Deploying on OpenShift
This guide covers generating and deploying OpenShift resources based on sane default and user supplied configuration.
准备
要完成本指南,您需要:
-
Roughly 15 minutes
-
An IDE
-
JDK 11+ installed with
JAVA_HOME
configured appropriately -
Apache Maven 3.9.6
-
Optionally the Quarkus CLI if you want to use it
-
Access to an OpenShift cluster (Minishift is a viable option)
-
OpenShift CLI (Optional, only required for manual deployment)
搭建项目
First, we need a new project that contains the OpenShift extension. This can be done using the following command:
For Windows users:
-
If using cmd, (don’t use backward slash
\
and put everything on the same line) -
If using Powershell, wrap
-D
parameters in double quotes e.g."-DprojectArtifactId=openshift-quickstart"
Quarkus offers the ability to automatically generate OpenShift resources based on sane defaults and user supplied configuration. The OpenShift extension is actually a wrapper extension that brings together the kubernetes and container-image-s2i extensions with sensible defaults so that it’s easier for the user to get started with Quarkus on OpenShift.
When we added the OpenShift extension to the command line invocation above,
the following dependency was added to the pom.xml
<dependency>
<groupId>io.quarkus</groupId>
<artifactId>quarkus-openshift</artifactId>
</dependency>
implementation("io.quarkus:quarkus-openshift")
Log Into the OpenShift Cluster
Before we build and deploy our application we need to log into an OpenShift cluster. You can log in via the OpenShift CLI:
oc login -u myUsername (1)
1 | You’ll be prompted for the required information such as server URL, password, etc. |
Alternatively, you may log in using the API token:
oc login --token=myToken --server=myServerUrl
You can request the token via the Copy Login Command link in the OpenShift web console. |
Finally, you don’t need to use the OpenShift CLI at all. Instead, set the
quarkus.kubernetes-client.api-server-url
config property and authenticate
with the quarkus.kubernetes-client.token
, or
quarkus.kubernetes-client.username
and
quarkus.kubernetes-client.password
respectively:
quarkus build -Dquarkus.kubernetes-client.api-server-url=myServerUrl -Dquarkus.kubernetes-client.token=myToken
./mvnw install -Dquarkus.kubernetes-client.api-server-url=myServerUrl -Dquarkus.kubernetes-client.token=myToken
./gradlew build -Dquarkus.kubernetes-client.api-server-url=myServerUrl -Dquarkus.kubernetes-client.token=myToken
Build and Deployment
You can trigger a build and deployment in a single step or build the container image first and then configure the OpenShift application manually if you need more control over the deployment configuration.
To trigger a build and deployment in a single step:
quarkus build -Dquarkus.kubernetes.deploy=true
./mvnw install -Dquarkus.kubernetes.deploy=true
./gradlew build -Dquarkus.kubernetes.deploy=true
If you want to test your application immediately then set the
quarkus.openshift.route.expose config property to true to
expose the service automatically, e.g. add
-Dquarkus.openshift.route.expose=true to the command above.
|
When using DeploymentConfig and
Service Binding,
re-deploying might remove the configuration added by OpenShift to allow
service discovery. A new container image build will trigger a refresh of the
Quarkus app in OpenShift: -Dquarkus.container-image.build=true which might
be enough in most situations. If you need to update the OpenShift resources,
you need to delete the binding first to create it again after new
deployment.
|
This command will build your application locally, then trigger a container
image build and finally apply the generated OpenShift resources
automatically. The generated resources use OpenShift’s DeploymentConfig
that is configured to automatically trigger a redeployment when a change in
the ImageStream
is noticed. In other words, any container image build
after the initial deployment will automatically trigger redeployment,
without the need to delete, update or re-apply the generated resources.
You can use the OpenShift web console to verify that the above command has created an image stream, a service resource and has deployed the application. Alternatively, you can run the following OpenShift CLI commands:
oc get is (1)
oc get pods (2)
oc get svc (3)
1 | Lists the image streams created. |
2 | Get the list of pods. |
3 | Get the list of Kubernetes services. |
Note that the service is not exposed to the outside world by default. So
unless you’ve used the quarkus.openshift.route.expose
config property to
expose the created service automatically you’ll need to expose the service
manually.
oc expose svc/openshift-quickstart (1)
oc get routes (2)
curl http://<route>/hello (3)
1 | Expose the service. |
2 | Get the list of exposed routes. |
3 | Access your application. |
Configure the OpenShift Application Manually
If you need more control over the deployment configuration you can build the container image first and then configure the OpenShift application manually.
To trigger a container image build:
./mvnw clean package -Dquarkus.container-image.build=true
The build that will be performed is a s2i binary build. The input of the
build is the jar that has been built locally and the output of the build is
an ImageStream
that is configured to automatically trigger a deployment.
The base/builder image is specified using base-jvm-image
and
base-native-image
for jvm and native mode respectively. An ImageStream for
the image is automatically generated, unless these properties are used to
reference an existing ImageStreamTag in the internal openshift registry. For
example:
quarkus.openshift.base-jvm-image=image-registry.openshift-image-registry.svc:5000/some-project/openjdk-11:17.1.16.
