|
apiVersion: template.openshift.io/v1 |
|
kind: Template |
|
message: Login on https://${TENANT_NAME}-admin.${WILDCARD_DOMAIN} as ${ADMIN_USERNAME}/${ADMIN_PASSWORD} |
|
metadata: |
|
annotations: |
|
description: 3scale API Management main system (Evaluation) |
|
iconClass: icon-3scale |
|
openshift.io/display-name: 3scale API Management |
|
openshift.io/provider-display-name: Red Hat, Inc. |
|
tags: integration, api management, 3scale |
|
creationTimestamp: null |
|
name: 3scale-api-management-eval |
|
objects: |
|
- apiVersion: image.openshift.io/v1 |
|
kind: ImageStream |
|
metadata: |
|
annotations: |
|
openshift.io/display-name: AMP backend |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: backend |
|
app: ${APP_LABEL} |
|
name: amp-backend |
|
spec: |
|
lookupPolicy: |
|
local: false |
|
tags: |
|
- annotations: |
|
openshift.io/display-name: amp-backend (latest) |
|
from: |
|
kind: ImageStreamTag |
|
name: ${AMP_RELEASE} |
|
generation: null |
|
importPolicy: {} |
|
name: latest |
|
referencePolicy: |
|
type: "" |
|
- annotations: |
|
openshift.io/display-name: amp-backend ${AMP_RELEASE} |
|
from: |
|
kind: DockerImage |
|
name: ${AMP_BACKEND_IMAGE} |
|
generation: null |
|
importPolicy: |
|
insecure: ${{IMAGESTREAM_TAG_IMPORT_INSECURE}} |
|
name: ${AMP_RELEASE} |
|
referencePolicy: |
|
type: "" |
|
status: |
|
dockerImageRepository: "" |
|
- apiVersion: image.openshift.io/v1 |
|
kind: ImageStream |
|
metadata: |
|
annotations: |
|
openshift.io/display-name: AMP Zync |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: zync |
|
app: ${APP_LABEL} |
|
name: amp-zync |
|
spec: |
|
lookupPolicy: |
|
local: false |
|
tags: |
|
- annotations: |
|
openshift.io/display-name: AMP Zync (latest) |
|
from: |
|
kind: ImageStreamTag |
|
name: ${AMP_RELEASE} |
|
generation: null |
|
importPolicy: {} |
|
name: latest |
|
referencePolicy: |
|
type: "" |
|
- annotations: |
|
openshift.io/display-name: AMP Zync ${AMP_RELEASE} |
|
from: |
|
kind: DockerImage |
|
name: ${AMP_ZYNC_IMAGE} |
|
generation: null |
|
importPolicy: |
|
insecure: ${{IMAGESTREAM_TAG_IMPORT_INSECURE}} |
|
name: ${AMP_RELEASE} |
|
referencePolicy: |
|
type: "" |
|
status: |
|
dockerImageRepository: "" |
|
- apiVersion: image.openshift.io/v1 |
|
kind: ImageStream |
|
metadata: |
|
annotations: |
|
openshift.io/display-name: AMP APIcast |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: apicast |
|
app: ${APP_LABEL} |
|
name: amp-apicast |
|
spec: |
|
lookupPolicy: |
|
local: false |
|
tags: |
|
- annotations: |
|
openshift.io/display-name: AMP APIcast (latest) |
|
from: |
|
kind: ImageStreamTag |
|
name: ${AMP_RELEASE} |
|
generation: null |
|
importPolicy: {} |
|
name: latest |
|
referencePolicy: |
|
type: "" |
|
- annotations: |
|
openshift.io/display-name: AMP APIcast ${AMP_RELEASE} |
|
from: |
|
kind: DockerImage |
|
name: ${AMP_APICAST_IMAGE} |
|
generation: null |
|
importPolicy: |
|
insecure: ${{IMAGESTREAM_TAG_IMPORT_INSECURE}} |
|
name: ${AMP_RELEASE} |
|
referencePolicy: |
|
type: "" |
|
status: |
|
dockerImageRepository: "" |
|
- apiVersion: image.openshift.io/v1 |
|
kind: ImageStream |
|
metadata: |
|
annotations: |
|
openshift.io/display-name: AMP APIcast Wildcard Router |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: wildcard-router |
|
app: ${APP_LABEL} |
|
name: amp-wildcard-router |
|
spec: |
|
lookupPolicy: |
|
local: false |
|
tags: |
|
- annotations: |
|
openshift.io/display-name: AMP APIcast Wildcard Router (latest) |
|
from: |
|
kind: ImageStreamTag |
|
name: ${AMP_RELEASE} |
|
generation: null |
|
importPolicy: {} |
|
name: latest |
|
referencePolicy: |
|
type: "" |
|
- annotations: |
|
openshift.io/display-name: AMP APIcast Wildcard Router ${AMP_RELEASE} |
|
from: |
|
kind: DockerImage |
|
name: ${AMP_ROUTER_IMAGE} |
|
generation: null |
|
importPolicy: |
|
insecure: ${{IMAGESTREAM_TAG_IMPORT_INSECURE}} |
|
name: ${AMP_RELEASE} |
|
referencePolicy: |
|
type: "" |
|
status: |
|
dockerImageRepository: "" |
|
- apiVersion: image.openshift.io/v1 |
|
kind: ImageStream |
|
metadata: |
|
annotations: |
|
openshift.io/display-name: AMP System |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: system |
|
app: ${APP_LABEL} |
|
name: amp-system |
|
spec: |
|
lookupPolicy: |
|
local: false |
|
tags: |
|
- annotations: |
|
openshift.io/display-name: AMP System (latest) |
|
from: |
|
kind: ImageStreamTag |
|
name: ${AMP_RELEASE} |
|
generation: null |
|
importPolicy: {} |
|
name: latest |
|
referencePolicy: |
|
type: "" |
|
- annotations: |
|
openshift.io/display-name: AMP system ${AMP_RELEASE} |
|
from: |
|
kind: DockerImage |
|
name: ${AMP_SYSTEM_IMAGE} |
|
generation: null |
|
importPolicy: |
|
insecure: ${{IMAGESTREAM_TAG_IMPORT_INSECURE}} |
|
name: ${AMP_RELEASE} |
|
referencePolicy: |
|
type: "" |
|
status: |
|
dockerImageRepository: "" |
|
- apiVersion: image.openshift.io/v1 |
|
kind: ImageStream |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: system |
|
3scale.component-element: postgresql |
|
app: ${APP_LABEL} |
|
name: postgresql |
|
spec: |
|
lookupPolicy: |
|
local: false |
|
tags: |
|
- annotations: null |
|
from: |
|
kind: DockerImage |
|
name: ${POSTGRESQL_IMAGE} |
|
generation: null |
|
importPolicy: |
|
insecure: ${{IMAGESTREAM_TAG_IMPORT_INSECURE}} |
|
name: "9.5" |
|
referencePolicy: |
|
type: "" |
|
status: |
|
dockerImageRepository: "" |
|
- apiVersion: v1 |
|
imagePullSecrets: |
|
- name: quay-auth |
|
kind: ServiceAccount |
|
metadata: |
|
creationTimestamp: null |
|
name: amp |
|
- apiVersion: v1 |
|
kind: Service |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: backend |
|
3scale.component-element: redis |
|
app: ${APP_LABEL} |
|
name: backend-redis |
|
spec: |
|
ports: |
|
- port: 6379 |
|
protocol: TCP |
|
targetPort: 6379 |
|
selector: |
|
deploymentConfig: system-redis |
|
status: |
|
loadBalancer: {} |
|
- apiVersion: v1 |
|
data: |
|
redis.conf: | |
|
protected-mode no |
|
|
|
port 6379 |
|
|
|
timeout 0 |
|
tcp-keepalive 300 |
|
|
|
daemonize no |
|
supervised no |
|
|
|
loglevel notice |
|
|
|
databases 16 |
|
|
|
save 900 1 |
|
save 300 10 |
|
save 60 10000 |
|
|
|
stop-writes-on-bgsave-error yes |
|
|
|
rdbcompression yes |
|
rdbchecksum yes |
|
|
|
dbfilename dump.rdb |
|
|
|
slave-serve-stale-data yes |
|
slave-read-only yes |
|
|
|
repl-diskless-sync no |
|
repl-disable-tcp-nodelay no |
|
|
|
appendonly yes |
|
appendfilename "appendonly.aof" |
|
appendfsync everysec |
|
no-appendfsync-on-rewrite no |
|
auto-aof-rewrite-percentage 100 |
|
auto-aof-rewrite-min-size 64mb |
|
aof-load-truncated yes |
|
|
|
lua-time-limit 5000 |
|
|
|
activerehashing no |
|
|
|
aof-rewrite-incremental-fsync yes |
|
dir /var/lib/redis/data |
|
kind: ConfigMap |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: system |
|
3scale.component-element: redis |
|
app: ${APP_LABEL} |
|
name: redis-config |
|
- apiVersion: apps.openshift.io/v1 |
|
kind: DeploymentConfig |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: system |
|
3scale.component-element: redis |
|
app: ${APP_LABEL} |
|
name: system-redis |
|
spec: |
|
replicas: 1 |
|
selector: |
|
deploymentConfig: system-redis |
|
strategy: |
|
resources: {} |
|
type: Recreate |
|
template: |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: system |
|
3scale.component-element: redis |
|
app: ${APP_LABEL} |
|
deploymentConfig: system-redis |
|
spec: |
|
containers: |
|
- args: |
|
- /etc/redis.d/redis.conf |
|
- --daemonize |
|
- "no" |
|
command: |
|
- /opt/rh/rh-redis32/root/usr/bin/redis-server |
|
image: ${REDIS_IMAGE} |
|
imagePullPolicy: IfNotPresent |
|
livenessProbe: |
|
initialDelaySeconds: 10 |
|
periodSeconds: 5 |
|
tcpSocket: |
|
port: 6379 |
|
name: system-redis |
|
readinessProbe: |
|
exec: |
|
command: |
|
- container-entrypoint |
|
- bash |
|
- -c |
|
- redis-cli set liveness-probe "`date`" | grep OK |
|
initialDelaySeconds: 30 |
|
periodSeconds: 10 |
|
timeoutSeconds: 5 |
|
resources: {} |
|
terminationMessagePath: /dev/termination-log |
|
volumeMounts: |
|
- mountPath: /var/lib/redis/data |
|
name: system-redis-storage |
|
- mountPath: /etc/redis.d/ |
|
name: redis-config |
|
serviceAccountName: amp |
|
volumes: |
|
- name: system-redis-storage |
|
persistentVolumeClaim: |
|
claimName: system-redis-storage |
|
- configMap: |
|
items: |
|
- key: redis.conf |
|
path: redis.conf |
|
name: redis-config |
|
name: redis-config |
|
test: false |
|
triggers: |
|
- type: ConfigChange |
|
status: |
|
availableReplicas: 0 |
|
latestVersion: 0 |
|
observedGeneration: 0 |
|
replicas: 0 |
|
unavailableReplicas: 0 |
|
updatedReplicas: 0 |
|
- apiVersion: v1 |
|
kind: PersistentVolumeClaim |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: system |
|
3scale.component-element: redis |
|
app: ${APP_LABEL} |
|
name: system-redis-storage |
|
spec: |
|
accessModes: |
|
- ReadWriteOnce |
|
resources: |
|
requests: |
|
storage: 1Gi |
|
status: {} |
|
- apiVersion: apps.openshift.io/v1 |
|
kind: DeploymentConfig |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: backend |
|
3scale.component-element: cron |
|
app: ${APP_LABEL} |
|
name: backend-cron |
|
spec: |
|
replicas: 1 |
|
selector: |
|
deploymentConfig: backend-cron |
|
strategy: |
|
resources: {} |
|
rollingParams: |
|
intervalSeconds: 1 |
|
maxSurge: 25% |
|
maxUnavailable: 25% |
|
timeoutSeconds: 1200 |
|
updatePeriodSeconds: 1 |
|
type: Rolling |
|
template: |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: backend |
|
3scale.component-element: cron |
|
app: ${APP_LABEL} |
|
deploymentConfig: backend-cron |
|
spec: |
|
containers: |
|
- args: |
|
- backend-cron |
|
env: |
|
- name: CONFIG_REDIS_PROXY |
|
valueFrom: |
|
secretKeyRef: |
|
key: REDIS_STORAGE_URL |
|
name: backend-redis |
|
- name: CONFIG_REDIS_SENTINEL_HOSTS |
|
valueFrom: |
|
secretKeyRef: |
|
key: REDIS_STORAGE_SENTINEL_HOSTS |
|
name: backend-redis |
|
- name: CONFIG_REDIS_SENTINEL_ROLE |
|
valueFrom: |
|
secretKeyRef: |
|
key: REDIS_STORAGE_SENTINEL_ROLE |
|
name: backend-redis |
|
- name: CONFIG_QUEUES_MASTER_NAME |
|
valueFrom: |
|
secretKeyRef: |
|
key: REDIS_QUEUES_URL |
|
name: backend-redis |
|
- name: CONFIG_QUEUES_SENTINEL_HOSTS |
|
valueFrom: |
|
secretKeyRef: |
|
key: REDIS_QUEUES_SENTINEL_HOSTS |
|
name: backend-redis |
|
- name: CONFIG_QUEUES_SENTINEL_ROLE |
|
valueFrom: |
|
secretKeyRef: |
|
key: REDIS_QUEUES_SENTINEL_ROLE |
|
name: backend-redis |
|
- name: RACK_ENV |
|
valueFrom: |
|
configMapKeyRef: |
|
key: RACK_ENV |
|
name: backend-environment |
|
image: amp-backend:latest |
|
