Red Hat SummitDeploying your Red Hat build of Quarkus applications to OpenShift Container Platform
Abstract
Providing feedback on Red Hat build of Quarkus documentation
To report an error or to improve our documentation, log in to your Red Hat Jira account and submit an issue. If you do not have a Red Hat Jira account, then you will be prompted to create an account.
Procedure
- Click the following link to create a ticket.
- Enter a brief description of the issue in the Summary.
- Provide a detailed description of the issue or enhancement in the Description. Include a URL to where the issue occurs in the documentation.
- Clicking Submit creates and routes the issue to the appropriate documentation team.
Chapter 1. Deploying Red Hat build of Quarkus applications to OpenShift Container Platform
Red Hat OpenShift Container Platform is a Kubernetes-based platform for developing and running containerized applications. Quarkus offers the ability to automatically generate OpenShift Container Platform resources based on sane defaults and user-supplied configuration.
As an application developer, you can deploy your Red Hat build of Quarkus applications to Red Hat OpenShift Container Platform. This functionality is provided by the quarkus-openshift extension, which supports multiple deployment options:
1.1. Overview of OpenShift Container Platform build strategies
- Docker build
- This strategy builds the artifacts outside the OpenShift Container Platform cluster, locally or in a CI environment, and provides them to the OpenShift Container Platform build system together with a Dockerfile. The artifacts include JAR files or a native executable. The container gets built inside the OpenShift Container Platform cluster and is provided as an image stream.
The OpenShift Container Platform Docker build strategy is the preferred build strategy because it supports Quarkus applications targeted for JVM or compiled to native executables. However, for compatibility with earlier Quarkus versions, the default build strategy is S2I. To select the OpenShift Container Platform Docker build strategy, use the quarkus.openshift.build-strategy property.
- Source to Image (S2I)
- The build process is performed inside the OpenShift Container Platform cluster. Red Hat build of Quarkus fully supports using S2I to deploy Red Hat build of Quarkus as a JVM application.
- Binary S2I
- This strategy uses a JAR file as input to the S2I build process, which speeds up the building and deploying of your application.
1.1.1. Build strategies supported by Quarkus
The following table outlines the build strategies that Red Hat build of Quarkus supports:
| Build strategy | Support for Red Hat build of Quarkus tools | Support for JVM | Support for native | Support for JVM Serverless | Support for native Serverless |
|---|---|---|---|---|---|
| Docker build | YES | YES | YES | YES | YES |
| S2I Binary | YES | YES | NO | NO | NO |
| Source S2I | NO | YES | NO | NO | NO |
1.2. Bootstrapping the project
First, you need a new project that contains the OpenShift extension. Then, before you build and deploy our application, you must log into an OpenShift cluster.
1.2.1. Adding the OpenShift extension
To build and deploy your applications as a container image that runs inside your OpenShift Container Platform cluster, you must add the Red Hat build of Quarkus OpenShift extension quarkus-openshift as a dependency to your project.
This extension also generates OpenShift Container Platform resources such as image streams, build configuration, deployment, and service definitions. If your application includes the quarkus-smallrye-health extension, OpenShift Container Platform can access the health endpoint and verify the startup, liveness, and readiness of your application.
From Red Hat build of Quarkus 3.8, the DeploymentConfig object, deprecated in OpenShift, is also deprecated in Red Hat build of Quarkus. Deployment is the default and preferred deployment kind for the quarkus-openshift extension. If you redeploy applications that you deployed before by using DeploymentConfig, by default, those applications use Deployment but do not remove the previous DeploymentConfig. This leads to a deployment of both new and old applications, so, you must remove the old DeploymentConfig manually. However, if you want to continue to use DeploymentConfig, it is still possible to do so by explicitly setting quarkus.openshift.deployment-kind to DeploymentConfig.
Prerequisites
- You have a Quarkus Maven project.
Procedure
To add the
quarkus-openshiftextension to your project, use one of the following methods:Configure the
pom.xmlfile:pom.xml
<dependency> <groupId>io.quarkus</groupId> <artifactId>quarkus-openshift</artifactId> </dependency>
Copy to clipboardCopied<dependency> <groupId>io.quarkus</groupId> <artifactId>quarkus-openshift</artifactId> </dependency>Enter the following command on the OpenShift Container Platform CLI:
./mvnw quarkus:add-extension -Dextensions="io.quarkus:quarkus-openshift"
Copy to clipboardCopied./mvnw quarkus:add-extension -Dextensions="io.quarkus:quarkus-openshift"Enter the following command on the Quarkus CLI:
quarkus extension add 'quarkus-openshift'
Copy to clipboardCopiedquarkus extension add 'quarkus-openshift'
1.3. Logging in to an OpenShift Container Platform cluster
You can log in to an OpenShift Container Platform cluster by using the OpenShift CLI (oc). For more information, see Getting started with the OpenShift CLI:
Example: Log in by using the OpenShift CLI
oc login -u myUsername 1
oc login -u myUsername 1- 1
- You are prompted for the required information such as server URL, password, and so on.
Alternatively, you can log in by using the API token:
Example: Log in by using the OpenShift CLI with API token
oc login --token=myToken --server=myServerUrl
oc login --token=myToken --server=myServerUrlYou can request the token by using the Copy Login Command link in the OpenShift web console.
Finally, you do not need to use the OpenShift CLI at all. Instead, set the quarkus.kubernetes-client.api-server-url config property and authenticate with the quarkus.kubernetes-client.token, or quarkus.kubernetes-client.username and quarkus.kubernetes-client.password respectively:
Using the Quarkus CLI:
quarkus build quarkus deploy openshift
Copy to clipboardCopiedquarkus build quarkus deploy openshiftUsing Maven:
./mvnw install -Dquarkus.kubernetes-client.api-server-url=myServerUrl -Dquarkus.kubernetes-client.token=myToken
Copy to clipboardCopied./mvnw install -Dquarkus.kubernetes-client.api-server-url=myServerUrl -Dquarkus.kubernetes-client.token=myTokenUsing Gradle:
./gradlew build -Dquarkus.kubernetes-client.api-server-url=myServerUrl -Dquarkus.kubernetes-client.token=myToken
Copy to clipboardCopied./gradlew build -Dquarkus.kubernetes-client.api-server-url=myServerUrl -Dquarkus.kubernetes-client.token=myToken
1.3.1. Switching to the required OpenShift Container Platform project
You can use the Red Hat OpenShift Container Platform CLI to create applications and manage your OpenShift Container Platform projects. Use the information provided to create an OpenShift Container Platform project or to switch to an existing one.
Prerequisites
-
You have access to an OpenShift Container Platform cluster and the latest compatible version of the
octool installed.
Procedure
Log in to the
octool:oc login
Copy to clipboardCopiedoc loginTo show the current project space, enter the following command:
oc project -q
Copy to clipboardCopiedoc project -qUse one of the following steps to go to the required OpenShift Container Platform project:
If the project already exists, switch to the project:
oc project <project_name>
Copy to clipboardCopiedoc project <project_name>If the project does not exist, create a new project:
oc new-project <project_name>
Copy to clipboardCopiedoc new-project <project_name>
1.4. Building and deploying
You can build and deploy by using any of the following deployment options:
1.4.1. Non-S2I builds
The OpenShift extension is configured to use container-image-s2i. However, it is still possible to use other container image extensions, such as:
When a non-s2i container image extension is used, an ImageStream is created that is pointing to an external dockerImageRepository. The image is built and pushed to the registry and the ImageStream populates the tags that are available in the dockerImageRepository.
To select which extension will be used for building the image:
quarkus.container-image.builder=docker
quarkus.container-image.builder=dockeror
quarkus.container-image.builder=jib
quarkus.container-image.builder=jib1.5. Customizing
All available customization options are available in the OpenShift configuration options.
Some examples are provided in the sections below:
1.5.1. Exposing routes
To expose a Route for the Quarkus application:
quarkus.openshift.route.expose=true
quarkus.openshift.route.expose=true
You do not need to add this property in the application.properties file. Instead, you can pass it as a command-line argument:
./mvnw clean package -Dquarkus.openshift.route.expose=true
./mvnw clean package -Dquarkus.openshift.route.expose=trueThe same applies to all properties listed below.
1.5.1.1. Securing the Route resource
To secure the incoming connections, OpenShift provides several types of TLS termination to serve certifications.
For more information about how to secure routes, see OpenShift Container Platform documentation.
