写在前面

  • 因为参加考试,会陆续分享一些 OpenShift 的笔记
  • 博文内容为介绍 openshift 不同的创建应用的方式,包括:
    • 基于 IS 创建应用
    • 基于镜像创建应用
    • 基于源码和 image 创建应用
    • 基于源码和 IS 创建应用
    • 基于模板创建应用
  • 学习环境为 openshift v3 的版本,有些旧
  • 这里如果专门学习 openshift ,建议学习 v4 版本
  • 理解不足小伙伴帮忙指正

对每个人而言,真正的职责只有一个:找到自我。然后在心中坚守其一生,全心全意,永不停息。所有其它的路都是不完整的,是人的逃避方式,是对大众理想的懦弱回归,是随波逐流,是对内心的恐惧 ——赫尔曼·黑塞《德米安》

应用创建

为了在 OpenShift 中创建新应用程序,您可以使用 oc new-app 命令创建应用,使用 --strategy 标志来指定要使用的构建策略。–strategy 标志可以采用多个值,包括:

  • docker:此策略从 Dockerfile 构建应用程序。
  • source:此策略使用 Source-to-Image (S2I) 工具从源代码构建应用程序。
  • pipeline:此策略使用 Jenkins 管道构建应用程序。

使用了 –strategy=source 标志,这意味着 OpenShift 将使用 S2I 工具从源代码构建应用程序。S2I 是 OpenShift 中的一个工具,它允许开发人员从他们的源代码构建可重现的 Docker 镜像。S2I 通过提供构建和运行容器应用程序的框架简化了构建镜像的过程。

S2I 的工作原理是将您的源代码与基础镜像结合起来创建一个新的镜像,该镜像可以在容器中运行。基础镜像为您的应用程序提供运行时环境,而源代码则提供应用程序代码。S2I 还允许您通过提供可以在构建过程中运行的脚本来自定义构建过程。

要在 OpenShift 中创建 S2I 构建,您可以使用 oc new-app 命令和 –strategy=source 标志。这将创建一个新的构建配置,该配置使用 S2I 构建您的应用程序。然后,您可以将源代码推送到构建配置中,OpenShift 将自动为您构建一个新的镜像。

以下是使用 oc new-app 命令在 OpenShift 中创建 S2I 构建的示例:

基于 IS 创建应用

$ ocnew-app--name=mysql -imysql:latest-eMYSQL_ROOT_PASSWORD=redhat

使用 -i, --image-stream 指定 IS 的镜像位置

要在 OpenShift 上创建一个基于 ImageStream (IS) 的应用,可以按照以下步骤进行操作:

  1. 创建一个新项目或选择一个现有项目。
  2. 运行以下命令创建一个 ImageStream:
 # 这将在当前项目中创建一个指定名称的新 ImageStream。 oc create is <imagestream-name>
  1. 运行以下命令将镜像导入 ImageStream:
 #这将从指定的 URL 导入镜像到 ImageStream 中。 oc import-image <imagestream-name> --from=<image-url> --confirm
  1. 运行以下命令创建一个新应用:
 oc new-app -i <imagestream-name>

这将创建一个基于 ImageStream 的新应用程序。

在此过程中,将自动生成多个 API 资源对象,包括:

  • ImageStream
  • ImageStreamTag
  • DeploymentConfig
  • Deployment
  • Replicationcontroller
  • Replicaset
  • Service
  • Route(路由对象需要手动创建)

当镜像被导入 ImageStream 时,将创建 ImageStreamImageStreamTag 资源。当创建新应用程序时,将创建 DeploymentConfig、Service 和 Route 资源。

这里我们看一个 Demo,创建一个 ImageStream:

┌──[root@vms16.liruilongs.github.io]-[~]└─$ oc create is myimagestreamimagestream.image.openshift.io/myimagestream created

将镜像导入 ImageStream:

┌──[root@vms16.liruilongs.github.io]-[~]└─$ oc import-image myimagestream --from=docker.io/nginx --confirmimagestream.image.openshift.io/myimagestream importedName: myimagestreamNamespace:myprojectCreated:14 seconds agoLabels: <none>Annotations:openshift.io/image.dockerRepositoryCheck=2023-04-16T03:21:19ZDocker Pull Spec: 172.30.1.1:5000/myproject/myimagestreamImage Lookup: local=falseUnique Images:1Tags: 1latesttagged from docker.io/nginx* docker.io/nginx@sha256:f2fee5c7194cbbfb9d2711fa5de094c797a42a51aa42b0c8ee8ca31547c872b1Less than a second agoImage Name: myimagestream:latestDocker Image: docker.io/nginx@sha256:f2fee5c7194cbbfb9d2711fa5de094c797a42a51aa42b0c8ee8ca31547c872b1Name: sha256:f2fee5c7194cbbfb9d2711fa5de094c797a42a51aa42b0c8ee8ca31547c872b1Created:Less than a second agoAnnotations:image.openshift.io/dockerLayersOrder=ascendingImage Size: 57.01MB in 6 layersLayers: 31.42MB sha256:26c5c85e47da3022f1bdb9a112103646c5c29517d757e95426f16e4bd953340525.58MB sha256:4f3256bdf66bf00bcec08043e67a80981428f0e0de12f963eac3c753b14d101d626Bsha256:2019c71d56550b97ce01e0b6ef8e971fec705186f2927d2cb109ac3e18edb0ac958Bsha256:8c767bdbc9aedd4bbf276c6f28aad18251cceacb768967c5702974ae1eac23cd773Bsha256:78e14bb05fd35b58587cd0c5ca2c2eb12b15031633ec30daa21c0ea3d2bb2a151.406kB sha256:75576236abf5959ff23b741ed8c4786e244155b9265db5e6ecda9d8261de529fImage Created:3 days agoAuthor: <none>Arch: amd64Entrypoint: /docker-entrypoint.shCommand:nginx -g daemon off;Working Dir:<none>User: <none>Exposes Ports:80/tcpDocker Labels:maintainer=NGINX Docker Maintainers <docker-maint@nginx.com>Environment:PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/binNGINX_VERSION=1.23.4NJS_VERSION=0.7.11PKG_RELEASE=1~bullseye

基于 ImageStream 创建一个新应用程序:

┌──[root@vms16.liruilongs.github.io]-[~]└─$ oc new-app myimagestream--> Found image 6efc10a (3 days old) in image stream "myproject/myimagestream" under tag "latest" for "myimagestream"* This image will be deployed in deployment config "myimagestream"* Port 80/tcp will be load balanced by service "myimagestream"* Other containers can access this service through the hostname "myimagestream"* WARNING: Image "myproject/myimagestream:latest" runs as the 'root' user which may not be permitted by your cluster administrator--> Creating resources ...deploymentconfig.apps.openshift.io "myimagestream" createdservice "myimagestream" created--> SuccessApplication is not exposed. You can expose services to the outside world by executing one or more of the commands below: 'oc expose svc/myimagestream'Run 'oc status' to view your app.

默认生成的资源,可以看到通过 IS 创建应用会生成

┌──[root@vms16.liruilongs.github.io]-[~]└─$oc get allNAME READY STATUSRESTARTS AGEpod/myimagestream-1-9gfgs0/1 ContainerCreating 023spod/myimagestream-1-deploy 1/1 Running 024sNAMEDESIRED CURRENT READY AGEreplicationcontroller/myimagestream-1 1 1 0 24sNAMETYPECLUSTER-IP EXTERNAL-IP PORT(S) AGEservice/myimagestream ClusterIP 172.30.226.178 <none>80/TCP24sNAMEDESIRED CURRENT UP-TO-DATE AVAILABLE AGEdeployment.apps/testpod 0 0 00 322dNAME DESIRED CURRENT READY AGEreplicaset.apps/testpod-6fd8cb8d9f 0 0 0 322dNAME REVISION DESIRED CURRENT TRIGGERED BYdeploymentconfig.apps.openshift.io/myimagestream 11 1 config,image(myimagestream:latest)NAME DOCKER REPO TAGSUPDATEDimagestream.image.openshift.io/myimagestream 172.30.1.1:5000/myproject/myimagestream latest46 seconds ago┌──[root@vms16.liruilongs.github.io]-[~]└─$