imagePullPolicy: IfNotPresent |
|
name: backend-cron |
|
resources: {} |
|
initContainers: |
|
- command: |
|
- /opt/app/entrypoint.sh |
|
- sh |
|
- -c |
|
- until rake connectivity:redis_storage_queue_check; do sleep $SLEEP_SECONDS; |
|
done |
|
env: |
|
- name: SLEEP_SECONDS |
|
value: "1" |
|
- name: CONFIG_QUEUES_MASTER_NAME |
|
valueFrom: |
|
secretKeyRef: |
|
key: REDIS_QUEUES_URL |
|
name: backend-redis |
|
image: amp-backend:latest |
|
name: backend-redis-svc |
|
resources: {} |
|
serviceAccountName: amp |
|
test: false |
|
triggers: |
|
- type: ConfigChange |
|
- imageChangeParams: |
|
automatic: true |
|
containerNames: |
|
- backend-redis-svc |
|
- backend-cron |
|
from: |
|
kind: ImageStreamTag |
|
name: amp-backend:latest |
|
type: ImageChange |
|
status: |
|
availableReplicas: 0 |
|
latestVersion: 0 |
|
observedGeneration: 0 |
|
replicas: 0 |
|
unavailableReplicas: 0 |
|
updatedReplicas: 0 |
|
- apiVersion: apps.openshift.io/v1 |
|
kind: DeploymentConfig |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: backend |
|
3scale.component-element: listener |
|
app: ${APP_LABEL} |
|
name: backend-listener |
|
spec: |
|
replicas: 1 |
|
selector: |
|
deploymentConfig: backend-listener |
|
strategy: |
|
resources: {} |
|
rollingParams: |
|
intervalSeconds: 1 |
|
maxSurge: 25% |
|
maxUnavailable: 25% |
|
timeoutSeconds: 600 |
|
updatePeriodSeconds: 1 |
|
type: Rolling |
|
template: |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: backend |
|
3scale.component-element: listener |
|
app: ${APP_LABEL} |
|
deploymentConfig: backend-listener |
|
spec: |
|
containers: |
|
- args: |
|
- bin/3scale_backend |
|
- start |
|
- -e |
|
- production |
|
- -p |
|
- "3000" |
|
- -x |
|
- /dev/stdout |
|
env: |
|
- name: CONFIG_REDIS_PROXY |
|
valueFrom: |
|
secretKeyRef: |
|
key: REDIS_STORAGE_URL |
|
name: backend-redis |
|
- name: CONFIG_REDIS_SENTINEL_HOSTS |
|
valueFrom: |
|
secretKeyRef: |
|
key: REDIS_STORAGE_SENTINEL_HOSTS |
|
name: backend-redis |
|
- name: CONFIG_REDIS_SENTINEL_ROLE |
|
valueFrom: |
|
secretKeyRef: |
|
key: REDIS_STORAGE_SENTINEL_ROLE |
|
name: backend-redis |
|
- name: CONFIG_QUEUES_MASTER_NAME |
|
valueFrom: |
|
secretKeyRef: |
|
key: REDIS_QUEUES_URL |
|
name: backend-redis |
|
- name: CONFIG_QUEUES_SENTINEL_HOSTS |
|
valueFrom: |
|
secretKeyRef: |
|
key: REDIS_QUEUES_SENTINEL_HOSTS |
|
name: backend-redis |
|
- name: CONFIG_QUEUES_SENTINEL_ROLE |
|
valueFrom: |
|
secretKeyRef: |
|
key: REDIS_QUEUES_SENTINEL_ROLE |
|
name: backend-redis |
|
- name: RACK_ENV |
|
valueFrom: |
|
configMapKeyRef: |
|
key: RACK_ENV |
|
name: backend-environment |
|
- name: PUMA_WORKERS |
|
value: "16" |
|
- name: CONFIG_INTERNAL_API_USER |
|
valueFrom: |
|
secretKeyRef: |
|
key: username |
|
name: backend-internal-api |
|
- name: CONFIG_INTERNAL_API_PASSWORD |
|
valueFrom: |
|
secretKeyRef: |
|
key: password |
|
name: backend-internal-api |
|
image: amp-backend:latest |
|
imagePullPolicy: IfNotPresent |
|
livenessProbe: |
|
initialDelaySeconds: 30 |
|
periodSeconds: 10 |
|
tcpSocket: |
|
port: 3000 |
|
name: backend-listener |
|
ports: |
|
- containerPort: 3000 |
|
protocol: TCP |
|
readinessProbe: |
|
httpGet: |
|
path: /status |
|
port: 3000 |
|
initialDelaySeconds: 30 |
|
timeoutSeconds: 5 |
|
resources: {} |
|
serviceAccountName: amp |
|
test: false |
|
triggers: |
|
- type: ConfigChange |
|
- imageChangeParams: |
|
automatic: true |
|
containerNames: |
|
- backend-listener |
|
from: |
|
kind: ImageStreamTag |
|
name: amp-backend:latest |
|
type: ImageChange |
|
status: |
|
availableReplicas: 0 |
|
latestVersion: 0 |
|
observedGeneration: 0 |
|
replicas: 0 |
|
unavailableReplicas: 0 |
|
updatedReplicas: 0 |
|
- apiVersion: v1 |
|
kind: Service |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: backend |
|
3scale.component-element: listener |
|
app: ${APP_LABEL} |
|
name: backend-listener |
|
spec: |
|
ports: |
|
- name: http |
|
port: 3000 |
|
protocol: TCP |
|
targetPort: 3000 |
|
selector: |
|
deploymentConfig: backend-listener |
|
status: |
|
loadBalancer: {} |
|
- apiVersion: route.openshift.io/v1 |
|
kind: Route |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: backend |
|
app: ${APP_LABEL} |
|
name: backend |
|
spec: |
|
host: backend-${TENANT_NAME}.${WILDCARD_DOMAIN} |
|
port: |
|
targetPort: http |
|
tls: |
|
insecureEdgeTerminationPolicy: Allow |
|
termination: edge |
|
to: |
|
kind: Service |
|
name: backend-listener |
|
weight: null |
|
status: |
|
ingress: null |
|
- apiVersion: apps.openshift.io/v1 |
|
kind: DeploymentConfig |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: backend |
|
3scale.component-element: worker |
|
app: ${APP_LABEL} |
|
name: backend-worker |
|
spec: |
|
replicas: 1 |
|
selector: |
|
deploymentConfig: backend-worker |
|
strategy: |
|
resources: {} |
|
rollingParams: |
|
intervalSeconds: 1 |
|
maxSurge: 25% |
|
maxUnavailable: 25% |
|
timeoutSeconds: 1200 |
|
updatePeriodSeconds: 1 |
|
type: Rolling |
|
template: |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: backend |
|
3scale.component-element: worker |
|
app: ${APP_LABEL} |
|
deploymentConfig: backend-worker |
|
spec: |
|
containers: |
|
- args: |
|
- bin/3scale_backend_worker |
|
- run |
|
env: |
|
- name: CONFIG_REDIS_PROXY |
|
valueFrom: |
|
secretKeyRef: |
|
key: REDIS_STORAGE_URL |
|
name: backend-redis |
|
- name: CONFIG_REDIS_SENTINEL_HOSTS |
|
valueFrom: |
|
secretKeyRef: |
|
key: REDIS_STORAGE_SENTINEL_HOSTS |
|
name: backend-redis |
|
- name: CONFIG_REDIS_SENTINEL_ROLE |
|
valueFrom: |
|
secretKeyRef: |
|
key: REDIS_STORAGE_SENTINEL_ROLE |
|
name: backend-redis |
|
- name: CONFIG_QUEUES_MASTER_NAME |
|
valueFrom: |
|
secretKeyRef: |
|
key: REDIS_QUEUES_URL |
|
name: backend-redis |
|
- name: CONFIG_QUEUES_SENTINEL_HOSTS |
|
valueFrom: |
|
secretKeyRef: |
|
key: REDIS_QUEUES_SENTINEL_HOSTS |
|
name: backend-redis |
|
- name: CONFIG_QUEUES_SENTINEL_ROLE |
|
valueFrom: |
|
secretKeyRef: |
|
key: REDIS_QUEUES_SENTINEL_ROLE |
|
name: backend-redis |
|
- name: RACK_ENV |
|
valueFrom: |
|
configMapKeyRef: |
|
key: RACK_ENV |
|
name: backend-environment |
|
- name: CONFIG_EVENTS_HOOK |
|
valueFrom: |
|
secretKeyRef: |
|
key: URL |
|
name: system-events-hook |
|
- name: CONFIG_EVENTS_HOOK_SHARED_SECRET |
|
valueFrom: |
|
secretKeyRef: |
|
key: PASSWORD |
|
name: system-events-hook |
|
image: amp-backend:latest |
|
imagePullPolicy: IfNotPresent |
|
name: backend-worker |
|
resources: {} |
|
initContainers: |
|
- command: |
|
- /opt/app/entrypoint.sh |
|
- sh |
|
- -c |
|
- until rake connectivity:redis_storage_queue_check; do sleep $SLEEP_SECONDS; |
|
done |
|
env: |
|
- name: SLEEP_SECONDS |
|
value: "1" |
|
- name: CONFIG_QUEUES_MASTER_NAME |
|
valueFrom: |
|
secretKeyRef: |
|
key: REDIS_QUEUES_URL |
|
name: backend-redis |
|
image: amp-backend:latest |
|
name: backend-redis-svc |
|
resources: {} |
|
serviceAccountName: amp |
|
test: false |
|
triggers: |
|
- type: ConfigChange |
|
- imageChangeParams: |
|
automatic: true |
|
containerNames: |
|
- backend-redis-svc |
|
- backend-worker |
|
from: |
|
kind: ImageStreamTag |
|
name: amp-backend:latest |
|
type: ImageChange |
|
status: |
|
availableReplicas: 0 |
|
latestVersion: 0 |
|
observedGeneration: 0 |
|
replicas: 0 |
|
unavailableReplicas: 0 |
|
updatedReplicas: 0 |
|
- apiVersion: v1 |
|
data: |
|
RACK_ENV: production |
|
kind: ConfigMap |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: backend |
|
app: ${APP_LABEL} |
|
name: backend-environment |
|
- apiVersion: v1 |
|
kind: Secret |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: backend |
|
app: ${APP_LABEL} |
|
name: backend-internal-api |
|
stringData: |
|
password: ${SYSTEM_BACKEND_PASSWORD} |
|
username: ${SYSTEM_BACKEND_USERNAME} |
|
type: Opaque |
|
- apiVersion: v1 |
|
kind: Secret |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: backend |
|
app: ${APP_LABEL} |
|
name: backend-redis |
|
stringData: |
|
REDIS_QUEUES_SENTINEL_HOSTS: "" |
|
REDIS_QUEUES_SENTINEL_ROLE: "" |
|
REDIS_QUEUES_URL: redis://backend-redis:6379/${BACKEND_REDIS_DB_NUMBER_QUEUES} |
|
REDIS_STORAGE_SENTINEL_HOSTS: "" |
|
REDIS_STORAGE_SENTINEL_ROLE: "" |
|
REDIS_STORAGE_URL: redis://backend-redis:6379/${BACKEND_REDIS_DB_NUMBER_STORAGE} |
|
type: Opaque |
|
- apiVersion: v1 |
|
kind: Secret |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: backend |
|
app: ${APP_LABEL} |
|
name: backend-listener |
|
stringData: |
|
route_endpoint: https://backend-${TENANT_NAME}.${WILDCARD_DOMAIN} |
|
service_endpoint: http://backend-listener:3000 |
|
type: Opaque |
|
- apiVersion: apps.openshift.io/v1 |
|
kind: DeploymentConfig |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: system |
|
3scale.component-element: mysql |
|
app: ${APP_LABEL} |
|
name: system-mysql |
|
spec: |
|
replicas: 1 |
|
selector: |
|
deploymentConfig: system-mysql |
|
strategy: |
|
resources: {} |
|
type: Recreate |
|
template: |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: system |
|
3scale.component-element: mysql |
|
app: ${APP_LABEL} |
|
deploymentConfig: system-mysql |
|
spec: |
|
containers: |
|
- env: |
|
- name: MYSQL_USER |
|
value: ${MYSQL_USER} |
|
- name: MYSQL_PASSWORD |
|
value: ${MYSQL_PASSWORD} |
|
- name: MYSQL_DATABASE |
|
value: ${MYSQL_DATABASE} |
|
- name: MYSQL_ROOT_PASSWORD |
|
value: ${MYSQL_ROOT_PASSWORD} |
|
- name: MYSQL_LOWER_CASE_TABLE_NAMES |
|
value: "1" |
|
- name: MYSQL_DEFAULTS_FILE |
|
value: /etc/my-extra/my.cnf |
|
image: ${MYSQL_IMAGE} |
|
imagePullPolicy: IfNotPresent |
|
livenessProbe: |
|
initialDelaySeconds: 30 |
|
periodSeconds: 10 |
|
tcpSocket: |
|
port: 3306 |
|
name: system-mysql |
|
ports: |
|
- containerPort: 3306 |
|
protocol: TCP |
|
readinessProbe: |
|
exec: |
|
command: |
|
- /bin/sh |
|
- -i |
|
- -c |
|
- MYSQL_PWD="$MYSQL_PASSWORD" mysql -h 127.0.0.1 -u $MYSQL_USER -D $MYSQL_DATABASE |
|
-e 'SELECT 1' |
|
initialDelaySeconds: 10 |
|
periodSeconds: 30 |
|
timeoutSeconds: 5 |
|
resources: {} |
|
volumeMounts: |
|
- mountPath: /var/lib/mysql/data |
|
name: mysql-storage |
|
- mountPath: /etc/my-extra.d |
|
name: mysql-extra-conf |
|
- mountPath: /etc/my-extra |
|
name: mysql-main-conf |
|
volumes: |
|
- name: mysql-storage |
|
persistentVolumeClaim: |
|
claimName: mysql-storage |
|
- configMap: |
|
name: mysql-extra-conf |
|
name: mysql-extra-conf |
|
- configMap: |
|
name: mysql-main-conf |
|
name: mysql-main-conf |
|
test: false |
|
triggers: |
|
- type: ConfigChange |
|
status: |
|
availableReplicas: 0 |
|
latestVersion: 0 |
|
observedGeneration: 0 |
|
replicas: 0 |
|
unavailableReplicas: 0 |
