Kubernetes extension
Quarkus offers the ability to automatically generate Kubernetes resources based on sane defaults and user-supplied configuration using dekorate. It currently supports generating resources for vanilla Kubernetes, OpenShift and Knative. Furthermore, Quarkus can deploy the application to a target Kubernetes cluster by applying the generated manifests to the target cluster’s API Server. Finally, when either one of container image extensions is present (see the container image guide for more details), Quarkus has the ability to create a container image and push it to a registry before deploying the application to the target platform.
先决条件
完成这个指南,你需要:
-
大概15分钟
-
编辑器
-
JDK 17+ installed with
JAVA_HOMEconfigured appropriately -
Apache Maven 3.9.9
-
如果你愿意的话,还可以选择使用Quarkus CLI
-
Access to a Kubernetes cluster (Minikube is a viable option)
Kubernetes
Let’s create a new project that contains both the Kubernetes and Jib extensions:
For Windows users:
-
If using cmd, (don’t use backward slash
\and put everything on the same line) -
If using Powershell, wrap
-Dparameters in double quotes e.g."-DprojectArtifactId=kubernetes-quickstart"
This added the following dependencies to the build file:
<dependency>
<groupId>io.quarkus</groupId>
<artifactId>quarkus-rest</artifactId>
</dependency>
<dependency>
<groupId>io.quarkus</groupId>
<artifactId>quarkus-kubernetes</artifactId>
</dependency>
<dependency>
<groupId>io.quarkus</groupId>
<artifactId>quarkus-container-image-jib</artifactId>
</dependency>implementation("io.quarkus:quarkus-rest")
implementation("io.quarkus:quarkus-kubernetes")
implementation("io.quarkus:quarkus-container-image-jib")By adding these dependencies, we enable the generation of Kubernetes manifests each time we perform a build while also enabling the build of a container image using Jib. For example, following the execution of:
quarkus build./mvnw install./gradlew buildyou will notice amongst the other files that are created, two files named
kubernetes.json and kubernetes.yml in the target/kubernetes/ directory.
If you look at either file you will see that it contains both a Kubernetes Deployment and a Service.
The full source of the kubernetes.json file looks something like this:
{
{
"apiVersion" : "apps/v1",
"kind" : "Deployment",
"metadata" : {
"annotations": {
"app.quarkus.io/vcs-uri" : "<some url>",
"app.quarkus.io/commit-id" : "<some git SHA>",
},
"labels" : {
"app.kubernetes.io/name" : "test-quarkus-app",
"app.kubernetes.io/version" : "1.0.0-SNAPSHOT",
},
"name" : "test-quarkus-app"
},
"spec" : {
"replicas" : 1,
"selector" : {
"matchLabels" : {
"app.kubernetes.io/name" : "test-quarkus-app",
"app.kubernetes.io/version" : "1.0.0-SNAPSHOT",
}
},
"template" : {
"metadata" : {
"labels" : {
"app.kubernetes.io/name" : "test-quarkus-app",
"app.kubernetes.io/version" : "1.0.0-SNAPSHOT"
}
},
"spec" : {
"containers" : [ {
"env" : [ {
"name" : "KUBERNETES_NAMESPACE",
"valueFrom" : {
"fieldRef" : {
"fieldPath" : "metadata.namespace"
}
}
} ],
"image" : "yourDockerUsername/test-quarkus-app:1.0.0-SNAPSHOT",
"imagePullPolicy" : "Always",
"name" : "test-quarkus-app"
} ]
}
}
}
},
{
"apiVersion" : "v1",
"kind" : "Service",
"metadata" : {
"annotations": {
"app.quarkus.io/vcs-uri" : "<some url>",
"app.quarkus.io/commit-id" : "<some git SHA>",
},
"labels" : {
"app.kubernetes.io/name" : "test-quarkus-app",
"app.kubernetes.io/version" : "1.0.0-SNAPSHOT",
},
"name" : "test-quarkus-app"
},
"spec" : {
"ports" : [ {
"name" : "http",
"port" : 8080,
"targetPort" : 8080
} ],
"selector" : {
"app.kubernetes.io/name" : "test-quarkus-app",
"app.kubernetes.io/version" : "1.0.0-SNAPSHOT"
},
"type" : "ClusterIP"
}
}
}The generated manifest can be applied to the cluster from the project root using kubectl:
kubectl apply -f target/kubernetes/kubernetes.jsonAn important thing to note about the Deployment (or StatefulSet) is that is uses yourDockerUsername/test-quarkus-app:1.0.0-SNAPSHOT as the container image of the Pod.
The name of the image is controlled by the Jib extension and can be customized using the usual application.properties.
For example with a configuration like:
quarkus.container-image.group=quarkus #optional, default to the system username
quarkus.container-image.name=demo-app #optional, defaults to the application name
quarkus.container-image.tag=1.0 #optional, defaults to the application versionThe image that will be used in the generated manifests will be quarkus/demo-app:1.0
Generating idempotent resources
When generating the Kubernetes manifests, Quarkus automatically adds some labels and annotations to give extra information about the generation date or versions. For example:
apiVersion: apps/v1
kind: Deployment
metadata:
annotations:
app.quarkus.io/commit-id: 0f8b87788bc446a9347a7961bea8a60889fe1494
app.quarkus.io/build-timestamp: 2023-02-10 - 13:07:51 +0000
labels:
app.kubernetes.io/managed-by: quarkus
app.kubernetes.io/version: 0.0.1-SNAPSHOT
app.kubernetes.io/name: example
name: example
spec:
...The app.quarkus.io/commit-id, app.quarkus.io/build-timestamp labels and the app.kubernetes.io/version annotation might change every time we re-build the Kubernetes manifests which can be problematic when we want to deploy these resources using a Git-Ops tool (because these tools will detect differences and hence will perform a re-deployment).
To make the generated resources Git-Ops friendly and only produce idempotent resources (resources that won’t change every time we build the sources), we need to add the following property:
quarkus.kubernetes.idempotent=trueMoreover, by default the directory where the generated resources are created is target/kubernetes, to change it, we need to use:
quarkus.kubernetes.output-directory=target/kubernetes-with-idempotent|
Note that the property |
Changing the generated deployment resource
Besides generating a Deployment resource, you can also choose to generate either a StatefulSet, or a Job, or a CronJob resource instead via application.properties:
quarkus.kubernetes.deployment-kind=StatefulSetGenerating Job resources
If you want to generate a Job resource, you need to add the following property to the application.properties:
quarkus.kubernetes.deployment-kind=Job| If you are using the Picocli extension, by default a Job resource will be generated. |
You can provide the arguments that will be used by the Kubernetes Job via the property quarkus.kubernetes.arguments. For example, by adding the property quarkus.kubernetes.arguments=A,B.
Finally, the Kubernetes job will be launched every time it is installed in Kubernetes. You can know more about how to run Kubernetes jobs in this link.
You can configure the rest of the Kubernetes Job configuration using the properties under quarkus.kubernetes.job.xxx (see link).
Generating CronJob resources
If you want to generate a CronJob resource, you need to add the following property via the application.properties:
quarkus.kubernetes.deployment-kind=CronJob
# Cron expression to run the job every hour
quarkus.kubernetes.cron-job.schedule=0 * * * *
CronJob resources require the Cron expression to specify when to launch the job via the property quarkus.kubernetes.cron-job.schedule. If not provide, the build will fail.
|
You can configure the rest of the Kubernetes CronJob configuration using the properties under quarkus.kubernetes.cron-job.xxx (see link).