The following example shows how to configure a secured Route by using passthrough termination by adding the "quarkus.openshift.route.tls" properties:
quarkus.openshift.route.expose=true quarkus.openshift.route.target-port=https ## Route TLS configuration: quarkus.openshift.route.tls.termination=passthrough quarkus.openshift.route.tls.insecure-edge-termination-policy=None
quarkus.openshift.route.expose=true
quarkus.openshift.route.target-port=https
## Route TLS configuration:
quarkus.openshift.route.tls.termination=passthrough
quarkus.openshift.route.tls.insecure-edge-termination-policy=None1.5.2. Labels
To add a label in the generated resources:
quarkus.openshift.labels.foo=bar
quarkus.openshift.labels.foo=bar1.5.3. Annotations
To add an annotation in the generated resources:
quarkus.openshift.annotations.foo=bar
quarkus.openshift.annotations.foo=bar1.5.4. Environment variables
OpenShift Container Platform provides multiple ways of defining environment variables:
- Key/value pairs
- Import all values from a Secret or ConfigMap
- Interpolate a single value identified by a given field in a Secret or ConfigMap
- Interpolate a value from a field within the same resource
1.5.4.1. Environment variables from key/value pairs
To add a key/value pair as an environment variable in the generated resources:
quarkus.openshift.env.vars.my-env-var=foobar
quarkus.openshift.env.vars.my-env-var=foobar
The above command adds MY_ENV_VAR=foobar as an environment variable. The key my-env-var will convert to uppercase and dashes will be replaced by underscores resulting in MY_ENV_VAR.
1.5.4.2. Environment variables from Secret
To add all key/value pairs of Secret as environment variables, apply the following configuration, separating each Secret to be used as source by a comma (,):
quarkus.openshift.env.secrets=my-secret,my-other-secret
quarkus.openshift.env.secrets=my-secret,my-other-secretwhich generates the following in the container definition:
envFrom:
- secretRef:
name: my-secret
optional: false
- secretRef:
name: my-other-secret
optional: falseenvFrom:
- secretRef:
name: my-secret
optional: false
- secretRef:
name: my-other-secret
optional: false
The following code extracts a value identified by the keyName field from the my-secret Secret into a foo environment variable:
quarkus.openshift.env.mapping.foo.from-secret=my-secret quarkus.openshift.env.mapping.foo.with-key=keyName
quarkus.openshift.env.mapping.foo.from-secret=my-secret
quarkus.openshift.env.mapping.foo.with-key=keyName
which generates the following in the env section of your container:
- env:
- name: FOO
valueFrom:
secretKeyRef:
key: keyName
name: my-secret
optional: false- env:
- name: FOO
valueFrom:
secretKeyRef:
key: keyName
name: my-secret
optional: false1.5.4.3. Environment variables from ConfigMap
To add all key/value pairs from ConfigMap as environment variables, apply the following configuration, separating each ConfigMap to be used as source by a comma (,):
quarkus.openshift.env.configmaps=my-config-map,another-config-map
quarkus.openshift.env.configmaps=my-config-map,another-config-mapwhich generates the following in the container definition:
envFrom:
- configMapRef:
name: my-config-map
optional: false
- configMapRef:
name: another-config-map
optional: falseenvFrom:
- configMapRef:
name: my-config-map
optional: false
- configMapRef:
name: another-config-map
optional: false
The following extracts a value identified by the keyName field from the my-config-map ConfigMap into a foo environment variable:
quarkus.openshift.env.mapping.foo.from-configmap=my-configmap quarkus.openshift.env.mapping.foo.with-key=keyName
quarkus.openshift.env.mapping.foo.from-configmap=my-configmap
quarkus.openshift.env.mapping.foo.with-key=keyName
which generates the following in the env section of your container:
- env:
- name: FOO
valueFrom:
configMapKeyRef:
key: keyName
name: my-configmap
optional: false- env:
- name: FOO
valueFrom:
configMapKeyRef:
key: keyName
name: my-configmap
optional: false1.5.4.4. Environment variables from fields
You can also use the value from another field to add a new environment variable by specifying the path of the field to be used as a source. For example:
quarkus.openshift.env.fields.foo=metadata.name
quarkus.openshift.env.fields.foo=metadata.name1.5.4.5. Changing the generated deployment resource
Beside generating a Deployment resource, you can also choose to get either a DeploymentConfig, StatefulSet, Job, or a CronJob resource instead by using application.properties:
quarkus.openshift.deployment-kind=StatefulSet
quarkus.openshift.deployment-kind=StatefulSet1.5.4.5.1. Generating Job resources
If you want to generate a Job resource, you need to add the following property by using the application.properties:
quarkus.openshift.deployment-kind=Job
quarkus.openshift.deployment-kind=JobIf you are using the Picocli extension, by default the Job resource will be generated.
You can provide the arguments that Kubernetes Job uses through the quarkus.openshift.arguments property. For example, adding the property quarkus.openshift.arguments=A,B.
Finally, the Kubernetes job will be launched every time that it is installed in OpenShift. For more information about how to run Kubernetes jobs, see Running an example job.
You can configure the rest of the Kubernetes Job configuration by using the properties under quarkus.openshift.job.xxx. For more information, see quarkus.openshift.job.parallelism.
1.5.4.5.2. Generating CronJob resources
If you want to generate a CronJob resource, you need to add the following property by using the application.properties file:
quarkus.openshift.deployment-kind=CronJob # Cron expression to run the job every hour quarkus.openshift.cron-job.schedule=0 * * * *
quarkus.openshift.deployment-kind=CronJob
# Cron expression to run the job every hour
quarkus.openshift.cron-job.schedule=0 * * * *
CronJob resources require the Cron expression to specify when to launch the job through the quarkus.openshift.cron-job.schedule property. If thet are not provided, the build fails.
You can configure the rest of the Kubernetes CronJob configuration by using the properties under quarkus.openshift.cron-job.xxx (for more information, see quarkus.openshift.cron-job.parallelism).
1.5.4.6. Validation
A conflict between two definitions, for example, mistakenly assigning both a value and specifying that a variable is derived from a field, results in an error being thrown at build time. You can fix the issue before you deploy your application to your cluster, where it might be more difficult to diagnose the source of the issue.
Similarly, two redundant definitions, for example, defining an injection from the same secret twice, does not cause an issue but reports a warning to inform you that you might not have intended to duplicate that definition.
1.5.4.6.1. Backwards compatibility
Previous versions of the OpenShift extension supported a different syntax to add environment variables. The older syntax is still supported but is deprecated, and it is advised that you migrate to the new syntax.
| Old | New | ||
| Plain variable |
|
| |
| From field |
|
| |
|
All from |
|
| |
|
All from |
|
| |
|
From one |
|
| |
|
|
| ||
|
From one |
|
| |
|
|
|
If you redefine the same variable by using the new syntax while keeping the old syntax, only the new version is kept, and a warning will be issued to alert you of the problem. For example, if you define both `quarkus.openshift.env-vars.my-env-var.value=foobar` and `quarkus.openshift.env.vars.my-env-var=newValue`, the extension generates an environment variable `MY_ENV_VAR=newValue` and issues a warning.
If you redefine the same variable by using the new syntax while keeping the old syntax, only the new version is kept, and a warning will be issued to alert you of the problem.
For example, if you define both `quarkus.openshift.env-vars.my-env-var.value=foobar` and `quarkus.openshift.env.vars.my-env-var=newValue`, the extension generates an environment variable `MY_ENV_VAR=newValue` and issues a warning.1.5.5. Mounting volumes
The OpenShift extension allows you to configure both volumes and mounts for the application. You can mount any volume with a simple configuration:
quarkus.openshift.mounts.my-volume.path=/where/to/mount
quarkus.openshift.mounts.my-volume.path=/where/to/mount
This will add a mount to my pod for volume my-volume to path /where/to/mount. You can configure the volumes themselves as shown in the sections below:
1.5.5.1. Secret volumes
quarkus.openshift.secret-volumes.my-volume.secret-name=my-secret
quarkus.openshift.secret-volumes.my-volume.secret-name=my-secret1.5.5.2. ConfigMap volumes
quarkus.openshift.config-map-volumes.my-volume.config-map-name=my-config-map
quarkus.openshift.config-map-volumes.my-volume.config-map-name=my-config-map1.5.5.3. Persistent volume claims
quarkus.openshift.pvc-volumes.my-pvc.claim-name=my-pvc
quarkus.openshift.pvc-volumes.my-pvc.claim-name=my-pvc1.6. Configuration Reference
Configuration property fixed at build time - All other configuration properties are overridable at runtime
| Configuration property | Type | Default |
|
The optional list of Secret names to load environment variables from.
Environment variable: | list of string | |
|
The optional list of ConfigMap names to load environment variables from.
Environment variable: | list of string | |
|
The map associating environment variable names to their associated field references they take their value from.
Environment variable: | Map<String,String> | |
|
The environment variable value
Environment variable: | string | |
|
The optional name of the Secret from which a value is to be extracted. Mutually exclusive with
Environment variable: | string | |
|
The optional name of the ConfigMap from which a value is to be extracted. Mutually exclusive with
Environment variable: | string | |
|
The key identifying the field from which the value is extracted.