|
updatedReplicas: 0 |
|
- apiVersion: v1 |
|
data: |
|
my.cnf: | |
|
!include /etc/my.cnf |
|
!includedir /etc/my-extra.d |
|
kind: ConfigMap |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: system |
|
3scale.component-element: mysql |
|
app: ${APP_LABEL} |
|
name: mysql-main-conf |
|
- apiVersion: v1 |
|
data: |
|
mysql-charset.cnf: | |
|
[client] |
|
default-character-set = utf8 |
|
|
|
[mysql] |
|
default-character-set = utf8 |
|
|
|
[mysqld] |
|
character-set-server = utf8 |
|
collation-server = utf8_unicode_ci |
|
kind: ConfigMap |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: system |
|
3scale.component-element: mysql |
|
app: ${APP_LABEL} |
|
name: mysql-extra-conf |
|
- apiVersion: v1 |
|
kind: PersistentVolumeClaim |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: system |
|
3scale.component-element: mysql |
|
app: ${APP_LABEL} |
|
name: mysql-storage |
|
spec: |
|
accessModes: |
|
- ReadWriteOnce |
|
resources: |
|
requests: |
|
storage: 1Gi |
|
status: {} |
|
- apiVersion: v1 |
|
kind: PersistentVolumeClaim |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: system |
|
3scale.component-element: app |
|
app: ${APP_LABEL} |
|
name: system-storage |
|
spec: |
|
accessModes: |
|
- ReadWriteMany |
|
resources: |
|
requests: |
|
storage: 100Mi |
|
storageClassName: ${{RWX_STORAGE_CLASS}} |
|
status: {} |
|
- apiVersion: v1 |
|
kind: Service |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: system |
|
3scale.component-element: provider-ui |
|
app: ${APP_LABEL} |
|
name: system-provider |
|
spec: |
|
ports: |
|
- name: http |
|
port: 3000 |
|
protocol: TCP |
|
targetPort: provider |
|
selector: |
|
deploymentConfig: system-app |
|
status: |
|
loadBalancer: {} |
|
- apiVersion: v1 |
|
kind: Service |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: system |
|
3scale.component-element: master-ui |
|
app: ${APP_LABEL} |
|
name: system-master |
|
spec: |
|
ports: |
|
- name: http |
|
port: 3000 |
|
protocol: TCP |
|
targetPort: master |
|
selector: |
|
deploymentConfig: system-app |
|
status: |
|
loadBalancer: {} |
|
- apiVersion: v1 |
|
kind: Service |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: system |
|
3scale.component-element: developer-ui |
|
app: ${APP_LABEL} |
|
name: system-developer |
|
spec: |
|
ports: |
|
- name: http |
|
port: 3000 |
|
protocol: TCP |
|
targetPort: developer |
|
selector: |
|
deploymentConfig: system-app |
|
status: |
|
loadBalancer: {} |
|
- apiVersion: route.openshift.io/v1 |
|
kind: Route |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: system |
|
3scale.component-element: provider-ui |
|
app: ${APP_LABEL} |
|
name: system-provider-admin |
|
spec: |
|
host: ${TENANT_NAME}-admin.${WILDCARD_DOMAIN} |
|
port: |
|
targetPort: http |
|
tls: |
|
insecureEdgeTerminationPolicy: Allow |
|
termination: edge |
|
to: |
|
kind: Service |
|
name: system-provider |
|
weight: null |
|
status: |
|
ingress: null |
|
- apiVersion: route.openshift.io/v1 |
|
kind: Route |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: system |
|
3scale.component-element: master-ui |
|
app: ${APP_LABEL} |
|
name: system-master |
|
spec: |
|
host: ${MASTER_NAME}.${WILDCARD_DOMAIN} |
|
port: |
|
targetPort: http |
|
tls: |
|
insecureEdgeTerminationPolicy: Allow |
|
termination: edge |
|
to: |
|
kind: Service |
|
name: system-master |
|
weight: null |
|
status: |
|
ingress: null |
|
- apiVersion: route.openshift.io/v1 |
|
kind: Route |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: system |
|
3scale.component-element: developer-ui |
|
app: ${APP_LABEL} |
|
name: system-developer |
|
spec: |
|
host: ${TENANT_NAME}.${WILDCARD_DOMAIN} |
|
port: |
|
targetPort: http |
|
tls: |
|
insecureEdgeTerminationPolicy: Allow |
|
termination: edge |
|
to: |
|
kind: Service |
|
name: system-developer |
|
weight: null |
|
status: |
|
ingress: null |
|
- apiVersion: v1 |
|
kind: Service |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: system |
|
3scale.component-element: mysql |
|
app: ${APP_LABEL} |
|
name: system-mysql |
|
spec: |
|
ports: |
|
- name: system-mysql |
|
port: 3306 |
|
protocol: TCP |
|
targetPort: 3306 |
|
selector: |
|
deploymentConfig: system-mysql |
|
status: |
|
loadBalancer: {} |
|
- apiVersion: v1 |
|
kind: Service |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: system |
|
3scale.component-element: redis |
|
app: ${APP_LABEL} |
|
name: system-redis |
|
spec: |
|
ports: |
|
- name: redis |
|
port: 6379 |
|
protocol: TCP |
|
targetPort: 6379 |
|
selector: |
|
deploymentConfig: system-redis |
|
status: |
|
loadBalancer: {} |
|
- apiVersion: v1 |
|
kind: Service |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: system |
|
3scale.component-element: sphinx |
|
app: ${APP_LABEL} |
|
name: system-sphinx |
|
spec: |
|
ports: |
|
- name: sphinx |
|
port: 9306 |
|
protocol: TCP |
|
targetPort: 9306 |
|
selector: |
|
deploymentConfig: system-sphinx |
|
status: |
|
loadBalancer: {} |
|
- apiVersion: v1 |
|
data: |
|
rolling_updates.yml: | |
|
production: |
|
old_charts: false |
|
new_provider_documentation: false |
|
proxy_pro: false |
|
instant_bill_plan_change: false |
|
service_permissions: true |
|
async_apicast_deploy: false |
|
duplicate_application_id: true |
|
duplicate_user_key: true |
|
plan_changes_wizard: false |
|
require_cc_on_signup: false |
|
apicast_per_service: true |
|
new_notification_system: true |
|
cms_api: false |
|
apicast_v2: true |
|
forum: false |
|
published_service_plan_signup: true |
|
apicast_oidc: true |
|
policies: true |
|
proxy_private_base_path: true |
|
service_discovery.yml: | |
|
production: |
|
enabled: <%= cluster_token_file_exists = File.exists?(cluster_token_file_path = '/var/run/secrets/kubernetes.io/serviceaccount/token') %> |
|
server_scheme: 'https' |
|
server_host: 'kubernetes.default.svc.cluster.local' |
|
server_port: 443 |
|
bearer_token: "<%= File.read(cluster_token_file_path) if cluster_token_file_exists %>" |
|
authentication_method: service_account # can be service_account|oauth |
|
oauth_server_type: builtin # can be builtin|rh_sso |
|
client_id: |
|
client_secret: |
|
timeout: 1 |
|
open_timeout: 1 |
|
max_retry: 5 |
|
verify_ssl: <%= OpenSSL::SSL::VERIFY_NONE %> # 0 |
|
zync.yml: | |
|
production: |
|
endpoint: 'http://zync:8080' |
|
authentication: |
|
token: "<%= ENV.fetch('ZYNC_AUTHENTICATION_TOKEN') %>" |
|
connect_timeout: 5 |
|
send_timeout: 5 |
|
receive_timeout: 10 |
|
root_url: |
|
kind: ConfigMap |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: system |
|
app: ${APP_LABEL} |
|
name: system |
|
- apiVersion: v1 |
|
data: |
|
address: "" |
|
authentication: "" |
|
domain: "" |
|
openssl.verify.mode: "" |
|
password: "" |
|
port: "" |
|
username: "" |
|
kind: ConfigMap |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: system |
|
3scale.component-element: smtp |
|
app: ${APP_LABEL} |
|
name: smtp |
|
- apiVersion: v1 |
|
data: |
|
AMP_RELEASE: ${AMP_RELEASE} |
|
APICAST_REGISTRY_URL: ${APICAST_REGISTRY_URL} |
|
FORCE_SSL: "true" |
|
PROVIDER_PLAN: enterprise |
|
RAILS_ENV: production |
|
RAILS_LOG_LEVEL: info |
|
RAILS_LOG_TO_STDOUT: "true" |
|
SSL_CERT_DIR: /etc/pki/tls/certs |
|
THINKING_SPHINX_PORT: "9306" |
|
THREESCALE_SANDBOX_PROXY_OPENSSL_VERIFY_MODE: VERIFY_NONE |
|
THREESCALE_SUPERDOMAIN: ${WILDCARD_DOMAIN} |
|
kind: ConfigMap |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: system |
|
app: ${APP_LABEL} |
|
name: system-environment |
|
- apiVersion: apps.openshift.io/v1 |
|
kind: DeploymentConfig |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: system |
|
3scale.component-element: app |
|
app: ${APP_LABEL} |
|
name: system-app |
|
spec: |
|
replicas: 1 |
|
selector: |
|
deploymentConfig: system-app |
|
strategy: |
|
resources: {} |
|
rollingParams: |
|
intervalSeconds: 1 |
|
maxSurge: 25% |
|
maxUnavailable: 25% |
|
post: |
|
execNewPod: |
|
command: |
|
- bash |
|
- -c |
|
- bundle exec rake boot openshift:post_deploy |
|
containerName: system-master |
|
failurePolicy: Abort |
|
pre: |
|
execNewPod: |
|
command: |
|
- bash |
|
- -c |
|
- bundle exec rake boot openshift:deploy MASTER_ACCESS_TOKEN="${MASTER_ACCESS_TOKEN}" |
|
containerName: system-master |
|
env: |
|
- name: AMP_RELEASE |
|
valueFrom: |
|
configMapKeyRef: |
|
key: AMP_RELEASE |
|
name: system-environment |
|
- name: APICAST_REGISTRY_URL |
|
valueFrom: |
|
configMapKeyRef: |
|
key: APICAST_REGISTRY_URL |
|
name: system-environment |
|
- name: FORCE_SSL |
|
valueFrom: |
|
configMapKeyRef: |
|
key: FORCE_SSL |
|
name: system-environment |
|
- name: PROVIDER_PLAN |
|
valueFrom: |
|
configMapKeyRef: |
|
key: PROVIDER_PLAN |
|
name: system-environment |
|
- name: RAILS_ENV |
|
valueFrom: |
|
configMapKeyRef: |
|
key: RAILS_ENV |
|
name: system-environment |
|
- name: RAILS_LOG_LEVEL |
|
valueFrom: |
|
configMapKeyRef: |
|
key: RAILS_LOG_LEVEL |
|
name: system-environment |
|
- name: RAILS_LOG_TO_STDOUT |
|
valueFrom: |
|
configMapKeyRef: |
|
key: RAILS_LOG_TO_STDOUT |
|
name: system-environment |
|
- name: SSL_CERT_DIR |
|
valueFrom: |
|
configMapKeyRef: |
|
key: SSL_CERT_DIR |
|
name: system-environment |
|
- name: THINKING_SPHINX_PORT |
|
valueFrom: |
|
configMapKeyRef: |
|
key: THINKING_SPHINX_PORT |
|
name: system-environment |
|
- name: THREESCALE_SANDBOX_PROXY_OPENSSL_VERIFY_MODE |
|
valueFrom: |
|
configMapKeyRef: |
|
key: THREESCALE_SANDBOX_PROXY_OPENSSL_VERIFY_MODE |
|
name: system-environment |
|
- name: THREESCALE_SUPERDOMAIN |
|
valueFrom: |
|
configMapKeyRef: |
|
key: THREESCALE_SUPERDOMAIN |
|
name: system-environment |
|
- name: DATABASE_URL |
|
valueFrom: |
|
secretKeyRef: |
|
key: URL |
|
name: system-database |
|
- name: MASTER_DOMAIN |
|
valueFrom: |
|
secretKeyRef: |
|
key: MASTER_DOMAIN |
|
name: system-seed |
|
- name: MASTER_USER |
|
valueFrom: |
|
secretKeyRef: |
|
key: MASTER_USER |
|
name: system-seed |
|
- name: MASTER_PASSWORD |
|
valueFrom: |
|
secretKeyRef: |
|
key: MASTER_PASSWORD |
|
name: system-seed |
|
- name: ADMIN_ACCESS_TOKEN |
|
valueFrom: |
|
secretKeyRef: |
|
key: ADMIN_ACCESS_TOKEN |
|
name: system-seed |
|
- name: USER_LOGIN |
|
valueFrom: |
|
secretKeyRef: |
|
key: ADMIN_USER |
|
name: system-seed |
|
- name: USER_PASSWORD |
|
valueFrom: |
|
secretKeyRef: |
|
key: ADMIN_PASSWORD |
|
name: system-seed |
|
- name: TENANT_NAME |
|
valueFrom: |
|
secretKeyRef: |
|
key: TENANT_NAME |
|
name: system-seed |
|
- name: THINKING_SPHINX_ADDRESS |
|
value: system-sphinx |
|
- name: THINKING_SPHINX_CONFIGURATION_FILE |
|
value: /tmp/sphinx.conf |
|
