seg_yinzy
/
che-server
mirror of https://github.com/eclipse-che/che-server.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
che-server/deploy/openshift/templates/che-server-template.yaml

315 lines
11 KiB
YAML
Raw Blame History

#
# Copyright (c) 2012-2018 Red Hat, Inc.
# This program and the accompanying materials are made
# available under the terms of the Eclipse Public License 2.0
# which is available at https://www.eclipse.org/legal/epl-2.0/
#
# SPDX-License-Identifier: EPL-2.0
#
---
kind: Template
apiVersion: v1
metadata:
name: che
annotations:
description: Che
objects:
- apiVersion: v1
kind: ServiceAccount
metadata:
name: che
- apiVersion: v1
kind: RoleBinding
metadata:
name: che
roleRef:
name: edit
subjects:
- kind: ServiceAccount
name: che
- apiVersion: v1
kind: Service
metadata:
name: che-host
spec:
ports:
- name: http
port: 8080
protocol: TCP
targetPort: 8080
- name: metrics
port: 8087
protocol: TCP
targetPort: 8087
selector:
app: che
- apiVersion: v1
kind: Route
metadata:
name: che
spec:
to:
kind: Service
name: che-host
port:
targetPort: http
- apiVersion: v1
kind: DeploymentConfig
metadata:
name: che
spec:
replicas: 1
revisionHistoryLimit: 2
selector:
app: che
strategy:
type: ${STRATEGY}
template:
metadata:
labels:
app: che
spec:
containers:
- env:
- name: OPENSHIFT_KUBE_PING_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: CHE_MULTIUSER
value: "${CHE_MULTIUSER}"
- name: CHE_WORKSPACE_HTTP__PROXY
value: "${CHE_WORKSPACE_HTTP__PROXY}"
- name: CHE_WORKSPACE_HTTPS__PROXY
value: "${CHE_WORKSPACE_HTTPS__PROXY}"
- name: CHE_WORKSPACE_NO__PROXY
value: "${CHE_WORKSPACE_NO__PROXY}"
- name: CHE_HOST
value: "che-${NAMESPACE}.${ROUTING_SUFFIX}"
- name: CHE_PORT
value: "8080"
- name: CHE_API
value: "${PROTOCOL}://che-${NAMESPACE}.${ROUTING_SUFFIX}/api"
- name: CHE_WEBSOCKET_ENDPOINT
value: "${WS_PROTOCOL}://che-${NAMESPACE}.${ROUTING_SUFFIX}/api/websocket"
- name: CHE_DEBUG_SERVER
value: "false"
- name: CHE_INFRASTRUCTURE_ACTIVE
value: "openshift"
- name: CHE_INFRA_KUBERNETES_BOOTSTRAPPER_BINARY__URL
value: "${PROTOCOL}://che-${NAMESPACE}.${ROUTING_SUFFIX}/agent-binaries/linux_amd64/bootstrapper/bootstrapper"
- name: CHE_INFRA_KUBERNETES_MACHINE__START__TIMEOUT__MIN
value: "5"
- name: CHE_INFRA_KUBERNETES_MASTER__URL
value: "${CHE_INFRA_KUBERNETES_MASTER__URL}"
- name: CHE_INFRA_OPENSHIFT_PROJECT
value: "${CHE_INFRA_OPENSHIFT_PROJECT}"
- name: CHE_INFRA_KUBERNETES_SERVICE__ACCOUNT__NAME
value: "${CHE_INFRA_KUBERNETES_SERVICE__ACCOUNT__NAME}"
- name: CHE_INFRA_KUBERNETES_PVC_STRATEGY
value: "${CHE_INFRA_KUBERNETES_PVC_STRATEGY}"
- name: CHE_INFRA_KUBERNETES_PVC_PRECREATE__SUBPATHS
value: "${CHE_INFRA_KUBERNETES_PVC_PRECREATE__SUBPATHS}"
- name: CHE_INFRA_OPENSHIFT_TLS__ENABLED
value: "${TLS}"
- name: CHE_INFRA_KUBERNETES_TRUST__CERTS
value: "${TLS}"
- name: CHE_LOCAL_CONF_DIR
value: "/etc/conf"
- name: CHE_LOGS_DIR
value: "/data/logs"
- name: CHE_LOG_LEVEL
value: "INFO"
- name: CHE_KEYCLOAK_AUTH__SERVER__URL
value: "${CHE_KEYCLOAK_AUTH__SERVER__URL}"
- name: CHE_INFRA_OPENSHIFT_OAUTH__IDENTITY__PROVIDER
value: "${CHE_INFRA_OPENSHIFT_OAUTH__IDENTITY__PROVIDER}"
- name: CHE_OAUTH_GITHUB_CLIENTID
value: "${CHE_OAUTH_GITHUB_CLIENTID}"
- name: CHE_OAUTH_GITHUB_CLIENTSECRET
value: "${CHE_OAUTH_GITHUB_CLIENTSECRET}"
- name: CHE_PREDEFINED_STACKS_RELOAD__ON__START