Environment variable: | string |
required
|
|
The optional prefix to use when adding the environment variable to the container.
Environment variable: | string | |
|
The optional prefix to use when adding the environment variable to the container.
Environment variable: | string | |
|
The name of the group this component belongs too.
Environment variable: | string | |
|
The name of the application. This value will be used for naming Kubernetes resources like: - Deployment - Service and so on …
Environment variable: | string | |
|
The version of the application.
Environment variable: | string | |
|
The namespace the generated resources should belong to. If not value is set, then the 'namespace' field will not be added to the 'metadata' section of the generated manifests. This in turn means that when the manifests are applied to a cluster, the namespace will be resolved from the current Kubernetes context (see organize-cluster-access-kubeconfig for more details).
Environment variable: | string | |
|
Custom labels to add to all resources.
Environment variable: | Map<String,String> | |
|
Custom annotations to add to all resources.
Environment variable: | Map<String,String> | |
|
The type of service that will be generated for the application
Environment variable: |
|
|
|
Whether to add the build timestamp to the Kubernetes annotations This is a very useful way to have manifests of successive builds of the same application differ - thus ensuring that Kubernetes will apply the updated resources.
Environment variable: | boolean |
|
|
If
Environment variable: | boolean |
|
|
If
Environment variable: | boolean |
|
|
Working directory.
Environment variable: | string | |
|
The commands.
Environment variable: | list of string | |
|
The arguments.
Environment variable: | list of string | |
|
The service account.
Environment variable: | string | |
|
If set, it will change the name of the container according to the configuration.
Environment variable: | string | |
|
The port number. Refers to the container port.
Environment variable: | int | |
|
The host port.
Environment variable: | int | |
|
The application path (refers to web application path).
Environment variable: | string |
|
|
The protocol.
Environment variable: |
|
|
|
The nodePort to which this port should be mapped to. This only takes affect when the serviceType is set to node-port.
Environment variable: | int | |
|
If enabled, the port will be configured to use the schema HTTPS.
Environment variable: | boolean |
|
|
Image pull policy.
Environment variable: |
|
|
|
The image pull secret.
Environment variable: | list of string | |
|
Enable generation of image pull secret, when the container image username and password are provided.
Environment variable: | boolean |
|
|
The port number to use when configuring the
Environment variable: | int | |
|
The port name for selecting the port of the
Environment variable: | string | |
|
The http path to use for the probe. For this to work, the container port also needs to be set. Assuming the container port has been set (as per above comment), if execAction or tcpSocketAction are not set, an HTTP probe will be used automatically even if no path is set (which will result in the root path being used). If Smallrye Health is used, the path will automatically be set according to the health check path.
Environment variable: | string | |
|
The scheme of the
Environment variable: | string | |
|
The command to use for the probe.
Environment variable: | string | |
|
The tcp socket to use for the probe (the format is host:port).
Environment variable: | string | |
|
The gRPC port to use for the probe (the format is either port or port:service).
Environment variable: | string | |
|
If enabled and
Environment variable: | boolean |
|
|
The amount of time to wait before starting to probe.
Environment variable: |
| |
|
The period in which the action should be called.
Environment variable: |
| |
|
The amount of time to wait for each action.
Environment variable: |
| |
|
The success threshold to use.
Environment variable: | int |
|
|
The failure threshold to use.
Environment variable: | int |
|
|
The port number to use when configuring the
Environment variable: | int | |
|
The port name for selecting the port of the
Environment variable: | string | |
|
The http path to use for the probe. For this to work, the container port also needs to be set. Assuming the container port has been set (as per above comment), if execAction or tcpSocketAction are not set, an HTTP probe will be used automatically even if no path is set (which will result in the root path being used). If Smallrye Health is used, the path will automatically be set according to the health check path.
Environment variable: | string | |
|
The scheme of the
Environment variable: | string | |
|
The command to use for the probe.
Environment variable: | string | |
|
The tcp socket to use for the probe (the format is host:port).
Environment variable: | string | |
|
The gRPC port to use for the probe (the format is either port or port:service).
Environment variable: | string | |
|
If enabled and
Environment variable: | boolean |
|
|
The amount of time to wait before starting to probe.
Environment variable: |
| |
|
The period in which the action should be called.
Environment variable: |
| |
|
The amount of time to wait for each action.
Environment variable: |
| |
|
The success threshold to use.
Environment variable: | int |
|
|
The failure threshold to use.
Environment variable: | int |
|
|
The port number to use when configuring the
Environment variable: | int | |
|
The port name for selecting the port of the
Environment variable: | string | |
|
The http path to use for the probe. For this to work, the container port also needs to be set. Assuming the container port has been set (as per above comment), if execAction or tcpSocketAction are not set, an HTTP probe will be used automatically even if no path is set (which will result in the root path being used). If Smallrye Health is used, the path will automatically be set according to the health check path.
Environment variable: | string | |
|
The scheme of the
Environment variable: | string | |
|
The command to use for the probe.
Environment variable: | string | |
|
The tcp socket to use for the probe (the format is host:port).
Environment variable: | string | |
|
The gRPC port to use for the probe (the format is either port or port:service).
Environment variable: | string | |
|
If enabled and
Environment variable: | boolean |
|
|
The amount of time to wait before starting to probe.
Environment variable: |
| |
|
The period in which the action should be called.
Environment variable: |
| |
|
The amount of time to wait for each action.
Environment variable: |
| |
|
The success threshold to use.
Environment variable: | int |
|
|
The failure threshold to use.
Environment variable: | int |
|
|
When true (the default), emit a set of annotations to identify services that should be scraped by prometheus for metrics. In configurations that use the Prometheus operator with ServiceMonitor, annotations may not be necessary.
Environment variable: | boolean |
|
|
When true (the default), emit a set of annotations to identify services that should be scraped by prometheus for metrics. In configurations that use the Prometheus operator with ServiceMonitor, annotations may not be necessary.
Environment variable: | boolean |
|
|
Define the annotation prefix used for scrape values, this value will be used as the base for other annotation name defaults. Altering the base for generated annotations can make it easier to define re-labeling rules and avoid unexpected knock-on effects. The default value is
Environment variable: | string |
|
|
Define the annotation used to indicate services that should be scraped. By default,
Environment variable: | string | |
|
Define the annotation used to indicate the path to scrape. By default,
Environment variable: | string | |
|
Define the annotation used to indicate the port to scrape. By default,
Environment variable: | string | |
|
Define the annotation used to indicate the scheme to use for scraping By default,
Environment variable: | string | |
|
The name of the volumeName to mount.
Environment variable: | string | |
|
The path to mount.
Environment variable: | string | |
|
Path within the volumeName from which the container’s volumeName should be mounted.
Environment variable: | string | |
|
ReadOnly.
Environment variable: | boolean |
|
|
The name of the secret to mount.
Environment variable: | string |
required
|
|
Default mode. When specifying an octal number, leading zero must be present.
Environment variable: | string |
|
|
The path where the file will be mounted.
Environment variable: | string |
required
|
|
It must be a value between 0000 and 0777. If not specified, the volume defaultMode will be used.
Environment variable: | int |
|
|
Optional
Environment variable: | boolean |
|
|
The name of the ConfigMap to mount.
Environment variable: | string |
required
|
|
Default mode. When specifying an octal number, leading zero must be present.
Environment variable: | string |
|
|
The path where the file will be mounted.
Environment variable: | string |
required
|
|
It must be a value between 0000 and 0777. If not specified, the volume defaultMode will be used.
Environment variable: | int |
|
|
Optional
Environment variable: | boolean |
|
|
EmptyDir volumes.
Environment variable: | list of string | |
|
Git repository URL.
Environment variable: | string |
required
|
|
The directory of the repository to mount.
Environment variable: | string | |
|
The commit hash to use.
Environment variable: | string | |
|
The name of the claim to mount.
Environment variable: | string |
required
|
|
Default mode. When specifying an octal number, leading zero must be present.
Environment variable: | string |
|
|
Optional
Environment variable: | boolean |
|
|
The name of the disk to mount.
Environment variable: | string |
required
|
|
The partition.
Environment variable: | int | |
|
Filesystem type.
Environment variable: | string |
|
|
Whether the volumeName is read only or not.
Environment variable: | boolean |
|
|
The share name.
Environment variable: | string |
required
|
|
The secret name.
Environment variable: | string |
required
|
|
Whether the volumeName is read only or not.
Environment variable: | boolean |
|
|
The name of the disk to mount.
Environment variable: | string |
required
|
|
The URI of the vhd blob object OR the resourceID of an Azure managed data disk if Kind is Managed
Environment variable: | string |
required
|
|
Kind of disk.
