Red Hat OpenShift Developer II: Building and Deploying Cloud-native Applications
Abstract
| Goal |
Deploy multi-container applications by using Red Hat OpenShift Templates, Helm Charts and Kustomize. |
| Objectives |
|
| Sections |
|
| Lab |
|
A Red Hat OpenShift template is a custom resource, usually defined as a YAML or a JSON file, that contains a set of OpenShift and Kubernetes resources. Templates accept parameters, so you can declare configurable values when you define these resources. OpenShift processes templates by replacing parameter references with actual values and creating a customized set of resources.
A template is useful when you want to deploy a set of resources as a single bundle, rather than deploying them one by one. The following examples are common use cases of templates:
An independent software vendor (ISV) provides a template to deploy their product on OpenShift. The template defines and configures the containers and parameters that are required to run the product. The template might also contain deployment configuration for the number of replicas, services and routes, persistent storage configuration, health checks, and limits for resources such as CPU, memory, and I/O.
Your multitier application consists of a number of separate components, such as a web server, an application server, and a database. You define these components together in a template to deploy them as a single unit on OpenShift. The template simplifies the deployment process. For example, your QA team can use the template to rapidly deploy new application instances in staging environments for testing.
Note
Templates are an OpenShift-specific feature.
Although originally intended for packaging, sharing, and deploying manifests of any Kubernetes application, templates have not been widely adopted by the Kubernetes community, which adopted Helm charts as the norm.
The syntax of a template follows the general syntax of an OpenShift resource, but with the objects attribute in place of the spec attribute.
Additionally, a template usually includes the parameters and labels attributes, as well as annotations in its metadata.
The following listing shows a sample template definition in YAML format and illustrates the main syntax elements.
apiVersion: template.openshift.io/v1 kind: Templatemetadata: name: mytemplate annotations: description: "Description"
objects:
- apiVersion: v1 kind: Pod metadata: name: myapp spec: containers: - env: - name: MYAPP_CONFIGURATION value: ${MYPARAMETER}
image: myorganization/myapplication name: myapp ports: - containerPort: 80 protocol: TCP parameters:
- description: Myapp configuration data name: MYPARAMETER required: true labels:
mylabel: myapp
| The |
| Optional annotations to be used by OpenShift |
| Resource list |
| Reference to a template parameter |
| Parameter list |
| Label list |
The resource list of a template includes Kubernetes and OpenShift resources, such as build configurations, deployments, persistent volume claims, services, and routes.
You can use parameter references, by using the ${ syntax, to set the value of any attribute in the resource list.PARAMETER_NAME}
You can define custom labels for a template. OpenShift adds these labels to all the resources included in the template.
For each object in a template, you can declare the namespace where you want to create the object.
Important
Defining the namespace of an object only works if you use a parameter reference in the namespace field in the object metadata.
If you use a hard-coded value in the namespace field, then OpenShift strips out and ignores this field.
When a template defines multiple resources, pay special attention to the order in which these resources are defined to accommodate dependencies between resources. OpenShift does not report an error if a resource references another dependent resource that does not exist.
However, the processes that these resources trigger might fail if the dependent resources are missing. For example, assume a build configuration that references an image stream as the output image. If your template defines the image stream after the build configuration, then the build configuration might start a build before the image stream exists, causing an error in the build.
The preceding example template demonstrates the definition of a required parameter, by setting the required property to true.
You can define optional parameters by omitting this property, or by setting its value to false.
Both optional and required parameters can provide default values by using the value property.
For example:
parameters:
- description: Myapp configuration data
name: MYPARAMETER
value: /etc/myapp/config.iniAdditionally, OpenShift can generate random default values for parameters if you specify a pattern with the from property, as the following example shows:
parameters:
- description: ACME cloud provider API key
name: APIKEY
generate: expression
from:"[a-zA-Z0-9]{12}"This feature is useful for secrets and passwords.
The syntax of the from property is a subset of the Perl regular expression syntax.
See the references at the end of this section for the full template parameter expression syntax.
To add a template to OpenShift, use either the oc create CLI command or the page of the web console.
Adding a template creates a new Template resource in the cluster as specified in the template definition file, the same way you would for any other kind of resource.
If the template is meant to be used by a single deployment, then you can keep the template definition in a file.
If the template is meant to be reused by multiple developers, then you might want to create the Template resource in a shared project.
Creating projects that act as template collections is a common practice.
These projects usually include other potentially shared resources, such as image streams.
Note
Templates are namespaced resources.
By default, OpenShift provides several templates in the openshift project.
Among these templates, you can find quick start templates, which are useful to bootstrap new applications in different languages.
All cluster users have read access to the openshift project, but only cluster administrators may create or delete templates in this project.
You can deploy an application directly from a template definition file.
The oc new-app and oc process commands can use a template as an input and process this file to create resources.
The oc new-app command can process a template file to create resources in OpenShift, as follows:
[user@host ~]$ oc new-app --file mytemplate.yaml -p PARAM1=value1 \
-p PARAM2=value2You can also use a template stored in the cluster.
This example processes a template called mysql-persistent:
[user@host ~]$ oc new-app --template mysql-persistent \
-p MYSQL_USER=student -p MYSQL_PASSWORD=mypassThe oc process command processes a template and produces a resource list.
You can save the resource list to a local file as follows:
[user@host ~]$ oc process -f mytemplate.yaml -p PARAM1=value1 \
-p PARAM2=value2 myresourcelist.jsonNote
You can modify the output format, which is JSON by default, by using the --output (-o) option.
The oc process command does not create the resources in OpenShift.
If you want to create the resources in the cluster, then you can pass the file that contains the resource list to the oc create command, as follows:
[user@host ~]$ oc create -f myresourcelist.jsonYou can combine the previous two commands to process the template and create the resources in the cluster.
[user@host ~]$ oc process -f mytemplate.yaml -p PARAM1=value1 \
-p PARAM2=value2 | oc create -f -You can print the available parameters in a template, by using the --parameters option:
[user@host ~]$ oc process -f mytemplate.yaml --parametersNote
The oc process command can also use templates stored in the cluster, but you might need additional permissions.
When processing server-side templates, this command creates a temporary resource in the template namespace. Because of this mechanism, you must have write permissions to write in the namespace of the template that you process.
Therefore, if you try to process a template in the openshift namespace with a regular user, then you might get a permission error.
To solve this problem, use oc new-app instead.
For both the oc new-app and oc process commands, define parameters with the --param (-p) option.
Use as many -p options as needed to declare all your parameters.
Both commands also accept the -l option, which adds a label to all resources created from the template.
By default, you cannot create applications from custom templates via the web console. Cluster administrators can install additional templates into the Developer Catalog. You can use the templates in the Developer Catalog to create new applications.
Note
There is no specific section in the web console to list or view templates. You can list available templates in the → → and → pages.
References
For more information, refer to the Using Templates chapter in the Red Hat OpenShift Container Platform 4.12 Images documentation at https://access.redhat.com/documentation/en-us/openshift_container_platform/4.12/html-single/images/index#using-templates
