diff --git a/grafana/grafana-template.yaml b/grafana/grafana-template.yaml new file mode 100644 index 0000000..b9ddf70 --- /dev/null +++ b/grafana/grafana-template.yaml @@ -0,0 +1,246 @@ +apiVersion: v1 +kind: Template +labels: + template: grafana +message: See https://github.com/nmasse-itix/OpenShift-Docker-Images/tree/master/grafana for more details. +metadata: + annotations: + description: |- + A grafana distribution for OpenShift. + openshift.io/display-name: Grafana + tags: instant-app + template.openshift.io/documentation-url: https://github.com/nmasse-itix/OpenShift-Docker-Images/tree/master/grafana + template.openshift.io/long-description: A grafana distribution for OpenShift. + template.openshift.io/provider-display-name: Nicolas Massé + template.openshift.io/support-url: https://github.com/nmasse-itix/OpenShift-Docker-Images/issues + name: grafana +objects: + +- apiVersion: v1 + kind: Secret + metadata: + name: oauth-proxy + namespace: "${NAMESPACE}" + labels: + template: grafana + stringData: + session_secret: "${SESSION_SECRET}=" + +- apiVersion: v1 + kind: ServiceAccount + metadata: + name: grafana + namespace: ${NAMESPACE} + labels: + template: grafana + annotations: + serviceaccounts.openshift.io/oauth-redirectreference.proxy: '{"kind":"OAuthRedirectReference","apiVersion":"v1","reference":{"kind":"Route","name":"grafana"}}' + secrets: + +- apiVersion: v1 + kind: ImageStream + metadata: + labels: + build: grafana + template: grafana + name: grafana + +- apiVersion: v1 + kind: BuildConfig + metadata: + name: grafana + labels: + build: grafana + template: grafana + namespace: ${NAMESPACE} + spec: + successfulBuildsHistoryLimit: 1 + failedBuildsHistoryLimit: 1 + nodeSelector: null + output: + to: + kind: ImageStreamTag + name: grafana:latest + namespace: ${NAMESPACE} + postCommit: {} + resources: {} + runPolicy: Serial + source: + git: + uri: ${GIT_REPO} + type: Git + contextDir: grafana + strategy: + dockerStrategy: + from: + kind: ImageStreamTag + name: ${RHEL_IMAGE_STREAM_TAG} + namespace: ${RHEL_IMAGE_STREAM_NAMESPACE} + type: Docker + triggers: + - type: ConfigChange + - type: ImageChange + +- apiVersion: v1 + kind: DeploymentConfig + metadata: + labels: + app: grafana + template: grafana + name: grafana + namespace: ${NAMESPACE} + spec: + replicas: 1 + selector: + app: grafana + deploymentconfig: grafana + strategy: + activeDeadlineSeconds: 21600 + resources: {} + type: Recreate + template: + metadata: + creationTimestamp: null + labels: + app: grafana + deploymentconfig: grafana + template: grafana + spec: + containers: + - image: " " + imagePullPolicy: IfNotPresent + name: grafana + ports: + - containerPort: 3000 + protocol: TCP + resources: {} + securityContext: {} + terminationMessagePath: /dev/termination-log + - image: ${PROXY_IMAGE} + imagePullPolicy: IfNotPresent + name: proxy + args: + - --provider=openshift + - --https-address=:8443 + - --http-address= + - --upstream=http://localhost:3000 + - --openshift-service-account=grafana + - '--openshift-sar={"resource": "namespaces", "verb": "get", "resourceName": "${NAMESPACE}", "namespace": "${NAMESPACE}"}' + - --tls-cert=/etc/tls/private/tls.crt + - --tls-key=/etc/tls/private/tls.key + - --client-secret-file=/var/run/secrets/kubernetes.io/serviceaccount/token + - --cookie-secret-file=/etc/proxy/secrets/session_secret + - --openshift-ca=/etc/pki/tls/cert.pem + - --openshift-ca=/var/run/secrets/kubernetes.io/serviceaccount/ca.crt + ports: + - containerPort: 8443 + name: web + protocol: TCP + resources: {} + securityContext: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /etc/tls/private + name: tls + - mountPath: /etc/proxy/secrets + name: secrets + dnsPolicy: ClusterFirst + terminationGracePeriodSeconds: 30 + restartPolicy: Always + serviceAccountName: grafana + volumes: + - name: secrets + secret: + secretName: oauth-proxy + - name: tls + secret: + secretName: grafana-tls + test: false + triggers: + - type: ConfigChange + - type: ImageChange + imageChangeParams: + automatic: true + containerNames: + - grafana + from: + kind: ImageStreamTag + name: grafana:latest + +- apiVersion: v1 + kind: Service + metadata: + labels: + app: grafana + template: grafana + name: grafana + namespace: ${NAMESPACE} + annotations: + service.alpha.openshift.io/serving-cert-secret-name: grafana-tls + spec: + ports: + - name: proxy + port: 8443 + protocol: TCP + targetPort: 8443 + selector: + app: grafana + deploymentconfig: grafana + sessionAffinity: None + type: ClusterIP + +- apiVersion: v1 + kind: Route + metadata: + labels: + app: grafana + template: grafana + name: grafana + namespace: ${NAMESPACE} + spec: + host: ${GRAFANA_ROUTE_HOSTNAME} + port: + targetPort: 3000-tcp + to: + kind: Service + name: grafana + weight: 100 + wildcardPolicy: None + +## +## Template Parameters +## +parameters: +- description: The GIT repository to use. + displayName: GIT Repo URL + name: GIT_REPO + value: https://github.com/nmasse-itix/OpenShift-Docker-Images.git + +- description: The OpenShift Namespace where the RHEL ImageStream resides. + displayName: RHEL ImageStream Namespace + name: RHEL_IMAGE_STREAM_NAMESPACE + value: openshift + +- description: Name of the ImageStreamTag to be used for the RHEL image. + displayName: RHEL ImageStreamTag + name: RHEL_IMAGE_STREAM_TAG + value: rhel7:latest + +- description: The Docker image to use for the OAuth Proxy. + displayName: OAuth Proxy image + name: PROXY_IMAGE + value: openshift3/oauth-proxy:v3.7 + +- description: The desired hostname of the route to the Grafana service. + displayName: Hostname of the Grafana Service + name: GRAFANA_ROUTE_HOSTNAME + +- description: The session secret for the proxy + name: SESSION_SECRET + generate: expression + from: "[a-zA-Z0-9]{43}" + +- description: The namespace to instantiate Grafana under. Defaults to 'openshift-metrics'. + name: NAMESPACE + value: openshift-metrics