A production-ready monolithic Go application demonstrating OpenShift deployment with ConfigMaps, Secrets, Persistent Volumes, and Tekton CI/CD pipelines.
- Overview
- Features
- Architecture
- Prerequisites
- Project Structure
- Quick Start
- Local Development
- OpenShift Deployment
- CI/CD Pipeline
- API Endpoints
- Configuration Management
- Monitoring & Troubleshooting
- Screenshots
This project demonstrates a complete OpenShift deployment workflow for a Go-based monolithic application. It showcases:
- Container-native development with Podman/Docker
- OpenShift best practices for configuration management
- Persistent storage for application data
- Health checks and readiness probes
- Tekton CI/CD integration
- Security with non-root containers and secrets management
The application provides a web dashboard for monitoring system stats, writing data to persistent volumes, and demonstrating OpenShift's configuration injection capabilities.
- π¨ Modern Web Dashboard - Interactive UI with real-time statistics
- π Application Info API - Environment and configuration details
- πΎ Volume Write Operations - Persistent data storage demonstration
- β€οΈ Health Checks - Liveness and readiness probes
- π Statistics API - Runtime metrics (uptime, requests, memory)
- π Security - Non-root container execution (UID 1001)
- βοΈ ConfigMaps - Environment variables and configuration files
- π Secrets - Sensitive data management
- πΏ Persistent Volumes - Data persistence across pod restarts
- π Routes - External HTTPS access with TLS termination
- π Tekton Pipelines - Automated CI/CD workflows
- π¦ Multi-stage Builds - Optimized container images
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β OpenShift Cluster β
β β
β ββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β Namespace: romanyuvan-dev β β
β β β β
β β ββββββββββββββββββββββββββββββββββββββββββββββββ β β
β β β Route (TLS Edge) β β β
β β β podman-openshift.apps.cluster.example.com β β β
β β ββββββββββββββββββββ¬ββββββββββββββββββββββββββββ β β
β β β β β
β β ββββββββββββββββββββΌββββββββββββββββββββββββββββ β β
β β β Service: podman-openshift β β β
β β β Port: 80 β 8080 β β β
β β ββββββββββββββββββββ¬ββββββββββββββββββββββββββββ β β
β β β β β
β β ββββββββββββββββββββΌββββββββββββββββββββββββββββ β β
β β β Deployment: podman-openshift β β β
β β β β β β
β β β βββββββββββββββββββββββββββββββββββββββ β β β
β β β β Pod (UID 1001) β β β β
β β β β β β β β
β β β β Container: podman-openshift β β β β
β β β β Image: image-registry:5000/... β β β β
β β β β Port: 8080 β β β β
β β β β β β β β
β β β β Volume Mounts: β β β β
β β β β β’ /app/data β PVC (app-storage) β β β β
β β β β β’ /app/config.json β ConfigMap β β β β
β β β β β’ /app/.env β ConfigMap β β β β
β β β β β β β β
β β β β Environment: β β β β
β β β β β’ APP_NAME β ConfigMap β β β β
β β β β β’ APP_ENV β ConfigMap β β β β
β β β β β’ DB_USER β Secret β β β β
β β β βββββββββββββββββββββββββββββββββββββββββ β β β
β β ββββββββββββββββββββββββββββββββββββββββββββββββ β β
β β β β
β β Configuration Resources: β β
β β ββββββββββββββββββββββββββββββββββββββββββββββ β β
β β β ConfigMap: go-monolith-config β β β
β β β ConfigMap: go-monolith-env-file β β β
β β β ConfigMap: go-monolith-json-config β β β
β β β Secret: go-monolith-secrets β β β
β β β PVC: app-storage (1Gi) β β β
β β ββββββββββββββββββββββββββββββββββββββββββββββ β β
β ββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β
β ββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β Tekton Pipeline (CI/CD) β β
β β β’ Git Clone β Build β Push β Deploy β β
β ββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
- Go 1.23+
- Podman or Docker
- Git
- OpenShift 4.x cluster access
ocCLI tool installed and configured- Namespace/project created (e.g.,
romanyuvan-dev) - Registry access for pushing images
- Tekton Pipelines Operator installed
- Tekton CLI (
tkn) for pipeline management
podman-openshift/
βββ .tekton/
β βββ push.yaml # Tekton pipeline configuration
βββ openshift-config/
β βββ configmap.yaml # Environment variables
β βββ configmap-env.yaml # .env file as ConfigMap
β βββ configmap-json.yaml # config.json as ConfigMap
β βββ secret.yaml # Sensitive data
β βββ pvc.yaml # Persistent Volume Claim
β βββ deployment.yaml # Application deployment
β βββ service.yaml # Kubernetes service
β βββ route.yaml # OpenShift route
β βββ README.md # Deployment documentation
βββ openshift-go-monolith/
β βββ main.go # Go application code
β βββ Containerfile # Multi-stage container build
β βββ go.mod # Go dependencies
β βββ go.sum # Dependency checksums
β βββ .env # Local environment variables
β βββ config.json # Local configuration
β βββ DEPLOYMENT.md # Detailed deployment guide
β βββ static/
β β βββ index.html # Web dashboard UI
β βββ data/
β βββ log/ # Persistent data directory
βββ screenshots/ # Project screenshots
βββ README.md # This file
git clone <repository-url>
cd podman-openshiftcd openshift-go-monolith
# Install dependencies
go mod download
# Run locally
go run main.go
# Access the dashboard
# Open browser: http://localhost:8080# Using Podman
podman build -t podman-openshift:latest -f Containerfile .
