#jinja2: trim_blocks: "true", lstrip_blocks: "false" --- apiVersion: v1 kind: Template metadata: name: {{ kaas_project }}-pods annotations: descriptions: {{ kaas_project_config.description | default(kaas_project ~ "auto-generated pod template") }} objects: {% for name, pod in (kaas_project_config.pods | default(kaas_openshift_volumes)).iteritems() %} {% set pubkey = "kaas_" ~ name ~ "_pubkey" %} {% set privkey = "kaas_" ~ name ~ "_privkey" %} {% set cakey = "kaas_" ~ name ~ "_ca" %} {% if pod.variant is defined %} {% set pod = pod[pod.variant] %} {% endif %} {% if pod.service is defined %} - apiVersion: v1 kind: Service metadata: name: {{ pod.name | default(name) }} spec: selector: name: {{ pod.name | default(name) }} {% if pod.service.ports is defined %} ports: {% for port in pod.service.ports %} {% set portmap = (port | string).split('/') %} - name: "{{ portmap[0] }}" port: {{ portmap[0] }} targetPort: {{ (portmap[1] is defined) | ternary(portmap[1], portmap[0]) }} {% endfor %} {% endif %} {% if (pod.service.ports is defined) and (pod.service.host is defined) %} {% set first_port = (pod.service.ports[0] | string).split('/') %} - apiVersion: v1 kind: Route metadata: name: {{ pod.name | default(name) }} spec: host: {{ pod.service.host }} to: kind: Service name: {{ pod.name | default(name) }} port: targetPort: {{ (first_port[1] is defined) | ternary(first_port[1], first_port[0]) }} {% if (first_port[0] == "80") %} tls: termination: edge insecureEdgeTerminationPolicy: Allow {% if hostvars[inventory_hostname][pubkey] is defined %} certificate: |- {{ hostvars[inventory_hostname][pubkey] | indent(10) }} {% endif %} {% if hostvars[inventory_hostname][privkey] is defined %} key: |- {{ hostvars[inventory_hostname][privkey] | indent(10) }} {% endif %} {% if hostvars[inventory_hostname][cakey] is defined %} caCertificate: |- {{ hostvars[inventory_hostname][cakey] | indent(10) }} {% endif %} {% endif %} {% endif %} {% endif %} - apiVersion: v1 kind: DeploymentConfig metadata: name: {{ pod.name | default(name) }} spec: replicas: {{ pod.sched.replicas | default(1) }} revisionHistoryLimit: 2 strategy: type: {{ pod.sched.strategy | default('Rolling') }} triggers: - type: ConfigChange selector: name: {{ pod.name | default(name) }} template: metadata: name: {{ pod.name | default(name) }} labels: name: {{ pod.name | default(name) }} spec: {% if pod.selector is defined %} nodeSelector: {% for skey, sval in pod.selector.iteritems() %} {{ skey }}: "{{ sval }}" {% endfor %} {% endif %} {% set mappings = (pod.images | json_query('[*].mappings') | length) %} {% if mappings > 0 %} volumes: {% for img in pod.images %} {% set imgidx = loop.index %} {% for vol in img.mappings %} {% set oc_name = vol.name | default(name) | regex_replace('_','-') %} - name: vol-{{imgidx}}-{{loop.index}} persistentVolumeClaim: claimName: {{ oc_name }} {% endfor %} {% endfor %} {% endif %} {% if (pod.groups is defined) or (pod.run_as is defined) %} securityContext: {% if (pod.run_as is defined) %} {% if (kaas_project_config.uids | default(kaas_openshift_uids))[pod.run_as] is defined %} - {{ (kaas_project_config.uids | default(kaas_openshift_uids))[pod.run_as].id }} {% else %} - {{ pod.run_as }} {% endif %} {% endif %} {% if (pod.groups is defined) %} supplementalGroups: {% for group in pod.groups %} {% if (kaas_project_config.gids | default(kaas_openshift_gids))[group] is defined %} - {{ (kaas_project_config.gids | default(kaas_openshift_gids))[group].id }} {% else %} - {{ group }} {% endif %} {% endfor %} {% endif %} {% endif %} containers: {% for img in pod.images %} {% set imgidx = loop.index %} - name: {{ img.name | default(pod.name) | default(name) }} image: {{ img.image }} imagePullPolicy: Always ports: {% if img.ports is defined %} {% for port in img.ports %} - containerPort: {{ port }} {% endfor %} {% else %} {% for port in pod.service.ports %} {% set portmap = (port | string).split('/') %} - containerPort: {{ (portmap[1] is defined) | ternary(portmap[1], portmap[0]) }} {% endfor %} {% endif %} {% if img.env is defined %} env: {% for env_item in img.env %} {% set env_name = env_item.name %} {% set env_val = env_item.value %} {% set env_parts = (env_val | string).split('@') %} - name: "{{ env_name }}" {% if env_parts[0] == "secret" %} {% set env_sec = (env_parts[1] | string).split('/') %} valueFrom: secretKeyRef: name: {{ env_sec[0] }} key: {{ env_sec[1] }} {% elif env_parts[0] == "cm" %} {% set env_cm = (env_parts[1] | string).split('/') %} valueFrom: configMapKeyRef: name: {{ env_cm[0] }} key: {{ env_cm[1] }} {% else %} value: "{{ env_val }}" {% endif %} {% endfor %} {% endif %} {% if img.mappings is defined %} volumeMounts: {% for vol in img.mappings %} - name: vol-{{imgidx}}-{{loop.index}} subPath: {{ vol.path | default("") }} mountPath: {{ vol.mount }} {% endfor %} {% endif %} {% if img.probes is defined %} {% for probe in img.probes %} {% if (probe.type is undefined) %} {% set seq = ['livenessProbe', 'readinessProbe'] %} {% elif (probe.type == "liveness") %} {% set seq = ['livenessProbe'] %} {% else %} {% set seq = ['readinessProbe'] %} {% endif %} {% for type in seq %} {{ type }}: timeoutSeconds: {{ probe.timeout | default(1) }} initialDelaySeconds: {{ probe.delay | default(10) }} {% if (probe.cmd is defined) %} command: "{{ probe.cmd }}" {% elif (probe.path is defined) %} httpGet: path: {{ probe.path }} port: {{ probe.port | default(80) }} {% else %} tcpSocket: port: {{ probe.port | default(80) }} {% endif %} {% endfor %} {% endfor %} {% endif %} {% endfor %} {% endfor %}