During the build you may find the
For more information, see deploying to Kubernetes. |
Once the build is done we can create a new application from the relevant
ImageStream
.
oc get is (1)
oc new-app --name=greeting <project>/openshift-quickstart:1.0.0-SNAPSHOT (2)
oc get svc
oc expose svc/greeting (3)
oc get routes (4)
curl http://<route>/hello (5)
1 | Lists the image streams created. The image stream of our application should be tagged as <project>/openshift-quickstart:1.0.0-SNAPSHOT. |
2 | Create a new application from the image source. |
3 | Expose the service to the outside world. |
4 | Get the list of exposed routes. |
5 | Access your application. |
After this setup the next time the container image is built a deployment to OpenShift is triggered automatically. In other words, you don’t need to repeat the above steps.
Non-S2I Builds
Out of the box the OpenShift extension is configured to use container-image-s2i. However, it’s still possible to use other container image extensions like:
When a non-s2i container image extension is used, an ImageStream
is
created that is pointing to an external dockerImageRepository
. The image
is built and pushed to the registry and the ImageStream
populates the tags
that are available in the dockerImageRepository
.
To select which extension will be used for building the image:
quarkus.container-image.builder=docker
or
quarkus.container-image.builder=jib
Customizing
All available customization options are available in the OpenShift configuration options.
Some examples are provided in the sections below:
Exposing Routes
To expose a Route
for the Quarkus application:
quarkus.openshift.route.expose=true
You don’t necessarily need to add this property in the
The same applies to all properties listed below. |
Securing the Route resource
To secure the incoming connections, OpenShift provides several types of TLS termination to serve certifications. You can read more information about how to secure routes in the official OpenShift guide.
Let’s see an example about how to configure a secured Route using passthrough termination by simply adding the "quarkus.openshift.route.tls" properties:
quarkus.openshift.route.expose=true
quarkus.openshift.route.target-port=https
## Route TLS configuration:
quarkus.openshift.route.tls.termination=passthrough
quarkus.openshift.route.tls.insecure-edge-termination-policy=None
Environment variables
OpenShift provides multiple ways of defining environment variables:
-
key/value pairs
-
import all values from a Secret or ConfigMap
-
interpolate a single value identified by a given field in a Secret or ConfigMap
-
interpolate a value from a field within the same resource
Environment variables from key/value pairs
To add a key/value pair as an environment variable in the generated resources:
quarkus.openshift.env.vars.my-env-var=foobar
The command above will add MY_ENV_VAR=foobar
as an environment variable.
Please note that the key my-env-var
will be converted to uppercase and
dashes will be replaced by underscores resulting in MY_ENV_VAR
.
Environment variables from Secret
To add all key/value pairs of Secret
as environment variables just apply
the following configuration, separating each Secret
to be used as source
by a comma (,
):
quarkus.openshift.env.secrets=my-secret,my-other-secret
which would generate the following in the container definition:
envFrom:
- secretRef:
name: my-secret
optional: false
- secretRef:
name: my-other-secret
optional: false
The following extracts a value identified by the keyName
field from the
my-secret
Secret into a foo
environment variable:
quarkus.openshift.env.mapping.foo.from-secret=my-secret
quarkus.openshift.env.mapping.foo.with-key=keyName
This would generate the following in the env
section of your container:
- env:
- name: FOO
valueFrom:
secretKeyRef:
key: keyName
name: my-secret
optional: false
Environment variables from ConfigMap
To add all key/value pairs from ConfigMap
as environment variables just
apply the following configuration, separating each ConfigMap
to be used as
source by a comma (,
):
quarkus.openshift.env.configmaps=my-config-map,another-config-map
which would generate the following in the container definition:
envFrom:
- configMapRef:
name: my-config-map
optional: false
- configMapRef:
name: another-config-map
optional: false
The following extracts a value identified by the keyName
field from the
my-config-map
ConfigMap into a foo
environment variable:
quarkus.openshift.env.mapping.foo.from-configmap=my-configmap
quarkus.openshift.env.mapping.foo.with-key=keyName
This would generate the following in the env
section of your container:
- env:
- name: FOO
valueFrom:
configMapKeyRef:
key: keyName
name: my-configmap
optional: false
Environment variables from fields
It’s also possible to use the value from another field to add a new environment variable by specifying the path of the field to be used as a source, as follows:
quarkus.openshift.env.fields.foo=metadata.name
Changing the generated deployment resource
Beside generating a DeploymentConfig
resource, you can also choose to get
either a Deployment
, StatefulSet
, or a Job
, or a CronJob
resource
instead via application.properties
:
quarkus.openshift.deployment-kind=StatefulSet
Using Deployment instead of DeploymentConfig
Out of the box the extension will generate a DeploymentConfig
resource. Often users, prefer to use Deployment
as the main deployment
resource, but still make use of OpenShift specific resources like Route
,
BuildConfig
etc. This feature is enabled by setting
quarkus.openshift.deployment-kind
to Deployment
.
quarkus.openshift.deployment-kind=Deployment
Since Deployment
is a Kubernetes resource and not OpenShift specific, it
can’t possibly leverage ImageStream
resources, as is the case with
DeploymentConfig
. This means that the image references need to include the
container image registry that hosts the image. When the image is built,
using OpenShift builds (s2i binary and docker strategy) the OpenShift
internal image registry image-registry.openshift-image-registry.svc:5000
will be used, unless another registry has been explicitly specified by the
user. Please note, that in the internal registry the project/namespace name
is added as part of the image repository:
image-registry.openshift-image-registry.svc:5000/<project
name>/<name>:<tag>
, so users will need to make sure that the target
project/namespace name is aligned with the quarkus.container-image.group
.
quarkus.container-image.group=<project/namespace name>
Generating Job resources
If you want to generate a Job resource, you need to add the following
property via the application.properties
:
quarkus.openshift.deployment-kind=Job
If you are using the Picocli extension, by default the Job resource will be generated. |
You can provide the arguments that will be used by the Kubernetes Job via
the property quarkus.openshift.arguments
. For example, adding the property
quarkus.openshift.arguments=A,B
.
