION_NAME}-kieserver"
+ template:
+ metadata:
+ name: "${APPLICATION_NAME}-kieserver"
+ labels:
+ deploymentConfig: "${APPLICATION_NAME}-kieserver"
+ application: "${APPLICATION_NAME}"
+ service: "${APPLICATION_NAME}-kieserver"
+ spec:
+ serviceAccountName: "${APPLICATION_NAME}-kieserver"
+ terminationGracePeriodSeconds: 60
+ containers:
+ - name: "${APPLICATION_NAME}-kieserver"
+ image: "${KIE_SERVER_IMAGE_STREAM_NAME}"
+ imagePullPolicy: Always
+ resources:
+ limits:
+ memory: "${EXECUTION_SERVER_MEMORY_LIMIT}"
+ volumeMounts:
+ - name: kieserver-keystore-volume
+ mountPath: "/etc/kieserver-secret-volume"
+ readOnly: true
+ livenessProbe:
+ exec:
+ command:
+ - "/bin/bash"
+ - "-c"
+ - "curl --fail --silent -u '${KIE_ADMIN_USER}:${KIE_ADMIN_PWD}' http://localhost:8080/services/rest/server/healthcheck"
+ initialDelaySeconds: 180
+ timeoutSeconds: 2
+ periodSeconds: 15
+ failureThreshold: 3
+ readinessProbe:
+ exec:
+ command:
+ - "/bin/bash"
+ - "-c"
+ - "curl --fail --silent -u '${KIE_ADMIN_USER}:${KIE_ADMIN_PWD}' http://localhost:8080/services/rest/server/readycheck"
+ initialDelaySeconds: 60
+ timeoutSeconds: 2
+ periodSeconds: 30
+ failureThreshold: 6
+ ports:
+ - name: jolokia
+ containerPort: 8778
+ protocol: TCP
+ - name: http
+ containerPort: 8080
+ protocol: TCP
+ - name: https
+ containerPort: 8443
+ protocol: TCP
+ - name: ping
+ containerPort: 8888
+ protocol: TCP
+ env:
+ - name: DROOLS_SERVER_FILTER_CLASSES
+ value: "${DROOLS_SERVER_FILTER_CLASSES}"
+ - name: KIE_ADMIN_USER
+ value: "${KIE_ADMIN_USER}"
+ - name: KIE_ADMIN_PWD
+ value: "${KIE_ADMIN_PWD}"
+ - name: KIE_MBEANS
+ value: "${KIE_MBEANS}"
+ - name: KIE_SERVER_BYPASS_AUTH_USER
+ value: "${KIE_SERVER_BYPASS_AUTH_USER}"
+ - name: KIE_SERVER_CONTROLLER_USER
+ value: "${KIE_SERVER_CONTROLLER_USER}"
+ - name: KIE_SERVER_CONTROLLER_PWD
+ value: "${KIE_SERVER_CONTROLLER_PWD}"
+ - name: KIE_SERVER_CONTROLLER_SERVICE
+ value: "${KIE_SERVER_CONTROLLER_SERVICE}"
+ - name: KIE_SERVER_CONTROLLER_HOST
+ value: "${KIE_SERVER_CONTROLLER_HOST}"
+ - name: KIE_SERVER_CONTROLLER_PORT
+ value: "${KIE_SERVER_CONTROLLER_PORT}"
+ - name: KIE_SERVER_CONTROLLER_PROTOCOL
+ value: "${KIE_SERVER_CONTROLLER_PROTOCOL}"
+ - name: KIE_SERVER_CONTROLLER_TOKEN
+ value: "${KIE_SERVER_CONTROLLER_TOKEN}"
+ - name: KIE_SERVER_CONTROLLER_PROTOCOL
+ value: "ws"
+ - name: KIE_SERVER_ID
+ value: "${KIE_SERVER_ID}"
+ - name: KIE_SERVER_HOST
+ value: "${EXECUTION_SERVER_HOSTNAME_HTTP}"
+ - name: EXECUTION_SERVER_ROUTE_NAME
+ value: "${APPLICATION_NAME}-kieserver"
+ - name: EXECUTION_SERVER_USE_SECURE_ROUTE_NAME
+ value: "${EXECUTION_SERVER_USE_SECURE_ROUTE_NAME}"
+ - name: KIE_SERVER_USER
