Skip to content

Commit

Permalink
Openshift template example
Browse files Browse the repository at this point in the history
  • Loading branch information
@pedroigor @stianst
pedroigor authored and stianst committed Mar 30, 2020
1 parent b53b663 commit 9a6e66c
Showing 1 changed file with 134 additions and 0 deletions.
134 changes: 134 additions & 0 deletions openshift-examples/keycloak.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,134 @@
kind: Template
apiVersion: template.openshift.io/v1
metadata:
name: keycloak
namespace: openshift-config
annotations:
description: An example Keycloak server with HTTPS
iconClass: icon-sso
openshift.io/display-name: Keycloak
tags: keycloak
version: 9.0.4-SNAPSHOT
objects:
- apiVersion: v1
kind: Service
metadata:
annotations:
description: The web server's https port.
labels:
application: '${APPLICATION_NAME}'
name: '${APPLICATION_NAME}'
spec:
ports:
- port: 8443
targetPort: 8443
selector:
deploymentConfig: '${APPLICATION_NAME}'
- apiVersion: v1
id: '${APPLICATION_NAME}'
kind: Route
metadata:
annotations:
description: Route for application's https service.
labels:
application: '${APPLICATION_NAME}'
name: '${APPLICATION_NAME}'
spec:
host: '${HOSTNAME_HTTPS}'
tls:
termination: passthrough
to:
name: '${APPLICATION_NAME}'
- apiVersion: v1
kind: DeploymentConfig
metadata:
labels:
application: '${APPLICATION_NAME}'
name: '${APPLICATION_NAME}'
spec:
replicas: 1
selector:
deploymentConfig: '${APPLICATION_NAME}'
strategy:
type: Recreate
template:
metadata:
labels:
application: '${APPLICATION_NAME}'
deploymentConfig: '${APPLICATION_NAME}'
name: '${APPLICATION_NAME}'
spec:
containers:
- env:
- name: KEYCLOAK_USER
value: '${KEYCLOAK_USER}'
- name: KEYCLOAK_PASSWORD
value: '${KEYCLOAK_PASSWORD}'
- name: DB_VENDOR
value: '${DB_VENDOR}'
- name: JGROUPS_DISCOVERY_PROTOCOL
value: dns.DNS_PING
- name: JGROUPS_DISCOVERY_PROPERTIES
value: 'dns_query=${APPLICATION_NAME}.${NAMESPACE}.svc.cluster.local'
image: 'quay.io/keycloak/keycloak:latest'
livenessProbe:
failureThreshold: 3
httpGet:
path: /auth/realms/master
port: 8080
scheme: HTTP
initialDelaySeconds: 60
name: '${APPLICATION_NAME}'
ports:
- containerPort: 8080
protocol: TCP
- containerPort: 8443
name: https
protocol: TCP
readinessProbe:
failureThreshold: 10
httpGet:
path: /auth/realms/master
port: 8080
scheme: HTTP
initialDelaySeconds: 30
securityContext:
privileged: false
triggers:
- type: ConfigChange
parameters:
- name: APPLICATION_NAME
displayName: Application Name
description: The name for the application.
value: keycloak
required: true
- name: KEYCLOAK_USER
displayName: Keycloak Administrator Username
description: Keycloak Server administrator username
generate: expression
from: '[a-zA-Z0-9]{8}'
required: true
- name: KEYCLOAK_PASSWORD
displayName: Keycloak Administrator Password
description: Keycloak Server administrator password
generate: expression
from: '[a-zA-Z0-9]{8}'
required: true
- name: DB_VENDOR
displayName: DB Vendor
description: 'DB vendor (H2, POSTGRES, MYSQL or MARIADB)'
value: H2
required: true
- name: HOSTNAME_HTTPS
displayName: Custom https Route Hostname
description: >-
Custom hostname for https service route. Leave blank for default hostname,
e.g.: <application-name>-<namespace>.<default-domain-suffix>
- name: NAMESPACE
displayName: Namespace used for DNS discovery
description: >-
This namespace is a part of DNS query sent to Kubernetes API. This query
allows the DNS_PING protocol to extract cluster members. This parameter
might be removed once https://issues.jboss.org/browse/JGRP-2292 is
implemented.
required: true

0 comments on commit 9a6e66c

Please sign in to comment.