Namespace
By default, Quarkus omits the namespace in the generated manifests, rather than enforce the default namespace. That means that you can apply the manifest to your chosen namespace when using kubectl, which in the example below is test:
kubectl apply -f target/kubernetes/kubernetes.json -n=testTo specify the namespace in your manifest customize with the following property in your application.properties:
quarkus.kubernetes.namespace=mynamespaceDefining a Docker registry
The Docker registry can be specified with the following property:
quarkus.container-image.registry=my.docker-registry.netBy adding this property along with the rest of the container image properties of the previous section, the generated manifests will use the image my.docker-registry.net/quarkus/demo-app:1.0.
The image is not the only thing that can be customized in the generated manifests, as will become evident in the following sections.
Automatic generation of pull secrets
When docker registries are used, users often provide credentials, so that an image is built and pushed to the specified registry during the build.
quarkus.container-image.username=myusername
quarkus.container-image.password=mypasswordKubernetes will also need these credentials when it comes to pull the image from the registry. This is where image pull secrets are used. An image pull secret is a special kind of secret that contains the required credentials. Quarkus can automatically generate and configure when:
quarkus.kubernetes.generate-image-pull-secret=trueMore specifically a Secret like the one below is generated:
apiVersion: v1
kind: Secret
metadata:
name: test-quarkus-app-pull-secret
data:
".dockerconfigjson": ewogCSJhdXRocyI6IHsKCQkibXkucmVnaXN0eS5vcmciOiB7CiAJCQkiYXV0aCI6ImJYbDFjMlZ5Ym1GdFpUcHRlWEJoYzNOM2IzSmsiCgkJfQoJfQp9
type: kubernetes.io/dockerconfigjsonAnd also test-quarkus-app-pull-secret is added to the imagePullSecrets list.
Labels and Annotations
Labels
The generated manifests use the Kubernetes recommended labels.
These labels can be customized using quarkus.kubernetes.name, quarkus.kubernetes.version and quarkus.kubernetes.part-of.
For example by adding the following configuration to your application.properties:
quarkus.kubernetes.part-of=todo-app
quarkus.kubernetes.name=todo-rest
quarkus.kubernetes.version=1.0-rc.1|
As is described in detail in the OpenShift section, customizing OpenShift (or Knative) properties is done in the same way, but replacing
|
The labels in generated resources will look like:
"labels" : {
"app.kubernetes.io/part-of" : "todo-app",
"app.kubernetes.io/name" : "todo-rest",
"app.kubernetes.io/version" : "1.0-rc.1"
}|
You can also remove the |
Custom Labels
To add additional custom labels, for example foo=bar just apply the following configuration:
quarkus.kubernetes.labels.foo=bar
When using the quarkus-container-image-jib extension to build a container image, then any label added via the aforementioned property will also be added to the generated container image.
|
Environment variables
Kubernetes provides multiple ways of defining environment variables:
-
key/value pairs
-
import all values from a Secret or ConfigMap
-
interpolate a single value identified by a given field in a Secret or ConfigMap
-
interpolate a value from a field within the same resource
Environment variables from key/value pairs
To add a key/value pair as an environment variable in the generated resources:
quarkus.kubernetes.env.vars.my-env-var=foobarThe command above will add MY_ENV_VAR=foobar as an environment variable.
Please note that the key my-env-var will be converted to uppercase and dashes will be replaced by underscores resulting in MY_ENV_VAR.
Environment variables from Secret
To add all key/value pairs of Secret as environment variables just apply the following configuration, separating each Secret
to be used as source by a comma (,):
quarkus.kubernetes.env.secrets=my-secret,my-other-secretwhich would generate the following in the container definition:
envFrom:
- secretRef:
name: my-secret
optional: false
- secretRef:
name: my-other-secret
optional: falseThe following extracts a value identified by the keyName field from the my-secret Secret into a foo environment variable:
quarkus.kubernetes.env.mapping.foo.from-secret=my-secret
quarkus.kubernetes.env.mapping.foo.with-key=keyNameThis would generate the following in the env section of your container:
- env:
- name: FOO
valueFrom:
secretKeyRef:
key: keyName
name: my-secret
optional: falseIt is also possible to add a prefix when you are generating env from Secret, the following configuration creates environment variable from Secret with key foo adding a prefix BAR:
quarkus.kubernetes.env.secrets=foo
quarkus.kubernetes.env.using-prefix."BAR".for-secret=fooThis would generate the following in the env section of your container:
- env:
envFrom:
- secretRef:
name: foo
prefix: BAREnvironment variables from ConfigMap
To add all key/value pairs from ConfigMap as environment variables just apply the following configuration, separating each
ConfigMap to be used as source by a comma (,):
quarkus.kubernetes.env.configmaps=my-config-map,another-config-mapwhich would generate the following in the container definition:
envFrom:
- configMapRef:
name: my-config-map
optional: false
- configMapRef:
name: another-config-map
optional: falseThe following extracts a value identified by the keyName field from the my-config-map ConfigMap into a foo
environment variable:
quarkus.kubernetes.env.mapping.foo.from-configmap=my-configmap
quarkus.kubernetes.env.mapping.foo.with-key=keyNameThis would generate the following in the env section of your container:
- env:
- name: FOO
valueFrom:
configMapKeyRef:
key: keyName
name: my-configmap
optional: falseIt is also possible to add a prefix when you are generating env from ConfigMap, the following configuration creates environment variable from ConfigMap with key foo adding a prefix BAR:
quarkus.kubernetes.env.configmaps=foo
quarkus.kubernetes.prefixes."BAR".for-configmap=fooThis would generate the following in the env section of your container:
- env:
envFrom:
- configMapRef:
name: foo
prefix: BAREnvironment variables from fields
It’s also possible to use the value from another field to add a new environment variable by specifying the path of the field to be used as a source, as follows:
quarkus.kubernetes.env.fields.foo=metadata.name|
As is described in detail in the OpenShift section, customizing OpenShift properties is done in the same way, but replacing
|
Validation
A conflict between two definitions, e.g. mistakenly assigning both a value and specifying that a variable is derived from a field, will result in an error being thrown at build time so that you get the opportunity to fix the issue before you deploy your application to your cluster where it might be more difficult to diagnose the source of the issue.
Similarly, two redundant definitions, e.g. defining an injection from the same secret twice, will not cause an issue but will indeed report a warning to let you know that you might not have intended to duplicate that definition.
Backwards compatibility
Previous versions of the Kubernetes extension supported a different syntax to add environment variables. The older syntax is still supported but is deprecated, and it’s advised that you migrate to the new syntax.
Old |
New |
||
Plain variable |
|
|
|
From field |
|
|
|
All from |
|
|
|
All from |
|
|
|
From one |
|
|
|
|
|
||
From one |
|
|
|
|
|
If you redefine the same variable using the new syntax while keeping the old syntax, ONLY the new version will be kept
and a warning will be issued to alert you of the problem.For example, if you define both
quarkus.kubernetes.env-vars.my-env-var.value=foobar and quarkus.kubernetes.env.vars.my-env-var=newValue, the extension will
only generate an environment variable MY_ENV_VAR=newValue and issue a warning.
|
Mounting volumes
The Kubernetes extension allows the user to configure both volumes and mounts for the application. Any volume can be mounted with a simple configuration:
quarkus.kubernetes.mounts.my-volume.path=/where/to/mountThis will add a mount to the pod for volume my-volume to path /where/to/mount.
The volumes themselves can be configured as shown in the sections below.
