From 009516f18eb2768d141e851214ed4057736bd01a Mon Sep 17 00:00:00 2001 From: Michael Olund Date: Fri, 11 Sep 2020 11:25:03 -0700 Subject: [PATCH] Added clamav and redis openshift templates --- openshift/templates/clamav/clamav-build.json | 88 +++++++++ openshift/templates/clamav/clamav-deploy.json | 182 ++++++++++++++++++ openshift/templates/redis/redis-deploy.yaml | 171 ++++++++++++++++ 3 files changed, 441 insertions(+) create mode 100644 openshift/templates/clamav/clamav-build.json create mode 100644 openshift/templates/clamav/clamav-deploy.json create mode 100644 openshift/templates/redis/redis-deploy.yaml diff --git a/openshift/templates/clamav/clamav-build.json b/openshift/templates/clamav/clamav-build.json new file mode 100644 index 00000000..5277a966 --- /dev/null +++ b/openshift/templates/clamav/clamav-build.json @@ -0,0 +1,88 @@ +{ + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "name": "clamav", + "creationTimestamp": null + }, + "objects": [ + { + "kind": "ImageStream", + "apiVersion": "v1", + "metadata": { + "name": "${NAME}" + } + }, + { + "kind": "BuildConfig", + "apiVersion": "v1", + "metadata": { + "name": "${NAME}-build", + "creationTimestamp": null, + "labels": { + "app": "${NAME}" + } + }, + "spec": { + "runPolicy": "Serial", + "completionDeadlineSeconds": 1800, + "triggers": [ + { + "type": "ImageChange" + } + ], + "source": { + "type": "Git", + "git": { + "uri": "${GIT_SOURCE_URL}" + } + }, + "strategy": { + "type": "Docker", + "dockerStrategy": { + "from": { + "kind": "ImageStreamTag", + "name": "base-centos7:latest", + "namespace": "openshift" + } + } + }, + "output": { + "to": { + "kind": "ImageStreamTag", + "name": "${NAME}:latest" + } + }, + "resources": { + "requests": { + "cpu": "100m", + "memory": "2Gi" + }, + "limits": { + "cpu": "1", + "memory": "4Gi" + } + } + }, + "status": { + "lastVersion": 0 + } + } + ], + "parameters": [ + { + "name": "NAME", + "displayName": "Name", + "description": "The name assigned to all of the objects defined in this template.", + "required": true, + "value": "clamav" + }, + { + "name": "GIT_SOURCE_URL", + "displayName": "GIT Source Repo URL", + "description": "A GIT URL to your source code.", + "required": true, + "value": "https://github.com/bcgov/clamav.git" + } + ] +} diff --git a/openshift/templates/clamav/clamav-deploy.json b/openshift/templates/clamav/clamav-deploy.json new file mode 100644 index 00000000..a4565f20 --- /dev/null +++ b/openshift/templates/clamav/clamav-deploy.json @@ -0,0 +1,182 @@ +{ + "apiVersion": "v1", + "kind": "Template", + "metadata": { + "annotations": { + "description": "Deployment template for a clamav", + "tags": "clamd,av" + }, + "name": "clamd" + }, + "objects": [ + { + "apiVersion": "v1", + "kind": "DeploymentConfig", + "metadata": { + "creationTimestamp": null, + "labels": { + "app": "${NAME}" + }, + "name": "${NAME}" + }, + "spec": { + "replicas": 1, + "selector": { + "app": "${NAME}", + "deploymentconfig": "${NAME}" + }, + "strategy": { + "rollingParams": { + "intervalSeconds": 1, + "maxSurge": "25%", + "maxUnavailable": "25%", + "timeoutSeconds": 600, + "updatePeriodSeconds": 1 + }, + "type": "Rolling" + }, + "template": { + "metadata": { + "creationTimestamp": null, + "labels": { + "app": "${NAME}", + "deploymentconfig": "${NAME}" + } + }, + "spec": { + "containers": [ + { + "image": "${NAME}", + "imagePullPolicy": "Always", + "name": "${NAME}", + "ports": [ + { + "containerPort": 