基于镜像创建应用

$ ocnew-app --docker-image=registry.lab.example.com/openshift/hello-openshift --name=hello

在 OpenShift 上基于 Docker 镜像创建应用,可以使用oc new-app命令。该命令将基于提供的 Docker 镜像创建新的应用程序和构建配置。

在创建过程中,OpenShift 将自动生成多个 API 资源对象,包括

  • DeploymentConfig
  • ImageStream
  • Replicationcontroller
  • Service
  • router(路由需要自己创建)
    这些对象用于管理应用程序及其相关资源。

看一个Demo

[root@master ~]# oc project samplesNow using project "samples" on server "https://master.lab.example.com:443".

在创建的项目下通过镜像构建应用

[root@master ~]# oc new-app --docker-image=registry.lab.example.com/openshift/hello-openshift --name=greeter--> Found Docker image 7af3297 (4 years old) from registry.lab.example.com for "registry.lab.example.com/openshift/hello-openshift"* An image stream will be created as "greeter:latest" that will track this image* This image will be deployed in deployment config "greeter"* Ports 8080/tcp, 8888/tcp will be load balanced by service "greeter"* Other containers can access this service through the hostname "greeter"--> Creating resources ...imagestream "greeter" createddeploymentconfig "greeter" createdservice "greeter" created--> SuccessApplication is not exposed. You can expose services to the outside world by executing one or more of the commands below: 'oc expose svc/greeter'Run 'oc status' to view your app.

查看创建过程

[root@master ~]# oc statusIn project samples on server https://master.lab.example.com:443svc/greeter - 172.30.106.99 ports 8080, 8888dc/greeter deploys istag/greeter:latestdeployment #1 deployed 9 seconds ago - 1 pod2 infos identified, use 'oc status -v' to see details.[root@master ~]# oc status -vIn project samples on server https://master.lab.example.com:443svc/greeter - 172.30.106.99 ports 8080, 8888dc/greeter deploys istag/greeter:latestdeployment #1 deployed about a minute ago - 1 podInfo:* dc/greeter has no readiness probe to verify pods are ready to accept traffic or ensure deployment is successful.try: oc set probe dc/greeter --readiness ...* dc/greeter has no liveness probe to verify pods are still running.try: oc set probe dc/greeter --liveness ...View details with 'oc describe /' or list everything with 'oc get all'.

查看通镜像直接构建生成的 API 资源对象

[root@master ~]# oc get allNAMEREVISION DESIRED CURRENT TRIGGERED BYdeploymentconfigs/greeter 11 1 config,image(greeter:latest)NAME DOCKER REPOTAGSUPDATEDimagestreams/greeter docker-registry.default.svc:5000/samples/greeter latestAbout a minute agoNAME READY STATUSRESTARTS AGEpo/greeter-1-gm5qg 1/1 Running 01mNAME DESIRED CURRENT READY AGErc/greeter-1 1 1 1 1mNAMETYPECLUSTER-IPEXTERNAL-IP PORT(S) AGEsvc/greeter ClusterIP 172.30.106.99 <none>8080/TCP,8888/TCP 1m[root@master ~]#

有些路由可能需要 TSL 等

[root@master ~]# ./gencert.sh greeter.apps.lab.example.comGenerating a private key...Generating RSA private key, 2048 bit long modulus............................................................................................+++....................+++e is 65537 (0x10001)Generating a CSR...Generating a certificate...Signature oksubject=/C=US/ST=NC/L=Raleigh/O=RedHat/OU=RHT/CN=greeter.apps.lab.example.comGetting Private keyDONE.