Passing application configuration
Quarkus supports passing configuration from external locations (via SmallRye Config). This usually requires setting an additional environment variable or system property. When you need to use a secret or a config map for the purpose of application configuration, you need to:
-
define a volume
-
mount the volume
-
create an environment variable for
SMALLRYE_CONFIG_LOCATIONS
To simplify things, quarkus provides single step alternative:
quarkus.kubernetes.app-secret=<name of the secret containing the configuration>or
quarkus.kubernetes.app-config-map=<name of the config map containing the configuration>When these properties are used, the generated manifests will contain everything required.
The application config volumes will be created using path: /mnt/app-secret and /mnt/app-config-map for secrets and configmaps respectively.
Note: Users may use both properties at the same time.
Changing the number of replicas
To change the number of replicas from 1 to 3:
quarkus.kubernetes.replicas=3Add readiness and liveness probes
By default, the Kubernetes resources do not contain readiness and liveness probes in the generated Deployment. Adding them however is just a matter of adding the SmallRye Health extension like so:
<dependency>
<groupId>io.quarkus</groupId>
<artifactId>quarkus-smallrye-health</artifactId>
</dependency>implementation("io.quarkus:quarkus-smallrye-health")The values of the generated probes will be determined by the configured health properties: quarkus.smallrye-health.root-path, quarkus.smallrye-health.liveness-path and quarkus.smallrye-health.readiness-path.
More information about the health extension can be found in the relevant guide.
Customizing the readiness probe
To set the initial delay of the probe to 20 seconds and the period to 45:
quarkus.kubernetes.readiness-probe.initial-delay=20s
quarkus.kubernetes.readiness-probe.period=45sAdd hostAliases
To add entries to a Pod’s /etc/hosts file (more information can be found in Kubernetes documentation), just apply the following configuration:
quarkus.kubernetes.hostaliases."10.0.0.0".hostnames=foo.com,bar.orgThis would generate the following hostAliases section in the deployment definition:
kind: Deployment
spec:
template:
spec:
hostAliases:
- hostnames:
- foo.com
- bar.org
ip: 10.0.0.0Add nodeSelector
To add a nodeSelector in the generated Deployment (more information can be found in Kubernetes documentation), just apply the following configuration:
quarkus.kubernetes.node-selector.key=diskType
quarkus.kubernetes.node-selector.value=ssdThis would generate the following nodeSelector section in the deployment definition:
kind: Deployment
spec:
template:
spec:
nodeSelector:
diskType: ssdContainer Resources Management
CPU & Memory limits and requests can be applied to a Container (more info in Kubernetes documentation) using the following configuration:
quarkus.kubernetes.resources.requests.memory=64Mi
quarkus.kubernetes.resources.requests.cpu=250m
quarkus.kubernetes.resources.limits.memory=512Mi
quarkus.kubernetes.resources.limits.cpu=1000mThis would generate the following entry in the container section:
containers:
- resources:
limits:
cpu: 1000m
memory: 512Mi
requests:
cpu: 250m
memory: 64MiExposing your application in Kubernetes
Kubernetes exposes applications using Ingress resources. To generate the Ingress resource, just apply the following configuration:
quarkus.kubernetes.ingress.expose=trueThis would generate the following Ingress resource:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
app.quarkus.io/commit-id: a58d2211c86f07a47d4b073ea9ce000d2c6828d5
app.quarkus.io/build-timestamp: 2022-06-29 - 13:22:41 +0000
labels:
app.kubernetes.io/name: kubernetes-with-ingress
app.kubernetes.io/version: 0.1-SNAPSHOT
name: kubernetes-with-ingress
spec:
rules:
- http:
paths:
- backend:
service:
name: kubernetes-with-ingress
port:
name: http
path: /
pathType: PrefixAfter deploying these resources to Kubernetes, the Ingress resource will allow unsecured connections to reach out your application.
Adding Ingress rules
To customize the default host and path properties of the generated Ingress resources, you need to apply the following configuration:
quarkus.kubernetes.ingress.expose=true
# To change the Ingress host. By default, it's empty.
quarkus.kubernetes.ingress.host=prod.svc.url
# To change the Ingress path of the generated Ingress rule. By default, it's "/".
quarkus.kubernetes.ports.http.path=/prodThis would generate the following Ingress resource:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
labels:
app.kubernetes.io/name: kubernetes-with-ingress
app.kubernetes.io/version: 0.1-SNAPSHOT
name: kubernetes-with-ingress
spec:
rules:
- host: prod.svc.url
http:
paths:
- backend:
service:
name: kubernetes-with-ingress
port:
name: http
path: /prod
pathType: PrefixAdditionally, you can also add new Ingress rules by adding the following configuration:
# Example to add a new rule
quarkus.kubernetes.ingress.rules.1.host=dev.svc.url
quarkus.kubernetes.ingress.rules.1.path=/dev
quarkus.kubernetes.ingress.rules.1.path-type=ImplementationSpecific
# by default, path type is Prefix
# Example to add a new rule that use another service binding
quarkus.kubernetes.ingress.rules.2.host=alt.svc.url
quarkus.kubernetes.ingress.rules.2.path=/ea
quarkus.kubernetes.ingress.rules.2.service-name=updated-service
quarkus.kubernetes.ingress.rules.2.service-port-name=tcpurlThis would generate the following Ingress resource:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
labels:
app.kubernetes.io/name: kubernetes-with-ingress
app.kubernetes.io/version: 0.1-SNAPSHOT
name: kubernetes-with-ingress
spec:
rules:
- host: prod.svc.url
http:
paths:
- backend:
service:
name: kubernetes-with-ingress
port:
name: http
path: /prod
pathType: Prefix
- host: dev.svc.url
http:
paths:
- backend:
service:
name: kubernetes-with-ingress
port:
name: http
path: /dev
pathType: ImplementationSpecific
- host: alt.svc.url
http:
paths:
- backend:
service:
name: updated-service
port:
name: tcpurl
path: /ea
pathType: PrefixSecuring the Ingress resource
To secure the incoming connections, Kubernetes allows enabling TLS within the Ingress resource by specifying a Secret that contains a TLS private key and certificate. You can generate a secured Ingress resource by simply adding the "tls.secret-name" properties:
quarkus.kubernetes.ingress.expose=true
## Ingress TLS configuration:
quarkus.kubernetes.ingress.tls.my-secret.enabled=trueThis configuration will generate the following secured Ingress resource:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
...
name: kubernetes-with-secure-ingress
spec:
rules:
...
tls:
- secretName: my-secretNow, Kubernetes will validate all the incoming connections using SSL with the certificates provided within the secret with name "my-secret".
|
More information about how to create the secret in here. |
Using the Kubernetes client
Applications that are deployed to Kubernetes and need to access the API server will usually make use of the kubernetes-client extension:
<dependency>
<groupId>io.quarkus</groupId>
<artifactId>quarkus-kubernetes-client</artifactId>
</dependency>implementation("io.quarkus:quarkus-kubernetes-client")To access the API server from within a Kubernetes cluster, some RBAC related resources are required (e.g. a ServiceAccount, a RoleBinding).
To ease the usage of the kubernetes-client extension, the kubernetes extension is going to generate a RoleBinding resource that binds a cluster role named "view" to the application ServiceAccount resource. It’s important to note that the cluster role "view" won’t be generated automatically, so it’s expected that you have this cluster role with name "view" already installed in your cluster.