+ value: "${KIE_SERVER_USER}"
+ - name: KIE_SERVER_PWD
+ value: "${KIE_SERVER_PWD}"
+ - name: KIE_SERVER_CONTAINER_DEPLOYMENT
+ value: "${KIE_SERVER_CONTAINER_DEPLOYMENT}"
+ - name: MAVEN_REPOS
+ value: "RHPAMCENTR,EXTERNAL"
+ - name: RHPAMCENTR_MAVEN_REPO_SERVICE
+ value: "${BUSINESS_CENTRAL_MAVEN_SERVICE}"
+ - name: RHPAMCENTR_MAVEN_REPO_PATH
+ value: "/maven2/"
+ - name: RHPAMCENTR_MAVEN_REPO_USERNAME
+ value: "${BUSINESS_CENTRAL_MAVEN_USERNAME}"
+ - name: RHPAMCENTR_MAVEN_REPO_PASSWORD
+ value: "${BUSINESS_CENTRAL_MAVEN_PASSWORD}"
+ - name: EXTERNAL_MAVEN_REPO_URL
+ value: "${MAVEN_REPO_URL}"
+ - name: EXTERNAL_MAVEN_REPO_USERNAME
+ value: "${MAVEN_REPO_USERNAME}"
+ - name: EXTERNAL_MAVEN_REPO_PASSWORD
+ value: "${MAVEN_REPO_PASSWORD}"
+ - name: KIE_SERVER_ROUTER_SERVICE
+ value: "${KIE_SERVER_ROUTER_SERVICE}"
+ - name: KIE_SERVER_ROUTER_HOST
+ value: "${KIE_SERVER_ROUTER_HOST}"
+ - name: KIE_SERVER_ROUTER_PORT
+ value: "${KIE_SERVER_ROUTER_PORT}"
+ - name: KIE_SERVER_ROUTER_PROTOCOL
+ value: "${KIE_SERVER_ROUTER_PROTOCOL}"
+ - name: KIE_SERVER_MGMT_DISABLED
+ value: "${KIE_SERVER_MGMT_DISABLED}"
+ - name: KIE_SERVER_STARTUP_STRATEGY
+ value: "${KIE_SERVER_STARTUP_STRATEGY}"
+ - name: KIE_SERVER_PERSISTENCE_DS
+ value: "${KIE_SERVER_PERSISTENCE_DS}"
+ - name: DATASOURCES
+ value: "RHPAM"
+## PostgreSQL driver settings BEGIN
+ - name: RHPAM_DATABASE
+ value: "${KIE_SERVER_POSTGRESQL_DB}"
+ - name: RHPAM_DRIVER
+ value: "postgresql"
+ - name: RHPAM_USERNAME
+ value: "${KIE_SERVER_POSTGRESQL_USER}"
+ - name: RHPAM_PASSWORD
+ value: "${KIE_SERVER_POSTGRESQL_PWD}"
+ - name: RHPAM_SERVICE_HOST
+ value: "${APPLICATION_NAME}-postgresql"
+ - name: RHPAM_SERVICE_PORT
+ value: "5432"
+ - name: TIMER_SERVICE_DATA_STORE
+ value: "${APPLICATION_NAME}-postgresql"
+ - name: KIE_SERVER_PERSISTENCE_DIALECT
+ value: "org.hibernate.dialect.PostgreSQLDialect"
+## PostgreSQL driver settings END
+ - name: RHPAM_JTA
+ value: "true"
+ - name: RHPAM_JNDI
+ value: "${KIE_SERVER_PERSISTENCE_DS}"
+ - name: TIMER_SERVICE_DATA_STORE_REFRESH_INTERVAL
+ value: "${TIMER_SERVICE_DATA_STORE_REFRESH_INTERVAL}"
+ - name: HTTPS_KEYSTORE_DIR
+ value: "/etc/kieserver-secret-volume"
+ - name: HTTPS_KEYSTORE
+ value: "${KIE_SERVER_HTTPS_KEYSTORE}"
+ - name: HTTPS_NAME
+ value: "${KIE_SERVER_HTTPS_NAME}"
+ - name: HTTPS_PASSWORD
+ value: "${KIE_SERVER_HTTPS_PASSWORD}"
+ - name: JGROUPS_PING_PROTOCOL
+ value: "openshift.DNS_PING"
+ - name: OPENSHIFT_DNS_PING_SERVICE_NAME
+ value: "${APPLICATION_NAME}-kieserver-ping"
+ - name: OPENSHIFT_DNS_PING_SERVICE_PORT
+ value: "8888"
+ volumes:
+ - name: kieserver-keystore-volume
+ secret:
+ secretName: "${KIE_SERVER_HTTPS_SECRET}"