- name: EVENTS_SHARED_SECRET |
|
valueFrom: |
|
secretKeyRef: |
|
key: PASSWORD |
|
name: system-events-hook |
|
- name: RECAPTCHA_PUBLIC_KEY |
|
valueFrom: |
|
secretKeyRef: |
|
key: PUBLIC_KEY |
|
name: system-recaptcha |
|
- name: RECAPTCHA_PRIVATE_KEY |
|
valueFrom: |
|
secretKeyRef: |
|
key: PRIVATE_KEY |
|
name: system-recaptcha |
|
- name: SECRET_KEY_BASE |
|
valueFrom: |
|
secretKeyRef: |
|
key: SECRET_KEY_BASE |
|
name: system-app |
|
- name: REDIS_URL |
|
valueFrom: |
|
secretKeyRef: |
|
key: URL |
|
name: system-redis |
|
- name: BACKEND_REDIS_URL |
|
valueFrom: |
|
secretKeyRef: |
|
key: REDIS_STORAGE_URL |
|
name: backend-redis |
|
- name: APICAST_BACKEND_ROOT_ENDPOINT |
|
valueFrom: |
|
secretKeyRef: |
|
key: route_endpoint |
|
name: backend-listener |
|
- name: BACKEND_ROUTE |
|
valueFrom: |
|
secretKeyRef: |
|
key: route_endpoint |
|
name: backend-listener |
|
- name: SMTP_ADDRESS |
|
valueFrom: |
|
configMapKeyRef: |
|
key: address |
|
name: smtp |
|
- name: SMTP_USER_NAME |
|
valueFrom: |
|
configMapKeyRef: |
|
key: username |
|
name: smtp |
|
- name: SMTP_PASSWORD |
|
valueFrom: |
|
configMapKeyRef: |
|
key: password |
|
name: smtp |
|
- name: SMTP_DOMAIN |
|
valueFrom: |
|
configMapKeyRef: |
|
key: domain |
|
name: smtp |
|
- name: SMTP_PORT |
|
valueFrom: |
|
configMapKeyRef: |
|
key: port |
|
name: smtp |
|
- name: SMTP_AUTHENTICATION |
|
valueFrom: |
|
configMapKeyRef: |
|
key: authentication |
|
name: smtp |
|
- name: SMTP_OPENSSL_VERIFY_MODE |
|
valueFrom: |
|
configMapKeyRef: |
|
key: openssl.verify.mode |
|
name: smtp |
|
- name: APICAST_ACCESS_TOKEN |
|
valueFrom: |
|
secretKeyRef: |
|
key: ACCESS_TOKEN |
|
name: system-master-apicast |
|
- name: ZYNC_AUTHENTICATION_TOKEN |
|
valueFrom: |
|
secretKeyRef: |
|
key: ZYNC_AUTHENTICATION_TOKEN |
|
name: zync |
|
- name: CONFIG_INTERNAL_API_USER |
|
valueFrom: |
|
secretKeyRef: |
|
key: username |
|
name: backend-internal-api |
|
- name: CONFIG_INTERNAL_API_PASSWORD |
|
valueFrom: |
|
secretKeyRef: |
|
key: password |
|
name: backend-internal-api |
|
volumes: |
|
- system-storage |
|
failurePolicy: Retry |
|
timeoutSeconds: 1200 |
|
updatePeriodSeconds: 1 |
|
type: Rolling |
|
template: |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: system |
|
3scale.component-element: app |
|
app: ${APP_LABEL} |
|
deploymentConfig: system-app |
|
spec: |
|
containers: |
|
- args: |
|
- env |
|
- TENANT_MODE=master |
|
- PORT=3002 |
|
- container-entrypoint |
|
- bundle |
|
- exec |
|
- unicorn |
|
- -c |
|
- config/unicorn.rb |
|
env: |
|
- name: AMP_RELEASE |
|
valueFrom: |
|
configMapKeyRef: |
|
key: AMP_RELEASE |
|
name: system-environment |
|
- name: APICAST_REGISTRY_URL |
|
valueFrom: |
|
configMapKeyRef: |
|
key: APICAST_REGISTRY_URL |
|
name: system-environment |
|
- name: FORCE_SSL |
|
valueFrom: |
|
configMapKeyRef: |
|
key: FORCE_SSL |
|
name: system-environment |
|
- name: PROVIDER_PLAN |
|
valueFrom: |
|
configMapKeyRef: |
|
key: PROVIDER_PLAN |
|
name: system-environment |
|
- name: RAILS_ENV |
|
valueFrom: |
|
configMapKeyRef: |
|
key: RAILS_ENV |
|
name: system-environment |
|
- name: RAILS_LOG_LEVEL |
|
valueFrom: |
|
configMapKeyRef: |
|
key: RAILS_LOG_LEVEL |
|
name: system-environment |
|
- name: RAILS_LOG_TO_STDOUT |
|
valueFrom: |
|
configMapKeyRef: |
|
key: RAILS_LOG_TO_STDOUT |
|
name: system-environment |
|
- name: SSL_CERT_DIR |
|
valueFrom: |
|
configMapKeyRef: |
|
key: SSL_CERT_DIR |
|
name: system-environment |
|
- name: THINKING_SPHINX_PORT |
|
valueFrom: |
|
configMapKeyRef: |
|
key: THINKING_SPHINX_PORT |
|
name: system-environment |
|
- name: THREESCALE_SANDBOX_PROXY_OPENSSL_VERIFY_MODE |
|
valueFrom: |
|
configMapKeyRef: |
|
key: THREESCALE_SANDBOX_PROXY_OPENSSL_VERIFY_MODE |
|
name: system-environment |
|
- name: THREESCALE_SUPERDOMAIN |
|
valueFrom: |
|
configMapKeyRef: |
|
key: THREESCALE_SUPERDOMAIN |
|
name: system-environment |
|
- name: DATABASE_URL |
|
valueFrom: |
|
secretKeyRef: |
|
key: URL |
|
name: system-database |
|
- name: MASTER_DOMAIN |
|
valueFrom: |
|
secretKeyRef: |
|
key: MASTER_DOMAIN |
|
name: system-seed |
|
- name: MASTER_USER |
|
valueFrom: |
|
secretKeyRef: |
|
key: MASTER_USER |
|
name: system-seed |
|
- name: MASTER_PASSWORD |
|
valueFrom: |
|
secretKeyRef: |
|
key: MASTER_PASSWORD |
|
name: system-seed |
|
- name: ADMIN_ACCESS_TOKEN |
|
valueFrom: |
|
secretKeyRef: |
|
key: ADMIN_ACCESS_TOKEN |
|
name: system-seed |
|
- name: USER_LOGIN |
|
valueFrom: |
|
secretKeyRef: |
|
key: ADMIN_USER |
|
name: system-seed |
|
- name: USER_PASSWORD |
|
valueFrom: |
|
secretKeyRef: |
|
key: ADMIN_PASSWORD |
|
name: system-seed |
|
- name: TENANT_NAME |
|
valueFrom: |
|
secretKeyRef: |
|
key: TENANT_NAME |
|
name: system-seed |
|
- name: THINKING_SPHINX_ADDRESS |
|
value: system-sphinx |
|
- name: THINKING_SPHINX_CONFIGURATION_FILE |
|
value: /tmp/sphinx.conf |
|
- name: EVENTS_SHARED_SECRET |
|
valueFrom: |
|
secretKeyRef: |
|
key: PASSWORD |
|
name: system-events-hook |
|
- name: RECAPTCHA_PUBLIC_KEY |
|
valueFrom: |
|
secretKeyRef: |
|
key: PUBLIC_KEY |
|
name: system-recaptcha |
|
- name: RECAPTCHA_PRIVATE_KEY |
|
valueFrom: |
|
secretKeyRef: |
|
key: PRIVATE_KEY |
|
name: system-recaptcha |
|
- name: SECRET_KEY_BASE |
|
valueFrom: |
|
secretKeyRef: |
|
key: SECRET_KEY_BASE |
|
name: system-app |
|
- name: REDIS_URL |
|
valueFrom: |
|
secretKeyRef: |
|
key: URL |
|
name: system-redis |
|
- name: BACKEND_REDIS_URL |
|
valueFrom: |
|
secretKeyRef: |
|
key: REDIS_STORAGE_URL |
|
name: backend-redis |
|
- name: APICAST_BACKEND_ROOT_ENDPOINT |
|
valueFrom: |
|
secretKeyRef: |
|
key: route_endpoint |
|
name: backend-listener |
|
- name: BACKEND_ROUTE |
|
valueFrom: |
|
secretKeyRef: |
|
key: route_endpoint |
|
name: backend-listener |
|
- name: SMTP_ADDRESS |
|
valueFrom: |
|
configMapKeyRef: |
|
key: address |
|
name: smtp |
|
- name: SMTP_USER_NAME |
|
valueFrom: |
|
configMapKeyRef: |
|
key: username |
|
name: smtp |
|
- name: SMTP_PASSWORD |
|
valueFrom: |
|
configMapKeyRef: |
|
key: password |
|
name: smtp |
|
- name: SMTP_DOMAIN |
|
valueFrom: |
|
configMapKeyRef: |
|
key: domain |
|
name: smtp |
|
- name: SMTP_PORT |
|
valueFrom: |
|
configMapKeyRef: |
|
key: port |
|
name: smtp |
|
- name: SMTP_AUTHENTICATION |
|
valueFrom: |
|
configMapKeyRef: |
|
key: authentication |
|
name: smtp |
|
- name: SMTP_OPENSSL_VERIFY_MODE |
|
valueFrom: |
|
configMapKeyRef: |
|
key: openssl.verify.mode |
|
name: smtp |
|
- name: APICAST_ACCESS_TOKEN |
|
valueFrom: |
|
secretKeyRef: |
|
key: ACCESS_TOKEN |
|
name: system-master-apicast |
|
- name: ZYNC_AUTHENTICATION_TOKEN |
|
valueFrom: |
|
secretKeyRef: |
|
key: ZYNC_AUTHENTICATION_TOKEN |
|
name: zync |
|
- name: CONFIG_INTERNAL_API_USER |
|
valueFrom: |
|
secretKeyRef: |
|
key: username |
|
name: backend-internal-api |
|
- name: CONFIG_INTERNAL_API_PASSWORD |
|
valueFrom: |
|
secretKeyRef: |
|
key: password |
|
name: backend-internal-api |
|
image: amp-system:latest |
|
imagePullPolicy: IfNotPresent |
|
livenessProbe: |
|
failureThreshold: 40 |
|
initialDelaySeconds: 40 |
|
periodSeconds: 10 |
|
tcpSocket: |
|
port: master |
|
timeoutSeconds: 10 |
|
name: system-master |
|
ports: |
|
- containerPort: 3002 |
|
name: master |
|
protocol: TCP |
|
readinessProbe: |
|
failureThreshold: 10 |
|
httpGet: |
|
httpHeaders: |
|
- name: X-Forwarded-Proto |
|
value: https |
|
path: /check.txt |
|
port: master |
|
scheme: HTTP |
|
initialDelaySeconds: 60 |
|
periodSeconds: 30 |
|
timeoutSeconds: 10 |
|
resources: {} |
|
volumeMounts: |
|
- mountPath: /opt/system/public/system |
|
name: system-storage |
|
- mountPath: /opt/system-extra-configs |
|
name: system-config |
|
- args: |
|
- env |
|
- TENANT_MODE=provider |
|
- PORT=3000 |
|
- container-entrypoint |
|
- bundle |
|
- exec |
|
- unicorn |
|
- -c |
|
- config/unicorn.rb |
|
env: |
|
- name: AMP_RELEASE |
|
valueFrom: |
|
configMapKeyRef: |
|
key: AMP_RELEASE |
|
name: system-environment |
|
- name: APICAST_REGISTRY_URL |
|
valueFrom: |
|
configMapKeyRef: |
|
key: APICAST_REGISTRY_URL |
|
name: system-environment |
|
- name: FORCE_SSL |
|
valueFrom: |
|
configMapKeyRef: |
|
key: FORCE_SSL |
|
name: system-environment |
|
- name: PROVIDER_PLAN |
|
valueFrom: |
|
configMapKeyRef: |
|
key: PROVIDER_PLAN |
|
name: system-environment |
|
- name: RAILS_ENV |
|
valueFrom: |
|
configMapKeyRef: |
|
key: RAILS_ENV |
|
name: system-environment |
|
- name: RAILS_LOG_LEVEL |
|
valueFrom: |
|
configMapKeyRef: |
|
key: RAILS_LOG_LEVEL |
|
name: system-environment |
|
- name: RAILS_LOG_TO_STDOUT |
|
valueFrom: |
|
configMapKeyRef: |
|
key: RAILS_LOG_TO_STDOUT |
|
name: system-environment |
|
- name: SSL_CERT_DIR |
|
valueFrom: |
|
configMapKeyRef: |
|
key: SSL_CERT_DIR |
|
name: system-environment |
|
- name: THINKING_SPHINX_PORT |
|
valueFrom: |
|
configMapKeyRef: |
|
key: THINKING_SPHINX_PORT |
|
name: system-environment |
|
- name: THREESCALE_SANDBOX_PROXY_OPENSSL_VERIFY_MODE |
|
valueFrom: |
|
configMapKeyRef: |
|
key: THREESCALE_SANDBOX_PROXY_OPENSSL_VERIFY_MODE |
|
name: system-environment |
|
- name: THREESCALE_SUPERDOMAIN |
|
valueFrom: |
|
configMapKeyRef: |
|
key: THREESCALE_SUPERDOMAIN |
|
name: system-environment |
|
- name: DATABASE_URL |
|
valueFrom: |
|
secretKeyRef: |
|
key: URL |
|
name: system-database |
|
- name: MASTER_DOMAIN |
|
valueFrom: |
|
secretKeyRef: |
|
key: MASTER_DOMAIN |
|
name: system-seed |
|
- name: MASTER_USER |
|
valueFrom: |
|
secretKeyRef: |
|
key: MASTER_USER |
|
name: system-seed |
|
- name: MASTER_PASSWORD |
|
valueFrom: |
|
secretKeyRef: |
|
key: MASTER_PASSWORD |
|
name: system-seed |
|
- name: ADMIN_ACCESS_TOKEN |
|
valueFrom: |
|
secretKeyRef: |
|
key: ADMIN_ACCESS_TOKEN |
|
name: system-seed |
|
- name: USER_LOGIN |
|
valueFrom: |
|
secretKeyRef: |
|
key: ADMIN_USER |
|
name: system-seed |
|
- name: USER_PASSWORD |
|
valueFrom: |
|
secretKeyRef: |
|
key: ADMIN_PASSWORD |
|
name: system-seed |
|
- name: TENANT_NAME |
|
valueFrom: |
|
secretKeyRef: |
|
key: TENANT_NAME |
|
name: system-seed |
|
- name: THINKING_SPHINX_ADDRESS |
|
value: system-sphinx |
|
- name: THINKING_SPHINX_CONFIGURATION_FILE |
|
value: /tmp/sphinx.conf |
|
- name: EVENTS_SHARED_SECRET |
|
valueFrom: |
|
secretKeyRef: |
|
key: PASSWORD |
|
name: system-events-hook |
|
- name: RECAPTCHA_PUBLIC_KEY |
|
valueFrom: |
|
secretKeyRef: |
|
key: PUBLIC_KEY |
|
name: system-recaptcha |
|
- name: RECAPTCHA_PRIVATE_KEY |
|
valueFrom: |
|
secretKeyRef: |
|
key: PRIVATE_KEY |
|
name: system-recaptcha |
|
- name: SECRET_KEY_BASE |
|
valueFrom: |
|
secretKeyRef: |
|