Environment variable: |
|
|
|
Disk caching mode.
Environment variable: |
|
|
|
File system type.
Environment variable: | string |
|
|
Whether the volumeName is read only or not.
Environment variable: | boolean |
|
|
The optional list of Secret names to load environment variables from.
Environment variable: | list of string | |
|
The optional list of ConfigMap names to load environment variables from.
Environment variable: | list of string | |
|
The map associating environment variable names to their associated field references they take their value from.
Environment variable: | Map<String,String> | |
|
The environment variable value
Environment variable: | string | |
|
The optional name of the Secret from which a value is to be extracted. Mutually exclusive with
Environment variable: | string | |
|
The optional name of the ConfigMap from which a value is to be extracted. Mutually exclusive with
Environment variable: | string | |
|
The key identifying the field from which the value is extracted.
Environment variable: | string |
required
|
|
The optional prefix to use when adding the environment variable to the container.
Environment variable: | string | |
|
The optional prefix to use when adding the environment variable to the container.
Environment variable: | string | |
|
The container image.
Environment variable: | string | |
|
Working directory.
Environment variable: | string | |
|
The commands
Environment variable: | list of string | |
|
The arguments
Environment variable: | list of string | |
|
The service account.
Environment variable: | string | |
|
The host under which the application is going to be exposed.
Environment variable: | string | |
|
The port number. Refers to the container port.
Environment variable: | int | |
|
The host port.
Environment variable: | int | |
|
The application path (refers to web application path).
Environment variable: | string |
|
|
The protocol.
Environment variable: |
|
|
|
The nodePort to which this port should be mapped to. This only takes affect when the serviceType is set to node-port.
Environment variable: | int | |
|
If enabled, the port will be configured to use the schema HTTPS.
Environment variable: | boolean |
|
|
Image pull policy.
Environment variable: |
|
|
|
The image pull secrets.
Environment variable: | list of string | |
|
The port number to use when configuring the
Environment variable: | int | |
|
The port name for selecting the port of the
Environment variable: | string | |
|
The http path to use for the probe. For this to work, the container port also needs to be set. Assuming the container port has been set (as per above comment), if execAction or tcpSocketAction are not set, an HTTP probe will be used automatically even if no path is set (which will result in the root path being used). If Smallrye Health is used, the path will automatically be set according to the health check path.
Environment variable: | string | |
|
The scheme of the
Environment variable: | string | |
|
The command to use for the probe.
Environment variable: | string | |
|
The tcp socket to use for the probe (the format is host:port).
Environment variable: | string | |
|
The gRPC port to use for the probe (the format is either port or port:service).
Environment variable: | string | |
|
If enabled and
Environment variable: | boolean |
|
|
The amount of time to wait before starting to probe.
Environment variable: |
| |
|
The period in which the action should be called.
Environment variable: |
| |
|
The amount of time to wait for each action.
Environment variable: |
| |
|
The success threshold to use.
Environment variable: | int |
|
|
The failure threshold to use.
Environment variable: | int |
|
|
The port number to use when configuring the
Environment variable: | int | |
|
The port name for selecting the port of the
Environment variable: | string | |
|
The http path to use for the probe. For this to work, the container port also needs to be set. Assuming the container port has been set (as per above comment), if execAction or tcpSocketAction are not set, an HTTP probe will be used automatically even if no path is set (which will result in the root path being used). If Smallrye Health is used, the path will automatically be set according to the health check path.
Environment variable: | string | |
|
The scheme of the
Environment variable: | string | |
|
The command to use for the probe.
Environment variable: | string | |
|
The tcp socket to use for the probe (the format is host:port).
Environment variable: | string | |
|
The gRPC port to use for the probe (the format is either port or port:service).
Environment variable: | string | |
|
If enabled and
Environment variable: | boolean |
|
|
The amount of time to wait before starting to probe.
Environment variable: |
| |
|
The period in which the action should be called.
Environment variable: |
| |
|
The amount of time to wait for each action.
Environment variable: |
| |
|
The success threshold to use.
Environment variable: | int |
|
|
The failure threshold to use.
Environment variable: | int |
|
|
The name of the volumeName to mount.
Environment variable: | string | |
|
The path to mount.
Environment variable: | string | |
|
Path within the volumeName from which the container’s volumeName should be mounted.
Environment variable: | string | |
|
ReadOnly.
Environment variable: | boolean |
|
|
CPU Requirements
Environment variable: | string | |
|
Memory Requirements
Environment variable: | string | |
|
CPU Requirements
Environment variable: | string | |
|
Memory Requirements
Environment variable: | string | |
|
The optional list of Secret names to load environment variables from.
Environment variable: | list of string | |
|
The optional list of ConfigMap names to load environment variables from.
Environment variable: | list of string | |
|
The map associating environment variable names to their associated field references they take their value from.
Environment variable: | Map<String,String> | |
|
The environment variable value
Environment variable: | string | |
|
The optional name of the Secret from which a value is to be extracted. Mutually exclusive with
Environment variable: | string | |
|
The optional name of the ConfigMap from which a value is to be extracted. Mutually exclusive with
Environment variable: | string | |
|
The key identifying the field from which the value is extracted.
Environment variable: | string |
required
|
|
The optional prefix to use when adding the environment variable to the container.
Environment variable: | string | |
|
The optional prefix to use when adding the environment variable to the container.
Environment variable: | string | |
|
The container image.
Environment variable: | string | |
|
Working directory.
Environment variable: | string | |
|
The commands
Environment variable: | list of string | |
|
The arguments
Environment variable: | list of string | |
|
The service account.
Environment variable: | string | |
|
The host under which the application is going to be exposed.
Environment variable: | string | |
|
The port number. Refers to the container port.
Environment variable: | int | |
|
The host port.
Environment variable: | int | |
|
The application path (refers to web application path).
Environment variable: | string |
|
|
The protocol.
Environment variable: |
|
|
|
The nodePort to which this port should be mapped to. This only takes affect when the serviceType is set to node-port.
Environment variable: | int | |
|
If enabled, the port will be configured to use the schema HTTPS.
Environment variable: | boolean |
|
|
Image pull policy.
Environment variable: |
|
|
|
The image pull secrets.
Environment variable: | list of string | |
|
The port number to use when configuring the
Environment variable: | int | |
|
The port name for selecting the port of the
Environment variable: | string | |
|
The http path to use for the probe. For this to work, the container port also needs to be set. Assuming the container port has been set (as per above comment), if execAction or tcpSocketAction are not set, an HTTP probe will be used automatically even if no path is set (which will result in the root path being used). If Smallrye Health is used, the path will automatically be set according to the health check path.
Environment variable: | string | |
|
The scheme of the
Environment variable: | string | |
|
The command to use for the probe.
Environment variable: | string | |
|
The tcp socket to use for the probe (the format is host:port).
Environment variable: | string | |
|
The gRPC port to use for the probe (the format is either port or port:service).
Environment variable: | string | |
|
If enabled and
Environment variable: | boolean |
|
|
The amount of time to wait before starting to probe.
Environment variable: |
| |
|
The period in which the action should be called.
Environment variable: |
| |
|
The amount of time to wait for each action.
Environment variable: |
| |
|
The success threshold to use.
Environment variable: | int |
|
|
The failure threshold to use.
Environment variable: | int |
|
|
The port number to use when configuring the
Environment variable: | int | |
|
The port name for selecting the port of the
Environment variable: | string | |
|
The http path to use for the probe. For this to work, the container port also needs to be set. Assuming the container port has been set (as per above comment), if execAction or tcpSocketAction are not set, an HTTP probe will be used automatically even if no path is set (which will result in the root path being used). If Smallrye Health is used, the path will automatically be set according to the health check path.
Environment variable: | string | |
|
The scheme of the
Environment variable: | string | |
|
The command to use for the probe.
Environment variable: | string | |
|
The tcp socket to use for the probe (the format is host:port).
Environment variable: | string | |
|
The gRPC port to use for the probe (the format is either port or port:service).
Environment variable: | string | |
|
If enabled and
Environment variable: | boolean |
|
|
The amount of time to wait before starting to probe.
Environment variable: |
| |
|
The period in which the action should be called.
Environment variable: |
| |
|
The amount of time to wait for each action.
Environment variable: |
| |
|
The success threshold to use.
Environment variable: | int |
|
|
The failure threshold to use.
Environment variable: | int |
|
|
The name of the volumeName to mount.
Environment variable: | string | |
|
The path to mount.
Environment variable: | string | |
|
Path within the volumeName from which the container’s volumeName should be mounted.
Environment variable: | string | |
|
ReadOnly.