Finally, the Kubernetes job will be launched every time that is installed in OpenShift. You can know more about how to run Kubernetes jobs in this link.
You can configure the rest of the Kubernetes Job configuration using the
properties under quarkus.openshift.job.xxx
(see
link).
Generating CronJob resources
If you want to generate a CronJob resource, you need to add the following
property via the application.properties
:
quarkus.openshift.deployment-kind=CronJob
# Cron expression to run the job every hour
quarkus.openshift.cron-job.schedule=0 * * * *
CronJob resources require the Cron
expression to specify when to launch the job via the property
quarkus.openshift.cron-job.schedule . If not provide, the build will fail.
|
You can configure the rest of the Kubernetes CronJob configuration using the
properties under quarkus.openshift.cron-job.xxx
(see
link).
Validation
A conflict between two definitions, e.g. mistakenly assigning both a value and specifying that a variable is derived from a field, will result in an error being thrown at build time so that you get the opportunity to fix the issue before you deploy your application to your cluster where it might be more difficult to diagnose the source of the issue.
Similarly, two redundant definitions, e.g. defining an injection from the same secret twice, will not cause an issue but will indeed report a warning to let you know that you might not have intended to duplicate that definition.
Backwards compatibility
Previous versions of the OpenShift extension supported a different syntax to add environment variables. The older syntax is still supported but is deprecated, and it’s advised that you migrate to the new syntax.
Old |
New |
||
Plain variable |
|
|
|
From field |
|
|
|
All from |
|
|
|
All from |
|
|
|
From one |
|
|
|
|
|
||
From one |
|
|
|
|
|
If you redefine the same variable using the new syntax while keeping the old
syntax, ONLY the new version will be kept, and a warning will be issued
to alert you of the problem. For example, if you define both
quarkus.openshift.env-vars.my-env-var.value=foobar and
quarkus.openshift.env.vars.my-env-var=newValue , the extension will only
generate an environment variable MY_ENV_VAR=newValue and issue a warning.
|
Mounting volumes
The OpenShift extension allows the user to configure both volumes and mounts for the application.
Any volume can be mounted with a simple configuration:
quarkus.openshift.mounts.my-volume.path=/where/to/mount
This will add a mount to my pod for volume my-volume
to path
/where/to/mount
The volumes themselves can be configured as shown in the sections below:
Knative - OpenShift Serverless
OpenShift also provides the ability to use Knative via the OpenShift Serverless functionality.
The first order of business is to instruct Quarkus to generate Knative resources by setting:
quarkus.kubernetes.deployment-target=knative
In order to leverage OpenShift S2I to build the container image on the cluster and use the resulting container image for the Knative application, we need to set a couple of configuration properties:
# set the Kubernetes namespace which will be used to run the application
quarkus.container-image.group=geoand
# set the container image registry - this is the standard URL used to refer to the internal OpenShift registry
quarkus.container-image.registry=image-registry.openshift-image-registry.svc:5000
The application can then be deployed to OpenShift Serverless by enabling the
standard quarkus.kubernetes.deploy=true
property.
Configuration Reference
Configuration property fixed at build time - All other configuration properties are overridable at runtime
Type |
Default |
|
---|---|---|
The OpenShift flavor / version to use. Older versions of OpenShift have minor differences in the labels and fields they support. This option allows users to have their manifests automatically aligned to the OpenShift 'flavor' they use. Environment variable: Show more |
|
|
The kind of the deployment resource to use. Supported values are 'Deployment', 'StatefulSet', 'Job', 'CronJob' and 'DeploymentConfig' defaulting to the latter. Environment variable: Show more |
|
|
The name of the group this component belongs too Environment variable: Show more |
string |
|
The name of the application. This value will be used for naming Kubernetes resources like: 'Deployment', 'Service' and so on… Environment variable: Show more |
string |
|
The version of the application. Environment variable: Show more |
string |
|
The namespace the generated resources should belong to. If not value is set, then the 'namespace' field will not be added to the 'metadata' section of the generated manifests. This in turn means that when the manifests are applied to a cluster, the namespace will be resolved from the current Kubernetes context (see https://kubernetes.io/docs/concepts/configuration/organize-cluster-access-kubeconfig/#context for more details). Environment variable: Show more |
string |
|
Add the build timestamp to the Kubernetes annotations This is a very useful way to have manifests of successive builds of the same application differ - thus ensuring that Kubernetes will apply the updated resources Environment variable: Show more |
boolean |
|
Working directory Environment variable: Show more |
string |
|
list of string |
||
The arguments Environment variable: Show more |
list of string |
|
The service account Environment variable: Show more |
string |
|
The number of desired pods Environment variable: Show more |
int |
|
The type of service that will be generated for the application Environment variable: Show more |
|
|
The nodePort to set when serviceType is set to nodePort Environment variable: Show more |
int |
|
Image pull policy Environment variable: Show more |
|
|
The image pull secret Environment variable: Show more |
list of string |
|
Enable generation of image pull secret, when the container image username and password are provided. Environment variable: Show more |
boolean |
|
The port number to use when configuring the Environment variable: Show more |
int |
|
The port name for selecting the port of the Environment variable: Show more |
string |
|
The http path to use for the probe. For this to work, the container port also needs to be set. Assuming the container port has been set (as per above comment), if execAction or tcpSocketAction are not set, an HTTP probe will be used automatically even if no path is set (which will result in the root path being used). If Smallrye Health is used, the path will automatically be set according to the health check path. Environment variable: Show more |