On the other hand, you can fully customize the roles, subjects and role bindings to generate using the properties under quarkus.kubernetes.rbac.role-bindings, and if present, the kubernetes-client extension will use it and hence won’t generate any RoleBinding resource.
|
You can disable the RBAC resources generation using the property |
Generating RBAC resources
In some scenarios, it’s necessary to generate additional RBAC resources that are used by Kubernetes to grant or limit access to other resources. For example, in our use case, we are building a Kubernetes operator that needs to read the list of the installed deployments. To do this, we would need to assign a service account to our operator and link this service account with a role that grants access to the Deployment resources. Let’s see how to do this using the quarkus.kubernetes.rbac properties:
# Generate the Role resource with name "my-role" (1)
quarkus.kubernetes.rbac.roles.my-role.policy-rules.0.api-groups=extensions,apps
quarkus.kubernetes.rbac.roles.my-role.policy-rules.0.resources=deployments
quarkus.kubernetes.rbac.roles.my-role.policy-rules.0.verbs=list| 1 | In this example, the role "my-role" will be generated with a policy rule to get the list of deployments. |
By default, if one role is configured, a RoleBinding resource will be generated as well to link this role with the ServiceAccount resource.
Moreover, you can have more control over the RBAC resources to be generated:
# Generate Role resource with name "my-role" (1)
quarkus.kubernetes.rbac.roles.my-role.policy-rules.0.api-groups=extensions,apps
quarkus.kubernetes.rbac.roles.my-role.policy-rules.0.resources=deployments
quarkus.kubernetes.rbac.roles.my-role.policy-rules.0.verbs=get,watch,list
# Generate ServiceAccount resource with name "my-service-account" in namespace "my_namespace" (2)
quarkus.kubernetes.rbac.service-accounts.my-service-account.namespace=my_namespace
# Bind Role "my-role" with ServiceAccount "my-service-account" (3)
quarkus.kubernetes.rbac.role-bindings.my-role-binding.subjects.my-service-account.kind=ServiceAccount
quarkus.kubernetes.rbac.role-bindings.my-role-binding.subjects.my-service-account.namespace=my_namespace
quarkus.kubernetes.rbac.role-bindings.my-role-binding.role-name=my-role| 1 | In this example, the role "my-role" will be generated with the specified policy rules. |
| 2 | Also, the service account "my-service-account" will be generated. |
| 3 | And we can configure the generated RoleBinding resource by selecting the role to be used and the subject. |
Finally, we can also generate the cluster wide role resource of "ClusterRole" kind and a "ClusterRoleBinding" resource as follows:
# Generate ClusterRole resource with name "my-cluster-role" (1)
quarkus.kubernetes.rbac.cluster-roles.my-cluster-role.policy-rules.0.api-groups=extensions,apps
quarkus.kubernetes.rbac.cluster-roles.my-cluster-role.policy-rules.0.resources=deployments
quarkus.kubernetes.rbac.cluster-roles.my-cluster-role.policy-rules.0.verbs=get,watch,list
# Bind the ClusterRole "my-cluster-role" with the application service account
quarkus.kubernetes.rbac.cluster-role-bindings.my-cluster-role-binding.subjects.manager.kind=Group
quarkus.kubernetes.rbac.cluster-role-bindings.my-cluster-role-binding.subjects.manager.api-group=rbac.authorization.k8s.io
quarkus.kubernetes.rbac.cluster-role-bindings.my-cluster-role-binding.role-name=my-cluster-role (2)| 1 | In this example, the cluster role "my-cluster-role" will be generated with the specified policy rules. |
| 2 | The name of the ClusterRole resource to use. Role resources are namespace-based and hence not allowed in ClusterRoleBinding resources. |
Deploying to local Kubernetes
When deploying to local Kubernetes environments, users often perform minor changes to their manifests that simplify the development process. The most common changes are:
-
Setting
imagePullPolicytoIfNotPresent -
Using
NodePortasServicetype
Quarkus provides extensions that among others set these options by default. Such extensions are:
-
quarkus-minikube
-
quarkus-kind
If the list of extensions does not match the tool you are using (e.g. Docker Desktop, microk8s etc) then it is suggested to use the quarkus-minikube extension.
as its defaults should be reasonable for most environments.
Deploying to Minikube
Minikube is quite popular when a Kubernetes cluster is needed for development purposes. To make the deployment to Minikube
experience as frictionless as possible, Quarkus provides the quarkus-minikube extension. This extension can be added to a project like so:
<dependency>
<groupId>io.quarkus</groupId>
<artifactId>quarkus-minikube</artifactId>
</dependency>implementation("io.quarkus:quarkus-minikube")The purpose of this extension is to generate Kubernetes manifests (minikube.yaml and minikube.json) that are tailored to Minikube.
This extension assumes a couple of things:
-
Users won’t be using an image registry and will instead make their container image accessible to the Kubernetes cluster by building it directly into Minikube’s Docker daemon. To use Minikube’s Docker daemon you must first execute:
eval $(minikube -p minikube docker-env) -
Applications deployed to Kubernetes won’t be accessed via a Kubernetes
Ingress, but rather as aNodePortService. The advantage of doing this is that the URL of an application can be retrieved trivially by executing:minikube service list
To control the nodePort that is used in this case, users can set quarkus.kubernetes.node-port.
Note however that this configuration is entirely optional because Quarkus will automatically use a proper (and non-changing) value if none is set.
| It is highly discouraged to use the manifests generated by the Minikube extension when deploying to production as these manifests are intended for development purposes only. When deploying to production, consider using the vanilla Kubernetes manifests (or the OpenShift ones when targeting OpenShift). |
| If the assumptions the Minikube extension makes don’t fit your workflow, nothing prevents you from using the regular Kubernetes extension to generate Kubernetes manifests and apply those to your Minikube cluster. |
Deploying to Kind
Kind is another popular tool used as a Kubernetes cluster for development purposes. To make the deployment to Kind
experience as frictionless as possible, Quarkus provides the quarkus-kind extension. This extension can be added to a project like so:
<dependency>
<groupId>io.quarkus</groupId>
<artifactId>quarkus-kind</artifactId>
</dependency>The purpose of this extension is to generate Kubernetes manifests (kind.yaml and kind.json) that are tailored to Kind and also to automate the process of loading images to the cluster
when performing container image builds. The tailor made manifests will be pretty similar (they share the same rules) with Minikube (see above).
Tuning the generated resources using application.properties
The Kubernetes extension allows tuning the generated manifest, using the application.properties file.
Here are some examples:
Configuration options
The table below describe all the available configuration options.