创建一个支持 https 的路由

[root@master ~]# oc get svcNAMETYPECLUSTER-IPEXTERNAL-IP PORT(S) AGEgreeter ClusterIP 172.30.106.99 <none>8080/TCP,8888/TCP 6m[root@master ~]# oc create route edge --service=greeter--hostname=greeter.apps.lab.example.com --key=greeter.apps.lab.example.com.key --cert=greeter.apps.lab.example.com.crtroute "greeter" created[root@master ~]# oc get routeNAMEHOST/PORTPATHSERVICES PORT TERMINATION WILDCARDgreeter greeter.apps.lab.example.com greeter8080-tcp edgeNone[root@master ~]# curl greeter.apps.lab.example.com

生成证书文件

[root@master ~]# cat gencert.sh#!/bin/bashecho "Generating a private key..."openssl genrsa -out $1.key 2048echoecho "Generating a CSR..."openssl req -new -key $1.key -out $1.csr -subj "/C=US/ST=NC/L=Raleigh/O=RedHat/OU=RHT/CN=$1"echoecho "Generating a certificate..."openssl x509 -req -days 366 -in $1.csr -signkey $1.key -out $1.crtechoecho"DONE."echo[root@master ~]#

基于源码和 image 创建应用

[root@master ~]# oc new-app registry.lab.example.com/rhscl/php-70-rhel7~http://services.lab.example.com/php-helloworld--> Found Docker image c101534 (5 years old) from registry.lab.example.com for "registry.lab.example.com/rhscl/php-70-rhel7"Apache 2.4 with PHP 7.0-----------------------PHP 7.0 available as docker container is a base platform for building and running various PHP 7.0 applications and frameworks. PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fairly simple. The most common use of PHP coding is probably as a replacement for CGI scripts.Tags: builder, php, php70, rh-php70* An image stream will be created as "php-70-rhel7:latest" that will track the source image* A source build using source code from http://services.lab.example.com/php-helloworld will be created* The resulting image will be pushed to image stream "php-helloworld:latest"* Every time "php-70-rhel7:latest" changes a new build will be triggered* This image will be deployed in deployment config "php-helloworld"* Port 8080/tcp will be load balanced by service "php-helloworld"* Other containers can access this service through the hostname "php-helloworld"--> Creating resources ...imagestream "php-70-rhel7" createdimagestream "php-helloworld" createdbuildconfig "php-helloworld" createddeploymentconfig "php-helloworld" createdservice "php-helloworld" created--> SuccessBuild scheduled, use 'oc logs -f bc/php-helloworld' to track its progress.Application is not exposed. You can expose services to the outside world by executing one or more of the commands below: 'oc expose svc/php-helloworld'Run 'oc status' to view your app.[root@master ~]# oc logs -f bc/php-helloworldCloning "http://services.lab.example.com/php-helloworld" ...Commit: 6d61e75647124d02aa761f994532ef29eae46f8e (Establish remote repository)Author: root <root@services.lab.example.com>Date: Thu Aug 9 11:33:29 2018 -0700---> Installing application source...Pushing image docker-registry.default.svc:5000/rome/php-helloworld:latest ...Pushed 0/6 layers, 1% completePushed 1/6 layers, 25% completePushed 2/6 layers, 42% completePushed 3/6 layers, 59% completePushed 4/6 layers, 81% completePushed 5/6 layers, 100% completePushed 6/6 layers, 100% completePush successful[root@master ~]#
[root@master ~]# oc get allNAME REVISION DESIRED CURRENT TRIGGERED BYdeploymentconfigs/php-helloworld 11 1 config,image(php-helloworld:latest)NAMETYPEFROMLATESTbuildconfigs/php-helloworld SourceGit 1NAMETYPEFROMSTATUS STARTED DURATIONbuilds/php-helloworld-1 SourceGit@6d61e75 Complete 2 minutes ago 1m12sNAMEDOCKER REPOTAGSUPDATEDimagestreams/php-70-rhel7 docker-registry.default.svc:5000/rome/php-70-rhel7 latest2 minutes agoimagestreams/php-helloworld docker-registry.default.svc:5000/rome/php-helloworld latestAbout a minute agoNAMEREADY STATUSRESTARTS AGEpo/php-helloworld-1-8hvvn 1/1 Running 01mpo/php-helloworld-1-build 0/1 Completed 02mNAMEDESIRED CURRENT READY AGErc/php-helloworld-1 1 1 1 1mNAME TYPECLUSTER-IPEXTERNAL-IP PORT(S)AGEsvc/php-helloworld ClusterIP 172.30.69.166 <none>8080/TCP 2m[root@master ~]#
[root@master ~]# oc expose svc/php-helloworld--hostname=hellophp.apps.lab.example.comroute "php-helloworld" exposed[root@master ~]# oc get routeNAME HOST/PORT PATHSERVICES PORT TERMINATION WILDCARDphp-helloworld hellophp.apps.lab.example.com php-helloworld 8080-tcp None[root@master ~]# curl hellophp.apps.lab.example.comHello, World! php version is 7.0.10[root@master ~]#