string |
|
The scheme of the Environment variable: Show more |
string |
|
The command to use for the probe. Environment variable: Show more |
string |
|
The tcp socket to use for the probe (the format is host:port). Environment variable: Show more |
string |
|
The gRPC port to use for the probe (the format is either port or port:service). Environment variable: Show more |
string |
|
If enabled and Environment variable: Show more |
boolean |
|
The amount of time to wait before starting to probe. Environment variable: Show more |
|
|
The period in which the action should be called. Environment variable: Show more |
|
|
The amount of time to wait for each action. Environment variable: Show more |
|
|
The success threshold to use. Environment variable: Show more |
int |
|
The failure threshold to use. Environment variable: Show more |
int |
|
The port number to use when configuring the Environment variable: Show more |
int |
|
The port name for selecting the port of the Environment variable: Show more |
string |
|
The http path to use for the probe. For this to work, the container port also needs to be set. Assuming the container port has been set (as per above comment), if execAction or tcpSocketAction are not set, an HTTP probe will be used automatically even if no path is set (which will result in the root path being used). If Smallrye Health is used, the path will automatically be set according to the health check path. Environment variable: Show more |
string |
|
The scheme of the Environment variable: Show more |
string |
|
The command to use for the probe. Environment variable: Show more |
string |
|
The tcp socket to use for the probe (the format is host:port). Environment variable: Show more |
string |
|
The gRPC port to use for the probe (the format is either port or port:service). Environment variable: Show more |
string |
|
If enabled and Environment variable: Show more |
boolean |
|
The amount of time to wait before starting to probe. Environment variable: Show more |
|
|
The period in which the action should be called. Environment variable: Show more |
|
|
The amount of time to wait for each action. Environment variable: Show more |
|
|
The success threshold to use. Environment variable: Show more |
int |
|
The failure threshold to use. Environment variable: Show more |
int |
|
The port number to use when configuring the Environment variable: Show more |
int |
|
The port name for selecting the port of the Environment variable: Show more |
string |
|
The http path to use for the probe. For this to work, the container port also needs to be set. Assuming the container port has been set (as per above comment), if execAction or tcpSocketAction are not set, an HTTP probe will be used automatically even if no path is set (which will result in the root path being used). If Smallrye Health is used, the path will automatically be set according to the health check path. Environment variable: Show more |
string |
|
The scheme of the Environment variable: Show more |
string |
|
The command to use for the probe. Environment variable: Show more |
string |
|
The tcp socket to use for the probe (the format is host:port). Environment variable: Show more |
string |
|
The gRPC port to use for the probe (the format is either port or port:service). Environment variable: Show more |
string |
|
If enabled and Environment variable: Show more |
boolean |
|
The amount of time to wait before starting to probe. Environment variable: Show more |
|
|
The period in which the action should be called. Environment variable: Show more |
|
|
The amount of time to wait for each action. Environment variable: Show more |
|
|
The success threshold to use. Environment variable: Show more |
int |
|
The failure threshold to use. Environment variable: Show more |
int |
|
When true (the default), emit a set of annotations to identify services that should be scraped by prometheus for metrics. In configurations that use the Prometheus operator with ServiceMonitor, annotations may not be necessary. Environment variable: Show more |
boolean |
|
Define the annotation prefix used for scrape values, this value will be used as the base for other annotation name defaults. Altering the base for generated annotations can make it easier to define re-labeling rules and avoid unexpected knock-on effects. The default value is Environment variable: Show more |
string |
|
Define the annotation used to indicate services that should be scraped. By default, Environment variable: Show more |
string |
|
Define the annotation used to indicate the path to scrape. By default, Environment variable: Show more |
string |
|
Define the annotation used to indicate the port to scrape. By default, Environment variable: Show more |
string |
|
Define the annotation used to indicate the scheme to use for scraping By default, Environment variable: Show more |
string |
|
EmptyDir volumes Environment variable: Show more |
list of string |
|
CPU Requirements Environment variable: Show more |
string |
|
Memory Requirements Environment variable: Show more |
string |
|
CPU Requirements Environment variable: Show more |
string |
|
Memory Requirements Environment variable: Show more |
string |
|
If set, it will change the name of the container according to the configuration Environment variable: Show more |
string |
|
If true, the service will be exposed Environment variable: Show more |
boolean |
|
The host under which the application is going to be exposed Environment variable: Show more |
string |
|
The target named port. If not provided, it will be deducted from the Service resource ports. Options are: "http" and "https". Environment variable: Show more |
string |
|
The cert authority certificate contents. Environment variable: Show more |
string |
|
The certificate contents. Environment variable: Show more |
string |
|
The contents of the ca certificate of the final destination. Environment variable: Show more |
string |
|
The desired behavior for insecure connections to a route. Environment variable: Show more |
string |
|
The key file contents. Environment variable: Show more |
string |
|
The termination type. Environment variable: Show more |
string |
|
If true, the 'app.kubernetes.io/version' label will be part of the selectors of Service and DeploymentConfig Environment variable: Show more |
