diff --git a/tooling/charts/tl500-base/Chart.yaml b/tooling/charts/tl500-base/Chart.yaml index ae15ae3..daa21c2 100644 --- a/tooling/charts/tl500-base/Chart.yaml +++ b/tooling/charts/tl500-base/Chart.yaml @@ -17,7 +17,7 @@ dependencies: repository: https://bitnami-labs.github.io/sealed-secrets condition: sealed-secrets.enabled - name: stackrox-chart - version: "0.0.8" + version: "0.0.9" repository: https://redhat-cop.github.io/helm-charts condition: stackrox-chart.enabled - name: gitops-operator diff --git a/tooling/charts/tl500-base/templates/minio/create-bucket-job.yaml b/tooling/charts/tl500-base/templates/minio/create-bucket-job.yaml new file mode 100644 index 0000000..cb3c36f --- /dev/null +++ b/tooling/charts/tl500-base/templates/minio/create-bucket-job.yaml @@ -0,0 +1,65 @@ +{{- if not .Values.ignoreHelmHooks }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: create-bucket-cr + annotations: + "helm.sh/hook": pre-install + "helm.sh/hook-weight": "-5" + "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded +rules: +- apiGroups: + - "" + resources: + - pods + verbs: + - get + - list +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: create-bucket-crb + annotations: + "helm.sh/hook": pre-install + "helm.sh/hook-weight": "-5" + "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: create-bucket-cr +subjects: +- kind: ServiceAccount + name: default + namespace: {{ .Values.minio.namespace }} +--- +apiVersion: batch/v1 +kind: Job +metadata: + name: create-bucket + namespace: {{ .Values.minio.namespace }} + annotations: + "helm.sh/hook": post-install,post-upgrade + "helm.sh/hook-weight": "3" + "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded +spec: + template: + spec: + restartPolicy: Never + serviceAccount: default + serviceAccountName: default + containers: + - name: job + image: "quay.io/openshift/origin-cli:latest" + imagePullPolicy: IfNotPresent + command: + - /bin/bash + - -c + - | # create bucket + oc -n {{ .Values.minio.namespace }} wait pod --for=condition=Ready -l app=minio + curl -o /tmp/mc https://dl.min.io/client/mc/release/linux-amd64/mc + chmod +x /tmp/mc + /tmp/mc --config-dir /tmp/ alias set myminio http://minio-service.{{ .Values.minio.namespace }}.svc.cluster.local:9000 minio IJrixDGbADAkgey5 + /tmp/mc --config-dir /tmp/ mb myminio/loki +{{- end }} \ No newline at end of file diff --git a/tooling/charts/tl500-base/templates/minio/deployment.yaml b/tooling/charts/tl500-base/templates/minio/deployment.yaml new file mode 100644 index 0000000..6139037 --- /dev/null +++ b/tooling/charts/tl500-base/templates/minio/deployment.yaml @@ -0,0 +1,119 @@ +--- +kind: Deployment +apiVersion: apps/v1 +metadata: + name: minio + namespace: "{{ .Values.minio.namespace }}" +spec: + replicas: 1 + selector: + matchLabels: + app: minio + template: + metadata: + labels: + app: minio + spec: + volumes: + - name: data + persistentVolumeClaim: + claimName: minio-pvc + containers: + - resources: + limits: + cpu: 250m + memory: 1Gi + requests: + cpu: 20m + memory: 100Mi + readinessProbe: + tcpSocket: + port: 9000 + initialDelaySeconds: 5 + timeoutSeconds: 1 + periodSeconds: 5 + successThreshold: 1 + failureThreshold: 3 + terminationMessagePath: /dev/termination-log + name: minio + livenessProbe: + tcpSocket: + port: 9000 + initialDelaySeconds: 30 + timeoutSeconds: 1 + periodSeconds: 5 + successThreshold: 1 + failureThreshold: 3 + env: + - name: MINIO_ROOT_USER + valueFrom: + secretKeyRef: + name: minio-secret + key: minio_root_user + - name: MINIO_ROOT_PASSWORD + valueFrom: + secretKeyRef: + name: minio-secret + key: minio_root_password + ports: + - containerPort: 9000 + protocol: TCP + - containerPort: 9090 + protocol: TCP + imagePullPolicy: IfNotPresent + volumeMounts: + - name: data + mountPath: /data + subPath: minio + terminationMessagePolicy: File + image: >- + quay.io/minio/minio:RELEASE.2024-06-29T01-20-47Z + args: + - server + - /data + - --console-address + - :9090 + restartPolicy: Always + terminationGracePeriodSeconds: 30 + dnsPolicy: ClusterFirst + securityContext: {} + schedulerName: default-scheduler + strategy: + type: Recreate + revisionHistoryLimit: 10 + progressDeadlineSeconds: 600 +--- +kind: Route +apiVersion: route.openshift.io/v1 +metadata: + name: minio-ui + namespace: "{{ .Values.minio.namespace }}" +spec: + to: + kind: Service + name: minio-service + weight: 100 + port: + targetPort: ui + wildcardPolicy: None + tls: + termination: edge + insecureEdgeTerminationPolicy: Redirect +# --- +# kind: Route +# apiVersion: route.openshift.io/v1 +# metadata: +# name: minio-api +# namespace: "{{ .Values.minio.namespace }}" +# spec: +# to: +# kind: Service +# name: minio-service +# weight: 100 +# port: +# targetPort: api +# wildcardPolicy: None +# tls: +# termination: edge +# insecureEdgeTerminationPolicy: Redirect + diff --git a/tooling/charts/tl500-base/templates/minio/pvc.yaml b/tooling/charts/tl500-base/templates/minio/pvc.yaml new file mode 100644 index 0000000..1402f58 --- /dev/null +++ b/tooling/charts/tl500-base/templates/minio/pvc.yaml @@ -0,0 +1,13 @@ +--- +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: minio-pvc + namespace: "{{ .Values.minio.namespace }}" +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 20Gi + volumeMode: Filesystem \ No newline at end of file diff --git a/tooling/charts/tl500-base/templates/minio/secret.yaml b/tooling/charts/tl500-base/templates/minio/secret.yaml new file mode 100644 index 0000000..dc8bf08 --- /dev/null +++ b/tooling/charts/tl500-base/templates/minio/secret.yaml @@ -0,0 +1,9 @@ +--- +kind: Secret +apiVersion: v1 +metadata: + name: minio-secret + namespace: "{{ .Values.minio.namespace }}" +stringData: + minio_root_user: minio + minio_root_password: IJrixDGbADAkgey5 \ No newline at end of file diff --git a/tooling/charts/tl500-base/templates/minio/service.yaml b/tooling/charts/tl500-base/templates/minio/service.yaml new file mode 100644 index 0000000..108e431 --- /dev/null +++ b/tooling/charts/tl500-base/templates/minio/service.yaml @@ -0,0 +1,24 @@ +--- +kind: Service +apiVersion: v1 +metadata: + name: minio-service + namespace: "{{ .Values.minio.namespace }}" +spec: + ipFamilies: + - IPv4 + ports: + - name: api + protocol: TCP + port: 9000 + targetPort: 9000 + - name: ui + protocol: TCP + port: 9090 + targetPort: 9090 + internalTrafficPolicy: Cluster + type: ClusterIP + ipFamilyPolicy: SingleStack + sessionAffinity: None + selector: + app: minio \ No newline at end of file diff --git a/tooling/charts/tl500-base/templates/operators/operatorgroup.yaml b/tooling/charts/tl500-base/templates/operators/operatorgroup.yaml index 33a801c..08c9fc5 100644 --- a/tooling/charts/tl500-base/templates/operators/operatorgroup.yaml +++ b/tooling/charts/tl500-base/templates/operators/operatorgroup.yaml @@ -8,8 +8,11 @@ metadata: name: {{ $key | default "tl500-operator-group" | quote }} namespace: {{ $value.namespace | quote }} spec: + upgradeStrategy: Default + {{- if (ne $value.operatorgroup.targetNamespace "AllNamespaces") }} targetNamespaces: - {{ $value.namespace }} + {{- end }} {{- end }} {{- end }} {{- end }} diff --git a/tooling/charts/tl500-base/templates/tl500-rbac.yaml b/tooling/charts/tl500-base/templates/tl500-rbac.yaml index 6c6d6e6..ad52352 100644 --- a/tooling/charts/tl500-base/templates/tl500-rbac.yaml +++ b/tooling/charts/tl500-base/templates/tl500-rbac.yaml @@ -150,6 +150,20 @@ subjects: kind: Group name: {{ .Values.group_name }} --- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: view-application-logs + namespace: +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cluster-logging-application-view +subjects: +- kind: Group + name: {{ .Values.group_name }} + apiGroup: rbac.authorization.k8s.io +--- # so stackrox can pull images from all namespaces apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding diff --git a/tooling/charts/tl500-base/values-v4.11+.yaml b/tooling/charts/tl500-base/values-v4.11+.yaml deleted file mode 100644 index a1d4686..0000000 --- a/tooling/charts/tl500-base/values-v4.11+.yaml +++ /dev/null @@ -1,40 +0,0 @@ -# OpenShift 411,412 override values - -operators: - codeready-workspaces: # undefine - - devspaces: - enabled: true - namespace: openshift-operators - subscription: - channel: stable - approval: Automatic - operatorName: devspaces - sourceName: redhat-operators - sourceNamespace: openshift-marketplace - operatorgroup: - create: false - - elasticsearch-operator: - enabled: true - namespace: openshift-operators - subscription: - channel: stable - approval: Automatic - operatorName: elasticsearch-operator - sourceName: redhat-operators - sourceNamespace: openshift-marketplace - operatorgroup: - create: false - - cluster-logging-operator: - enabled: true - namespace: openshift-logging - subscription: - channel: stable - approval: Automatic - operatorName: cluster-logging - sourceName: redhat-operators - sourceNamespace: openshift-marketplace - operatorgroup: - create: true \ No newline at end of file diff --git a/tooling/charts/tl500-base/values.yaml b/tooling/charts/tl500-base/values.yaml index dc31b02..49eb2d6 100644 --- a/tooling/charts/tl500-base/values.yaml +++ b/tooling/charts/tl500-base/values.yaml @@ -15,19 +15,21 @@ namespaces: - name: tl500-tech-exercise - name: tl500-gitlab - name: tl500-shared + - name: tl500-minio operators: - codeready-workspaces: + + devspaces: enabled: true - namespace: tl500-workspaces + namespace: openshift-operators subscription: - channel: latest + channel: stable approval: Automatic - operatorName: codeready-workspaces + operatorName: devspaces sourceName: redhat-operators sourceNamespace: openshift-marketplace operatorgroup: - create: true + create: false openshift-pipelines-operator-rh: enabled: true @@ -41,29 +43,31 @@ operators: operatorgroup: create: false - elasticsearch-operator: + cluster-logging-operator: enabled: true - namespace: openshift-operators + namespace: openshift-logging subscription: - channel: stable-5.3 + channel: stable-5.9 approval: Automatic - operatorName: elasticsearch-operator + operatorName: cluster-logging sourceName: redhat-operators sourceNamespace: openshift-marketplace operatorgroup: - create: false + create: true + targetNamespace: AllNamespaces - cluster-logging-operator: + loki-operator: enabled: true - namespace: openshift-logging + namespace: openshift-operators-redhat subscription: - channel: stable-5.3 + channel: stable-5.9 approval: Automatic - operatorName: cluster-logging + operatorName: loki-operator sourceName: redhat-operators sourceNamespace: openshift-marketplace operatorgroup: create: true + targetNamespace: AllNamespaces cert-utils-operator: enabled: true @@ -96,6 +100,9 @@ logging: # value: '' namespace: openshift-logging +minio: + namespace: tl500-minio + gitlab: namespace: tl500-gitlab root_password: 7aydhn160bOrrsGEbnd172rE diff --git a/tooling/charts/tl500-course-content/templates/crw/crw.yaml b/tooling/charts/tl500-course-content/templates/crw/crw.yaml index 2b5a92f..272ee05 100644 --- a/tooling/charts/tl500-course-content/templates/crw/crw.yaml +++ b/tooling/charts/tl500-course-content/templates/crw/crw.yaml @@ -1,5 +1,5 @@ -{{- if .Values.crw }} -apiVersion: org.eclipse.che/v1 +--- +apiVersion: org.eclipse.che/v2 kind: CheCluster metadata: annotations: @@ -8,33 +8,25 @@ metadata: name: {{ .Values.crw.name | default "codeready-workspaces" | quote }} namespace: {{ .Values.crw.namespace | default "tl500-workspaces" | quote }} spec: - server: - cheImageTag: {{ .Values.crw.cheImageTag | default "" | quote }} - cheFlavor: {{ .Values.crw.cheFlavor | default "codeready" | quote }} - devfileRegistryImage: {{ .Values.crw.devRegImage | default "" | quote }} - pluginRegistryImage: {{ .Values.crw.pluginRegImage | default "" | quote }} - tlsSupport: {{ .Values.crw.tlsSupport | default false }} - selfSignedCert: {{ .Values.crw.selfSignedCert | default false }} -{{- if .Values.crw.gitCustomCA }} - gitSelfSignedCert: true -{{- end }} - customCheProperties: {{ toYaml .Values.crw.properties | nindent 6 | default "" }} - database: - externalDb: false - chePostgresHostName: '' - chePostgresPort: '' - chePostgresUser: '' - chePostgresPassword: '' - chePostgresDb: '' - auth: - openShiftoAuth: true - identityProviderImage: '' - externalIdentityProvider: false - identityProviderURL: '' - identityProviderRealm: '' - identityProviderClientId: '' - storage: - pvcStrategy: per-workspace - pvcClaimSize: 2Gi - preCreateSubPaths: true -{{- end }} \ No newline at end of file + components: + database: + externalDb: false + metrics: + enable: false + cheServer: + debug: false + logLevel: INFO + extraProperties: {{ toYaml .Values.crw.properties | nindent 8 | default "" }} + devEnvironments: + startTimeoutSeconds: 300 + secondsOfRunBeforeIdling: {{ .Values.crw.secondsOfRunBeforeIdling | default -1 }} + secondsOfInactivityBeforeIdling: {{ .Values.crw.secondsOfInactivityBeforeIdling | default -1 }} + maxNumberOfWorkspacesPerUser: -1 + disableContainerBuildCapabilities: true + defaultNamespace: + autoProvision: true + template: -devspaces + storage: + perUserStrategyPvcConfig: + claimSize: 2Gi + pvcStrategy: per-workspace diff --git a/tooling/charts/tl500-course-content/templates/crw/crwv2.yaml b/tooling/charts/tl500-course-content/templates/crw/crwv2.yaml deleted file mode 100644 index ee7ccc6..0000000 --- a/tooling/charts/tl500-course-content/templates/crw/crwv2.yaml +++ /dev/null @@ -1,33 +0,0 @@ -{{- if .Values.crwv2 }} -apiVersion: org.eclipse.che/v2 -kind: CheCluster -metadata: - annotations: - "helm.sh/hook": post-install,post-upgrade - "helm.sh/hook-weight": "25" - name: {{ .Values.crwv2.name | default "codeready-workspaces" | quote }} - namespace: {{ .Values.crwv2.namespace | default "tl500-workspaces" | quote }} -spec: - components: - database: - externalDb: false - metrics: - enable: false - cheServer: - debug: false - logLevel: INFO - extraProperties: {{ toYaml .Values.crwv2.properties | nindent 8 | default "" }} - devEnvironments: - startTimeoutSeconds: 300 - secondsOfRunBeforeIdling: {{ .Values.crwv2.secondsOfRunBeforeIdling | default -1 }} - secondsOfInactivityBeforeIdling: {{ .Values.crwv2.secondsOfInactivityBeforeIdling | default -1 }} - maxNumberOfWorkspacesPerUser: -1 - disableContainerBuildCapabilities: true - defaultNamespace: - autoProvision: true - template: -devspaces - storage: - perUserStrategyPvcConfig: - claimSize: 2Gi - pvcStrategy: per-workspace -{{- end }} diff --git a/tooling/charts/tl500-course-content/templates/logging/clusterlogging.yaml b/tooling/charts/tl500-course-content/templates/logging/clusterlogging.yaml index 6782603..316eedb 100644 --- a/tooling/charts/tl500-course-content/templates/logging/clusterlogging.yaml +++ b/tooling/charts/tl500-course-content/templates/logging/clusterlogging.yaml @@ -8,50 +8,12 @@ metadata: "helm.sh/hook": post-install,post-upgrade "helm.sh/hook-weight": "25" spec: - collection: - logs: - fluentd: {} - type: fluentd - logStore: - elasticsearch: - resources: - {{- if .Values.logging.elasticsearch.requests }} - requests: - cpu: {{ .Values.logging.elasticsearch.requests.cpu }} - memory: {{ .Values.logging.elasticsearch.requests.memory }} - {{- end }} - {{- if .Values.logging.elasticsearch.limits }} - limits: - cpu: {{ .Values.logging.elasticsearch.limits.cpu }} - memory: {{ .Values.logging.elasticsearch.limits.memory }} - {{- end }} - nodeCount: {{ .Values.logging.elasticsearch.nodeCount }} - {{- if .Values.logging.nodeSelector }} - nodeSelector: - {{ .Values.logging.nodeSelector.key }}: {{ .Values.logging.nodeSelector.value }} - {{- end }} - tolerations: -{{ toYaml .Values.logging.tolerations | indent 6 }} - redundancyPolicy: {{ .Values.logging.elasticsearch.redundancyPolicy }} - {{- if .Values.logging.elasticsearch.storage }} - storage: - size: {{ .Values.logging.elasticsearch.storage.size }} - storageClassName: {{ .Values.logging.elasticsearch.storage.class }} - {{- else }} - storage: {} - {{- end }} - retentionPolicy: - application: - maxAge: {{ .Values.logging.elasticsearch.retentionPolicy.application }} - type: elasticsearch managementState: Managed + logStore: + type: lokistack + lokistack: + name: logging-loki + collection: + type: vector visualization: - kibana: - {{- if .Values.logging.nodeSelector }} - nodeSelector: - {{ .Values.logging.nodeSelector.key }}: {{ .Values.logging.nodeSelector.value }} - {{- end }} - tolerations: -{{ toYaml .Values.logging.tolerations | indent 6 }} - replicas: {{ .Values.logging.kibana.replicas | default "1" }} - type: kibana + type: ocp-console \ No newline at end of file diff --git a/tooling/charts/tl500-course-content/templates/logging/consolepluginjob.yaml b/tooling/charts/tl500-course-content/templates/logging/consolepluginjob.yaml new file mode 100644 index 0000000..301e56e --- /dev/null +++ b/tooling/charts/tl500-course-content/templates/logging/consolepluginjob.yaml @@ -0,0 +1,75 @@ +--- +apiVersion: batch/v1 +kind: Job +metadata: + name: configure-console-plugin + namespace: {{ index .Values "logging" "namespace" | quote }} + annotations: + "helm.sh/hook": post-install,post-upgrade + "helm.sh/hook-weight": "3" + "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded +spec: + template: + spec: + containers: + - image: quay.io/rht-labs/stack-tl500:latest + command: + - /bin/bash + - -c + - | + oc get consoles.operator.openshift.io cluster -o yaml | grep logging-view-plugin || oc patch consoles.operator.openshift.io cluster --type=json --patch '[{"op": "add", "path": "/spec/plugins/-", "value":"logging-view-plugin"}]' + imagePullPolicy: Always + name: configure-console-plugin + dnsPolicy: ClusterFirst + restartPolicy: OnFailure + serviceAccount: configure-console-plugin + serviceAccountName: configure-console-plugin + terminationGracePeriodSeconds: 10 +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: configure-console-plugin + namespace: {{ index .Values "logging" "namespace" | quote }} + annotations: + "helm.sh/hook": post-install,post-upgrade + "helm.sh/hook-weight": "1" + "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: configure-console-plugin + annotations: + "helm.sh/hook": post-install,post-upgrade + "helm.sh/hook-weight": "1" + "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded +rules: + - apiGroups: + - "operator.openshift.io" + resources: + - "consoles" + verbs: + - get + - list + - create + - patch + - update +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: configure-console-plugin + namespace: {{ index .Values "logging" "namespace" | quote }} + annotations: + "helm.sh/hook": post-install,post-upgrade + "helm.sh/hook-weight": "1" + "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: configure-console-plugin +subjects: + - kind: ServiceAccount + name: configure-console-plugin + namespace: {{ index .Values "logging" "namespace" | quote }} \ No newline at end of