Configuration property fixed at build time - All other configuration properties are overridable at runtime
Configuration property |
类型 |
默认 |
|---|---|---|
The optional list of Secret names to load environment variables from. Environment variable: Show more |
list of string |
|
The optional list of ConfigMap names to load environment variables from. Environment variable: Show more |
list of string |
|
The map associating environment variable names to their associated field references they take their value from. Environment variable: Show more |
Map<String,String> |
|
The environment variable value Environment variable: Show more |
string |
|
The optional name of the Secret from which a value is to be extracted. Mutually exclusive with Environment variable: Show more |
string |
|
The optional name of the ConfigMap from which a value is to be extracted. Mutually exclusive with Environment variable: Show more |
string |
|
The key identifying the field from which the value is extracted. Environment variable: Show more |
string |
required |
The optional prefix to use when adding the environment variable to the container. Environment variable: Show more |
string |
|
The optional prefix to use when adding the environment variable to the container. Environment variable: Show more |
string |
|
The name of the group this component belongs too. Environment variable: Show more |
string |
|
The name of the application. This value will be used for naming Kubernetes resources like: - Deployment - Service and so on … Environment variable: Show more |
string |
|
The version of the application. Environment variable: Show more |
string |
|
The namespace the generated resources should belong to. If not value is set, then the 'namespace' field will not be added to the 'metadata' section of the generated manifests. This in turn means that when the manifests are applied to a cluster, the namespace will be resolved from the current Kubernetes context (see organize-cluster-access-kubeconfig for more details). Environment variable: Show more |
string |
|
Custom labels to add to all resources. Environment variable: Show more |
Map<String,String> |
|
Custom annotations to add to all resources. Environment variable: Show more |
Map<String,String> |
|
The type of service that will be generated for the application Environment variable: Show more |
|
|
Whether to add the build timestamp to the Kubernetes annotations This is a very useful way to have manifests of successive builds of the same application differ - thus ensuring that Kubernetes will apply the updated resources. Environment variable: Show more |
boolean |
|
If Environment variable: Show more |
boolean |
|
If Environment variable: Show more |
boolean |
|
Working directory. Environment variable: Show more |
string |
|
list of string |
||
The arguments. Environment variable: Show more |
list of string |
|
The service account. Environment variable: Show more |
string |
|
If set, it will change the name of the container according to the configuration. Environment variable: Show more |
string |
|
The port number. Refers to the container port. Environment variable: Show more |
int |
|
The host port. Environment variable: Show more |
int |
|
The application path (refers to web application path). Environment variable: Show more |
string |
|
The protocol. Environment variable: Show more |
|
|
The nodePort to which this port should be mapped to. This only takes affect when the serviceType is set to node-port. Environment variable: Show more |
int |
|
If enabled, the port will be configured to use the schema HTTPS. Environment variable: Show more |
boolean |
|
Image pull policy. Environment variable: Show more |
|
|
The image pull secret. Environment variable: Show more |
list of string |
|
Enable generation of image pull secret, when the container image username and password are provided. Environment variable: Show more |
boolean |
|
The port number to use when configuring the Environment variable: Show more |
int |
|
The port name for selecting the port of the Environment variable: Show more |
string |
|
The http path to use for the probe. For this to work, the container port also needs to be set. Assuming the container port has been set (as per above comment), if execAction or tcpSocketAction are not set, an HTTP probe will be used automatically even if no path is set (which will result in the root path being used). If Smallrye Health is used, the path will automatically be set according to the health check path. Environment variable: Show more |
string |
|
The scheme of the Environment variable: Show more |
string |
|
The command to use for the probe. Environment variable: Show more |
string |
|
The tcp socket to use for the probe (the format is host:port). Environment variable: Show more |
string |
|
The gRPC port to use for the probe (the format is either port or port:service). Environment variable: Show more |
string |
|
If enabled and Environment variable: Show more |
boolean |
|
The amount of time to wait before starting to probe. Environment variable: Show more |
|
|
The period in which the action should be called. Environment variable: Show more |
|
|
The amount of time to wait for each action. Environment variable: Show more |
|
|
The success threshold to use. Environment variable: Show more |
int |
|
The failure threshold to use. Environment variable: Show more |
int |
|
The port number to use when configuring the Environment variable: Show more |
int |
|
The port name for selecting the port of the Environment variable: Show more |
string |
|
The http path to use for the probe. For this to work, the container port also needs to be set. Assuming the container port has been set (as per above comment), if execAction or tcpSocketAction are not set, an HTTP probe will be used automatically even if no path is set (which will result in the root path being used). If Smallrye Health is used, the path will automatically be set according to the health check path. Environment variable: Show more |
string |
|
The scheme of the Environment variable: Show more |
string |
|
The command to use for the probe. Environment variable: Show more |
string |
|
The tcp socket to use for the probe (the format is host:port). Environment variable: Show more |
string |
|
The gRPC port to use for the probe (the format is either port or port:service). Environment variable: Show more |
string |
|
If enabled and Environment variable: Show more |
boolean |
|
The amount of time to wait before starting to probe. Environment variable: Show more |
|
|
The period in which the action should be called. Environment variable: Show more |
|
|
The amount of time to wait for each action. Environment variable: Show more |
|
|
The success threshold to use. Environment variable: Show more |
int |
|
The failure threshold to use. Environment variable: Show more |
int |
|
The port number to use when configuring the Environment variable: Show more |
int |
|
The port name for selecting the port of the Environment variable: Show more |
string |
|
The http path to use for the probe. For this to work, the container port also needs to be set. Assuming the container port has been set (as per above comment), if execAction or tcpSocketAction are not set, an HTTP probe will be used automatically even if no path is set (which will result in the root path being used). If Smallrye Health is used, the path will automatically be set according to the health check path. Environment variable: Show more |
string |
|
The scheme of the Environment variable: Show more |
string |
|
The command to use for the probe. Environment variable: Show more |
string |
|
The tcp socket to use for the probe (the format is host:port). Environment variable: Show more |
string |
|
The gRPC port to use for the probe (the format is either port or port:service). Environment variable: Show more |
string |
|
If enabled and Environment variable: Show more |
boolean |
|
The amount of time to wait before starting to probe. Environment variable: Show more |
|
|
The period in which the action should be called. Environment variable: Show more |
|
|
The amount of time to wait for each action. Environment variable: Show more |
|
|
The success threshold to use. Environment variable: Show more |
int |
|
The failure threshold to use. Environment variable: Show more |
int |
|
When true (the default), emit a set of annotations to identify services that should be scraped by prometheus for metrics. In configurations that use the Prometheus operator with ServiceMonitor, annotations may not be necessary. Environment variable: Show more |
boolean |
|
When true (the default), emit a set of annotations to identify services that should be scraped by prometheus for metrics. In configurations that use the Prometheus operator with ServiceMonitor, annotations may not be necessary. Environment variable: Show more |
boolean |
|
Define the annotation prefix used for scrape values, this value will be used as the base for other annotation name defaults. Altering the base for generated annotations can make it easier to define re-labeling rules and avoid unexpected knock-on effects. The default value is Environment variable: Show more |
string |
|
Define the annotation used to indicate services that should be scraped. By default, Environment variable: Show more |
string |
|
Define the annotation used to indicate the path to scrape. By default, Environment variable: Show more |
string |
|
Define the annotation used to indicate the port to scrape. By default, Environment variable: Show more |
string |
|
Define the annotation used to indicate the scheme to use for scraping By default, Environment variable: Show more |
string |
|
The name of the volumeName to mount. Environment variable: Show more |
string |
|
The path to mount. Environment variable: Show more |
string |
|
Path within the volumeName from which the container’s volumeName should be mounted. Environment variable: Show more |