boolean |
|
If true, the 'app.kubernetes.io/name' label will be part of the selectors of Service and Deployment Environment variable: Show more |
boolean |
|
Specifies the maximum desired number of pods the job should run at any given time. Environment variable: Show more |
int |
|
Specifies the desired number of successfully finished pods the job should be run with. Environment variable: Show more |
int |
|
CompletionMode specifies how Pod completions are tracked. Environment variable: Show more |
|
|
Specifies the number of retries before marking this job failed. Environment variable: Show more |
int |
|
Specifies the duration in seconds relative to the startTime that the job may be continuously active before the system tries to terminate it; value must be positive integer. Environment variable: Show more |
long |
|
Limits the lifetime of a Job that has finished execution (either Complete or Failed). If this field is set, ttlSecondsAfterFinished after the Job finishes, it is eligible to be automatically deleted. Environment variable: Show more |
int |
|
Suspend specifies whether the Job controller should create Pods or not. Environment variable: Show more |
boolean |
|
Restart policy when the job container fails. Environment variable: Show more |
|
|
The schedule in Cron format, see https://en.wikipedia.org/wiki/Cron. Environment variable: Show more |
string |
|
ConcurrencyPolicy describes how the job will be handled. Environment variable: Show more |
|
|
Deadline in seconds for starting the job if it misses scheduled time for any reason. Missed jobs executions will be counted as failed ones. Environment variable: Show more |
long |
|
Environment variable: |
int |
|
Environment variable: |
int |
|
Specifies the maximum desired number of pods the job should run at any given time. Environment variable: Show more |
int |
|
Specifies the desired number of successfully finished pods the job should be run with. Environment variable: Show more |
int |
|
CompletionMode specifies how Pod completions are tracked. Environment variable: Show more |
|
|
Specifies the number of retries before marking this job failed. Environment variable: Show more |
int |
|
Specifies the duration in seconds relative to the startTime that the job may be continuously active before the system tries to terminate it; value must be positive integer. Environment variable: Show more |
long |
|
Limits the lifetime of a Job that has finished execution (either Complete or Failed). If this field is set, ttlSecondsAfterFinished after the Job finishes, it is eligible to be automatically deleted. Environment variable: Show more |
int |
|
Suspend specifies whether the Job controller should create Pods or not. Environment variable: Show more |
boolean |
|
Restart policy when the job container fails. Environment variable: Show more |
|
|
The optional list of Secret names to load environment variables from. Environment variable: Show more |
list of string |
|
The optional list of ConfigMap names to load environment variables from. Environment variable: Show more |
list of string |
|
If set, the secret will mounted to the application container and its contents will be used for application configuration. Environment variable: Show more |
string |
|
If set, the config amp will be mounted to the application container and its contents will be used for application configuration. Environment variable: Show more |
string |
|
The SELinux level label that applies to the container. Environment variable: Show more |
string |
|
The SELinux role label that applies to the container. Environment variable: Show more |
string |
|
The SELinux type label that applies to the container. Environment variable: Show more |
string |
|
The SELinux user label that applies to the container. Environment variable: Show more |
string |
|
The name of the GMSA credential spec to use. Environment variable: Show more |
string |
|
GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field. Environment variable: Show more |
string |
|
The UserName in Windows to run the entrypoint of the container process. Environment variable: Show more |
string |
|
HostProcess determines if a container should be run as a 'Host Process' container. Environment variable: Show more |
boolean |
|
The UID to run the entrypoint of the container process. Environment variable: Show more |
long |
|
The GID to run the entrypoint of the container process. Environment variable: Show more |
long |
|
Indicates that the container must run as a non-root user. Environment variable: Show more |
boolean |
|
A list of groups applied to the first process run in each container, in addition to the container’s primary GID. If unspecified, no groups will be added to any container. Environment variable: Show more |
list of long |
|
A special supplemental group that applies to all containers in a pod. Environment variable: Show more |
long |
|
Sysctls hold a list of namespaced sysctls used for the pod. Environment variable: Show more |
string |
|
It holds policies that will be used for applying fsGroup to a volume when volume is mounted. Values: OnRootMismatch, Always Environment variable: Show more |
|
|
If true, the debug mode in pods will be enabled. Environment variable: Show more |
boolean |
|
The transport to use. Environment variable: Show more |
string |
|
If enabled, it means the JVM will wait for the debugger to attach before executing the main class. If false, the JVM will immediately execute the main class, while listening for the debugger connection. Environment variable: Show more |
string |
|
It specifies the address at which the debug socket will listen. Environment variable: Show more |
int |
|
If set to true, Quarkus will attempt to deploy the application to the target Openshift cluster Environment variable: Show more |
boolean |
|
If deploy is enabled, it will follow this strategy to update the resources to the target OpenShift cluster. Environment variable: Show more |
|
|
If true, the init task will be generated. Otherwise, the init task resource generation will be skipped. Environment variable: Show more |
boolean |
|
The init task image to use by the init-container. Environment variable: Show more |
string |
|
Switch used to control whether non-idempotent fields are included in generated kubernetes resources to improve git-ops compatibility Environment variable: Show more |
boolean |
|
Custom labels to add to all resources Environment variable: Show more |
|
|
