Permalink
Branch: master
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
207 lines (206 sloc) 5.31 KB
apiVersion: v1
kind: Template
metadata:
name: aws-ocp-snap
objects:
- apiVersion: v1
kind: ImageStream
metadata:
annotations:
description: Keeps track of changes in the application image
name: ${NAME}
labels:
template: aws-ocp-snap
- apiVersion: v1
kind: BuildConfig
metadata:
annotations:
description: Defines how to build the application
name: ${NAME}
labels:
template: aws-ocp-snap
spec:
completionDeadlineSeconds: "1800"
output:
to:
kind: ImageStreamTag
name: ${NAME}:latest
runPolicy: Serial
source:
git:
uri: https://github.com/makentenza/aws-ocp-snap.git
contextDir: /
strategy:
dockerStrategy:
from:
kind: DockerImage
name: centos:7
type: Docker
triggers:
- type: ConfigChange
- apiVersion: v1
kind: Secret
metadata:
name: aws-secret
labels:
template: aws-ocp-snap
data:
key_id: ${AWS_ACCESS_KEY_ID}
access_key: ${AWS_SECRET_ACCESS_KEY}
region: ${AWS_REGION}
- apiVersion: batch/v2alpha1
kind: CronJob
metadata:
name: "${JOB_NAME}"
labels:
template: aws-ocp-snap
spec:
schedule: "${SCHEDULE}"
concurrencyPolicy: Forbid
successfulJobsHistoryLimit: "${SUCCESS_JOBS_HISTORY_LIMIT}"
failedJobsHistoryLimit: "${FAILED_JOBS_HISTORY_LIMIT}"
jobTemplate:
spec:
template:
spec:
containers:
- name: "${JOB_NAME}"
image: docker-registry.default.svc:5000/${NAMESPACE}/${NAME}:latest
command:
- "/bin/bash"
- "-c"
- "/usr/local/bin/create_snapshot.sh ${NSPACE} ${VOL}"
env:
- name: AWS_ACCESS_KEY_ID
valueFrom:
secretKeyRef:
name: aws-secret
key: key_id
- name: AWS_SECRET_ACCESS_KEY
valueFrom:
secretKeyRef:
name: aws-secret
key: access_key
- name: AWS_DEFAULT_REGION
valueFrom:
secretKeyRef:
name: aws-secret
key: region
restartPolicy: Never
terminationGracePeriodSeconds: 30
activeDeadlineSeconds: 500
dnsPolicy: ClusterFirst
serviceAccountName: "${JOB_SERVICE_ACCOUNT}"
serviceAccount: "${JOB_SERVICE_ACCOUNT}"
- apiVersion: v1
kind: ClusterRole
metadata:
name: pvc-reader
labels:
template: aws-ocp-snap
rules:
- apiGroups:
- ""
resources:
- persistentvolumes
verbs:
- get
- list
- watch
- apiGroups:
- storage.k8s.io
resources:
- storageclasses
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- events
- persistentvolumeclaims
verbs:
- get
- list
- watch
- apiVersion: v1
kind: ClusterRoleBinding
metadata:
name: system:pvc-reader
labels:
template: aws-ocp-snap
roleRef:
name: pvc-reader
subjects:
- kind: ServiceAccount
name: ${JOB_SERVICE_ACCOUNT}
userNames:
- system:serviceaccount:${NAMESPACE}:${JOB_SERVICE_ACCOUNT}
- apiVersion: v1
kind: ServiceAccount
metadata:
name: ${JOB_SERVICE_ACCOUNT}
labels:
template: aws-ocp-snap
parameters:
- description: The name assigned to all of the frontend objects defined in this template.
displayName: Name
name: NAME
required: true
value: aws-ocp-snap
- name: JOB_NAME
displayName: Job Name
description: Name of the Scheduled Job to Create.
value: cronjob-ebs-snaphost
required: true
- name: SCHEDULE
displayName: Cron Schedule
description: Cron Schedule to Execute the Job
value: "@daily"
required: true
- name: SUCCESS_JOBS_HISTORY_LIMIT
displayName: Successful Job History Limit
description: The number of successful jobs that will be retained
value: '5'
required: true
- name: FAILED_JOBS_HISTORY_LIMIT
displayName: Failed Job History Limit
description: The number of failed jobs that will be retained
value: '5'
required: true
- name: NAMESPACE
displayName: "Namespace where this is deployed"
description: "Namespace where this is deployed."
value: "cluster-maintenance"
required: true
- name: AWS_ACCESS_KEY_ID
displayName: AWS Access Key ID (base64)
description: AWS Access Key ID to be used to create the snapshots (base64)
value: ""
required: true
- name: AWS_SECRET_ACCESS_KEY
displayName: AWS Secret Access Key ID (base64)
description: AWS Secret Access Key ID to be used to create the snapshots (base64)
value: ""
required: true
- name: AWS_REGION
displayName: AWS Region (base64)
description: AWS Region where EBS objects reside (base64)
value: ""
required: true
- name: NSPACE
displayName: Namespace where Persistent Volumes are defined
description: Namespace where Persistent Volumes are defined (can be ALL)
value: ""
required: true
- name: VOL
displayName: Persistent Volume Claim name
description: Persistent Volume Claim name (can be ALL)
value: ""
required: true
- name: JOB_SERVICE_ACCOUNT
displayName: "Service Account Name"
description: "Name of the Service Account To Exeucte the Job As."
value: "ebs-snap-creator"
required: true