file diff --git a/tooling/charts/tl500-course-content/templates/logging/lokistack.yaml b/tooling/charts/tl500-course-content/templates/logging/lokistack.yaml new file mode 100644 index 0000000..b6b6c12 --- /dev/null +++ b/tooling/charts/tl500-course-content/templates/logging/lokistack.yaml @@ -0,0 +1,15 @@ +--- +apiVersion: loki.grafana.com/v1 +kind: LokiStack +metadata: + name: logging-loki + namespace: {{ .Values.logging.namespace }} +spec: + size: 1x.extra-small + storage: + secret: + name: logging-loki-s3 + type: s3 + storageClassName: {{ .Values.logging.storageclass }} + tenants: + mode: openshift-logging \ No newline at end of file diff --git a/tooling/charts/tl500-course-content/templates/logging/secret.yaml b/tooling/charts/tl500-course-content/templates/logging/secret.yaml new file mode 100644 index 0000000..a2cbb70 --- /dev/null +++ b/tooling/charts/tl500-course-content/templates/logging/secret.yaml @@ -0,0 +1,12 @@ +--- +apiVersion: v1 +kind: Secret +metadata: + name: logging-loki-s3 + namespace: {{ .Values.logging.namespace }} +stringData: + access_key_id: minio + access_key_secret: IJrixDGbADAkgey5 + bucketnames: loki + endpoint: http://minio-service.tl500-minio.svc.cluster.local:9000 + region: eu-central-1 \ No newline at end of file diff --git a/tooling/charts/tl500-course-content/values-v4.11+.yaml b/tooling/charts/tl500-course-content/values-v4.11+.yaml deleted file mode 100644 index cf48afa..0000000 --- a/tooling/charts/tl500-course-content/values-v4.11+.yaml +++ /dev/null @@ -1,16 +0,0 @@ -# OpenShift 411 extra values - -crw: # undefine v1 - -crwv2: - namespace: tl500-workspaces - name: "codeready-workspaces" - secondsOfRunBeforeIdling: "-1" - secondsOfInactivityBeforeIdling: "-1" - properties: - CHE_LIMITS_USER_WORKSPACES_COUNT: "2" - CHE_WORKSPACE_DEFAULT__MEMORY__LIMIT__MB: "3072" - CHE_DOCKER_ALWAYS__PULL__IMAGE: 'true' - CHE_LIMITS_USER_WORKSPACES_RUN_COUNT: '1' - CHE_LIMITS_WORKSPACE_IDLE_TIMEOUT: '-1' - CHE_WORKSPACE_SIDECAR_IMAGE__PULL__POLICY: Always \ No newline at end of file diff --git a/tooling/charts/tl500-course-content/values.yaml b/tooling/charts/tl500-course-content/values.yaml index 7a46a1f..a111d79 100644 --- a/tooling/charts/tl500-course-content/values.yaml +++ b/tooling/charts/tl500-course-content/values.yaml @@ -10,45 +10,25 @@ logging: # key: node-role.kubernetes.io/infra # value: '' namespace: openshift-logging + # lokistack configuration requires the sc name. If you are deploying outside of AWS, make sure you update this value + storageclass: gp3-csi tolerations: - effect: NoSchedule key: node-role.kubernetes.io/infra operator: Exists - elasticsearch: - requests: - cpu: 250m - memory: 512Mi - limits: - cpu: 4000m - memory: 16Gi - storage: - # size: 200G - # class: gp2 - nodeCount: 1 - retentionPolicy: - application: 7d - redundancyPolicy: ZeroRedundancy - - kibana: {} - crw: namespace: tl500-workspaces name: "codeready-workspaces" -# devRegImage: "quay.io/rht-labs/devfileregistry:test" -# selfSignedCert: false -# gitCustomCA: | -# -----BEGIN CERTIFICATE----- -# your CA certificate goes here -# -----END CERTIFICATE----- - tlsSupport: true + secondsOfRunBeforeIdling: "-1" + secondsOfInactivityBeforeIdling: "-1" properties: CHE_LIMITS_USER_WORKSPACES_COUNT: "2" - CHE_LIMITS_USER_WORKSPACES_RUN_COUNT: "1" - CHE_WORKSPACE_SIDECAR_IMAGE__PULL__POLICY: "Always" - CHE_DOCKER_ALWAYS__PULL__IMAGE: "true" CHE_WORKSPACE_DEFAULT__MEMORY__LIMIT__MB: "3072" - CHE_LIMITS_WORKSPACE_IDLE_TIMEOUT: "-1" + CHE_DOCKER_ALWAYS__PULL__IMAGE: 'true' + CHE_LIMITS_USER_WORKSPACES_RUN_COUNT: '1' + CHE_LIMITS_WORKSPACE_IDLE_TIMEOUT: '-1' + CHE_WORKSPACE_SIDECAR_IMAGE__PULL__POLICY: Always # Tech-exercises deployment to engagement environment # Deployment done only if `docs:` is uncommented