key: SECRET_KEY_BASE |
|
name: system-app |
|
- name: REDIS_URL |
|
valueFrom: |
|
secretKeyRef: |
|
key: URL |
|
name: system-redis |
|
- name: BACKEND_REDIS_URL |
|
valueFrom: |
|
secretKeyRef: |
|
key: REDIS_STORAGE_URL |
|
name: backend-redis |
|
- name: APICAST_BACKEND_ROOT_ENDPOINT |
|
valueFrom: |
|
secretKeyRef: |
|
key: route_endpoint |
|
name: backend-listener |
|
- name: BACKEND_ROUTE |
|
valueFrom: |
|
secretKeyRef: |
|
key: route_endpoint |
|
name: backend-listener |
|
- name: SMTP_ADDRESS |
|
valueFrom: |
|
configMapKeyRef: |
|
key: address |
|
name: smtp |
|
- name: SMTP_USER_NAME |
|
valueFrom: |
|
configMapKeyRef: |
|
key: username |
|
name: smtp |
|
- name: SMTP_PASSWORD |
|
valueFrom: |
|
configMapKeyRef: |
|
key: password |
|
name: smtp |
|
- name: SMTP_DOMAIN |
|
valueFrom: |
|
configMapKeyRef: |
|
key: domain |
|
name: smtp |
|
- name: SMTP_PORT |
|
valueFrom: |
|
configMapKeyRef: |
|
key: port |
|
name: smtp |
|
- name: SMTP_AUTHENTICATION |
|
valueFrom: |
|
configMapKeyRef: |
|
key: authentication |
|
name: smtp |
|
- name: SMTP_OPENSSL_VERIFY_MODE |
|
valueFrom: |
|
configMapKeyRef: |
|
key: openssl.verify.mode |
|
name: smtp |
|
- name: APICAST_ACCESS_TOKEN |
|
valueFrom: |
|
secretKeyRef: |
|
key: ACCESS_TOKEN |
|
name: system-master-apicast |
|
- name: ZYNC_AUTHENTICATION_TOKEN |
|
valueFrom: |
|
secretKeyRef: |
|
key: ZYNC_AUTHENTICATION_TOKEN |
|
name: zync |
|
- name: CONFIG_INTERNAL_API_USER |
|
valueFrom: |
|
secretKeyRef: |
|
key: username |
|
name: backend-internal-api |
|
- name: CONFIG_INTERNAL_API_PASSWORD |
|
valueFrom: |
|
secretKeyRef: |
|
key: password |
|
name: backend-internal-api |
|
image: amp-system:latest |
|
imagePullPolicy: IfNotPresent |
|
livenessProbe: |
|
failureThreshold: 40 |
|
initialDelaySeconds: 40 |
|
periodSeconds: 10 |
|
tcpSocket: |
|
port: provider |
|
timeoutSeconds: 10 |
|
name: system-provider |
|
ports: |
|
- containerPort: 3000 |
|
name: provider |
|
protocol: TCP |
|
readinessProbe: |
|
failureThreshold: 10 |
|
httpGet: |
|
httpHeaders: |
|
- name: X-Forwarded-Proto |
|
value: https |
|
path: /check.txt |
|
port: provider |
|
scheme: HTTP |
|
initialDelaySeconds: 60 |
|
periodSeconds: 30 |
|
timeoutSeconds: 10 |
|
resources: {} |
|
volumeMounts: |
|
- mountPath: /opt/system/public/system |
|
name: system-storage |
|
- mountPath: /opt/system-extra-configs |
|
name: system-config |
|
- args: |
|
- env |
|
- PORT=3001 |
|
- container-entrypoint |
|
- bundle |
|
- exec |
|
- unicorn |
|
- -c |
|
- config/unicorn.rb |
|
env: |
|
- name: AMP_RELEASE |
|
valueFrom: |
|
configMapKeyRef: |
|
key: AMP_RELEASE |
|
name: system-environment |
|
- name: APICAST_REGISTRY_URL |
|
valueFrom: |
|
configMapKeyRef: |
|
key: APICAST_REGISTRY_URL |
|
name: system-environment |
|
- name: FORCE_SSL |
|
valueFrom: |
|
configMapKeyRef: |
|
key: FORCE_SSL |
|
name: system-environment |
|
- name: PROVIDER_PLAN |
|
valueFrom: |
|
configMapKeyRef: |
|
key: PROVIDER_PLAN |
|
name: system-environment |
|
- name: RAILS_ENV |
|
valueFrom: |
|
configMapKeyRef: |
|
key: RAILS_ENV |
|
name: system-environment |
|
- name: RAILS_LOG_LEVEL |
|
valueFrom: |
|
configMapKeyRef: |
|
key: RAILS_LOG_LEVEL |
|
name: system-environment |
|
- name: RAILS_LOG_TO_STDOUT |
|
valueFrom: |
|
configMapKeyRef: |
|
key: RAILS_LOG_TO_STDOUT |
|
name: system-environment |
|
- name: SSL_CERT_DIR |
|
valueFrom: |
|
configMapKeyRef: |
|
key: SSL_CERT_DIR |
|
name: system-environment |
|
- name: THINKING_SPHINX_PORT |
|
valueFrom: |
|
configMapKeyRef: |
|
key: THINKING_SPHINX_PORT |
|
name: system-environment |
|
- name: THREESCALE_SANDBOX_PROXY_OPENSSL_VERIFY_MODE |
|
valueFrom: |
|
configMapKeyRef: |
|
key: THREESCALE_SANDBOX_PROXY_OPENSSL_VERIFY_MODE |
|
name: system-environment |
|
- name: THREESCALE_SUPERDOMAIN |
|
valueFrom: |
|
configMapKeyRef: |
|
key: THREESCALE_SUPERDOMAIN |
|
name: system-environment |
|
- name: DATABASE_URL |
|
valueFrom: |
|
secretKeyRef: |
|
key: URL |
|
name: system-database |
|
- name: MASTER_DOMAIN |
|
valueFrom: |
|
secretKeyRef: |
|
key: MASTER_DOMAIN |
|
name: system-seed |
|
- name: MASTER_USER |
|
valueFrom: |
|
secretKeyRef: |
|
key: MASTER_USER |
|
name: system-seed |
|
- name: MASTER_PASSWORD |
|
valueFrom: |
|
secretKeyRef: |
|
key: MASTER_PASSWORD |
|
name: system-seed |
|
- name: ADMIN_ACCESS_TOKEN |
|
valueFrom: |
|
secretKeyRef: |
|
key: ADMIN_ACCESS_TOKEN |
|
name: system-seed |
|
- name: USER_LOGIN |
|
valueFrom: |
|
secretKeyRef: |
|
key: ADMIN_USER |
|
name: system-seed |
|
- name: USER_PASSWORD |
|
valueFrom: |
|
secretKeyRef: |
|
key: ADMIN_PASSWORD |
|
name: system-seed |
|
- name: TENANT_NAME |
|
valueFrom: |
|
secretKeyRef: |
|
key: TENANT_NAME |
|
name: system-seed |
|
- name: THINKING_SPHINX_ADDRESS |
|
value: system-sphinx |
|
- name: THINKING_SPHINX_CONFIGURATION_FILE |
|
value: /tmp/sphinx.conf |
|
- name: EVENTS_SHARED_SECRET |
|
valueFrom: |
|
secretKeyRef: |
|
key: PASSWORD |
|
name: system-events-hook |
|
- name: RECAPTCHA_PUBLIC_KEY |
|
valueFrom: |
|
secretKeyRef: |
|
key: PUBLIC_KEY |
|
name: system-recaptcha |
|
- name: RECAPTCHA_PRIVATE_KEY |
|
valueFrom: |
|
secretKeyRef: |
|
key: PRIVATE_KEY |
|
name: system-recaptcha |
|
- name: SECRET_KEY_BASE |
|
valueFrom: |
|
secretKeyRef: |
|
key: SECRET_KEY_BASE |
|
name: system-app |
|
- name: REDIS_URL |
|
valueFrom: |
|
secretKeyRef: |
|
key: URL |
|
name: system-redis |
|
- name: BACKEND_REDIS_URL |
|
valueFrom: |
|
secretKeyRef: |
|
key: REDIS_STORAGE_URL |
|
name: backend-redis |
|
- name: APICAST_BACKEND_ROOT_ENDPOINT |
|
valueFrom: |
|
secretKeyRef: |
|
key: route_endpoint |
|
name: backend-listener |
|
- name: BACKEND_ROUTE |
|
valueFrom: |
|
secretKeyRef: |
|
key: route_endpoint |
|
name: backend-listener |
|
- name: SMTP_ADDRESS |
|
valueFrom: |
|
configMapKeyRef: |
|
key: address |
|
name: smtp |
|
- name: SMTP_USER_NAME |
|
valueFrom: |
|
configMapKeyRef: |
|
key: username |
|
name: smtp |
|
- name: SMTP_PASSWORD |
|
valueFrom: |
|
configMapKeyRef: |
|
key: password |
|
name: smtp |
|
- name: SMTP_DOMAIN |
|
valueFrom: |
|
configMapKeyRef: |
|
key: domain |
|
name: smtp |
|
- name: SMTP_PORT |
|
valueFrom: |
|
configMapKeyRef: |
|
key: port |
|
name: smtp |
|
- name: SMTP_AUTHENTICATION |
|
valueFrom: |
|
configMapKeyRef: |
|
key: authentication |
|
name: smtp |
|
- name: SMTP_OPENSSL_VERIFY_MODE |
|
valueFrom: |
|
configMapKeyRef: |
|
key: openssl.verify.mode |
|
name: smtp |
|
- name: APICAST_ACCESS_TOKEN |
|
valueFrom: |
|
secretKeyRef: |
|
key: ACCESS_TOKEN |
|
name: system-master-apicast |
|
- name: ZYNC_AUTHENTICATION_TOKEN |
|
valueFrom: |
|
secretKeyRef: |
|
key: ZYNC_AUTHENTICATION_TOKEN |
|
name: zync |
|
- name: CONFIG_INTERNAL_API_USER |
|
valueFrom: |
|
secretKeyRef: |
|
key: username |
|
name: backend-internal-api |
|
- name: CONFIG_INTERNAL_API_PASSWORD |
|
valueFrom: |
|
secretKeyRef: |
|
key: password |
|
name: backend-internal-api |
|
image: amp-system:latest |
|
imagePullPolicy: IfNotPresent |
|
livenessProbe: |
|
failureThreshold: 40 |
|
initialDelaySeconds: 40 |
|
periodSeconds: 10 |
|
tcpSocket: |
|
port: developer |
|
timeoutSeconds: 10 |
|
name: system-developer |
|
ports: |
|
- containerPort: 3001 |
|
name: developer |
|
protocol: TCP |
|
readinessProbe: |
|
failureThreshold: 10 |
|
httpGet: |
|
httpHeaders: |
|
- name: X-Forwarded-Proto |
|
value: https |
|
path: /check.txt |
|
port: developer |
|
scheme: HTTP |
|
initialDelaySeconds: 60 |
|
periodSeconds: 30 |
|
timeoutSeconds: 10 |
|
resources: {} |
|
volumeMounts: |
|
- mountPath: /opt/system/public/system |
|
name: system-storage |
|
readOnly: true |
|
- mountPath: /opt/system-extra-configs |
|
name: system-config |
|
serviceAccountName: amp |
|
volumes: |
|
- name: system-storage |
|
persistentVolumeClaim: |
|
claimName: system-storage |
|
- configMap: |
|
items: |
|
- key: zync.yml |
|
path: zync.yml |
|
- key: rolling_updates.yml |
|
path: rolling_updates.yml |
|
- key: service_discovery.yml |
|
path: service_discovery.yml |
|
name: system |
|
name: system-config |
|
test: false |
|
triggers: |
|
- type: ConfigChange |
|
- imageChangeParams: |
|
automatic: true |
|
containerNames: |
|
- system-provider |
|
- system-developer |
|
- system-master |
|
from: |
|
kind: ImageStreamTag |
|
name: amp-system:latest |
|
type: ImageChange |
|
status: |
|
availableReplicas: 0 |
|
latestVersion: 0 |
|
observedGeneration: 0 |
|
replicas: 0 |
|
unavailableReplicas: 0 |
|
updatedReplicas: 0 |
|
- apiVersion: apps.openshift.io/v1 |
|
kind: DeploymentConfig |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: system |
|
3scale.component-element: sidekiq |
|
app: ${APP_LABEL} |
|
name: system-sidekiq |
|
spec: |
|
replicas: 1 |
|
selector: |
|
deploymentConfig: system-sidekiq |
|
strategy: |
|
resources: {} |
|
rollingParams: |
|
intervalSeconds: 1 |
|
maxSurge: 25% |
|
maxUnavailable: 25% |
|
timeoutSeconds: 1200 |
|
updatePeriodSeconds: 1 |
|
type: Rolling |
|
template: |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: system |
|
3scale.component-element: sidekiq |
|
app: ${APP_LABEL} |
|
deploymentConfig: system-sidekiq |
|
spec: |
|
containers: |
|
- args: |
|
- rake |
|
- sidekiq:worker |
|
- RAILS_MAX_THREADS=25 |
|
env: |
|
- name: AMP_RELEASE |
|
valueFrom: |
|
configMapKeyRef: |
|
key: AMP_RELEASE |
|
name: system-environment |
|
- name: APICAST_REGISTRY_URL |
|
valueFrom: |
|
configMapKeyRef: |
|
key: APICAST_REGISTRY_URL |
|
name: system-environment |
|
- name: FORCE_SSL |
|
valueFrom: |
|
configMapKeyRef: |
|
key: FORCE_SSL |
|
name: system-environment |
|
- name: PROVIDER_PLAN |
|
valueFrom: |
|
configMapKeyRef: |
|
key: PROVIDER_PLAN |
|
name: system-environment |
|
- name: RAILS_ENV |
|
valueFrom: |
|
configMapKeyRef: |
|
key: RAILS_ENV |
|
name: system-environment |
|
- name: RAILS_LOG_LEVEL |
|
valueFrom: |
|
configMapKeyRef: |
|
key: RAILS_LOG_LEVEL |
|
name: system-environment |
|
- name: RAILS_LOG_TO_STDOUT |
|
valueFrom: |
|
configMapKeyRef: |
|
key: RAILS_LOG_TO_STDOUT |
|
name: system-environment |
|
- name: SSL_CERT_DIR |
|
valueFrom: |
|
configMapKeyRef: |
|
key: SSL_CERT_DIR |
|
name: system-environment |
|
- name: THINKING_SPHINX_PORT |
|
valueFrom: |
|
configMapKeyRef: |
|
key: THINKING_SPHINX_PORT |
|
name: system-environment |
|
- name: THREESCALE_SANDBOX_PROXY_OPENSSL_VERIFY_MODE |
|
valueFrom: |
|
configMapKeyRef: |
|
key: THREESCALE_SANDBOX_PROXY_OPENSSL_VERIFY_MODE |
|
name: system-environment |
|
- name: THREESCALE_SUPERDOMAIN |
|
valueFrom: |
|
configMapKeyRef: |
|
key: THREESCALE_SUPERDOMAIN |