Environment variable: | boolean |
|
|
CPU Requirements
Environment variable: | string | |
|
Memory Requirements
Environment variable: | string | |
|
CPU Requirements
Environment variable: | string | |
|
Memory Requirements
Environment variable: | string | |
|
The ip address.
Environment variable: | string | |
|
The hostnames to resolve to the ip.
Environment variable: | list of string | |
|
The key of the nodeSelector.
Environment variable: | string |
required
|
|
The value of the nodeSelector.
Environment variable: | string |
required
|
|
CPU Requirements
Environment variable: | string | |
|
Memory Requirements
Environment variable: | string | |
|
CPU Requirements
Environment variable: | string | |
|
Memory Requirements
Environment variable: | string | |
|
If set, the secret will mounted to the application container and its contents will be used for application configuration.
Environment variable: | string | |
|
If set, the config map will be mounted to the application container and its contents will be used for application configuration.
Environment variable: | string | |
|
The name of the role.
Environment variable: | string | |
|
The namespace of the role.
Environment variable: | string | |
|
Labels to add into the Role resource.
Environment variable: | Map<String,String> | |
|
API groups of the policy rule.
Environment variable: | list of string | |
|
Non resource URLs of the policy rule.
Environment variable: | list of string | |
|
Resource names of the policy rule.
Environment variable: | list of string | |
|
Resources of the policy rule.
Environment variable: | list of string | |
|
Verbs of the policy rule.
Environment variable: | list of string | |
|
The name of the cluster role.
Environment variable: | string | |
|
Labels to add into the ClusterRole resource.
Environment variable: | Map<String,String> | |
|
API groups of the policy rule.
Environment variable: | list of string | |
|
Non resource URLs of the policy rule.
Environment variable: | list of string | |
|
Resource names of the policy rule.
Environment variable: | list of string | |
|
Resources of the policy rule.
Environment variable: | list of string | |
|
Verbs of the policy rule.
Environment variable: | list of string | |
|
The name of the service account.
Environment variable: | string | |
|
The namespace of the service account.
Environment variable: | string | |
|
Labels of the service account.
Environment variable: | Map<String,String> | |
|
If true, this service account will be used in the generated Deployment resource.
Environment variable: | boolean | |
|
Name of the RoleBinding resource to be generated. If not provided, it will use the application name plus the role ref name.
Environment variable: | string | |
|
Labels to add into the RoleBinding resource.
Environment variable: | Map<String,String> | |
|
The name of the Role resource to use by the RoleRef element in the generated Role Binding resource. By default, it’s "view" role name.
Environment variable: | string | |
|
If the Role sets in the
Environment variable: | boolean | |
|
The "name" resource to use by the Subject element in the generated Role Binding resource.
Environment variable: | string | |
|
The "kind" resource to use by the Subject element in the generated Role Binding resource. By default, it uses the "ServiceAccount" kind.
Environment variable: | string |
|
|
The "apiGroup" resource that matches with the "kind" property. By default, it’s empty.
Environment variable: | string | |
|
The "namespace" resource to use by the Subject element in the generated Role Binding resource. By default, it will use the same as provided in the generated resources.
Environment variable: | string | |
|
Name of the ClusterRoleBinding resource to be generated. If not provided, it will use the application name plus the role ref name.
Environment variable: | string | |
|
Labels to add into the RoleBinding resource.
Environment variable: | Map<String,String> | |
|
The name of the ClusterRole resource to use by the RoleRef element in the generated ClusterRoleBinding resource.
Environment variable: | string |
required
|
|
The "name" resource to use by the Subject element in the generated Role Binding resource.
Environment variable: | string | |
|
The "kind" resource to use by the Subject element in the generated Role Binding resource. By default, it uses the "ServiceAccount" kind.
Environment variable: | string |
|
|
The "apiGroup" resource that matches with the "kind" property. By default, it’s empty.
Environment variable: | string | |
|
The "namespace" resource to use by the Subject element in the generated Role Binding resource. By default, it will use the same as provided in the generated resources.
Environment variable: | string | |
|
The SELinux level label that applies to the container.
Environment variable: | string | |
|
The SELinux role label that applies to the container.
Environment variable: | string | |
|
The SELinux type label that applies to the container.
Environment variable: | string | |
|
The SELinux user label that applies to the container.
Environment variable: | string | |
|
The name of the GMSA credential spec to use.
Environment variable: | string | |
|
GMSACredentialSpec is where the GMSA admission webhook (windows-gsma) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.
Environment variable: | string | |
|
The UserName in Windows to run the entrypoint of the container process.
Environment variable: | string | |
|
HostProcess determines if a container should be run as a 'Host Process' container.
Environment variable: | boolean | |
|
The UID to run the entrypoint of the container process.
Environment variable: | long | |
|
The GID to run the entrypoint of the container process.
Environment variable: | long | |
|
Indicates that the container must run as a non-root user.
Environment variable: | boolean | |
|
A list of groups applied to the first process run in each container, in addition to the container’s primary GID. If unspecified, no groups will be added to any container.
Environment variable: | list of long | |
|
A special supplemental group that applies to all containers in a pod.
Environment variable: | long | |
|
Sysctls hold a list of namespaced sysctls used for the pod.
Environment variable: | Map<String,String> | |
|
It holds policies that will be used for applying fsGroup to a volume when volume is mounted. Values: OnRootMismatch, Always
Environment variable: | on-root-mismatch: It indicates that volume’s ownership and permissions will be changed only when permission and ownership of root directory does not match with expected permissions on the volume. always: It indicates that volume’s ownership and permissions should always be changed whenever volume is mounted inside a Pod. This the default behavior. | |
|
Switch used to control whether non-idempotent fields are included in generated kubernetes resources to improve git-ops compatibility.
Environment variable: | boolean |
|
|
Whether the vcs-uri annotation should be added to the generated configuration.
Environment variable: | boolean |
|
|
Optional override of the vcs-uri annotation.
Environment variable: | string | |
|
The OpenShift flavor / version to use. Older versions of OpenShift have minor differences in the labels and fields they support. This option allows users to have their manifests automatically aligned to the OpenShift 'flavor' they use.
Environment variable: |
|
|
|
The kind of the deployment resource to use. Supported values are 'Deployment', 'StatefulSet', 'Job', 'CronJob' and 'DeploymentConfig'. Defaults to 'DeploymentConfig' if
Environment variable: |
| |
|
The number of desired pods
Environment variable: | int |
|
|
The nodePort to set when serviceType is set to nodePort
Environment variable: | int | |
|
If true, the service will be exposed
Environment variable: | boolean |
|
|
The host under which the application is going to be exposed
Environment variable: | string | |
|
The target named port. If not provided, it will be deducted from the Service resource ports. Options are: "http" and "https".
Environment variable: | string |
|
|
Custom annotations to add to exposition (route or ingress) resources
Environment variable: | Map<String,String> | |
|
Custom labels to add to exposition (route or ingress) resources
Environment variable: | Map<String,String> | |
|
The cert authority certificate contents.
Environment variable: | string | |
|
The certificate contents.
Environment variable: | string | |
|
The contents of the ca certificate of the final destination.
Environment variable: | string | |
|
The desired behavior for insecure connections to a route.
Environment variable: | string | |
|
The key file contents.
Environment variable: | string | |
|
The termination type.
Environment variable: | string | |
|
Specifies the maximum desired number of pods the job should run at any given time.
Environment variable: | int | |
|
Specifies the desired number of successfully finished pods the job should be run with.
Environment variable: | int | |
|
CompletionMode specifies how Pod completions are tracked.
Environment variable: |
|
|
|
Specifies the number of retries before marking this job failed.
Environment variable: | int | |
|
Specifies the duration in seconds relative to the startTime that the job may be continuously active before the system tries to terminate it; value must be positive integer.
Environment variable: | long | |
|
Limits the lifetime of a Job that has finished execution (either Complete or Failed). If this field is set, ttlSecondsAfterFinished after the Job finishes, it is eligible to be automatically deleted.
Environment variable: | int | |
|
Suspend specifies whether the Job controller should create Pods or not.
Environment variable: | boolean |
|
|
Restart policy when the job container fails.
Environment variable: |
|
|
|
The schedule in Cron format, see Cron.
Environment variable: | string | |
|
The time zone for the job schedule. The default value is the local time of the kube-controller-manager.
Environment variable: | string | |
|
ConcurrencyPolicy describes how the job will be handled.
Environment variable: |
|
|
|
Deadline in seconds for starting the job if it misses scheduled time for any reason. Missed jobs executions will be counted as failed ones.
Environment variable: | long | |
|
The number of failed finished jobs to retain. The default value is 1.
Environment variable: | int | |
|
The number of successful finished jobs to retain. The default value is 3.
Environment variable: | int | |
|
Specifies the maximum desired number of pods the job should run at any given time.
