blob: 5bcfcf73f735416924bc249252653246bbe2eacb (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
|
apiVersion: template.openshift.io/v1
kind: Template
metadata:
name: openshift-web-console
annotations:
openshift.io/display-name: OpenShift Web Console
description: The server for the OpenShift web console.
iconClass: icon-openshift
tags: openshift,infra
openshift.io/documentation-url: https://github.com/openshift/origin-web-console-server
openshift.io/support-url: https://access.redhat.com
openshift.io/provider-display-name: Red Hat, Inc.
parameters:
- name: IMAGE
value: openshift/origin-web-console:latest
- name: NAMESPACE
# This namespace cannot be changed. Only `openshift-web-console` is supported.
value: openshift-web-console
- name: LOGLEVEL
value: "0"
- name: API_SERVER_CONFIG
- name: NODE_SELECTOR
value: "{}"
- name: REPLICA_COUNT
value: "1"
objects:
# to create the web console server
- apiVersion: apps/v1beta1
kind: Deployment
metadata:
namespace: ${NAMESPACE}
name: webconsole
labels:
app: openshift-web-console
webconsole: "true"
spec:
replicas: "${{REPLICA_COUNT}}"
strategy:
type: Recreate
template:
metadata:
name: webconsole
labels:
webconsole: "true"
spec:
serviceAccountName: webconsole
containers:
- name: webconsole
image: ${IMAGE}
imagePullPolicy: IfNotPresent
command:
- "/usr/bin/origin-web-console"
- "--audit-log-path=-"
- "-v=${LOGLEVEL}"
- "--config=/var/webconsole-config/webconsole-config.yaml"
ports:
- containerPort: 8443
volumeMounts:
- mountPath: /var/serving-cert
name: serving-cert
- mountPath: /var/webconsole-config
name: webconsole-config
readinessProbe:
httpGet:
path: /healthz
port: 8443
scheme: HTTPS
livenessProbe:
exec:
command:
- /bin/sh
- -i
- -c
- |-
if [[ ! -f /tmp/webconsole-config.hash ]]; then \
md5sum /var/webconsole-config/webconsole-config.yaml > /tmp/webconsole-config.hash; \
elif [[ $(md5sum /var/webconsole-config/webconsole-config.yaml) != $(cat /tmp/webconsole-config.hash) ]]; then \
exit 1; \
fi && curl -k -f https://0.0.0.0:8443/console/
resources:
requests:
cpu: 100m
memory: 100Mi
nodeSelector: "${{NODE_SELECTOR}}"
volumes:
- name: serving-cert
secret:
defaultMode: 400
secretName: webconsole-serving-cert
- name: webconsole-config
configMap:
defaultMode: 440
name: webconsole-config
# to create the config for the web console
- apiVersion: v1
kind: ConfigMap
metadata:
namespace: ${NAMESPACE}
name: webconsole-config
labels:
app: openshift-web-console
data:
webconsole-config.yaml: ${API_SERVER_CONFIG}
# to be able to assign powers to the process
- apiVersion: v1
kind: ServiceAccount
metadata:
namespace: ${NAMESPACE}
name: webconsole
labels:
app: openshift-web-console
# to be able to expose web console inside the cluster
- apiVersion: v1
kind: Service
metadata:
namespace: ${NAMESPACE}
name: webconsole
labels:
app: openshift-web-console
annotations:
service.alpha.openshift.io/serving-cert-secret-name: webconsole-serving-cert
prometheus.io/scrape: "true"
prometheus.io/scheme: https
spec:
selector:
webconsole: "true"
ports:
- name: https
port: 443
targetPort: 8443
|
