mirror of
https://github.com/openshift/openshift-ansible.git
synced 2026-02-05 15:45:57 +01:00
139 lines
3.9 KiB
YAML
139 lines
3.9 KiB
YAML
apiVersion: template.openshift.io/v1
|
|
kind: Template
|
|
metadata:
|
|
name: openshift-web-console
|
|
annotations:
|
|
openshift.io/display-name: OpenShift Web Console
|
|
description: The server for the OpenShift web console.
|
|
iconClass: icon-openshift
|
|
tags: openshift,infra
|
|
openshift.io/documentation-url: https://github.com/openshift/origin-web-console-server
|
|
openshift.io/support-url: https://access.redhat.com
|
|
openshift.io/provider-display-name: Red Hat, Inc.
|
|
parameters:
|
|
- name: IMAGE
|
|
value: docker.io/openshift/origin-web-console:latest
|
|
- name: NAMESPACE
|
|
# This namespace cannot be changed. Only `openshift-web-console` is supported.
|
|
value: openshift-web-console
|
|
- name: LOGLEVEL
|
|
value: "0"
|
|
- name: API_SERVER_CONFIG
|
|
- name: NODE_SELECTOR
|
|
value: "{}"
|
|
- name: REPLICA_COUNT
|
|
value: "1"
|
|
objects:
|
|
|
|
# to create the web console server
|
|
- apiVersion: apps/v1beta1
|
|
kind: Deployment
|
|
metadata:
|
|
namespace: ${NAMESPACE}
|
|
name: webconsole
|
|
labels:
|
|
app: openshift-web-console
|
|
webconsole: "true"
|
|
spec:
|
|
replicas: "${{REPLICA_COUNT}}"
|
|
strategy:
|
|
type: RollingUpdate
|
|
rollingUpdate:
|
|
# behave like a recreate deployment, but don't wait for pods to terminate
|
|
maxUnavailable: 100%
|
|
template:
|
|
metadata:
|
|
name: webconsole
|
|
labels:
|
|
app: openshift-web-console
|
|
webconsole: "true"
|
|
spec:
|
|
serviceAccountName: webconsole
|
|
containers:
|
|
- name: webconsole
|
|
image: ${IMAGE}
|
|
imagePullPolicy: IfNotPresent
|
|
command:
|
|
- "/usr/bin/origin-web-console"
|
|
- "--audit-log-path=-"
|
|
- "-v=${LOGLEVEL}"
|
|
- "--config=/var/webconsole-config/webconsole-config.yaml"
|
|
ports:
|
|
- containerPort: 8443
|
|
volumeMounts:
|
|
- mountPath: /var/serving-cert
|
|
name: serving-cert
|
|
- mountPath: /var/webconsole-config
|
|
name: webconsole-config
|
|
readinessProbe:
|
|
httpGet:
|
|
path: /healthz
|
|
port: 8443
|
|
scheme: HTTPS
|
|
livenessProbe:
|
|
exec:
|
|
command:
|
|
- /bin/sh
|
|
- -c
|
|
- |-
|
|
if [[ ! -f /tmp/webconsole-config.hash ]]; then \
|
|
md5sum /var/webconsole-config/webconsole-config.yaml > /tmp/webconsole-config.hash; \
|
|
elif [[ $(md5sum /var/webconsole-config/webconsole-config.yaml) != $(cat /tmp/webconsole-config.hash) ]]; then \
|
|
echo 'webconsole-config.yaml has changed.'; \
|
|
exit 1; \
|
|
fi && curl -k -f https://0.0.0.0:8443/console/
|
|
resources:
|
|
requests:
|
|
cpu: 100m
|
|
memory: 100Mi
|
|
nodeSelector: "${{NODE_SELECTOR}}"
|
|
volumes:
|
|
- name: serving-cert
|
|
secret:
|
|
defaultMode: 0440
|
|
secretName: webconsole-serving-cert
|
|
- name: webconsole-config
|
|
configMap:
|
|
defaultMode: 0440
|
|
name: webconsole-config
|
|
|
|
# to create the config for the web console
|
|
- apiVersion: v1
|
|
kind: ConfigMap
|
|
metadata:
|
|
namespace: ${NAMESPACE}
|
|
name: webconsole-config
|
|
labels:
|
|
app: openshift-web-console
|
|
data:
|
|
webconsole-config.yaml: ${API_SERVER_CONFIG}
|
|
|
|
# to be able to assign powers to the process
|
|
- apiVersion: v1
|
|
kind: ServiceAccount
|
|
metadata:
|
|
namespace: ${NAMESPACE}
|
|
name: webconsole
|
|
labels:
|
|
app: openshift-web-console
|
|
|
|
# to be able to expose web console inside the cluster
|
|
- apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
namespace: ${NAMESPACE}
|
|
name: webconsole
|
|
labels:
|
|
app: openshift-web-console
|
|
annotations:
|
|
service.alpha.openshift.io/serving-cert-secret-name: webconsole-serving-cert
|
|
prometheus.io/scrape: "true"
|
|
prometheus.io/scheme: https
|
|
spec:
|
|
selector:
|
|
webconsole: "true"
|
|
ports:
|
|
- name: https
|
|
port: 443
|
|
targetPort: 8443
|