Environment variable: | int | |
|
Specifies the desired number of successfully finished pods the job should be run with.
Environment variable: | int | |
|
CompletionMode specifies how Pod completions are tracked.
Environment variable: |
|
|
|
Specifies the number of retries before marking this job failed.
Environment variable: | int | |
|
Specifies the duration in seconds relative to the startTime that the job may be continuously active before the system tries to terminate it; value must be positive integer.
Environment variable: | long | |
|
Limits the lifetime of a Job that has finished execution (either Complete or Failed). If this field is set, ttlSecondsAfterFinished after the Job finishes, it is eligible to be automatically deleted.
Environment variable: | int | |
|
Suspend specifies whether the Job controller should create Pods or not.
Environment variable: | boolean |
|
|
Restart policy when the job container fails.
Environment variable: |
|
|
|
If true, the debug mode in pods will be enabled.
Environment variable: | boolean |
|
|
The transport to use.
Environment variable: | string |
|
|
If enabled, it means the JVM will wait for the debugger to attach before executing the main class. If false, the JVM will immediately execute the main class, while listening for the debugger connection.
Environment variable: | string |
|
|
It specifies the address at which the debug socket will listen.
Environment variable: | int |
|
|
If true, the init task will be generated. Otherwise, the init task resource generation will be skipped.
Environment variable: | boolean |
|
|
The init task image to use by the init container.
Environment variable: | string |
|
|
Image pull policy.
Environment variable: |
|
|
|
If true, the init task will be generated. Otherwise, the init task resource generation will be skipped.
Environment variable: | boolean |
|
|
The init task image to use by the init container.
Environment variable: | string |
|
|
Image pull policy.
Environment variable: |
|
|
|
If set to true, Quarkus will attempt to deploy the application to the target Kubernetes cluster
Environment variable: | boolean |
|
|
If deploy is enabled, it will follow this strategy to update the resources to the target Kubernetes cluster.
Environment variable: |
|
|
To write duration values, use the standard java.time.Duration format. See the Duration#parse() Java API documentation for more information.
You can also use a simplified format, starting with a number:
- If the value is only a number, it represents time in seconds.
-
If the value is a number followed by
ms, it represents time in milliseconds.
In other cases, the simplified format is translated to the java.time.Duration format for parsing:
-
If the value is a number followed by
h,m, ors, it is prefixed withPT. -
If the value is a number followed by
d, it is prefixed withP.
Chapter 2. Deploying Red Hat build of Quarkus applications to OpenShift Container Platform in a single step
As an application developer, you build and deploy your Red Hat build of Quarkus applications to OpenShift Container Platform in a single step. Complete one of the following commands:
Using the Quarkus CLI:
quarkus build quarkus deploy openshift
Copy to clipboardCopiedquarkus build quarkus deploy openshiftUsing Maven:
./mvnw install -Dquarkus.openshift.deploy=true
Copy to clipboardCopied./mvnw install -Dquarkus.openshift.deploy=trueUsing Gradle:
./gradlew build -Dquarkus.openshift.deploy=true
Copy to clipboardCopied./gradlew build -Dquarkus.openshift.deploy=true
With these commands, you build your application locally, trigger a container image build, and apply the generated OpenShift Container Platform resources automatically.
The generated resources use a Kubernetes Deployment, but still make use of OpenShift-specific resources, such as Route, BuildConfig, and so on.
2.1. Prerequisites
- You have OpenJDK 17 or later installed.
-
You have set the
JAVA_HOMEenvironment variable to the location of the Java SDK. -
You have access to an OpenShift Container Platform cluster and the latest compatible version of the
ocCLI tool installed. - You are working in the correct OpenShift project namespace.
To run this deployment, it is not necessary to have the quarkus-openshift extension included in your Red Hat build of Quarkus project.
2.2. Procedure
- Trigger a build and deployment in a single step:
Using the Quarkus CLI:
quarkus build quarkus deploy openshift
Copy to clipboardCopiedquarkus build quarkus deploy openshiftUsing Maven:
./mvnw install -Dquarkus.openshift.deploy=true
Copy to clipboardCopied./mvnw install -Dquarkus.openshift.deploy=trueUsing Gradle:
./gradlew build -Dquarkus.openshift.deploy=true
Copy to clipboardCopied./gradlew build -Dquarkus.openshift.deploy=true
If you want to test your application immediately, set the quarkus.openshift.route.expose configuration property to true to expose the service automatically.
For example, add -Dquarkus.openshift.route.expose=true to the above command. For more information, see Exposing routes.
As of OpenShift Container Platform 4.14, the DeploymentConfig object is deprecated. Deployment is now the default and preferred deployment kind for the quarkus-openshift extension.
Because of this change, consider the following:
-
If you redeploy applications that you previously deployed by using
DeploymentConfig, by default, those applications useDeploymentbut do not remove the previousDeploymentConfig. This leads to a deployment of both new and old applications, so, you must remove the oldDeploymentConfigmanually. If you want to continue to useDeploymentConfig, it is still possible to do so by explicitly settingquarkus.openshift.deployment-kindtoDeploymentConfig. -
Deploymentis a Kubernetes resource and not OpenShift specific, so it cannot leverageImageStreamresources, as is the case withDeploymentConfig. Therefore, the image references must include the container image registry that hosts the image.
For more information about the deprecation, how to set up and use automatic rollbacks, triggers, lifecycle hooks, and custom strategies, see the Red Hat Knowledgebase article DeploymentConfig API is being deprecated in Red Hat OpenShift Container Platform 4.14.
2.3. Verification
Verify that an image stream and a service resource are created and the application is deployed by using the OpenShift Container Platform web console.
quarkus.container-image.group=<project/namespace name>
Copy to clipboardCopiedquarkus.container-image.group=<project/namespace name>Alternatively, run the following OpenShift Container Platform command-line interface (CLI) commands:
oc get is 1 oc get pods 2 oc get svc 3
Copy to clipboardCopiedoc get is 1 oc get pods 2 oc get svc 3To get the log output for your application’s pod, enter the following command:
oc logs -f <pod_name>
Copy to clipboardCopiedoc logs -f <pod_name>By default, the service is not exposed to the outside world. Therefore, if you did not expose the created service automatically by setting the
quarkus.openshift.route.expose=trueproperty before building the application, you can expose the service manually.oc expose svc/openshift-quickstart 1 oc get routes 2 curl http://<route>/hello 3
Copy to clipboardCopiedoc expose svc/openshift-quickstart 1 oc get routes 2 curl http://<route>/hello 3
2.4. References
Chapter 3. Deploying Red Hat build of Quarkus Java applications to OpenShift Container Platform by using a Docker build strategy
As an application developer, you can deploy your applications to OpenShift Container Platform by using the Docker build strategy as a deployment option.
This stategy builds the artifacts outside the OpenShift Container Platform cluster, locally or in a CI environment, and provides them to the OpenShift Container Platform build system together with a Dockerfile. The artifacts include JAR files or a native executable. The OpenShift Container Platform cluster builds the container and provides it as an image stream.
This functionality is provided by the quarkus-openshift extension. If you want to use a custom Dockerfile, add the file to the src/main/docker directory or any location inside the module. Additionally, set the path to your Dockerfile by using the quarkus.openshift.jvm-dockerfile property.
3.1. Prerequisites
- You have OpenJDK 17 or 21 installed.
-
You have set the
JAVA_HOMEenvironment variable to the location of the Java SDK. - You have Apache Maven 3.8.6 or later installed.
-
You have a Quarkus project that includes the
quarkus-openshiftextension. -
You have access to a OpenShift Container Platform cluster and the latest compatible version of the
ocCLI tool installed. - You are working in the correct OpenShift project namespace.
3.2. Procedure
Set the Docker build strategy in your
application.propertiesconfiguration file:quarkus.openshift.build-strategy=docker
Copy to clipboardCopiedquarkus.openshift.build-strategy=dockerOptional: Set the following properties in the
application.propertiesfile, based on your environment:If you are using an untrusted certificate, enable certificate trust for the
KubernetesClient:quarkus.kubernetes-client.trust-certs=true
Copy to clipboardCopiedquarkus.kubernetes-client.trust-certs=trueTo expose the service and create an OpenShift Container Platform route, set the following property:
quarkus.openshift.route.expose=true
Copy to clipboardCopiedquarkus.openshift.route.expose=trueTo use a custom Dockerfile instead of the pregenerated Dockerfiles, set the path to your Dockerfile:
quarkus.openshift.jvm-dockerfile=<path_to_your_dockerfile>
Copy to clipboardCopiedquarkus.openshift.jvm-dockerfile=<path_to_your_dockerfile>For example, to specify a custom Dockerfile named
Dockerfile.custom-jvm:quarkus.openshift.jvm-dockerfile=src/main/resources/Dockerfile.custom-jvm
Copy to clipboardCopiedquarkus.openshift.jvm-dockerfile=src/main/resources/Dockerfile.custom-jvm
Package and deploy your application to the current OpenShift Container Platform project:
./mvnw clean package -Dquarkus.openshift.deploy=true
Copy to clipboardCopied./mvnw clean package -Dquarkus.openshift.deploy=true
3.3. Verification
The following verification steps use the openshift-helloworld example application.