string |
|
ReadOnly. Environment variable: Show more |
boolean |
|
The name of the secret to mount. Environment variable: Show more |
string |
required |
Default mode. When specifying an octal number, leading zero must be present. Environment variable: Show more |
string |
|
The path where the file will be mounted. Environment variable: Show more |
string |
required |
It must be a value between 0000 and 0777. If not specified, the volume defaultMode will be used. Environment variable: Show more |
int |
|
Optional Environment variable: Show more |
boolean |
|
The name of the ConfigMap to mount. Environment variable: Show more |
string |
required |
Default mode. When specifying an octal number, leading zero must be present. Environment variable: Show more |
string |
|
The path where the file will be mounted. Environment variable: Show more |
string |
required |
It must be a value between 0000 and 0777. If not specified, the volume defaultMode will be used. Environment variable: Show more |
int |
|
Optional Environment variable: Show more |
boolean |
|
EmptyDir volumes. Environment variable: Show more |
list of string |
|
Git repository URL. Environment variable: Show more |
string |
required |
The directory of the repository to mount. Environment variable: Show more |
string |
|
The commit hash to use. Environment variable: Show more |
string |
|
The name of the claim to mount. Environment variable: Show more |
string |
required |
Default mode. When specifying an octal number, leading zero must be present. Environment variable: Show more |
string |
|
Optional Environment variable: Show more |
boolean |
|
The name of the disk to mount. Environment variable: Show more |
string |
required |
The partition. Environment variable: Show more |
int |
|
Filesystem type. Environment variable: Show more |
string |
|
Whether the volumeName is read only or not. Environment variable: Show more |
boolean |
|
The share name. Environment variable: Show more |
string |
required |
The secret name. Environment variable: Show more |
string |
required |
Whether the volumeName is read only or not. Environment variable: Show more |
boolean |
|
The name of the disk to mount. Environment variable: Show more |
string |
required |
The URI of the vhd blob object OR the resourceID of an Azure managed data disk if Kind is Managed Environment variable: Show more |
string |
required |
Kind of disk. Environment variable: Show more |
|
|
Disk caching mode. Environment variable: Show more |
|
|
File system type. Environment variable: Show more |
string |
|
Whether the volumeName is read only or not. Environment variable: Show more |
boolean |
|
The optional list of Secret names to load environment variables from. Environment variable: Show more |
list of string |
|
The optional list of ConfigMap names to load environment variables from. Environment variable: Show more |
list of string |
|
The map associating environment variable names to their associated field references they take their value from. Environment variable: Show more |
Map<String,String> |
|
The environment variable value Environment variable: Show more |
string |
|
The optional name of the Secret from which a value is to be extracted. Mutually exclusive with Environment variable: Show more |
string |
|
The optional name of the ConfigMap from which a value is to be extracted. Mutually exclusive with Environment variable: Show more |
string |
|
The key identifying the field from which the value is extracted. Environment variable: Show more |
string |
required |
The optional prefix to use when adding the environment variable to the container. Environment variable: Show more |
string |
|
The optional prefix to use when adding the environment variable to the container. Environment variable: Show more |
string |
|
The container image. Environment variable: Show more |
string |
|
Working directory. Environment variable: Show more |
string |
|
The commands Environment variable: Show more |
list of string |
|
The arguments Environment variable: Show more |
list of string |
|
The service account. Environment variable: Show more |
string |
|
The host under which the application is going to be exposed. Environment variable: Show more |
string |
|
The port number. Refers to the container port. Environment variable: Show more |
int |
|
The host port. Environment variable: Show more |
int |
|
The application path (refers to web application path). Environment variable: Show more |
string |
|
The protocol. Environment variable: Show more |
|
|
The nodePort to which this port should be mapped to. This only takes affect when the serviceType is set to node-port. Environment variable: Show more |
int |
|
If enabled, the port will be configured to use the schema HTTPS. Environment variable: Show more |
boolean |
|
Image pull policy. Environment variable: Show more |
|
|
The image pull secrets. Environment variable: Show more |
list of string |
|
The port number to use when configuring the Environment variable: Show more |
int |
|
The port name for selecting the port of the Environment variable: Show more |
string |
|
The http path to use for the probe. For this to work, the container port also needs to be set. Assuming the container port has been set (as per above comment), if execAction or tcpSocketAction are not set, an HTTP probe will be used automatically even if no path is set (which will result in the root path being used). If Smallrye Health is used, the path will automatically be set according to the health check path. Environment variable: Show more |
string |
|
The scheme of the Environment variable: Show more |
string |
|
The command to use for the probe. Environment variable: Show more |
string |
|
The tcp socket to use for the probe (the format is host:port). Environment variable: Show more |
string |
|
The gRPC port to use for the probe (the format is either port or port:service). Environment variable: Show more |
string |
|
If enabled and Environment variable: Show more |
boolean |
|
The amount of time to wait before starting to probe. Environment variable: Show more |
|
|
The period in which the action should be called. Environment variable: Show more |
|
|
The amount of time to wait for each action. Environment variable: Show more |
|
|
The success threshold to use. Environment variable: Show more |
int |
|
The failure threshold to use. Environment variable: Show more |
int |
|
The port number to use when configuring the Environment variable: Show more |
int |
|
The port name for selecting the port of the Environment variable: Show more |
string |
|
The http path to use for the probe. For this to work, the container port also needs to be set. Assuming the container port has been set (as per above comment), if execAction or tcpSocketAction are not set, an HTTP probe will be used automatically even if no path is set (which will result in the root path being used). If Smallrye Health is used, the path will automatically be set according to the health check path. Environment variable: Show more |
string |
|
The scheme of the Environment variable: Show more |
string |
|
The command to use for the probe. Environment variable: Show more |
string |
|
The tcp socket to use for the probe (the format is host:port). Environment variable: Show more |
string |
|
The gRPC port to use for the probe (the format is either port or port:service). Environment variable: Show more |
string |
|
If enabled and Environment variable: Show more |
boolean |
|
The amount of time to wait before starting to probe. Environment variable: Show more |
|
|
The period in which the action should be called. Environment variable: Show more |
|
|
The amount of time to wait for each action. Environment variable: Show more |
|
|
The success threshold to use. Environment variable: Show more |
int |
|
The failure threshold to use. Environment variable: Show more |
int |
|
The name of the volumeName to mount. Environment variable: Show more |
string |
|
The path to mount. Environment variable: Show more |
string |
|
Path within the volumeName from which the container’s volumeName should be mounted. Environment variable: Show more |
string |
|
ReadOnly. Environment variable: Show more |
boolean |
|
CPU Requirements Environment variable: Show more |
string |
|
Memory Requirements Environment variable: Show more |
string |
|
CPU Requirements Environment variable: Show more |
string |
|
Memory Requirements Environment variable: Show more |
string |
|
The optional list of Secret names to load environment variables from. Environment variable: Show more |
list of string |
|
The optional list of ConfigMap names to load environment variables from. Environment variable: Show more |
list of string |
|
The map associating environment variable names to their associated field references they take their value from. Environment variable: Show more |
Map<String,String> |
|
The environment variable value Environment variable: Show more |
string |
|
The optional name of the Secret from which a value is to be extracted. Mutually exclusive with Environment variable: Show more |
string |
|
The optional name of the ConfigMap from which a value is to be extracted. Mutually exclusive with Environment variable: Show more |
string |
|
The key identifying the field from which the value is extracted. Environment variable: Show more |
string |
required |
The optional prefix to use when adding the environment variable to the container. Environment variable: Show more |
string |
|
The optional prefix to use when adding the environment variable to the container. Environment variable: Show more |
string |
|
The container image. Environment variable: Show more |
string |
|
Working directory. Environment variable: Show more |
string |
|
The commands Environment variable: Show more |
list of string |
|
The arguments Environment variable: Show more |
list of string |
|
The service account. Environment variable: Show more |