Custom annotations to add to all resources Environment variable: Show more |
|
|
The port number. Refers to the container port. Environment variable: Show more |
int |
|
The host port. Environment variable: Show more |
int |
|
The application path (refers to web application path). Environment variable: Show more |
string |
|
The protocol. Environment variable: Show more |
|
|
Environment variable: |
int |
|
If enabled, the port will be configured to use the schema HTTPS. Environment variable: Show more |
boolean |
|
The name of the volumeName to mount. Environment variable: Show more |
string |
|
The path to mount. Environment variable: Show more |
string |
|
Path within the volumeName from which the container’s volumeName should be mounted. Environment variable: Show more |
string |
|
ReadOnly Environment variable: Show more |
boolean |
|
The name of the secret to mount. Environment variable: Show more |
string |
required |
Default mode. When specifying an octal number, leading zero must be present. Environment variable: Show more |
string |
|
The path where the file will be mounted. Environment variable: Show more |
string |
required |
It must be a value between 0000 and 0777. If not specified, the volume defaultMode will be used. Environment variable: Show more |
int |
|
Optional Environment variable: Show more |
boolean |
|
The name of the ConfigMap to mount. Environment variable: Show more |
string |
required |
Default mode. When specifying an octal number, leading zero must be present. Environment variable: Show more |
string |
|
The path where the file will be mounted. Environment variable: Show more |
string |
required |
It must be a value between 0000 and 0777. If not specified, the volume defaultMode will be used. Environment variable: Show more |
int |
|
Optional Environment variable: Show more |
boolean |
|
Git repository URL. Environment variable: Show more |
string |
required |
The directory of the repository to mount. Environment variable: Show more |
string |
|
The commit hash to use. Environment variable: Show more |
string |
|
The name of the claim to mount. Environment variable: Show more |
string |
required |
Default mode. When specifying an octal number, leading zero must be present. Environment variable: Show more |
string |
|
Optional Environment variable: Show more |
boolean |
|
The name of the disk to mount. Environment variable: Show more |
string |
required |
The partition. Environment variable: Show more |
int |
|
Filesystem type. Environment variable: Show more |
string |
|
Whether the volumeName is read only or not. Environment variable: Show more |
boolean |
|
The share name. Environment variable: Show more |
string |
required |
The secret name. Environment variable: Show more |
string |
required |
Whether the volumeName is read only or not. Environment variable: Show more |
boolean |
|
The name of the disk to mount. Environment variable: Show more |
string |
required |
The URI of the vhd blob object OR the resourceID of an Azure managed data disk if Kind is Managed Environment variable: Show more |
string |
required |
Kind of disk. Environment variable: Show more |
|
|
Disk caching mode. Environment variable: Show more |
|
|
File system type. Environment variable: Show more |
string |
|
Whether the volumeName is read only or not. Environment variable: Show more |
boolean |
|
The container image. Environment variable: Show more |
string |
|
Working directory. Environment variable: Show more |
string |
|
The commands Environment variable: Show more |
list of string |
|
The arguments Environment variable: Show more |
list of string |
|
The service account. Environment variable: Show more |
string |
|
The host under which the application is going to be exposed. Environment variable: Show more |
string |
|
The port number. Refers to the container port. Environment variable: Show more |
int |
|
The host port. Environment variable: Show more |
int |
|
The application path (refers to web application path). Environment variable: Show more |
string |
|
The protocol. Environment variable: Show more |
|
|
Environment variable: |
int |
|
If enabled, the port will be configured to use the schema HTTPS. Environment variable: Show more |
boolean |
|
Image pull policy. Environment variable: Show more |
|
|
The image pull secret Environment variable: Show more |
list of string |
|
The port number to use when configuring the Environment variable: Show more |
int |
|
The port name for selecting the port of the Environment variable: Show more |
string |
|
The http path to use for the probe. For this to work, the container port also needs to be set. Assuming the container port has been set (as per above comment), if execAction or tcpSocketAction are not set, an HTTP probe will be used automatically even if no path is set (which will result in the root path being used). If Smallrye Health is used, the path will automatically be set according to the health check path. Environment variable: Show more |
string |
|
The scheme of the Environment variable: Show more |
string |
|
The command to use for the probe. Environment variable: Show more |
string |
|
The tcp socket to use for the probe (the format is host:port). Environment variable: Show more |
string |
|
The gRPC port to use for the probe (the format is either port or port:service). Environment variable: Show more |
string |
|
If enabled and Environment variable: Show more |
boolean |
|
The amount of time to wait before starting to probe. Environment variable: Show more |
|
|
The period in which the action should be called. Environment variable: Show more |
|
|
The amount of time to wait for each action. Environment variable: Show more |
|
|
The success threshold to use. Environment variable: Show more |
int |
|
The failure threshold to use. Environment variable: Show more |
int |
|
The port number to use when configuring the Environment variable: Show more |
int |
|
The port name for selecting the port of the Environment variable: Show more |
string |
|
The http path to use for the probe. For this to work, the container port also needs to be set. Assuming the container port has been set (as per above comment), if execAction or tcpSocketAction are not set, an HTTP probe will be used automatically even if no path is set (which will result in the root path being used). If Smallrye Health is used, the path will automatically be set according to the health check path. Environment variable: Show more |