|
name: system-environment |
|
- name: DATABASE_URL |
|
valueFrom: |
|
secretKeyRef: |
|
key: URL |
|
name: system-database |
|
- name: MASTER_DOMAIN |
|
valueFrom: |
|
secretKeyRef: |
|
key: MASTER_DOMAIN |
|
name: system-seed |
|
- name: MASTER_USER |
|
valueFrom: |
|
secretKeyRef: |
|
key: MASTER_USER |
|
name: system-seed |
|
- name: MASTER_PASSWORD |
|
valueFrom: |
|
secretKeyRef: |
|
key: MASTER_PASSWORD |
|
name: system-seed |
|
- name: ADMIN_ACCESS_TOKEN |
|
valueFrom: |
|
secretKeyRef: |
|
key: ADMIN_ACCESS_TOKEN |
|
name: system-seed |
|
- name: USER_LOGIN |
|
valueFrom: |
|
secretKeyRef: |
|
key: ADMIN_USER |
|
name: system-seed |
|
- name: USER_PASSWORD |
|
valueFrom: |
|
secretKeyRef: |
|
key: ADMIN_PASSWORD |
|
name: system-seed |
|
- name: TENANT_NAME |
|
valueFrom: |
|
secretKeyRef: |
|
key: TENANT_NAME |
|
name: system-seed |
|
- name: THINKING_SPHINX_ADDRESS |
|
value: system-sphinx |
|
- name: THINKING_SPHINX_CONFIGURATION_FILE |
|
value: /tmp/sphinx.conf |
|
- name: EVENTS_SHARED_SECRET |
|
valueFrom: |
|
secretKeyRef: |
|
key: PASSWORD |
|
name: system-events-hook |
|
- name: RECAPTCHA_PUBLIC_KEY |
|
valueFrom: |
|
secretKeyRef: |
|
key: PUBLIC_KEY |
|
name: system-recaptcha |
|
- name: RECAPTCHA_PRIVATE_KEY |
|
valueFrom: |
|
secretKeyRef: |
|
key: PRIVATE_KEY |
|
name: system-recaptcha |
|
- name: SECRET_KEY_BASE |
|
valueFrom: |
|
secretKeyRef: |
|
key: SECRET_KEY_BASE |
|
name: system-app |
|
- name: REDIS_URL |
|
valueFrom: |
|
secretKeyRef: |
|
key: URL |
|
name: system-redis |
|
- name: BACKEND_REDIS_URL |
|
valueFrom: |
|
secretKeyRef: |
|
key: REDIS_STORAGE_URL |
|
name: backend-redis |
|
- name: APICAST_BACKEND_ROOT_ENDPOINT |
|
valueFrom: |
|
secretKeyRef: |
|
key: route_endpoint |
|
name: backend-listener |
|
- name: BACKEND_ROUTE |
|
valueFrom: |
|
secretKeyRef: |
|
key: route_endpoint |
|
name: backend-listener |
|
- name: SMTP_ADDRESS |
|
valueFrom: |
|
configMapKeyRef: |
|
key: address |
|
name: smtp |
|
- name: SMTP_USER_NAME |
|
valueFrom: |
|
configMapKeyRef: |
|
key: username |
|
name: smtp |
|
- name: SMTP_PASSWORD |
|
valueFrom: |
|
configMapKeyRef: |
|
key: password |
|
name: smtp |
|
- name: SMTP_DOMAIN |
|
valueFrom: |
|
configMapKeyRef: |
|
key: domain |
|
name: smtp |
|
- name: SMTP_PORT |
|
valueFrom: |
|
configMapKeyRef: |
|
key: port |
|
name: smtp |
|
- name: SMTP_AUTHENTICATION |
|
valueFrom: |
|
configMapKeyRef: |
|
key: authentication |
|
name: smtp |
|
- name: SMTP_OPENSSL_VERIFY_MODE |
|
valueFrom: |
|
configMapKeyRef: |
|
key: openssl.verify.mode |
|
name: smtp |
|
- name: APICAST_ACCESS_TOKEN |
|
valueFrom: |
|
secretKeyRef: |
|
key: ACCESS_TOKEN |
|
name: system-master-apicast |
|
- name: ZYNC_AUTHENTICATION_TOKEN |
|
valueFrom: |
|
secretKeyRef: |
|
key: ZYNC_AUTHENTICATION_TOKEN |
|
name: zync |
|
- name: CONFIG_INTERNAL_API_USER |
|
valueFrom: |
|
secretKeyRef: |
|
key: username |
|
name: backend-internal-api |
|
- name: CONFIG_INTERNAL_API_PASSWORD |
|
valueFrom: |
|
secretKeyRef: |
|
key: password |
|
name: backend-internal-api |
|
image: amp-system:latest |
|
imagePullPolicy: IfNotPresent |
|
name: system-sidekiq |
|
resources: {} |
|
volumeMounts: |
|
- mountPath: /opt/system/public/system |
|
name: system-storage |
|
- mountPath: /tmp |
|
name: system-tmp |
|
- mountPath: /opt/system-extra-configs |
|
name: system-config |
|
initContainers: |
|
- command: |
|
- bash |
|
- -c |
|
- bundle exec sh -c "until rake boot:redis && curl --output /dev/null --silent |
|
--fail --head http://system-master:3000/status; do sleep $SLEEP_SECONDS; |
|
done" |
|
env: |
|
- name: SLEEP_SECONDS |
|
value: "1" |
|
- name: REDIS_URL |
|
valueFrom: |
|
secretKeyRef: |
|
key: URL |
|
name: system-redis |
|
image: amp-system:latest |
|
name: check-svc |
|
resources: {} |
|
serviceAccountName: amp |
|
volumes: |
|
- emptyDir: |
|
medium: Memory |
|
name: system-tmp |
|
- name: system-storage |
|
persistentVolumeClaim: |
|
claimName: system-storage |
|
- configMap: |
|
items: |
|
- key: zync.yml |
|
path: zync.yml |
|
- key: rolling_updates.yml |
|
path: rolling_updates.yml |
|
- key: service_discovery.yml |
|
path: service_discovery.yml |
|
name: system |
|
name: system-config |
|
test: false |
|
triggers: |
|
- type: ConfigChange |
|
- imageChangeParams: |
|
automatic: true |
|
containerNames: |
|
- check-svc |
|
- system-sidekiq |
|
from: |
|
kind: ImageStreamTag |
|
name: amp-system:latest |
|
type: ImageChange |
|
status: |
|
availableReplicas: 0 |
|
latestVersion: 0 |
|
observedGeneration: 0 |
|
replicas: 0 |
|
unavailableReplicas: 0 |
|
updatedReplicas: 0 |
|
- apiVersion: apps.openshift.io/v1 |
|
kind: DeploymentConfig |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: system |
|
3scale.component-element: sphinx |
|
app: ${APP_LABEL} |
|
name: system-sphinx |
|
spec: |
|
replicas: 1 |
|
selector: |
|
deploymentConfig: system-sphinx |
|
strategy: |
|
resources: {} |
|
rollingParams: |
|
intervalSeconds: 1 |
|
maxSurge: 25% |
|
maxUnavailable: 25% |
|
timeoutSeconds: 1200 |
|
updatePeriodSeconds: 1 |
|
type: Rolling |
|
template: |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: system |
|
3scale.component-element: sphinx |
|
app: ${APP_LABEL} |
|
deploymentConfig: system-sphinx |
|
spec: |
|
containers: |
|
- args: |
|
- rake |
|
- openshift:thinking_sphinx:start |
|
env: |
|
- name: RAILS_ENV |
|
valueFrom: |
|
configMapKeyRef: |
|
key: RAILS_ENV |
|
name: system-environment |
|
- name: DATABASE_URL |
|
valueFrom: |
|
secretKeyRef: |
|
key: URL |
|
name: system-database |
|
- name: THINKING_SPHINX_ADDRESS |
|
value: 0.0.0.0 |
|
- name: THINKING_SPHINX_CONFIGURATION_FILE |
|
value: db/sphinx/production.conf |
|
- name: THINKING_SPHINX_PID_FILE |
|
value: db/sphinx/searchd.pid |
|
- name: DELTA_INDEX_INTERVAL |
|
value: "5" |
|
- name: FULL_REINDEX_INTERVAL |
|
value: "60" |
|
image: amp-system:latest |
|
imagePullPolicy: IfNotPresent |
|
livenessProbe: |
|
initialDelaySeconds: 60 |
|
periodSeconds: 10 |
|
tcpSocket: |
|
port: 9306 |
|
name: system-sphinx |
|
resources: {} |
|
volumeMounts: |
|
- mountPath: /opt/system/db/sphinx |
|
name: system-sphinx-database |
|
initContainers: |
|
- command: |
|
- sh |
|
- -c |
|
- until $(curl --output /dev/null --silent --fail --head http://system-master:3000/status); |
|
do sleep $SLEEP_SECONDS; done |
|
env: |
|
- name: SLEEP_SECONDS |
|
value: "1" |
|
image: amp-system:latest |
|
name: system-master-svc |
|
resources: {} |
|
serviceAccountName: amp |
|
volumes: |
|
- emptyDir: {} |
|
name: system-sphinx-database |
|
test: false |
|
triggers: |
|
- type: ConfigChange |
|
- imageChangeParams: |
|
automatic: true |
|
containerNames: |
|
- system-master-svc |
|
- system-sphinx |
|
from: |
|
kind: ImageStreamTag |
|
name: amp-system:latest |
|
type: ImageChange |
|
status: |
|
availableReplicas: 0 |
|
latestVersion: 0 |
|
observedGeneration: 0 |
|
replicas: 0 |
|
unavailableReplicas: 0 |
|
updatedReplicas: 0 |
|
- apiVersion: v1 |
|
kind: Secret |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: system |
|
app: ${APP_LABEL} |
|
name: system-events-hook |
|
stringData: |
|
PASSWORD: ${SYSTEM_BACKEND_SHARED_SECRET} |
|
URL: http://system-master:3000/master/events/import |
|
type: Opaque |
|
- apiVersion: v1 |
|
kind: Secret |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: system |
|
app: ${APP_LABEL} |
|
name: system-redis |
|
stringData: |
|
URL: redis://system-redis:6379/${SYSTEM_REDIS_DB_NUMBER_PRODUCTION} |
|
type: Opaque |
|
- apiVersion: v1 |
|
kind: Secret |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: system |
|
app: ${APP_LABEL} |
|
name: system-master-apicast |
|
stringData: |
|
ACCESS_TOKEN: ${APICAST_ACCESS_TOKEN} |
|
BASE_URL: http://${APICAST_ACCESS_TOKEN}@system-master:3000 |
|
PROXY_CONFIGS_ENDPOINT: http://${APICAST_ACCESS_TOKEN}@system-master:3000/master/api/proxy/configs |
|
type: Opaque |
|
- apiVersion: v1 |
|
kind: Secret |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: system |
|
app: ${APP_LABEL} |
|
name: system-database |
|
stringData: |
|
URL: mysql2://root:${MYSQL_ROOT_PASSWORD}@system-mysql/${MYSQL_DATABASE} |
|
type: Opaque |
|
- apiVersion: v1 |
|
kind: Secret |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: system |
|
app: ${APP_LABEL} |
|
name: system-seed |
|
stringData: |
|
ADMIN_ACCESS_TOKEN: ${ADMIN_ACCESS_TOKEN} |
|
ADMIN_PASSWORD: ${ADMIN_PASSWORD} |
|
ADMIN_USER: ${ADMIN_USERNAME} |
|
MASTER_DOMAIN: ${MASTER_NAME} |
|
MASTER_PASSWORD: ${MASTER_PASSWORD} |
|
MASTER_USER: ${MASTER_USER} |
|
TENANT_NAME: ${TENANT_NAME} |
|
type: Opaque |
|
- apiVersion: v1 |
|
kind: Secret |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: system |
|
app: ${APP_LABEL} |
|
name: system-recaptcha |
|
stringData: |
|
PRIVATE_KEY: ${RECAPTCHA_PRIVATE_KEY} |
|
PUBLIC_KEY: ${RECAPTCHA_PUBLIC_KEY} |
|
type: Opaque |
|
- apiVersion: v1 |
|
kind: Secret |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: system |
|
app: ${APP_LABEL} |
|
name: system-app |
|
stringData: |
|
SECRET_KEY_BASE: ${SYSTEM_APP_SECRET_KEY_BASE} |
|
type: Opaque |
|
- apiVersion: apps.openshift.io/v1 |
|
kind: DeploymentConfig |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: zync |
|
app: ${APP_LABEL} |
|
name: zync |
|
spec: |
|
replicas: 1 |
|
selector: |
|
deploymentConfig: zync |
|
strategy: |
|
resources: {} |
|
template: |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: zync |
|
app: ${APP_LABEL} |
|
deploymentConfig: zync |
|
spec: |
|
containers: |
|
- env: |
|
- name: RAILS_LOG_TO_STDOUT |
|
value: "true" |
|
- name: RAILS_ENV |
|
value: production |
|
- name: DATABASE_URL |
|
valueFrom: |
|
secretKeyRef: |
|
key: DATABASE_URL |
|
name: zync |
|
- name: SECRET_KEY_BASE |
|
valueFrom: |
|
secretKeyRef: |
|
key: SECRET_KEY_BASE |
|
name: zync |
|
- name: ZYNC_AUTHENTICATION_TOKEN |
|
valueFrom: |
|
secretKeyRef: |
|
key: ZYNC_AUTHENTICATION_TOKEN |
|
name: zync |
|
image: amp-zync:latest |
|
livenessProbe: |
|
failureThreshold: 10 |
|
httpGet: |
|
path: /status/live |
|
port: 8080 |
|
scheme: HTTP |
|
initialDelaySeconds: 10 |
|
periodSeconds: 10 |
|
successThreshold: 1 |
|
timeoutSeconds: 60 |
|
name: zync |
|
ports: |
|
- containerPort: 8080 |
|
protocol: TCP |
|
readinessProbe: |
|
failureThreshold: 3 |
|
httpGet: |
|
path: /status/ready |
|
port: 8080 |
|
scheme: HTTP |
|
initialDelaySeconds: 100 |
|
periodSeconds: 10 |
|
successThreshold: 1 |
|
timeoutSeconds: 10 |
|
resources: {} |
|
initContainers: |
|
- command: |
|
- bash |
|
- -c |
|
- bundle exec sh -c "until rake boot:db; do sleep $SLEEP_SECONDS; done" |