Display the list of pods associated with your current OpenShift project:
oc get pods
Copy to clipboardCopiedoc get podsNAME READY STATUS RESTARTS AGE openshift-helloworld-1-build 0/1 Completed 0 11m openshift-helloworld-1-deploy 0/1 Completed 0 10m openshift-helloworld-1-gzzrx 1/1 Running 0 10m
Copy to clipboardCopiedNAME READY STATUS RESTARTS AGE openshift-helloworld-1-build 0/1 Completed 0 11m openshift-helloworld-1-deploy 0/1 Completed 0 10m openshift-helloworld-1-gzzrx 1/1 Running 0 10mTo get the log output for your application’s pod, use the
oc logs -fcommand with its name. The following example uses theopenshift-helloworld-1-gzzrxpod name, which corresponds to the latest pod prefixed with the name of your application:oc logs -f openshift-helloworld-1-gzzrx
Copy to clipboardCopiedoc logs -f openshift-helloworld-1-gzzrxStarting the Java application using /opt/jboss/container/java/run/run-java.sh ... INFO exec -a "java" java -Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager -XX:MaxRAMPercentage=50.0 -XX:+UseParallelGC -XX:MinHeapFreeRatio=10 -XX:MaxHeapFreeRatio=20 -XX:GCTimeRatio=4 -XX:AdaptiveSizePolicyWeight=90 -XX:+ExitOnOutOfMemoryError -cp "." -jar /deployments/quarkus-run.jar __ ____ __ _____ ___ __ ____ ______ --/ __ \/ / / / _ | / _ \/ //_/ / / / __/ -/ /_/ / /_/ / __ |/ , _/ ,< / /_/ /\ \ --\___\_\____/_/ |_/_/|_/_/|_|\____/___/ 2024-09-17 10:23:25,254 INFO [io.quarkus] (main) getting-started 1.0.0-SNAPSHOT on JVM (powered by Quarkus 3.20.0.redhat-00002) started in 0.653s. Listening on: http://0.0.0.0:8080 2024-09-17 10:23:25,281 INFO [io.quarkus] (main) Profile prod activated. 2024-09-17 10:23:25,281 INFO [io.quarkus] (main) Installed features: [cdi, kubernetes, rest, smallrye-context-propagation, vertx]
Copy to clipboardCopiedStarting the Java application using /opt/jboss/container/java/run/run-java.sh ... INFO exec -a "java" java -Dquarkus.http.host=0.0.0.0 -Djava.util.logging.manager=org.jboss.logmanager.LogManager -XX:MaxRAMPercentage=50.0 -XX:+UseParallelGC -XX:MinHeapFreeRatio=10 -XX:MaxHeapFreeRatio=20 -XX:GCTimeRatio=4 -XX:AdaptiveSizePolicyWeight=90 -XX:+ExitOnOutOfMemoryError -cp "." -jar /deployments/quarkus-run.jar __ ____ __ _____ ___ __ ____ ______ --/ __ \/ / / / _ | / _ \/ //_/ / / / __/ -/ /_/ / /_/ / __ |/ , _/ ,< / /_/ /\ \ --\___\_\____/_/ |_/_/|_/_/|_|\____/___/ 2024-09-17 10:23:25,254 INFO [io.quarkus] (main) getting-started 1.0.0-SNAPSHOT on JVM (powered by Quarkus 3.20.0.redhat-00002) started in 0.653s. Listening on: http://0.0.0.0:8080 2024-09-17 10:23:25,281 INFO [io.quarkus] (main) Profile prod activated. 2024-09-17 10:23:25,281 INFO [io.quarkus] (main) Installed features: [cdi, kubernetes, rest, smallrye-context-propagation, vertx]Get a list of services:
oc get svc
Copy to clipboardCopiedoc get svcNAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE openshift-helloworld ClusterIP 172.30.64.57 <none> 80/TCP 14m
Copy to clipboardCopiedNAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE openshift-helloworld ClusterIP 172.30.64.57 <none> 80/TCP 14mGet a URL to test your application. To do so, ensure you have exposed an OpenShift Container Platform route by setting the
quarkus.openshift.route.expose=trueproperty in theapplication.propertiesfile before building the application.oc get routes
Copy to clipboardCopiedoc get routesNAME HOST/PORT PATH SERVICES PORT TERMINATION WILDCARD openshift-helloworld openshift-helloworld-username-dev.apps.sandbox-m2.ll9k.p1.openshiftapps.com openshift-helloworld http None
Copy to clipboardCopiedNAME HOST/PORT PATH SERVICES PORT TERMINATION WILDCARD openshift-helloworld openshift-helloworld-username-dev.apps.sandbox-m2.ll9k.p1.openshiftapps.com openshift-helloworld http NoneNoteBe aware that the route is now listening on port 80 and is no longer on port 8080.
You can test the application demonstrated in this example with a web browser or a terminal by using
curland the complete URL output fromoc get routes, that is, "http://openshift-helloworld-username-dev.apps.sandbox-m2.ll9k.p1.openshiftapps.com".For example:
curl http://openshift-helloworld-username-dev.apps.sandbox-m2.ll9k.p1.openshiftapps.com.
3.4. References
Chapter 4. Using S2I to deploy Red Hat build of Quarkus applications to OpenShift Container Platform
You can deploy your Red Hat build of Quarkus applications to Red Hat OpenShift Container Platform by using the Source-to-Image (S2I) method. With S2I, you must provide the source code to the build container through a Git repository or by uploading the source code at build time.
The deployment procedure differs based on the Java version your Red Hat build of Quarkus application uses.
4.1. Deploying Red Hat build of Quarkus applications to OpenShift Container Platform with Java 17
You can deploy Red Hat build of Quarkus applications that run Java 17 to OpenShift Container Platform by using the S2I method.
4.1.1. Prerequisites
- You have a Quarkus application built with Java 17.
-
Optional: You have a Quarkus project that includes the
quarkus-openshiftextension. - You are working in the correct OpenShift project namespace.
- Your project is hosted in a Git repository.
4.1.2. Procedure
Open the
pom.xmlfile, and set the Java version to 17:<maven.compiler.source>17</maven.compiler.source> <maven.compiler.target>17</maven.compiler.target>
Copy to clipboardCopied<maven.compiler.source>17</maven.compiler.source> <maven.compiler.target>17</maven.compiler.target>Package your Java 17 application, by entering the following command:
./mvnw clean package
Copy to clipboardCopied./mvnw clean package-
Create a directory called
.s2iat the same level as thepom.xmlfile. Create a file called
environmentin the.s2idirectory and add the following content:MAVEN_S2I_ARTIFACT_DIRS=target/quarkus-app S2I_SOURCE_DEPLOYMENTS_FILTER=app lib quarkus quarkus-run.jar JAVA_OPTIONS=-Dquarkus.http.host=0.0.0.0 AB_JOLOKIA_OFF=true JAVA_APP_JAR=/deployments/quarkus-run.jar
Copy to clipboardCopiedMAVEN_S2I_ARTIFACT_DIRS=target/quarkus-app S2I_SOURCE_DEPLOYMENTS_FILTER=app lib quarkus quarkus-run.jar JAVA_OPTIONS=-Dquarkus.http.host=0.0.0.0 AB_JOLOKIA_OFF=true JAVA_APP_JAR=/deployments/quarkus-run.jar- Commit and push your changes to the remote Git repository.
Import the supported OpenShift Container Platform image by entering the following command:
oc import-image ubi9/openjdk-17 --from=registry.access.redhat.com/ubi9/openjdk-17 --confirm
Copy to clipboardCopiedoc import-image ubi9/openjdk-17 --from=registry.access.redhat.com/ubi9/openjdk-17 --confirmNote- If you are using the OpenShift image registry and pulling from image streams in the same project, your pod service account must already have the correct permissions.
- If you are pulling images across other OpenShift Container Platform projects or from secured registries, additional configuration steps might be required.
For more information, see the Red Hat Openshift Container Platform documentation.