持续构建

[root@master php-helloworld]# oc start-build php-helloworldbuild "php-helloworld-2" started[root@master php-helloworld]# oc get dcNAME REVISION DESIRED CURRENT TRIGGERED BYphp-helloworld 21 0 config,image(php-helloworld:latest)[root@master php-helloworld]# oc get buildNAME TYPEFROMSTATUS STARTEDDURATIONphp-helloworld-1 SourceGit@6d61e75 Complete 10 minutes ago 1m12sphp-helloworld-2 SourceGit@2210bc1 Complete 15 seconds ago 8s

基于源码和 IS 创建应用

$oc new-app--name=hello-iphp:7.0http://registry.lab.example.com/scaling

这里实际上和上面的一样,不在说明

基于模板创建应用

$ocnew-app--template=ruby-helloworld-sample--param=MYSQL_USER=admin $ocnew-app--file=./example/myapp/template.json--param=MYSQL_USER=admi n

以下是使用模板在OpenShift中创建应用的步骤:

  1. 使用 oc login 命令登录到您的OpenShift集群。
  2. 使用 oc new-project 命令创建一个新项目。
  3. 使用 oc get templates -n openshift 命令浏览可用的模板。
  4. 选择适合您需求的模板,使用 oc new-app 命令创建一个应用。您可以使用 -p 标志指定模板名称和任何参数值。
  5. 使用 oc get pods 命令监视部署。

当您从模板创建应用时,OpenShift会创建多个资源对象,包括DeploymentConfig、Service、Route和ImageStream。这些对象一起工作,以部署和公开您的应用程序。

DeploymentConfig对象定义了应用程序的部署方式,包括副本数、要使用的容器映像以及任何环境变量或卷挂载。Service对象为您的应用程序提供稳定的IP地址和DNS名称,允许其他服务与其通信。Route对象将您的应用程序公开给外部世界,提供用户可以访问的URL。最后,ImageStream对象跟踪应用程序使用的容器映像,允许您回滚到以前的版本(如果需要)。