3310, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "RealIpFrom", + "value": "${REAL_IP_FROM}" + }, + { + "name": "AdditionalRealIpFromRules", + "value": "${AdditionalRealIpFromRules}" + }, + { + "name": "IpFilterRules", + "value": "${IpFilterRules}" + } + ], + "resources": { + "requests": { + "cpu": "10m", + "memory": "100Mi" + }, + "limits": { + "cpu": "500m", + "memory": "1Gi" + } + }, + "livenessProbe": { + "tcpSocket": { + "port": 3310 + }, + "initialDelaySeconds": 240, + "timeoutSeconds": 3, + "periodSeconds": 10, + "successThreshold": 1, + "failureThreshold": 3 + }, + "readinessProbe": { + "tcpSocket": { + "port": 3310 + }, + "initialDelaySeconds": 240, + "timeoutSeconds": 3, + "periodSeconds": 10, + "successThreshold": 1, + "failureThreshold": 3 + } + } + ], + "dnsPolicy": "ClusterFirst", + "restartPolicy": "Always", + "securityContext": {}, + "terminationGracePeriodSeconds": 30 + } + }, + "test": false, + "triggers": [ + { + "type": "ConfigChange" + }, + { + "type": "ImageChange", + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "${NAME}" + ], + "from": { + "kind": "ImageStreamTag", + "namespace": "${IMAGE_NAMESPACE}", + "name": "${NAME}:${TAG_NAME}" + } + } + } + ] + } + }, + { + "apiVersion": "v1", + "kind": "Service", + "metadata": { + "creationTimestamp": null, + "labels": { + "app": "${NAME}" + }, + "name": "${NAME}" + }, + "spec": { + "ports": [ + { + "name": "3310-tcp", + "port": 3310, + "protocol": "TCP", + "targetPort": 3310 + } + ], + "selector": { + "app": "${NAME}", + "deploymentconfig": "${NAME}" + }, + "sessionAffinity": "None", + "type": "ClusterIP" + } + } + ], + "parameters": [ + { + "description": "The name assigned to all of the openshift objects defined in this template. It is also the name of runtime image you want.", + "displayName": "Name", + "name": "NAME", + "required": true, + "value": "clamav" + }, + { + "description": "The namespace where to get the above image name", + "displayName": "Image Namespace", + "name": "IMAGE_NAMESPACE", + "required": true, + "value": "jag-csb-edivorce-tools" + }, + { + "description": "The TAG name for this environment, e.g., dev, test, prod", + "displayName": "Env TAG name", + "name": "TAG_NAME", + "value": "dev" + } + ] +} \ No newline at end of file diff --git a/openshift/templates/redis/redis-deploy.yaml b/openshift/templates/redis/redis-deploy.yaml new file mode 100644 index 00000000..8e6b3a4a --- /dev/null +++ b/openshift/templates/redis/redis-deploy.yaml @@ -0,0 +1,171 @@ +apiVersion: template.openshift.io/v1 +kind: Template +labels: + template: redis-persistent-template +message: |- + The following service(s) have been created in your project: ${DATABASE_SERVICE_NAME}. + + Password: ${REDIS_PASSWORD} + Connection URL: redis://${DATABASE_SERVICE_NAME}:6379/ + + For more information about using this template, including OpenShift considerations, see https://github.com/sclorg/redis-container/blob/master/3.2. +metadata: + annotations: + description: |- + Redis in-memory data structure store, with persistent storage. For more information about using this template, including OpenShift considerations, see https://github.com/sclorg/redis-container/blob/master/3.2. + + NOTE: You must have persistent volumes available in your cluster to use this template. + iconClass: icon-redis + openshift.io/display-name: Redis + openshift.io/documentation-url: https://github.com/sclorg/redis-container/tree/master/3.2 + openshift.io/long-description: This template provides a standalone Redis server. The + data is stored on persistent storage. + openshift.io/provider-display-name: Red Hat, Inc. + openshift.io/support-url: https://access.redhat.com + tags: database,redis + creationTimestamp: null + name: redis-persistent + selfLink: /apis/template.openshift.io/v1/namespaces/openshift/templates/redis-persistent +objects: +- apiVersion: v1 + kind: Secret + metadata: + annotations: + template.openshift.io/expose-password: '{.data[''database-password'']}' + name: ${DATABASE_SERVICE_NAME} + stringData: + database-password: ${REDIS_PASSWORD} +- apiVersion: v1 + kind: Service + metadata: + annotations: + template.openshift.io/expose-uri: redis://{.spec.clusterIP}:{.spec.ports[?(.name=="redis")].port} + name: ${DATABASE_SERVICE_NAME} + spec: + ports: + - name: redis + nodePort: 0 + port: 6379 + protocol: TCP + targetPort: 6379 + selector: + name: ${DATABASE_SERVICE_NAME} + sessionAffinity: None + type: ClusterIP + status: + loadBalancer: {} +- apiVersion: v1 + kind: PersistentVolumeClaim + metadata: + name: ${DATABASE_SERVICE_NAME} + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: ${VOLUME_CAPACITY} +- apiVersion: v1 + kind: DeploymentConfig + metadata: + annotations: + template.alpha.openshift.io/wait-for-ready: "true" + name: ${DATABASE_SERVICE_NAME} + spec: + replicas: 1 + selector: + name: ${DATABASE_SERVICE_NAME} + strategy: + type: Recreate + template: + metadata: + labels: + name: ${DATABASE_SERVICE_NAME} + spec: + containers: + - capabilities: {} + env: + - name: REDIS_PASSWORD + valueFrom: + secretKeyRef: + key: database-password + name: ${DATABASE_SERVICE_NAME} + image: ' ' + imagePullPolicy: IfNotPresent + livenessProbe: + initialDelaySeconds: 30 + tcpSocket: + port: 6379 + timeoutSeconds: 1 + name: redis + ports: + - containerPort: 6379 + protocol: TCP + readinessProbe: + exec: + command: + - /bin/sh + - -i + - -c + - test "$(redis-cli -h 127.0.0.1 -a $REDIS_PASSWORD ping)" == "PONG" + initialDelaySeconds: 5 + timeoutSeconds: 1 + resources: + limits: + memory: ${MEMORY_LIMIT} + securityContext: + capabilities: {} + privileged: false + terminationMessagePath: /dev/termination-log + volumeMounts: + - mountPath: /var/lib/redis/data + name: ${DATABASE_SERVICE_NAME}-data + dnsPolicy: ClusterFirst + restartPolicy: Always + volumes: + - name: ${DATABASE_SERVICE_NAME}-data + persistentVolumeClaim: + claimName: ${DATABASE_SERVICE_NAME} + triggers: + - imageChangeParams: + automatic: true + containerNames: + - redis + from: + kind: ImageStreamTag + name: redis:${REDIS_VERSION} + namespace: ${NAMESPACE} + lastTriggeredImage: "" + type: ImageChange + - type: ConfigChange + status: {} +parameters: +- description: Maximum amount of memory the container can use. + displayName: Memory Limit + name: MEMORY_LIMIT + required: true + value: 512Mi +- description: The OpenShift Namespace where the ImageStream resides. + displayName: Namespace + name: NAMESPACE + value: openshift +- description: The name of the OpenShift Service exposed for the database. + displayName: Database Service Name + name: DATABASE_SERVICE_NAME + required: true + value: redis +- description: Password for the Redis connection user. + displayName: Redis Connection Password + from: '[a-zA-Z0-9]{16}' + generate: expression + name: REDIS_PASSWORD + required: true +- description: Volume space available for data, e.g. 512Mi, 2Gi. + displayName: Volume Capacity + name: VOLUME_CAPACITY + required: true + value: 1Gi +- description: Version of Redis image to be used (3.2 or latest). + displayName: Version of Redis Image + name: REDIS_VERSION + required: true + value: "latest"