value: 'true'
- name: JAVA_OPTS
value: "-XX:MaxRAMFraction=2 -XX:+UseParallelGC -XX:MinHeapFreeRatio=10
-XX:MaxHeapFreeRatio=20 -XX:GCTimeRatio=4 -XX:AdaptiveSizePolicyWeight=90
-XX:+UnlockExperimentalVMOptions -XX:+UseCGroupMemoryLimitForHeap -Dsun.zip.disableMemoryMapping=true
-Xms20m "
- name: CHE_WORKSPACE_AUTO_START
value: "false"
- name: CHE_INFRA_KUBERNETES_PVC_QUANTITY
value: "${CHE_INFRA_KUBERNETES_PVC_QUANTITY}"
- name: PROTOCOL
value: "${PROTOCOL}"
- name: CHE_WORKSPACE_SIDECAR_DEFAULT__MEMORY__LIMIT__MB
value: "${CHE_WORKSPACE_SIDECAR_DEFAULT__MEMORY__LIMIT__MB}"
- name: ROUTING_SUFFIX
value: "${ROUTING_SUFFIX}"
- name: OPENSHIFT_IDENTITY_PROVIDER_CERTIFICATE
valueFrom:
secretKeyRef:
key: ca.crt
name: openshift-identity-provider
optional: true
- name: CHE_WORKSPACE_PLUGIN__REGISTRY__URL
value: "${CHE_WORKSPACE_PLUGIN__REGISTRY__URL}"
- name: CHE_TRACING_ENABLED
value: "${CHE_TRACING_ENABLED}"
- name: CHE_METRICS_ENABLED
value: "false"
image: ${IMAGE_CHE}:${CHE_VERSION}
imagePullPolicy: "${PULL_POLICY}"
livenessProbe:
httpGet:
path: /api/system/state
port: 8080
scheme: HTTP
initialDelaySeconds: 50
failureThreshold: 3
timeoutSeconds: 2
readinessProbe:
httpGet:
path: /api/system/state
port: 8080
scheme: HTTP
initialDelaySeconds: 25
timeoutSeconds: 5
failureThreshold: 5
name: che
ports:
- containerPort: 8080
name: http
protocol: TCP
- containerPort: 8087
name: metrics
protocol: TCP
- containerPort: 8000
name: http-debug
- containerPort: 8888
name: jgroups-ping
protocol: TCP
resources:
limits:
memory: 1Gi
requests:
memory: 256Mi
terminationMessagePath: "/dev/termination-log"
terminationMessagePolicy: File
restartPolicy: Always
serviceAccountName: che
terminationGracePeriodSeconds: 360
triggers:
- type: ConfigChange
parameters:
- name: CHE_WORKSPACE_HTTP__PROXY
displayName: http_proxy for workspace containers
description:
value: ''
- name: CHE_WORKSPACE_HTTPS__PROXY
displayName: https_proxy for workspace containers
description:
value: ''
- name: CHE_WORKSPACE_NO__PROXY
displayName: no_proxy for workspace containers
description:
value: ''
- name: ROUTING_SUFFIX
displayName: Routing suffix of your OpenShift cluster
description: This is the suffix appended to routes in your OpenShift cluster <route>-<project>.<routing_suffix>
- name: CHE_VERSION
displayName: Eclipse Che version
description: Eclipse Che version which defaults to nightly
value: nightly
- name: IMAGE_CHE
displayName: Eclipse Che server image
description: Che server Docker image. Defaults to eclipse/che-server
value: eclipse/che-server
- name: CHE_MULTIUSER
displayName: Che Multi-user flavor
description: False i.e. single user by default
value: 'false'
- name: PROTOCOL
displayName: HTTP protocol
description: Protocol to be used in Che communications
value: http
- name: WS_PROTOCOL
displayName: Websocket protocol
description: Websocket protocol to be used in Che communications. Defaults to ws. Set to wss only if TLS is true and https protocol is defined
value: ws
- name: TLS
displayName: HTTPS support
description: HTTPS support in Che
value: 'false'
- name: CHE_INFRA_OPENSHIFT_PROJECT
displayName: OpenShift namespace to create workspace objects
description: Che server namespace by default. When empty, each workspace gets own namespace. In this case a privileged sa or credentials/token need to be used.