一个 模板 yaml 文件 Demo

[root@master ~]# cat gogs-temp.yamlkind: TemplateapiVersion: v1metadata:annotations:description: The Gogs git server (https://gogs.io/)tags: instant-app,gogs,go,golangname: gogsobjects:- kind: PersistentVolumeapiVersion: v1metadata:name: gogs-postgres-dataspec:capacity:storage: 2GiaccessModes:- ReadWriteManynfs:path: /exports/gogs-postgres-dataserver: services.lab.example.compersistentVolumeReclaimPolicy: Recycle- kind: PersistentVolumeapiVersion: v1metadata:name: gogs-dataspec:capacity:storage: 1GiaccessModes:- ReadWriteManynfs:path: /exports/gogs-dataserver: services.lab.example.compersistentVolumeReclaimPolicy: Recycle- kind: ServiceAccountapiVersion: v1metadata:creationTimestamp: nulllabels:app: ${APPLICATION_NAME}name: ${APPLICATION_NAME}- kind: ServiceapiVersion: v1metadata:annotations:description: Exposes the database servername: ${APPLICATION_NAME}-postgresqllabels:app: ${APPLICATION_NAME}spec:ports:- name: postgresqlport: 5432targetPort: 5432selector:name: ${APPLICATION_NAME}-postgresql- kind: DeploymentConfigapiVersion: v1metadata:annotations:description: Defines how to deploy the databasename: ${APPLICATION_NAME}-postgresqllabels:app: ${APPLICATION_NAME}spec:replicas: 1selector:name: ${APPLICATION_NAME}-postgresqlstrategy:type: Recreatetemplate:metadata:labels:name: ${APPLICATION_NAME}-postgresqlname: ${APPLICATION_NAME}-postgresqlspec:serviceAccountName: ${APPLICATION_NAME}containers:- env:- name: POSTGRESQL_USERvalue: ${DATABASE_USER}- name: POSTGRESQL_PASSWORDvalue: ${DATABASE_PASSWORD}- name: POSTGRESQL_DATABASEvalue: ${DATABASE_NAME}- name: POSTGRESQL_MAX_CONNECTIONSvalue: ${DATABASE_MAX_CONNECTIONS}- name: POSTGRESQL_SHARED_BUFFERSvalue: ${DATABASE_SHARED_BUFFERS}- name: POSTGRESQL_ADMIN_PASSWORDvalue: ${DATABASE_ADMIN_PASSWORD}image: ' 'livenessProbe:initialDelaySeconds: 30tcpSocket:port: 5432timeoutSeconds: 1failureThreshold: 10periodSeconds: 20name: postgresqlports:- containerPort: 5432readinessProbe:exec:command:- /bin/sh- -i- -c- psql -h 127.0.0.1 -U ${POSTGRESQL_USER} -q -d ${POSTGRESQL_DATABASE} -c 'SELECT 1'initialDelaySeconds: 5timeoutSeconds: 1failureThreshold: 10resources:limits:memory: 512MivolumeMounts:- mountPath: /var/lib/pgsql/dataname: gogs-postgres-datavolumes:- name: gogs-postgres-datapersistentVolumeClaim:claimName: gogs-postgres-datatriggers:- imageChangeParams:automatic: truecontainerNames:- postgresqlfrom:kind: ImageStreamTagname: postgresql:9.5namespace: openshifttype: ImageChange- type: ConfigChange- kind: ServiceapiVersion: v1metadata:annotations:description: The Gogs server's http portservice.alpha.openshift.io/dependencies: '[{"name":"${APPLICATION_NAME}-postgresql","namespace":"","kind":"Service"}]'labels:app: ${APPLICATION_NAME}name: ${APPLICATION_NAME}spec:ports:- name: 3000-tcpport: 3000protocol: TCPtargetPort: 3000selector:app: ${APPLICATION_NAME}deploymentconfig: ${APPLICATION_NAME}sessionAffinity: Nonetype: ClusterIPstatus:loadBalancer: {}- kind: RouteapiVersion: v1id: ${APPLICATION_NAME}-httpmetadata:annotations:description: Route for application's http service.labels:app: ${APPLICATION_NAME}name: ${APPLICATION_NAME}spec:host: ${HOSTNAME}to:name: ${APPLICATION_NAME}- kind: DeploymentConfigapiVersion: v1metadata:labels:app: ${APPLICATION_NAME}name: ${APPLICATION_NAME}spec:replicas: 1selector:app: ${APPLICATION_NAME}deploymentconfig: ${APPLICATION_NAME}strategy:resources: {}rollingParams:intervalSeconds: 1maxSurge: 25%maxUnavailable: 25%timeoutSeconds: 600updatePeriodSeconds: 1type: Rollingtemplate:metadata:creationTimestamp: nulllabels:app: ${APPLICATION_NAME}deploymentconfig: ${APPLICATION_NAME}spec:serviceAccountName: ${APPLICATION_NAME}containers:- image: " "imagePullPolicy: Alwaysname: ${APPLICATION_NAME}ports:- containerPort: 3000protocol: TCPresources: {}terminationMessagePath: /dev/termination-logvolumeMounts:- name: gogs-datamountPath: /opt/gogs/data- name: gogs-configmountPath: /etc/gogs/confreadinessProbe:httpGet:path: /port: 3000scheme: HTTPinitialDelaySeconds: 3timeoutSeconds: 1periodSeconds: 20successThreshold: 1failureThreshold: 10livenessProbe:httpGet:path: /port: 3000scheme: HTTPinitialDelaySeconds: 20timeoutSeconds: 1periodSeconds: 10successThreshold: 1failureThreshold: 10dnsPolicy: ClusterFirstrestartPolicy: AlwayssecurityContext: {}terminationGracePeriodSeconds: 30volumes:- name: gogs-datapersistentVolumeClaim:claimName: gogs-data- name: gogs-configconfigMap:name: gogs-configitems:- key: app.inipath: app.initest: falsetriggers:- type: ConfigChange- imageChangeParams:automatic: truecontainerNames:- ${APPLICATION_NAME}from:kind: ImageStreamTagname: ${APPLICATION_NAME}:${GOGS_VERSION}type: ImageChange- kind: ImageStreamapiVersion: v1metadata:labels:app: ${APPLICATION_NAME}name: ${APPLICATION_NAME}spec:tags:- name: "${GOGS_VERSION}"from:kind: DockerImagename: services.lab.example.com/openshiftdemos/gogs:0.9.97importPolicy: {"insecure":true }annotations:description: The Gogs git server docker imagetags: gogs,go,golangversion: "${GOGS_VERSION}"- kind: PersistentVolumeClaimapiVersion: v1metadata:name: gogs-datalabels:app: ${APPLICATION_NAME}spec:accessModes:- ReadWriteManyresources:requests:storage: ${GOGS_VOLUME_CAPACITY}- kind: PersistentVolumeClaimapiVersion: v1metadata:name: gogs-postgres-datalabels:app: ${APPLICATION_NAME}spec:accessModes:- ReadWriteManyresources:requests:storage: ${DB_VOLUME_CAPACITY}- kind: ConfigMapapiVersion: v1metadata:name: gogs-configlabels:app: ${APPLICATION_NAME}data:app.ini: |RUN_MODE = prodRUN_USER = gogs[database]DB_TYPE= postgresHOST = ${APPLICATION_NAME}-postgresql:5432NAME = ${DATABASE_NAME}USER = ${DATABASE_USER}PASSWD = ${DATABASE_PASSWORD}[repository]ROOT = /opt/gogs/data/repositories[server]ROOT_URL=http://${HOSTNAME}SSH_DOMAIN=${HOSTNAME}[security]INSTALL_LOCK = ${INSTALL_LOCK}[service]ENABLE_CAPTCHA = false[webhook]SKIP_TLS_VERIFY = ${SKIP_TLS_VERIFY}parameters:- description: The name for the application.name: APPLICATION_NAMErequired: truevalue: gogs- description: 'Custom hostname for http service route.Leave blank for default hostname, e.g.: -.'name: HOSTNAMErequired: true- description: Volume space available for data, e.g. 512Mi, 2Giname: GOGS_VOLUME_CAPACITYrequired: truevalue: 1Gi- description: Volume space available for postregs data, e.g. 512Mi, 2Giname: DB_VOLUME_CAPACITYrequired: truevalue: 2Gi- displayName: Database Usernamefrom: gogsvalue: gogsname: DATABASE_USER- displayName: Database Passwordfrom: '[a-zA-Z0-9]{8}'value: gogsname: DATABASE_PASSWORD- displayName: Database Namename: DATABASE_NAMEvalue: gogs- displayName: Database Admin Passwordfrom: '[a-zA-Z0-9]{8}'generate: expressionname: DATABASE_ADMIN_PASSWORD- displayName: Maximum Database Connectionsname: DATABASE_MAX_CONNECTIONSvalue: "100"- displayName: Shared Buffer Amountname: DATABASE_SHARED_BUFFERSvalue: 12MB- name: GOGS_VERSIONdisplayName: Gogs Versiondescription: 'Version of the Gogs container image to be used (check the available version https://hub.docker.com/r/openshiftdemos/gogs/tags)'value: "0.9.97"required: true- name: INSTALL_LOCKdisplayName: Installation lockdescription: 'If set to true, installation (/install) page will be disabled. Set to false if you want to run the installation wizard via web'value: "true"- name: SKIP_TLS_VERIFYdisplayName: Skip TLS verification on webhooksdescription: Skip TLS verification on webhooks. Enable with caution!value: "false"[root@master ~]# gogs-temp.yaml