|
env: |
|
- name: SLEEP_SECONDS |
|
value: "1" |
|
- name: DATABASE_URL |
|
valueFrom: |
|
secretKeyRef: |
|
key: DATABASE_URL |
|
name: zync |
|
image: amp-zync:latest |
|
name: zync-db-svc |
|
resources: {} |
|
serviceAccountName: amp |
|
test: false |
|
triggers: |
|
- type: ConfigChange |
|
- imageChangeParams: |
|
automatic: true |
|
containerNames: |
|
- zync-db-svc |
|
- zync |
|
from: |
|
kind: ImageStreamTag |
|
name: amp-zync:latest |
|
type: ImageChange |
|
status: |
|
availableReplicas: 0 |
|
latestVersion: 0 |
|
observedGeneration: 0 |
|
replicas: 0 |
|
unavailableReplicas: 0 |
|
updatedReplicas: 0 |
|
- apiVersion: apps.openshift.io/v1 |
|
kind: DeploymentConfig |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: zync |
|
3scale.component-element: database |
|
app: ${APP_LABEL} |
|
name: zync-database |
|
spec: |
|
replicas: 1 |
|
selector: |
|
deploymentConfig: zync-database |
|
strategy: |
|
resources: {} |
|
type: Recreate |
|
template: |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: zync |
|
3scale.component-element: database |
|
app: ${APP_LABEL} |
|
deploymentConfig: zync-database |
|
spec: |
|
containers: |
|
- env: |
|
- name: POSTGRESQL_USER |
|
value: zync |
|
- name: POSTGRESQL_PASSWORD |
|
valueFrom: |
|
secretKeyRef: |
|
key: ZYNC_DATABASE_PASSWORD |
|
name: zync |
|
- name: POSTGRESQL_DATABASE |
|
value: zync_production |
|
image: ' ' |
|
imagePullPolicy: IfNotPresent |
|
livenessProbe: |
|
initialDelaySeconds: 30 |
|
tcpSocket: |
|
port: 5432 |
|
timeoutSeconds: 1 |
|
name: postgresql |
|
ports: |
|
- containerPort: 5432 |
|
protocol: TCP |
|
readinessProbe: |
|
exec: |
|
command: |
|
- /bin/sh |
|
- -i |
|
- -c |
|
- psql -h 127.0.0.1 -U zync -q -d zync_production -c 'SELECT 1' |
|
initialDelaySeconds: 5 |
|
timeoutSeconds: 1 |
|
resources: {} |
|
volumeMounts: |
|
- mountPath: /var/lib/pgsql/data |
|
name: zync-database-data |
|
restartPolicy: Always |
|
volumes: |
|
- emptyDir: {} |
|
name: zync-database-data |
|
test: false |
|
triggers: |
|
- type: ConfigChange |
|
- imageChangeParams: |
|
automatic: true |
|
containerNames: |
|
- postgresql |
|
from: |
|
kind: ImageStreamTag |
|
name: postgresql:9.5 |
|
type: ImageChange |
|
status: |
|
availableReplicas: 0 |
|
latestVersion: 0 |
|
observedGeneration: 0 |
|
replicas: 0 |
|
unavailableReplicas: 0 |
|
updatedReplicas: 0 |
|
- apiVersion: v1 |
|
kind: Service |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: zync |
|
app: ${APP_LABEL} |
|
name: zync |
|
spec: |
|
ports: |
|
- name: 8080-tcp |
|
port: 8080 |
|
protocol: TCP |
|
targetPort: 8080 |
|
selector: |
|
deploymentConfig: zync |
|
status: |
|
loadBalancer: {} |
|
- apiVersion: v1 |
|
kind: Service |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: zync |
|
3scale.component-element: database |
|
app: ${APP_LABEL} |
|
name: zync-database |
|
spec: |
|
ports: |
|
- name: postgresql |
|
port: 5432 |
|
protocol: TCP |
|
targetPort: 5432 |
|
selector: |
|
deploymentConfig: zync-database |
|
status: |
|
loadBalancer: {} |
|
- apiVersion: v1 |
|
kind: Secret |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: zync |
|
app: ${APP_LABEL} |
|
name: zync |
|
stringData: |
|
DATABASE_URL: postgresql://zync:${ZYNC_DATABASE_PASSWORD}@zync-database:5432/zync_production |
|
SECRET_KEY_BASE: ${ZYNC_SECRET_KEY_BASE} |
|
ZYNC_AUTHENTICATION_TOKEN: ${ZYNC_AUTHENTICATION_TOKEN} |
|
ZYNC_DATABASE_PASSWORD: ${ZYNC_DATABASE_PASSWORD} |
|
type: Opaque |
|
- apiVersion: apps.openshift.io/v1 |
|
kind: DeploymentConfig |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: apicast |
|
3scale.component-element: staging |
|
app: ${APP_LABEL} |
|
name: apicast-staging |
|
spec: |
|
replicas: 1 |
|
selector: |
|
deploymentConfig: apicast-staging |
|
strategy: |
|
resources: {} |
|
rollingParams: |
|
intervalSeconds: 1 |
|
maxSurge: 25% |
|
maxUnavailable: 25% |
|
timeoutSeconds: 1800 |
|
updatePeriodSeconds: 1 |
|
type: Rolling |
|
template: |
|
metadata: |
|
annotations: |
|
prometheus.io/port: "9421" |
|
prometheus.io/scrape: "true" |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: apicast |
|
3scale.component-element: staging |
|
app: ${APP_LABEL} |
|
deploymentConfig: apicast-staging |
|
spec: |
|
containers: |
|
- env: |
|
- name: THREESCALE_PORTAL_ENDPOINT |
|
valueFrom: |
|
secretKeyRef: |
|
key: PROXY_CONFIGS_ENDPOINT |
|
name: system-master-apicast |
|
- name: BACKEND_ENDPOINT_OVERRIDE |
|
valueFrom: |
|
secretKeyRef: |
|
key: service_endpoint |
|
name: backend-listener |
|
- name: APICAST_MANAGEMENT_API |
|
valueFrom: |
|
configMapKeyRef: |
|
key: APICAST_MANAGEMENT_API |
|
name: apicast-environment |
|
- name: OPENSSL_VERIFY |
|
valueFrom: |
|
configMapKeyRef: |
|
key: OPENSSL_VERIFY |
|
name: apicast-environment |
|
- name: APICAST_RESPONSE_CODES |
|
valueFrom: |
|
configMapKeyRef: |
|
key: APICAST_RESPONSE_CODES |
|
name: apicast-environment |
|
- name: APICAST_CONFIGURATION_LOADER |
|
value: lazy |
|
- name: APICAST_CONFIGURATION_CACHE |
|
value: "0" |
|
- name: THREESCALE_DEPLOYMENT_ENV |
|
value: staging |
|
- name: REDIS_URL |
|
valueFrom: |
|
secretKeyRef: |
|
key: STAGING_URL |
|
name: apicast-redis |
|
image: amp-apicast:latest |
|
imagePullPolicy: IfNotPresent |
|
livenessProbe: |
|
httpGet: |
|
path: /status/live |
|
port: 8090 |
|
initialDelaySeconds: 10 |
|
periodSeconds: 10 |
|
timeoutSeconds: 5 |
|
name: apicast-staging |
|
ports: |
|
- containerPort: 8080 |
|
protocol: TCP |
|
- containerPort: 8090 |
|
protocol: TCP |
|
- containerPort: 9421 |
|
name: metrics |
|
protocol: TCP |
|
readinessProbe: |
|
httpGet: |
|
path: /status/ready |
|
port: 8090 |
|
initialDelaySeconds: 15 |
|
periodSeconds: 30 |
|
timeoutSeconds: 5 |
|
resources: {} |
|
serviceAccountName: amp |
|
test: false |
|
triggers: |
|
- type: ConfigChange |
|
- imageChangeParams: |
|
automatic: true |
|
containerNames: |
|
- apicast-staging |
|
from: |
|
kind: ImageStreamTag |
|
name: amp-apicast:latest |
|
type: ImageChange |
|
status: |
|
availableReplicas: 0 |
|
latestVersion: 0 |
|
observedGeneration: 0 |
|
replicas: 0 |
|
unavailableReplicas: 0 |
|
updatedReplicas: 0 |
|
- apiVersion: apps.openshift.io/v1 |
|
kind: DeploymentConfig |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: apicast |
|
3scale.component-element: production |
|
app: ${APP_LABEL} |
|
name: apicast-production |
|
spec: |
|
replicas: 1 |
|
selector: |
|
deploymentConfig: apicast-production |
|
strategy: |
|
resources: {} |
|
rollingParams: |
|
intervalSeconds: 1 |
|
maxSurge: 25% |
|
maxUnavailable: 25% |
|
timeoutSeconds: 1800 |
|
updatePeriodSeconds: 1 |
|
type: Rolling |
|
template: |
|
metadata: |
|
annotations: |
|
prometheus.io/port: "9421" |
|
prometheus.io/scrape: "true" |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: apicast |
|
3scale.component-element: production |
|
app: ${APP_LABEL} |
|
deploymentConfig: apicast-production |
|
spec: |
|
containers: |
|
- env: |
|
- name: THREESCALE_PORTAL_ENDPOINT |
|
valueFrom: |
|
secretKeyRef: |
|
key: PROXY_CONFIGS_ENDPOINT |
|
name: system-master-apicast |
|
- name: BACKEND_ENDPOINT_OVERRIDE |
|
valueFrom: |
|
secretKeyRef: |
|
key: service_endpoint |
|
name: backend-listener |
|
- name: APICAST_MANAGEMENT_API |
|
valueFrom: |
|
configMapKeyRef: |
|
key: APICAST_MANAGEMENT_API |
|
name: apicast-environment |
|
- name: OPENSSL_VERIFY |
|
valueFrom: |
|
configMapKeyRef: |
|
key: OPENSSL_VERIFY |
|
name: apicast-environment |
|
- name: APICAST_RESPONSE_CODES |
|
valueFrom: |
|
configMapKeyRef: |
|
key: APICAST_RESPONSE_CODES |
|
name: apicast-environment |
|
- name: APICAST_CONFIGURATION_LOADER |
|
value: boot |
|
- name: APICAST_CONFIGURATION_CACHE |
|
value: "300" |
|
- name: THREESCALE_DEPLOYMENT_ENV |
|
value: production |
|
- name: REDIS_URL |
|
valueFrom: |
|
secretKeyRef: |
|
key: PRODUCTION_URL |
|
name: apicast-redis |
|
image: amp-apicast:latest |
|
imagePullPolicy: IfNotPresent |
|
livenessProbe: |
|
httpGet: |
|
path: /status/live |
|
port: 8090 |
|
initialDelaySeconds: 10 |
|
periodSeconds: 10 |
|
timeoutSeconds: 5 |
|
name: apicast-production |
|
ports: |
|
- containerPort: 8080 |
|
protocol: TCP |
|
- containerPort: 8090 |
|
protocol: TCP |
|
- containerPort: 9421 |
|
name: metrics |
|
protocol: TCP |
|
readinessProbe: |
|
httpGet: |
|
path: /status/ready |
|
port: 8090 |
|
initialDelaySeconds: 15 |
|
periodSeconds: 30 |
|
timeoutSeconds: 5 |
|
resources: {} |
|
initContainers: |
|
- command: |
|
- sh |
|
- -c |
|
- until $(curl --output /dev/null --silent --fail --head http://system-master:3000/status); |
|
do sleep $SLEEP_SECONDS; done |
|
env: |
|
- name: SLEEP_SECONDS |
|
value: "1" |
|
image: amp-apicast:latest |
|
name: system-master-svc |
|
resources: {} |
|
serviceAccountName: amp |
|
test: false |
|
triggers: |
|
- type: ConfigChange |
|
- imageChangeParams: |
|
automatic: true |
|
containerNames: |
|
- system-master-svc |
|
- apicast-production |
|
from: |
|
kind: ImageStreamTag |
|
name: amp-apicast:latest |
|
type: ImageChange |
|
status: |
|
availableReplicas: 0 |
|
latestVersion: 0 |
|
observedGeneration: 0 |
|
replicas: 0 |
|
unavailableReplicas: 0 |
|
updatedReplicas: 0 |
|
- apiVersion: v1 |
|
kind: Service |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: apicast |
|
3scale.component-element: staging |
|
app: ${APP_LABEL} |
|
name: apicast-staging |
|
spec: |
|
ports: |
|
- name: gateway |
|
port: 8080 |
|
protocol: TCP |
|
targetPort: 8080 |
|
- name: management |
|
port: 8090 |
|
protocol: TCP |
|
targetPort: 8090 |
|
selector: |
|
deploymentConfig: apicast-staging |
|
status: |
|
loadBalancer: {} |
|
- apiVersion: v1 |
|
kind: Service |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: apicast |
|
3scale.component-element: production |
|
app: ${APP_LABEL} |
|
name: apicast-production |
|
spec: |
|
ports: |
|
- name: gateway |
|
port: 8080 |
|
protocol: TCP |
|
targetPort: 8080 |
|
- name: management |
|
port: 8090 |
|
protocol: TCP |
|
targetPort: 8090 |
|
selector: |
|
deploymentConfig: apicast-production |
|
status: |
|
loadBalancer: {} |
|
- apiVersion: route.openshift.io/v1 |
|
kind: Route |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: apicast |
|
3scale.component-element: staging |
|
app: ${APP_LABEL} |
|
name: api-apicast-staging |
|
spec: |
|
host: api-${TENANT_NAME}-apicast-staging.${WILDCARD_DOMAIN} |
|
port: |
|
targetPort: gateway |
|
tls: |
|
insecureEdgeTerminationPolicy: Allow |
|
termination: edge |
|
to: |
|
kind: Service |
|
name: apicast-staging |
|
weight: null |