# Using Docker
docker build -t podman-openshift:latest -f Containerfile .# Using Podman
podman run -p 8080:8080 \
-v $(pwd)/data:/app/data \
-e APP_NAME="Local Dev" \
-e APP_ENV="development" \
podman-openshift:latest
# Using Docker
docker run -p 8080:8080 \
-v $(pwd)/data:/app/data \
-e APP_NAME="Local Dev" \
-e APP_ENV="development" \
podman-openshift:latestcd openshift-go-monolith
# Set environment variables (optional)
export APP_NAME="My Local App"
export APP_ENV="development"
export DB_USER="local_user"
# Run the application
go run main.go# Health check
curl http://localhost:8080/health
# Application info
curl http://localhost:8080/api/info
# Statistics
curl http://localhost:8080/api/stats
# Write data to volume
curl -X POST http://localhost:8080/api/write- Hot reload: Use
airor similar tools for auto-restart - Logging: Detailed logs with timestamps and log levels
- Data persistence: Logs stored in
data/log/directory
oc login --server=https://api.cluster.example.com:6443
oc project romanyuvan-devcd openshift-go-monolith
# Build the image
podman build -t podman-openshift:latest -f Containerfile .
# Tag for OpenShift internal registry
podman tag podman-openshift:latest \
image-registry.openshift-image-registry.svc:5000/romanyuvan-dev/podman-openshift:latest
# Login to OpenShift registry
podman login -u $(oc whoami) -p $(oc whoami -t) \
default-route-openshift-image-registry.apps.cluster.example.com
# Push to registry
podman push image-registry.openshift-image-registry.svc:5000/romanyuvan-dev/podman-openshift:latestcd ../openshift-config
# Create ConfigMaps and Secrets
oc apply -f secret.yaml
oc apply -f configmap.yaml
oc apply -f configmap-env.yaml
oc apply -f configmap-json.yaml
# Create Persistent Volume Claim
oc apply -f pvc.yaml# Deploy the application
oc apply -f deployment.yaml
oc apply -f service.yaml
oc apply -f route.yaml
# Wait for deployment
oc rollout status deployment/podman-openshift# Get the route URL
oc get route podman-openshift -o jsonpath='{.spec.host}'
# Access in browser
echo "https://$(oc get route podman-openshift -o jsonpath='{.spec.host}')"
Successfully deployed application in OpenShift
cd openshift-config
oc apply -f .The project includes a Tekton pipeline configuration for automated builds and deployments.
Tekton CI/CD pipeline configuration
- Triggered on push to
masterbranch - Git repository cloning
- Automated build and test
- Keeps last 5 pipeline runs
# .tekton/push.yaml
- Trigger: Push to master branch
- Tasks:
1. fetch-repository: Clone Git repository
2. noop-task: Placeholder for build/test tasks# List pipeline runs
tkn pipelinerun list
# View logs
tkn pipelinerun logs -f <pipelinerun-name>
# Describe pipeline run
oc describe pipelinerun <pipelinerun-name>
Pipeline execution with task details
Build and deployment logs from pipeline
Edit .tekton/push.yaml to add:
- Build tasks
- Test execution
- Image building and pushing
- Deployment automation
Interactive web dashboard with real-time monitoring
Web dashboard interface
Response: HTML page with interactive controls
Application information and configuration
Response:
{
"app_name": "OpenShift Go Monolith",
"environment": "production",
"db_user": "app_user",
"version": "1.1.0",
"hostname": "podman-openshift-xxx-yyy",
"timestamp": "2026-03-05T10:30:00Z"
}
Application information endpoint response
Write data to persistent volume
Response:
β Data written to volume successfully
π File: 20260305-103000-log.txt
π’ Operation: #1
β° Timestamp: 2026-03-05T10:30:00Z
π Size: 1234 bytes
π Log directory: ./data/log
Successful write operation to persistent volume
Application runtime statistics
Response:
{
"uptime": "2h30m15s",
"total_requests": 142,
"write_operations": 5,
"go_version": "go1.23",
"goroutines": 8,
"memory_alloc_mb": 12,
"server_time": "2026-03-05T10:30:00Z"
}
Runtime statistics and performance metrics
Health check endpoint for probes
Response: OK (200 status)
Health check endpoint validation
ConfigMaps managing application configuration
# configmap.yaml
APP_NAME: "OpenShift Go Monolith"
APP_ENV: "production"# secret.yaml
DB_USER: "app_user" # Base64 encoded in actual secret
Secure secrets management in OpenShift
APP_NAME=OpenShift Go Monolith
APP_ENV=production
DB_USER=app_user{
"application": {
"name": "OpenShift Go Monolith",
"environment": "production"
},
"database": {
"user": "app_user"
}
}/app/data- Persistent Volume (1Gi)/app/config.json- ConfigMap mount/app/.env- ConfigMap mount
Volume mounts in the running container
Persistent Volume Claim for data storage
Application monitoring and metrics dashboard