通过 yaml 文件创建 模板

[root@master ~]# oc apply -f gogs-temp.yaml -n openshifttemplate "gogs" created

通过模板运行应用

[root@master ~]# oc new-app --template=gogs--param=HOSTNAME=gogs.apps.lab.example.com--> Deploying template "openshift/gogs" to project ditto gogs --------- The Gogs git server (https://gogs.io/) * With parameters:* APPLICATION_NAME=gogs* HOSTNAME=gogs.apps.lab.example.com* GOGS_VOLUME_CAPACITY=1Gi* DB_VOLUME_CAPACITY=2Gi* Database Username=gogs* Database Password=gogs* Database Name=gogs* Database Admin Password=iaHaUYMy # generated* Maximum Database Connections=100* Shared Buffer Amount=12MB* Gogs Version=0.9.97* Installation lock=true* Skip TLS verification on webhooks=false--> Creating resources ...persistentvolume "gogs-postgres-data" createdpersistentvolume "gogs-data" createdserviceaccount "gogs" createdservice "gogs-postgresql" createddeploymentconfig "gogs-postgresql" createdservice "gogs" createdroute "gogs" createddeploymentconfig "gogs" createdimagestream "gogs" createdpersistentvolumeclaim "gogs-data" createdpersistentvolumeclaim "gogs-postgres-data" createdconfigmap "gogs-config" created--> SuccessAccess your application via route 'gogs.apps.lab.example.com'Run 'oc status' to view your app.[root@master ~]#

查看所有资源

[root@master ~]# oc get allNAMEREVISION DESIRED CURRENT TRIGGERED BYdeploymentconfigs/gogs01 0 config,image(gogs:0.9.97)deploymentconfigs/gogs-postgresql 11 1 config,image(postgresql:9.2)NAMEDOCKER REPO TAGSUPDATEDimagestreams/gogs docker-registry.default.svc:5000/ditto/gogs 0.9.97NAMEHOST/PORT PATHSERVICES PORTTERMINATION WILDCARDroutes/gogs gogs.apps.lab.example.com gogs <all> NoneNAMEREADY STATUSRESTARTS AGEpo/gogs-postgresql-1-9rjb20/1 Running 030spo/gogs-postgresql-1-deploy 1/1 Running 033sNAME DESIRED CURRENT READY AGErc/gogs-postgresql-1 1 1 0 33sNAMETYPECLUSTER-IP EXTERNAL-IP PORT(S)AGEsvc/gogsClusterIP 172.30.4.106 <none>3000/TCP 33ssvc/gogs-postgresql ClusterIP 172.30.127.172 <none>5432/TCP 34s[root@master ~]#

博文部分内容参考

© 文中涉及参考链接内容版权归原作者所有,如有侵权请告知,这是一个开源项目,如果你认可它,不要吝啬星星哦

《OKD 3.9 DO280 Red Hat OpenShift Administration I》

《开源容器云OpenShift:构建基于Kubernetes的企业应用云平台》

https://docs.okd.io/latest/welcome/index.html

© 2018-2023 liruilonger@gmail.com, All rights reserved. 保持署名-非商用-相同方式共享(CC BY-NC-SA 4.0)