|
status: |
|
ingress: null |
|
- apiVersion: route.openshift.io/v1 |
|
kind: Route |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: apicast |
|
3scale.component-element: production |
|
app: ${APP_LABEL} |
|
name: api-apicast-production |
|
spec: |
|
host: api-${TENANT_NAME}-apicast-production.${WILDCARD_DOMAIN} |
|
port: |
|
targetPort: gateway |
|
tls: |
|
insecureEdgeTerminationPolicy: Allow |
|
termination: edge |
|
to: |
|
kind: Service |
|
name: apicast-production |
|
weight: null |
|
status: |
|
ingress: null |
|
- apiVersion: v1 |
|
data: |
|
APICAST_MANAGEMENT_API: ${APICAST_MANAGEMENT_API} |
|
APICAST_RESPONSE_CODES: ${APICAST_RESPONSE_CODES} |
|
OPENSSL_VERIFY: ${APICAST_OPENSSL_VERIFY} |
|
kind: ConfigMap |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: apicast |
|
app: ${APP_LABEL} |
|
name: apicast-environment |
|
- apiVersion: v1 |
|
kind: Secret |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: apicast |
|
app: ${APP_LABEL} |
|
name: apicast-redis |
|
stringData: |
|
PRODUCTION_URL: redis://system-redis:6379/${SYSTEM_REDIS_DB_NUMBER_PRODUCTION} |
|
STAGING_URL: redis://system-redis:6379/${SYSTEM_REDIS_DB_NUMBER_STAGING} |
|
type: Opaque |
|
- apiVersion: apps.openshift.io/v1 |
|
kind: DeploymentConfig |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: apicast |
|
3scale.component-element: wildcard-router |
|
app: ${APP_LABEL} |
|
name: apicast-wildcard-router |
|
spec: |
|
replicas: 1 |
|
selector: |
|
deploymentConfig: apicast-wildcard-router |
|
strategy: |
|
resources: {} |
|
rollingParams: |
|
intervalSeconds: 1 |
|
maxSurge: 25% |
|
maxUnavailable: 25% |
|
timeoutSeconds: 1800 |
|
updatePeriodSeconds: 1 |
|
type: Rolling |
|
template: |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: apicast |
|
3scale.component-element: wildcard-router |
|
app: ${APP_LABEL} |
|
deploymentConfig: apicast-wildcard-router |
|
spec: |
|
containers: |
|
- env: |
|
- name: API_HOST |
|
valueFrom: |
|
secretKeyRef: |
|
key: BASE_URL |
|
name: system-master-apicast |
|
image: amp-wildcard-router:latest |
|
imagePullPolicy: IfNotPresent |
|
livenessProbe: |
|
initialDelaySeconds: 30 |
|
periodSeconds: 10 |
|
tcpSocket: |
|
port: http |
|
name: apicast-wildcard-router |
|
ports: |
|
- containerPort: 8080 |
|
name: http |
|
protocol: TCP |
|
resources: {} |
|
serviceAccountName: amp |
|
test: false |
|
triggers: |
|
- type: ConfigChange |
|
- imageChangeParams: |
|
automatic: true |
|
containerNames: |
|
- apicast-wildcard-router |
|
from: |
|
kind: ImageStreamTag |
|
name: amp-wildcard-router:latest |
|
type: ImageChange |
|
status: |
|
availableReplicas: 0 |
|
latestVersion: 0 |
|
observedGeneration: 0 |
|
replicas: 0 |
|
unavailableReplicas: 0 |
|
updatedReplicas: 0 |
|
- apiVersion: v1 |
|
kind: Service |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: apicast |
|
3scale.component-element: wildcard-router |
|
app: ${APP_LABEL} |
|
name: apicast-wildcard-router |
|
spec: |
|
ports: |
|
- name: http |
|
port: 8080 |
|
protocol: TCP |
|
targetPort: http |
|
selector: |
|
deploymentConfig: apicast-wildcard-router |
|
status: |
|
loadBalancer: {} |
|
- apiVersion: route.openshift.io/v1 |
|
kind: Route |
|
metadata: |
|
creationTimestamp: null |
|
labels: |
|
3scale.component: apicast |
|
3scale.component-element: wildcard-router |
|
app: ${APP_LABEL} |
|
name: apicast-wildcard-router |
|
spec: |
|
host: apicast-wildcard.${WILDCARD_DOMAIN} |
|
port: |
|
targetPort: http |
|
tls: |
|
insecureEdgeTerminationPolicy: Allow |
|
termination: edge |
|
to: |
|
kind: Service |
|
name: apicast-wildcard-router |
|
weight: null |
|
wildcardPolicy: ${WILDCARD_POLICY} |
|
status: |
|
ingress: null |
|
parameters: |
|
- description: AMP release tag. |
|
name: AMP_RELEASE |
|
required: true |
|
value: 2.4.0 |
|
- description: Used for object app labels |
|
name: APP_LABEL |
|
required: true |
|
value: 3scale-api-management |
|
- description: Tenant name under the root that Admin UI will be available with -admin |
|
suffix. |
|
name: TENANT_NAME |
|
required: true |
|
value: 3scale |
|
- description: The Storage Class to be used by ReadWriteMany PVCs |
|
name: RWX_STORAGE_CLASS |
|
value: "null" |
|
- name: AMP_BACKEND_IMAGE |
|
required: true |
|
value: quay.io/3scale/apisonator:nightly |
|
- name: AMP_ZYNC_IMAGE |
|
required: true |
|
value: quay.io/3scale/zync:nightly |
|
- name: AMP_APICAST_IMAGE |
|
required: true |
|
value: quay.io/3scale/apicast:nightly |
|
- name: AMP_ROUTER_IMAGE |
|
required: true |
|
value: quay.io/3scale/wildcard-router:nightly |
|
- name: AMP_SYSTEM_IMAGE |
|
required: true |
|
value: quay.io/3scale/porta:nightly |
|
- description: Postgresql image to use |
|
name: POSTGRESQL_IMAGE |
|
required: true |
|
value: registry.access.redhat.com/rhscl/postgresql-95-rhel7:9.5 |
|
- description: Mysql image to use |
|
name: MYSQL_IMAGE |
|
required: true |
|
value: registry.access.redhat.com/rhscl/mysql-57-rhel7:5.7 |
|
- description: Set to true if the server may bypass certificate verification or connect |
|
directly over HTTP during image import. |
|
name: IMAGESTREAM_TAG_IMPORT_INSECURE |
|
required: true |
|
value: "false" |
|
- description: Redis image to use |
|
name: REDIS_IMAGE |
|
required: true |
|
value: registry.access.redhat.com/rhscl/redis-32-rhel7:3.2 |
|
- description: Username for MySQL user that will be used for accessing the database. |
|
displayName: MySQL User |
|
name: MYSQL_USER |
|
required: true |
|
value: mysql |
|
- description: Password for the MySQL user. |
|
displayName: MySQL Password |
|
from: '[a-z0-9]{8}' |
|
generate: expression |
|
name: MYSQL_PASSWORD |
|
required: true |
|
- description: Name of the MySQL database accessed. |
|
displayName: MySQL Database Name |
|
name: MYSQL_DATABASE |
|
required: true |
|
value: system |
|
- description: Password for Root user. |
|
displayName: MySQL Root password. |
|
from: '[a-z0-9]{8}' |
|
generate: expression |
|
name: MYSQL_ROOT_PASSWORD |
|
required: true |
|
- description: Internal 3scale API username for internal 3scale api auth. |
|
name: SYSTEM_BACKEND_USERNAME |
|
required: true |
|
value: 3scale_api_user |
|
- description: Internal 3scale API password for internal 3scale api auth. |
|
from: '[a-z0-9]{8}' |
|
generate: expression |
|
name: SYSTEM_BACKEND_PASSWORD |
|
required: true |
|
- description: Shared secret to import events from backend to system. |
|
from: '[a-z0-9]{8}' |
|
generate: expression |
|
name: SYSTEM_BACKEND_SHARED_SECRET |
|
required: true |
|
- description: System application secret key base |
|
from: '[a-f0-9]{128}' |
|
generate: expression |
|
name: SYSTEM_APP_SECRET_KEY_BASE |
|
required: true |
|
- from: '[a-z0-9]{8}' |
|
generate: expression |
|
name: ADMIN_PASSWORD |
|
required: true |
|
- name: ADMIN_USERNAME |
|
required: true |
|
value: admin |
|
- description: Admin Access Token with all scopes and write permissions for API access. |
|
from: '[a-z0-9]{16}' |
|
generate: expression |
|
name: ADMIN_ACCESS_TOKEN |
|
- description: The root name which Master Admin UI will be available at. |
|
name: MASTER_NAME |
|
required: true |
|
value: master |
|
- name: MASTER_USER |
|
required: true |
|
value: master |
|
- from: '[a-z0-9]{8}' |
|
generate: expression |
|
name: MASTER_PASSWORD |
|
required: true |
|
- from: '[a-z0-9]{8}' |
|
generate: expression |
|
name: MASTER_ACCESS_TOKEN |
|
required: true |
|
- description: reCAPTCHA site key (used in spam protection) |
|
name: RECAPTCHA_PUBLIC_KEY |
|
- description: reCAPTCHA secret key (used in spam protection) |
|
name: RECAPTCHA_PRIVATE_KEY |
|
- description: Password for the PostgreSQL connection user. |
|
displayName: PostgreSQL Connection Password |
|
from: '[a-zA-Z0-9]{16}' |
|
generate: expression |
|
name: ZYNC_DATABASE_PASSWORD |
|
required: true |
|
- from: '[a-zA-Z0-9]{16}' |
|
generate: expression |
|
name: ZYNC_SECRET_KEY_BASE |
|
required: true |
|
- from: '[a-zA-Z0-9]{16}' |
|
generate: expression |
|
name: ZYNC_AUTHENTICATION_TOKEN |
|
required: true |
|
- description: Read Only Access Token that is APIcast going to use to download its |
|
configuration. |
|
from: '[a-z0-9]{8}' |
|
generate: expression |
|
name: APICAST_ACCESS_TOKEN |
|
required: true |
|
- description: Scope of the APIcast Management API. Can be disabled, status or debug. |
|
At least status required for health checks. |
|
name: APICAST_MANAGEMENT_API |
|
value: status |
|
- description: Turn on/off the OpenSSL peer verification when downloading the configuration. |
|
Can be set to true/false. |
|
name: APICAST_OPENSSL_VERIFY |
|
value: "false" |
|
- description: Enable logging response codes in APIcast. |
|
name: APICAST_RESPONSE_CODES |
|
value: "true" |
|
- description: The URL to point to APIcast policies registry management |
|
name: APICAST_REGISTRY_URL |
|
required: true |
|
value: http://apicast-staging:8090/policies |
|
- description: Root domain for the wildcard routes. Eg. example.com will generate |
|
3scale-admin.example.com. |
|
name: WILDCARD_DOMAIN |
|
required: true |
|
- description: Use "Subdomain" to create a wildcard route for apicast wildcard router |
|
name: WILDCARD_POLICY |
|
required: true |
|
value: None |
|
- description: Redis Database name for system |
|
name: SYSTEM_REDIS_DB_NUMBER_PRODUCTION |
|
required: true |
|
value: "1" |
|
- description: Redis Database name for system |
|
name: SYSTEM_REDIS_DB_NUMBER_STAGING |
|
required: true |
|
value: "2" |
|
- description: Redis Database name for backend queues |
|
name: BACKEND_REDIS_DB_NUMBER_QUEUES |
|
required: true |
|
value: "3" |
|
- description: Redis Database name for backend storage |
|
name: BACKEND_REDIS_DB_NUMBER_STORAGE |
|
required: true |
|
value: "4" |
Hi,
I am facing below error:
Downloading ISO 'https://github.com/minishift/minishift-centos-iso/releases/download/v1.15.0/minishift-centos7.iso'
355.00 MiB / 355.00 MiB [========================================================================================================================================================================================================================================] 100.00% 0s
-- Starting Minishift VM ....................... FAIL E0911 18:08:27.021835 16784 start.go:494] Error starting the VM: Error creating the VM. Error creating machine: Error in driver during machine creation: exit status 1. Retrying.
Error starting the VM: Error creating the VM. Error creating machine: Error in driver during machine creation: exit status 1
can you please help me on it.
Thanks and Regards
Atul Sareen