string |
|
The host under which the application is going to be exposed. Environment variable: Show more |
string |
|
The port number. Refers to the container port. Environment variable: Show more |
int |
|
The host port. Environment variable: Show more |
int |
|
The application path (refers to web application path). Environment variable: Show more |
string |
|
The protocol. Environment variable: Show more |
|
|
The nodePort to which this port should be mapped to. This only takes affect when the serviceType is set to node-port. Environment variable: Show more |
int |
|
If enabled, the port will be configured to use the schema HTTPS. Environment variable: Show more |
boolean |
|
Image pull policy. Environment variable: Show more |
|
|
The image pull secrets. Environment variable: Show more |
list of string |
|
The port number to use when configuring the Environment variable: Show more |
int |
|
The port name for selecting the port of the Environment variable: Show more |
string |
|
The http path to use for the probe. For this to work, the container port also needs to be set. Assuming the container port has been set (as per above comment), if execAction or tcpSocketAction are not set, an HTTP probe will be used automatically even if no path is set (which will result in the root path being used). If Smallrye Health is used, the path will automatically be set according to the health check path. Environment variable: Show more |
string |
|
The scheme of the Environment variable: Show more |
string |
|
The command to use for the probe. Environment variable: Show more |
string |
|
The tcp socket to use for the probe (the format is host:port). Environment variable: Show more |
string |
|
The gRPC port to use for the probe (the format is either port or port:service). Environment variable: Show more |
string |
|
If enabled and Environment variable: Show more |
boolean |
|
The amount of time to wait before starting to probe. Environment variable: Show more |
|
|
The period in which the action should be called. Environment variable: Show more |
|
|
The amount of time to wait for each action. Environment variable: Show more |
|
|
The success threshold to use. Environment variable: Show more |
int |
|
The failure threshold to use. Environment variable: Show more |
int |
|
The port number to use when configuring the Environment variable: Show more |
int |
|
The port name for selecting the port of the Environment variable: Show more |
string |
|
The http path to use for the probe. For this to work, the container port also needs to be set. Assuming the container port has been set (as per above comment), if execAction or tcpSocketAction are not set, an HTTP probe will be used automatically even if no path is set (which will result in the root path being used). If Smallrye Health is used, the path will automatically be set according to the health check path. Environment variable: Show more |
string |
|
The scheme of the Environment variable: Show more |
string |
|
The command to use for the probe. Environment variable: Show more |
string |
|
The tcp socket to use for the probe (the format is host:port). Environment variable: Show more |
string |
|
The gRPC port to use for the probe (the format is either port or port:service). Environment variable: Show more |
string |
|
If enabled and Environment variable: Show more |
boolean |
|
The amount of time to wait before starting to probe. Environment variable: Show more |
|
|
The period in which the action should be called. Environment variable: Show more |
|
|
The amount of time to wait for each action. Environment variable: Show more |
|
|
The success threshold to use. Environment variable: Show more |
int |
|
The failure threshold to use. Environment variable: Show more |
int |
|
The name of the volumeName to mount. Environment variable: Show more |
string |
|
The path to mount. Environment variable: Show more |
string |
|
Path within the volumeName from which the container’s volumeName should be mounted. Environment variable: Show more |
string |
|
ReadOnly. Environment variable: Show more |
boolean |
|
CPU Requirements Environment variable: Show more |
string |
|
Memory Requirements Environment variable: Show more |
string |
|
CPU Requirements Environment variable: Show more |
string |
|
Memory Requirements Environment variable: Show more |
string |
|
The ip address. Environment variable: Show more |
string |
|
The hostnames to resolve to the ip. Environment variable: Show more |
list of string |
|
The key of the nodeSelector. Environment variable: Show more |
string |
required |
The value of the nodeSelector. Environment variable: Show more |
string |
required |
CPU Requirements Environment variable: Show more |
string |
|
Memory Requirements Environment variable: Show more |
string |
|
CPU Requirements Environment variable: Show more |
string |
|
Memory Requirements Environment variable: Show more |
string |
|
If set, the secret will mounted to the application container and its contents will be used for application configuration. Environment variable: Show more |
string |
|
If set, the config map will be mounted to the application container and its contents will be used for application configuration. Environment variable: Show more |
string |
|
The name of the role. Environment variable: Show more |
string |
|
The namespace of the role. Environment variable: Show more |
string |
|
Labels to add into the Role resource. Environment variable: Show more |
Map<String,String> |
|
API groups of the policy rule. Environment variable: Show more |
list of string |
|
Non resource URLs of the policy rule. Environment variable: Show more |
list of string |
|
Resource names of the policy rule. Environment variable: Show more |
list of string |
|
Resources of the policy rule. Environment variable: Show more |
list of string |
|
Verbs of the policy rule. Environment variable: Show more |
list of string |
|
The name of the cluster role. Environment variable: Show more |
string |
|
Labels to add into the ClusterRole resource. Environment variable: Show more |
Map<String,String> |
|
API groups of the policy rule. Environment variable: Show more |
list of string |
|
Non resource URLs of the policy rule. Environment variable: Show more |
list of string |
|
Resource names of the policy rule. Environment variable: Show more |
list of string |
|
Resources of the policy rule. Environment variable: Show more |
list of string |
|
Verbs of the policy rule. Environment variable: Show more |
list of string |
|
The name of the service account. Environment variable: Show more |
string |
|
The namespace of the service account. Environment variable: Show more |
string |
|
Labels of the service account. Environment variable: Show more |
Map<String,String> |
|
If true, this service account will be used in the generated Deployment resource. Environment variable: Show more |
boolean |
|
Name of the RoleBinding resource to be generated. If not provided, it will use the application name plus the role ref name. Environment variable: Show more |
string |
|
Labels to add into the RoleBinding resource. Environment variable: Show more |
Map<String,String> |
|
The name of the Role resource to use by the RoleRef element in the generated Role Binding resource. By default, it’s "view" role name. Environment variable: Show more |
string |
|
If the Role sets in the Environment variable: Show more |
boolean |
|
The "name" resource to use by the Subject element in the generated Role Binding resource. Environment variable: Show more |
string |
|
The "kind" resource to use by the Subject element in the generated Role Binding resource. By default, it uses the "ServiceAccount" kind. Environment variable: Show more |
string |
|
The "apiGroup" resource that matches with the "kind" property. By default, it’s empty. Environment variable: Show more |
string |
|
The "namespace" resource to use by the Subject element in the generated Role Binding resource. By default, it will use the same as provided in the generated resources. Environment variable: Show more |
string |
|
Name of the ClusterRoleBinding resource to be generated. If not provided, it will use the application name plus the role ref name. Environment variable: Show more |
string |
|
Labels to add into the RoleBinding resource. Environment variable: Show more |
Map<String,String> |
|
The name of the ClusterRole resource to use by the RoleRef element in the generated ClusterRoleBinding resource. Environment variable: Show more |
string |
required |
The "name" resource to use by the Subject element in the generated Role Binding resource. Environment variable: Show more |
string |
|
The "kind" resource to use by the Subject element in the generated Role Binding resource. By default, it uses the "ServiceAccount" kind. Environment variable: Show more |
string |
|
The "apiGroup" resource that matches with the "kind" property. By default, it’s empty. Environment variable: Show more |
string |
|
The "namespace" resource to use by the Subject element in the generated Role Binding resource. By default, it will use the same as provided in the generated resources. Environment variable: Show more |
string |
|
The SELinux level label that applies to the container. Environment variable: Show more |
string |
|
The SELinux role label that applies to the container. Environment variable: Show more |
string |
|
The SELinux type label that applies to the container. Environment variable: Show more |
string |
|
The SELinux user label that applies to the container. Environment variable: Show more |
string |
|
The name of the GMSA credential spec to use. Environment variable: Show more |
string |
|
GMSACredentialSpec is where the GMSA admission webhook (windows-gsma) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field. Environment variable: Show more |
string |
|
The UserName in Windows to run the entrypoint of the container process. Environment variable: Show more |