string |
|
The scheme of the Environment variable: Show more |
string |
|
The command to use for the probe. Environment variable: Show more |
string |
|
The tcp socket to use for the probe (the format is host:port). Environment variable: Show more |
string |
|
The gRPC port to use for the probe (the format is either port or port:service). Environment variable: Show more |
string |
|
If enabled and Environment variable: Show more |
boolean |
|
The amount of time to wait before starting to probe. Environment variable: Show more |
|
|
The period in which the action should be called. Environment variable: Show more |
|
|
The amount of time to wait for each action. Environment variable: Show more |
|
|
The success threshold to use. Environment variable: Show more |
int |
|
The failure threshold to use. Environment variable: Show more |
int |
|
The name of the volumeName to mount. Environment variable: Show more |
string |
|
The path to mount. Environment variable: Show more |
string |
|
Path within the volumeName from which the container’s volumeName should be mounted. Environment variable: Show more |
string |
|
ReadOnly Environment variable: Show more |
boolean |
|
CPU Requirements Environment variable: Show more |
string |
|
Memory Requirements Environment variable: Show more |
string |
|
CPU Requirements Environment variable: Show more |
string |
|
Memory Requirements Environment variable: Show more |
string |
|
The optional list of Secret names to load environment variables from. Environment variable: Show more |
list of string |
|
The optional list of ConfigMap names to load environment variables from. Environment variable: Show more |
list of string |
|
The map associating environment variable names to their associated field references they take their value from. Environment variable: Show more |
|
|
The map associating environment name to its associated value. Environment variable: Show more |
|
|
The optional name of the Secret from which a value is to be extracted. Mutually exclusive with Environment variable: Show more |
string |
|
The optional name of the ConfigMap from which a value is to be extracted. Mutually exclusive with Environment variable: Show more |
string |
|
The key identifying the field from which the value is extracted. Environment variable: Show more |
string |
required |
The container image. Environment variable: Show more |
string |
|
Working directory. Environment variable: Show more |
string |
|
The commands Environment variable: Show more |
list of string |
|
The arguments Environment variable: Show more |
list of string |
|
The service account. Environment variable: Show more |
string |
|
The host under which the application is going to be exposed. Environment variable: Show more |
string |
|
The port number. Refers to the container port. Environment variable: Show more |
int |
|
The host port. Environment variable: Show more |
int |
|
The application path (refers to web application path). Environment variable: Show more |
string |
|
The protocol. Environment variable: Show more |
|
|
Environment variable: |
int |
|
If enabled, the port will be configured to use the schema HTTPS. Environment variable: Show more |
boolean |
|
Image pull policy. Environment variable: Show more |
|
|
The image pull secret Environment variable: Show more |
list of string |
|
The port number to use when configuring the Environment variable: Show more |
int |
|
The port name for selecting the port of the Environment variable: Show more |
string |
|
The http path to use for the probe. For this to work, the container port also needs to be set. Assuming the container port has been set (as per above comment), if execAction or tcpSocketAction are not set, an HTTP probe will be used automatically even if no path is set (which will result in the root path being used). If Smallrye Health is used, the path will automatically be set according to the health check path. Environment variable: Show more |
string |
|
The scheme of the Environment variable: Show more |
string |
|
The command to use for the probe. Environment variable: Show more |
string |
|
The tcp socket to use for the probe (the format is host:port). Environment variable: Show more |
string |
|
The gRPC port to use for the probe (the format is either port or port:service). Environment variable: Show more |
string |
|
If enabled and Environment variable: Show more |
boolean |
|
The amount of time to wait before starting to probe. Environment variable: Show more |
|
|
The period in which the action should be called. Environment variable: Show more |
|
|
The amount of time to wait for each action. Environment variable: Show more |
|
|
The success threshold to use. Environment variable: Show more |
int |
|
The failure threshold to use. Environment variable: Show more |
int |
|
The port number to use when configuring the Environment variable: Show more |
int |
|
The port name for selecting the port of the Environment variable: Show more |
string |
|
The http path to use for the probe. For this to work, the container port also needs to be set. Assuming the container port has been set (as per above comment), if execAction or tcpSocketAction are not set, an HTTP probe will be used automatically even if no path is set (which will result in the root path being used). If Smallrye Health is used, the path will automatically be set according to the health check path. Environment variable: Show more |
string |
|
The scheme of the Environment variable: Show more |
string |
|
The command to use for the probe. Environment variable: Show more |
string |
|
The tcp socket to use for the probe (the format is host:port). Environment variable: Show more |
string |
|
The gRPC port to use for the probe (the format is either port or port:service). Environment variable: Show more |
string |
|
If enabled and Environment variable: Show more |
boolean |
|
The amount of time to wait before starting to probe. Environment variable: Show more |
|
|
The period in which the action should be called. Environment variable: Show more |
|
|
The amount of time to wait for each action. Environment variable: Show more |
|
|
The success threshold to use. Environment variable: Show more |
int |
|
The failure threshold to use. Environment variable: Show more |
int |
|
The name of the volumeName to mount. Environment variable: Show more |
string |
|
The path to mount. Environment variable: Show more |
string |
|