+## PostgreSQL deployment config BEGIN
+- kind: DeploymentConfig
+ apiVersion: v1
+ metadata:
+ name: "${APPLICATION_NAME}-postgresql"
+ labels:
+ application: "${APPLICATION_NAME}"
+ service: "${APPLICATION_NAME}-postgresql"
+ spec:
+ strategy:
+ type: Recreate
+ triggers:
+ - type: ImageChange
+ imageChangeParams:
+ automatic: true
+ containerNames:
+ - "${APPLICATION_NAME}-postgresql"
+ from:
+ kind: ImageStreamTag
+ namespace: "${IMAGE_STREAM_NAMESPACE}"
+ name: "postgresql:${POSTGRESQL_IMAGE_STREAM_TAG}"
+ - type: ConfigChange
+ replicas: 1
+ selector:
+ deploymentConfig: "${APPLICATION_NAME}-postgresql"
+ template:
+ metadata:
+ name: "${APPLICATION_NAME}-postgresql"
+ labels:
+ deploymentConfig: "${APPLICATION_NAME}-postgresql"
+ application: "${APPLICATION_NAME}"
+ service: "${APPLICATION_NAME}-postgresql"
+ spec:
+ terminationGracePeriodSeconds: 60
+ containers:
+ - name: "${APPLICATION_NAME}-postgresql"
+ image: postgresql
+ imagePullPolicy: Always
+ livenessProbe:
+ exec:
+ command:
+ - "/usr/libexec/check-container"
+ - "--live"
+ initialDelaySeconds: 120
+ timeoutSeconds: 10
+ readinessProbe:
+ exec:
+ command:
+ - "/usr/libexec/check-container"
+ initialDelaySeconds: 5
+ timeoutSeconds: 1
+ ports:
+ - containerPort: 5432
+ protocol: TCP
+ volumeMounts:
+ - mountPath: "/var/lib/pgsql/data"
+ name: "${APPLICATION_NAME}-postgresql-pvol"
+ env:
+ - name: POSTGRESQL_USER
+ value: "${KIE_SERVER_POSTGRESQL_USER}"
+ - name: POSTGRESQL_PASSWORD
+ value: "${KIE_SERVER_POSTGRESQL_PWD}"
+ - name: POSTGRESQL_DATABASE
+ value: "${KIE_SERVER_POSTGRESQL_DB}"
+ - name: POSTGRESQL_MAX_PREPARED_TRANSACTIONS
+ value: "${POSTGRESQL_MAX_PREPARED_TRANSACTIONS}"
+ volumes:
+ - name: "${APPLICATION_NAME}-postgresql-pvol"
+ persistentVolumeClaim:
+ claimName: "${APPLICATION_NAME}-postgresql-claim"
+## PostgreSQL deployment config END
+## PostgreSQL persistent volume claim BEGIN
+- apiVersion: v1
+ kind: PersistentVolumeClaim
+ metadata:
+ name: "${APPLICATION_NAME}-postgresql-claim"
+ labels:
+ application: "${APPLICATION_NAME}"
+ service: "${APPLICATION_NAME}-postgresql"
+ spec:
+ accessModes:
+ - ReadWriteOnce
+ resources:
+ requests:
+ storage: "${DB_VOLUME_CAPACITY}"
+## PostgreSQL persistent volume claim END
diff --git a/extras/backup/vol04-pv.yaml b/extras/backup/vol04-pv.yaml
new file mode 100644
index 0000000..06a8d46
--- /dev/null
+++ b/extras/backup/vol04-pv.yaml
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+ name: vol04
+spec:
+ capacity:
+ storage: 1Gi
+ accessModes:
+ - ReadWriteOnce
+ persistentVolumeReclaimPolicy: Retain
+ nfs:
+ path: /var/exports/vol04
+ server: services.lab.example.com
--
Gitblit v1.9.3