value: '${NAMESPACE}'
- name: CHE_INFRA_KUBERNETES_PVC_QUANTITY
displayName: Default PVC claim
description: Default PVC claim for storage. Defaults to 1Gi
value: '1Gi'
- name: CHE_INFRA_KUBERNETES_PVC_STRATEGY
displayName: PVC strategy
description: PVC strategy. Unique implies creating PVC per workspace. Common uses one PVC with subpaths in PV. Defaults to unique
value: 'unique'
- name: CHE_INFRA_KUBERNETES_SERVICE__ACCOUNT__NAME
displayName: Workspace service account name
description: Service accont name that should be specified to be bound to workspaces pods. Defauls to 'NULL' that means that Che Server won't specify any and default one will be bound.
value: 'NULL'
- name: CHE_KEYCLOAK_ADMIN_REQUIRE_UPDATE_PASSWORD
displayName: Admin password update
description: Force an admin to update password after 1st login. True by default
value: 'true'
- name: CHE_KEYCLOAK_AUTH__SERVER__URL
displayName: Identity provider URL
description: URL of a remote identity provider. Defaults to Keycloak bundled with Che multi user
value: '${PROTOCOL}://keycloak-${NAMESPACE}.${ROUTING_SUFFIX}/auth'
- name: CHE_INFRA_OPENSHIFT_OAUTH__IDENTITY__PROVIDER
displayName: Alias of the Openshift identity provider in Keycloak
description: Alias of the Openshift identity provider registered in Keycloak, that should be used to create workspace OpenShift resources in Openshift namespaces owned by the current Che user.
value: 'NULL'
- name: STRATEGY
displayName: Update Strategy
description: Che server update strategy. Defaults to Recreate. Use Rolling only if Che deployment does not use PVC
value: 'Recreate'
- name: PULL_POLICY
displayName: Che server image pull policy
description: Always pull by default. Can be IfNotPresent
value: 'Always'
- name: CHE_INFRA_KUBERNETES_MASTER__URL
displayName: OpenShift master URL
description: Required only in case of multi-cluster setup. Empty string by default.
value: ''
- name: CHE_INFRA_KUBERNETES_PVC_PRECREATE__SUBPATHS
displayName: Pre-create subpaths in PV
description: Applied only if a common strategy is used. Required for Kubernetes versions before 1.6
value: 'false'
- name: CHE_OAUTH_GITHUB_CLIENTID
displayName: GitHub Client ID
description: GitHub oAuth app client ID. Applicable to Che single user only!
value: ''
- name: CHE_OAUTH_GITHUB_CLIENTSECRET
displayName: GitHub Client Secret
description: GitHub oAuth app client servet. Applicable to Che single user only!
value: ''
- name: CHE_WORKSPACE_PLUGIN__REGISTRY__URL
displayName: Eclipse Che plugin registry URL
description: Url that used to get meta information about Eclipse Che tooling
value: 'NULL'
- name: CHE_WORKSPACE_SIDECAR_DEFAULT__MEMORY__LIMIT__MB
displayName: Plugin sidecar default memory limit
description: Plugin sidecar default memory limit in megabytes
value: '128'
- name: CHE_TRACING_ENABLED
displayName: Eclipse Che tracing
description: Enable or disable tracing in Eclipse Che
value: 'false'
labels:
app: che
template: che
Reference in New Issue View Git Blame Copy Permalink