Path within the volumeName from which the container’s volumeName should be mounted. Environment variable: Show more |
string |
|
ReadOnly Environment variable: Show more |
boolean |
|
CPU Requirements Environment variable: Show more |
string |
|
Memory Requirements Environment variable: Show more |
string |
|
CPU Requirements Environment variable: Show more |
string |
|
Memory Requirements Environment variable: Show more |
string |
|
The optional list of Secret names to load environment variables from. Environment variable: Show more |
list of string |
|
The optional list of ConfigMap names to load environment variables from. Environment variable: Show more |
list of string |
|
The map associating environment variable names to their associated field references they take their value from. Environment variable: Show more |
|
|
The map associating environment name to its associated value. Environment variable: Show more |
|
|
The optional name of the Secret from which a value is to be extracted. Mutually exclusive with Environment variable: Show more |
string |
|
The optional name of the ConfigMap from which a value is to be extracted. Mutually exclusive with Environment variable: Show more |
string |
|
The key identifying the field from which the value is extracted. Environment variable: Show more |
string |
required |
The ip address Environment variable: Show more |
string |
|
The hostnames to resolve to the ip Environment variable: Show more |
list of string |
|
Custom annotations to add to exposition (route or ingress) resources Environment variable: Show more |
|
|
The name of the role. Environment variable: Show more |
string |
|
The namespace of the role. Environment variable: Show more |
string |
|
Labels to add into the Role resource. Environment variable: Show more |
|
|
API groups of the policy rule. Environment variable: Show more |
list of string |
|
Non resource URLs of the policy rule. Environment variable: Show more |
list of string |
|
Resource names of the policy rule. Environment variable: Show more |
list of string |
|
Resources of the policy rule. Environment variable: Show more |
list of string |
|
Verbs of the policy rule. Environment variable: Show more |
list of string |
|
The name of the cluster role. Environment variable: Show more |
string |
|
Labels to add into the ClusterRole resource. Environment variable: Show more |
|
|
API groups of the policy rule. Environment variable: Show more |
list of string |
|
Non resource URLs of the policy rule. Environment variable: Show more |
list of string |
|
Resource names of the policy rule. Environment variable: Show more |
list of string |
|
Resources of the policy rule. Environment variable: Show more |
list of string |
|
Verbs of the policy rule. Environment variable: Show more |
list of string |
|
The name of the service account. Environment variable: Show more |
string |
|
The namespace of the service account. Environment variable: Show more |
string |
|
Labels of the service account. Environment variable: Show more |
|
|
If true, this service account will be used in the generated Deployment resource. Environment variable: Show more |
boolean |
|
Name of the RoleBinding resource to be generated. If not provided, it will use the application name plus the role ref name. Environment variable: Show more |
string |
|
Labels to add into the RoleBinding resource. Environment variable: Show more |
|
|
The name of the Role resource to use by the RoleRef element in the generated Role Binding resource. By default, it’s "view" role name. Environment variable: Show more |
string |
|
If the Role sets in the Environment variable: Show more |
boolean |
|
The "name" resource to use by the Subject element in the generated Role Binding resource. Environment variable: Show more |
string |
|
The "kind" resource to use by the Subject element in the generated Role Binding resource. By default, it uses the "ServiceAccount" kind. Environment variable: Show more |
string |
|
The "apiGroup" resource that matches with the "kind" property. By default, it’s empty. Environment variable: Show more |
string |
|
The "namespace" resource to use by the Subject element in the generated Role Binding resource. By default, it will use the same as provided in the generated resources. Environment variable: Show more |
string |
|
Name of the ClusterRoleBinding resource to be generated. If not provided, it will use the application name plus the role ref name. Environment variable: Show more |
string |
|
Labels to add into the RoleBinding resource. Environment variable: Show more |
|
|
The name of the ClusterRole resource to use by the RoleRef element in the generated ClusterRoleBinding resource. Environment variable: Show more |
string |
required |
The "name" resource to use by the Subject element in the generated Role Binding resource. Environment variable: Show more |
string |
|
The "kind" resource to use by the Subject element in the generated Role Binding resource. By default, it uses the "ServiceAccount" kind. Environment variable: Show more |
string |
|
The "apiGroup" resource that matches with the "kind" property. By default, it’s empty. Environment variable: Show more |
string |
|
The "namespace" resource to use by the Subject element in the generated Role Binding resource. By default, it will use the same as provided in the generated resources. Environment variable: Show more |
string |
|
The map associating environment variable names to their associated field references they take their value from. Environment variable: Show more |
|
|
The map associating environment name to its associated value. Environment variable: Show more |
|
|
The optional name of the Secret from which a value is to be extracted. Mutually exclusive with Environment variable: Show more |
string |
|
The optional name of the ConfigMap from which a value is to be extracted. Mutually exclusive with Environment variable: Show more |
string |
|
The key identifying the field from which the value is extracted. Environment variable: Show more |
string |
required |
If true, the init task will be generated. Otherwise, the init task resource generation will be skipped. Environment variable: Show more |
boolean |
|
The init task image to use by the init-container. Environment variable: Show more |
string |
|
About the Duration format
To write duration values, use the standard You can also use a simplified format, starting with a number:
In other cases, the simplified format is translated to the
|