Build the project, create the application, and deploy the OpenShift Container Platform service:
oc new-app registry.access.redhat.com/ubi9/openjdk-17~<git_path> --name=<project_name>
Copy to clipboardCopiedoc new-app registry.access.redhat.com/ubi9/openjdk-17~<git_path> --name=<project_name>Replace
<git_path>with the path of the Git repository that hosts your Quarkus project. For example,oc new-app registry.access.redhat.com/ubi9/openjdk-17~https://github.com/johndoe/code-with-quarkus.git --name=code-with-quarkus.If you do not have SSH keys configured for the Git repository, when specifying the Git path, use the HTTPS URL instead of the SSH URL.
-
Replace
<project_name>with the name of your application.
To deploy an updated version of the project, push changes to the Git repository, and then run:
oc start-build <project_name>
Copy to clipboardCopiedoc start-build <project_name>To expose a route to the application, run the following command:
oc expose svc <project_name>
Copy to clipboardCopiedoc expose svc <project_name>
4.1.3. Verification
List the pods associated with your current OpenShift Container Platform project:
oc get pods
Copy to clipboardCopiedoc get podsTo get the log output for your application’s pod, run the following command, replacing
<pod_name>with the name of the latest pod prefixed by your application name:oc logs -f <pod_name>
Copy to clipboardCopiedoc logs -f <pod_name>
4.2. Deploying Red Hat build of Quarkus applications to OpenShift Container Platform with Java 21
You can deploy Red Hat build of Quarkus applications that run Java 21 to OpenShift Container Platform by using the S2I method.
4.2.1. Prerequisites
-
Optional: You have a Quarkus Maven project that includes the
quarkus-openshiftextension. - You are working in the correct OpenShift Container Platform project namespace.
- Your project is hosted in a Git repository.
4.2.2. Procedure
Open the
pom.xmlfile, and set the Java version to 21:<maven.compiler.source>21</maven.compiler.source> <maven.compiler.target>21</maven.compiler.target>
Copy to clipboardCopied<maven.compiler.source>21</maven.compiler.source> <maven.compiler.target>21</maven.compiler.target>Package your Java 21 application, by entering the following command:
./mvnw clean package
Copy to clipboardCopied./mvnw clean package-
Create a directory called
.s2iat the same level as thepom.xmlfile. Create a file called
environmentin the.s2idirectory and add the following content:MAVEN_S2I_ARTIFACT_DIRS=target/quarkus-app S2I_SOURCE_DEPLOYMENTS_FILTER=app lib quarkus quarkus-run.jar JAVA_OPTIONS=-Dquarkus.http.host=0.0.0.0 AB_JOLOKIA_OFF=true JAVA_APP_JAR=/deployments/quarkus-run.jar
Copy to clipboardCopiedMAVEN_S2I_ARTIFACT_DIRS=target/quarkus-app S2I_SOURCE_DEPLOYMENTS_FILTER=app lib quarkus quarkus-run.jar JAVA_OPTIONS=-Dquarkus.http.host=0.0.0.0 AB_JOLOKIA_OFF=true JAVA_APP_JAR=/deployments/quarkus-run.jar- Commit and push your changes to the remote Git repository.
Import the supported OpenShift Container Platform image by entering the following command:
oc import-image ubi9/openjdk-21 --from=registry.access.redhat.com/ubi9/openjdk-21 --confirm
Copy to clipboardCopiedoc import-image ubi9/openjdk-21 --from=registry.access.redhat.com/ubi9/openjdk-21 --confirmNote- If you are using the OpenShift image registry and pulling from image streams in the same project, your pod service account must already have the correct permissions.
- If you are pulling images across other OpenShift Container Platform projects or from secured registries, additional configuration steps might be required. For more information, see the Red Hat Openshift Container Platform documentation.
-
If you are deploying on IBM Z infrastructure, enter
oc import-image ubi9/openjdk-21 --from=registry.redhat.io/ubi9/openjdk-21 --confirminstead. For information about this image, see Red Hat build of OpenJDK 21.
Build the project, create the application, and deploy the OpenShift Container Platform service:
oc new-app registry.access.redhat.com/ubi9/openjdk-21~<git_path> --name=<project_name>
Copy to clipboardCopiedoc new-app registry.access.redhat.com/ubi9/openjdk-21~<git_path> --name=<project_name>Replace
<git_path>with the path of the Git repository that hosts your Quarkus project. For example,oc new-app registry.access.redhat.com/ubi9/openjdk-21~https://github.com/johndoe/code-with-quarkus.git --name=code-with-quarkus.If you do not have SSH keys configured for the Git repository, when specifying the Git path, use the HTTPS URL instead of the SSH URL.
Replace
<project_name>with the name of your application.NoteIf you are deploying on IBM Z infrastructure, enter
oc new-app ubi9/openjdk-21~<git_path> --name=<project_name>instead.
To deploy an updated version of the project, push changes to the Git repository, and then run:
oc start-build <project_name>
Copy to clipboardCopiedoc start-build <project_name>To expose a route to the application, run the following command:
oc expose svc <project_name>
Copy to clipboardCopiedoc expose svc <project_name>
4.2.3. Verification
List the pods associated with your current OpenShift Container Platform project:
oc get pods
Copy to clipboardCopiedoc get podsTo get the log output for your application’s pod, run the following command, replacing
<pod_name>with the name of the latest pod prefixed by your application name:oc logs -f <pod_name>
Copy to clipboardCopiedoc logs -f <pod_name>
4.3. References
Chapter 5. Deploying Red Hat build of Quarkus applications compiled to native executables
You can deploy your native Red Hat build of Quarkus applications to OpenShift Container Platform compiled to native executables by using the Docker build strategy.
You must create a native executable for your application that targets a supported operating system and match the architecture. This means, if you are building on Windows, you create a native Linux executable by using a container runtime, for example, Docker or Podman.
Your Quarkus project includes pregenerated Dockerfiles with instructions. If you want to use a custom Dockerfile, add the file to the src/main/docker directory or any location inside the module. Additionally, if you want to have multiple Docker files and switch between them, set the path to your preferred Dockerfile by using the quarkus.openshift.native-dockerfile property.
This guide describes this strategy by using a Quarkus project with Maven as the example project.
5.1. Prerequisites
- A supported operating system or an Open Container Initiative (OCI) compatible container runtime, such as Podman or Docker.
-
You have a Quarkus Maven project that includes the
quarkus-openshiftextension. -
You have access to an OpenShift Container Platform cluster and the latest compatible version of the
ocCLI tool installed. - You are working in the correct OpenShift project namespace.
5.2. Procedure
Set the Docker build strategy in your
application.propertiesconfiguration file:quarkus.openshift.build-strategy=docker
Copy to clipboardCopiedquarkus.openshift.build-strategy=dockerEnable container-based native builds:
quarkus.native.container-build=true
Copy to clipboardCopiedquarkus.native.container-build=trueOptional: Set the following properties in the
application.propertiesfile based on your environment:If you are using an untrusted certificate, enable certificate trust for the
KubernetesClient:quarkus.kubernetes-client.trust-certs=true
Copy to clipboardCopiedquarkus.kubernetes-client.trust-certs=trueTo expose the service and create an OpenShift Container Platform route, set the following property:
quarkus.openshift.route.expose=true
Copy to clipboardCopiedquarkus.openshift.route.expose=trueTo use a custom Dockerfile instead of the pregenerated Dockerfiles, set the path to your custom Dockerfile:
quarkus.openshift.native-dockerfile=<path_to_your_dockerfile>
Copy to clipboardCopiedquarkus.openshift.native-dockerfile=<path_to_your_dockerfile>For example, to specify a custom Dockerfile named
Dockerfile.custom-native:quarkus.openshift.native-dockerfile=src/main/docker/Dockerfile.custom-native
Copy to clipboardCopiedquarkus.openshift.native-dockerfile=src/main/docker/Dockerfile.custom-nativeSpecify the container engine:
To build a native executable with Podman:
quarkus.native.container-runtime=podman
Copy to clipboardCopiedquarkus.native.container-runtime=podmanTo build a native executable with Docker:
quarkus.native.container-runtime=docker
Copy to clipboardCopiedquarkus.native.container-runtime=docker
Finally, build the native executable, package, and deploy your application to OpenShift Container Platform:
./mvnw clean package -Pnative -Dquarkus.openshift.deploy=true
Copy to clipboardCopied./mvnw clean package -Pnative -Dquarkus.openshift.deploy=true
5.3. Verification
Verify that an image stream and a service resource are created, and that the application is deployed. Use the OpenShift Container Platform web console or the following OpenShift Container Platform command-line interface (CLI) commands:
oc get is 1 oc get pods 2 oc get svc 3
Copy to clipboardCopiedoc get is 1 oc get pods 2 oc get svc 3
To get the log output for your application’s pod, run the following command where
<pod_name>is the name of the latest pod prefixed with the name of your application:oc logs -f <pod_name>
Copy to clipboardCopiedoc logs -f <pod_name>
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}