# Stream logs
oc logs -f deployment/podman-openshift
# View last 100 lines
oc logs deployment/podman-openshift --tail=100
# View logs from specific pod
oc logs <pod-name>
Application logs from running pod
# Get pods
oc get pods -l app=podman-openshift
# Describe pod
oc describe pod <pod-name>
# Get events
oc get events --sort-by='.lastTimestamp'
Detailed pod information and status
# Execute shell in container
oc exec -it deployment/podman-openshift -- /bin/sh
# Check mounted files
oc exec deployment/podman-openshift -- ls -la /app
oc exec deployment/podman-openshift -- cat /app/config.json
oc exec deployment/podman-openshift -- cat /app/.env
# Check data directory
oc exec deployment/podman-openshift -- ls -la /app/data/log
# Check environment variables
oc exec deployment/podman-openshift -- env | grep APP# Test health endpoint
oc exec deployment/podman-openshift -- wget -O- http://localhost:8080/health
# Check readiness
oc get pods -l app=podman-openshift -o jsonpath='{.items[0].status.conditions[?(@.type=="Ready")].status}'# Get resource usage
oc adm top pods -l app=podman-openshift
# Describe deployment
oc describe deployment podman-openshift
CPU and memory resource consumption
# Check events
oc describe pod <pod-name>
# Check image pull
oc get events | grep -i pull
# Verify image exists
oc get imagestream# Check PVC status
oc get pvc app-storage
# Check volume mounts
oc describe pod <pod-name> | grep -A 10 "Mounts:"# Verify ConfigMaps exist
oc get configmap | grep go-monolith
# Check ConfigMap content
oc get configmap go-monolith-config -o yaml
# Verify Secret exists
oc get secret go-monolith-secrets
Environment variables loaded in the container
# Rollout restart
oc rollout restart deployment/podman-openshift
# Scale down and up
oc scale deployment/podman-openshift --replicas=0
oc scale deployment/podman-openshift --replicas=1
Interactive web dashboard with real-time monitoring
Application information and configuration details
Deployment configuration and status
Detailed deployment information and image registry
Running pods and container status
Detailed pod information and logs
ConfigMaps for application configuration
ConfigMap content and environment variables
Secrets management for sensitive data
Persistent Volume Claim for data storage
Kubernetes Service configuration
OpenShift Route for external access
List of Tekton pipeline runs
Detailed pipeline execution information
Pipeline execution logs
Detailed build and deployment logs
Pipeline performance metrics and monitoring
Pipeline configuration and task details
Complete terminal output showing all resources
Additional terminal output with statistics
Terminal output for pod operations
Detailed pod status and resource usage
Terminal output for PVC operations and volume mounts
Terminal output for service operations
- β Non-root container (UID 1001)
- β Arbitrary UID support for OpenShift
- β Secrets for sensitive data
- β TLS termination at route level
- β Resource limits configured
- β Health checks for reliability
- β Read-only ConfigMap mounts
- β Minimal base image (Alpine)
# Edit ConfigMap
oc edit configmap go-monolith-config
# Restart to apply changes
oc rollout restart deployment/podman-openshift# Scale to 3 replicas
oc scale deployment/podman-openshift --replicas=3
# Autoscaling
oc autoscale deployment/podman-openshift --min=2 --max=5 --cpu-percent=80# Build new version
podman build -t podman-openshift:v2 -f Containerfile .
# Push to registry
podman push image-registry.openshift-image-registry.svc:5000/romanyuvan-dev/podman-openshift:v2
# Update deployment
oc set image deployment/podman-openshift podman-openshift=image-registry.openshift-image-registry.svc:5000/romanyuvan-dev/podman-openshift:v2
OpenShift internal container image registry
cd openshift-config
# Delete all resources
oc delete -f .
# Or individually
oc delete route podman-openshift
oc delete service podman-openshift
oc delete deployment podman-openshift
oc delete pvc app-storage
oc delete configmap go-monolith-config go-monolith-env-file go-monolith-json-config
oc delete secret go-monolith-secretsoc delete project romanyuvan-dev- OpenShift Documentation
- Go Documentation
- Podman Documentation
- Tekton Documentation
- Kubernetes ConfigMaps
- Kubernetes Secrets
Contributions are welcome! Please feel free to submit issues or pull requests.
This project is provided as-is for educational and demonstration purposes.
Created for OpenShift lab demonstrations and learning purposes.
Version: 1.1.0
Last Updated: March 2026
Status: Production Ready β