string |
|
HostProcess determines if a container should be run as a 'Host Process' container. Environment variable: Show more |
boolean |
|
The UID to run the entrypoint of the container process. Environment variable: Show more |
long |
|
The GID to run the entrypoint of the container process. Environment variable: Show more |
long |
|
Indicates that the container must run as a non-root user. Environment variable: Show more |
boolean |
|
A list of groups applied to the first process run in each container, in addition to the container’s primary GID. If unspecified, no groups will be added to any container. Environment variable: Show more |
list of long |
|
A special supplemental group that applies to all containers in a pod. Environment variable: Show more |
long |
|
Sysctls hold a list of namespaced sysctls used for the pod. Environment variable: Show more |
Map<String,String> |
|
It holds policies that will be used for applying fsGroup to a volume when volume is mounted. Values: OnRootMismatch, Always Environment variable: Show more |
|
|
Switch used to control whether non-idempotent fields are included in generated kubernetes resources to improve git-ops compatibility. Environment variable: Show more |
boolean |
|
Whether the vcs-uri annotation should be added to the generated configuration. Environment variable: Show more |
boolean |
|
Optional override of the vcs-uri annotation. Environment variable: Show more |
string |
|
The kind of the deployment resource to use. Supported values are 'StatefulSet', 'Job', 'CronJob' and 'Deployment' defaulting to the latter. Environment variable: Show more |
|
|
The target deployment platform. Defaults to kubernetes. Can be kubernetes, openshift, knative, minikube etc., or any combination of the above as comma separated list. Environment variable: Show more |
list of string |
|
Specifies the deployment strategy. Environment variable: Show more |
|
|
Specifies the maximum number of Pods that can be unavailable during the update process. Environment variable: Show more |
string |
|
Specifies the maximum number of Pods that can be created over the desired number of Pods. Environment variable: Show more |
string |
|
The number of desired pods Environment variable: Show more |
int |
|
The nodePort to set when serviceType is set to node-port. Environment variable: Show more |
int |
|
If true, the service will be exposed Environment variable: Show more |
boolean |
|
The host under which the application is going to be exposed Environment variable: Show more |
string |
|
The default target named port. If not provided, it will be deducted from the Service resource ports. Options are: "http" and "https". Environment variable: Show more |
string |
|
The class of the Ingress. If the ingressClassName is omitted, a default Ingress class is used. Environment variable: Show more |
string |
|
Custom annotations to add to exposition (route or ingress) resources Environment variable: Show more |
Map<String,String> |
|
If true, it will use the TLS configuration in the generated Ingress resource. Environment variable: Show more |
boolean |
|
The list of hosts to be included in the TLS certificate. By default, it will use the application host. Environment variable: Show more |
list of string |
|
The host under which the rule is going to be used. Environment variable: Show more |
string |
required |
The path under which the rule is going to be used. Default is "/". Environment variable: Show more |
string |
|
The path type strategy to use by the Ingress rule. Default is "Prefix". Environment variable: Show more |
string |
|
The service name to be used by this Ingress rule. Default is the generated service name of the application. Environment variable: Show more |
string |
|
The service port name to be used by this Ingress rule. Default is the port name of the generated service of the application. Environment variable: Show more |
string |
|
The service port number to be used by this Ingress rule. This is only used when the servicePortName is not set. Environment variable: Show more |
int |
|
Specifies the maximum desired number of pods the job should run at any given time. Environment variable: Show more |
int |
|
Specifies the desired number of successfully finished pods the job should be run with. Environment variable: Show more |
int |
|
CompletionMode specifies how Pod completions are tracked. Environment variable: Show more |
|
|
Specifies the number of retries before marking this job failed. Environment variable: Show more |
int |
|
Specifies the duration in seconds relative to the startTime that the job may be continuously active before the system tries to terminate it; value must be positive integer. Environment variable: Show more |
long |
|
Limits the lifetime of a Job that has finished execution (either Complete or Failed). If this field is set, ttlSecondsAfterFinished after the Job finishes, it is eligible to be automatically deleted. Environment variable: Show more |
int |
|
Suspend specifies whether the Job controller should create Pods or not. Environment variable: Show more |
boolean |
|
Restart policy when the job container fails. Environment variable: Show more |
|
|
The schedule in Cron format, see Cron. Environment variable: Show more |
string |
|
The time zone for the job schedule. The default value is the local time of the kube-controller-manager. Environment variable: Show more |
string |
|
ConcurrencyPolicy describes how the job will be handled. Environment variable: Show more |
|
|
Deadline in seconds for starting the job if it misses scheduled time for any reason. Missed jobs executions will be counted as failed ones. Environment variable: Show more |
long |
|
The number of failed finished jobs to retain. The default value is 1. Environment variable: Show more |
int |
|
The number of successful finished jobs to retain. The default value is 3. Environment variable: Show more |
int |
|
Specifies the maximum desired number of pods the job should run at any given time. Environment variable: Show more |
int |
|
Specifies the desired number of successfully finished pods the job should be run with. Environment variable: Show more |
int |
|
CompletionMode specifies how Pod completions are tracked. Environment variable: Show more |
|
|
Specifies the number of retries before marking this job failed. Environment variable: Show more |
int |
|
Specifies the duration in seconds relative to the startTime that the job may be continuously active before the system tries to terminate it; value must be positive integer. Environment variable: Show more |
long |
|
Limits the lifetime of a Job that has finished execution (either Complete or Failed). If this field is set, ttlSecondsAfterFinished after the Job finishes, it is eligible to be automatically deleted. Environment variable: Show more |
int |
|
Suspend specifies whether the Job controller should create Pods or not. Environment variable: Show more |
boolean |
|
Restart policy when the job container fails. Environment variable: Show more |
|
|
If true, the debug mode in pods will be enabled. Environment variable: Show more |
boolean |
|
The transport to use. Environment variable: Show more |
string |
|
If enabled, it means the JVM will wait for the debugger to attach before executing the main class. If false, the JVM will immediately execute the main class, while listening for the debugger connection. Environment variable: Show more |
string |
|
It specifies the address at which the debug socket will listen. Environment variable: Show more |
int |
|
If true, the init task will be generated. Otherwise, the init task resource generation will be skipped. Environment variable: Show more |
boolean |
|
The init task image to use by the init container. Environment variable: Show more |
string |
|
Image pull policy. Environment variable: Show more |
|
|
If true, the init task will be generated. Otherwise, the init task resource generation will be skipped. Environment variable: Show more |
boolean |
|
The init task image to use by the init container. Environment variable: Show more |
string |
|
Image pull policy. Environment variable: Show more |
|
|
Optionally set directory generated Kubernetes resources will be written to. Default is Environment variable: Show more |
string |
|
If set to true, Quarkus will attempt to deploy the application to the target Kubernetes cluster Environment variable: Show more |
boolean |
|
If deploy is enabled, it will follow this strategy to update the resources to the target Kubernetes cluster. Environment variable: Show more |
|
|
Properties that use non-standard types, can be referenced by expanding the property.
For example to define a kubernetes-readiness-probe which is of type Probe:
quarkus.kubernetes.readiness-probe.initial-delay=20s
quarkus.kubernetes.readiness-probe.period=45sIn this example initial-delay and period are fields of the type Probe.
Below you will find tables describing all available types.
Client Connection Configuration
You may need to configure the connection to your Kubernetes cluster.
By default, it automatically uses the active context used by kubectl.
For instance, if your cluster API endpoint uses a self-signed SSL Certificate you need to explicitly configure the client to trust it. You can achieve this by defining the following property:
quarkus.kubernetes-client.trust-certs=trueThe full list of the Kubernetes client configuration properties is provided below.
Configuration property fixed at build time - All other configuration properties are overridable at runtime
Configuration property |
类型 |
默认 |
|---|---|---|
Whether the client should trust a self-signed certificate if so presented by the API server Environment variable: Show more |
boolean |
|
URL of the Kubernetes API server Environment variable: Show more |
string |
|
Default namespace to use Environment variable: Show more |
string |
|
CA certificate file Environment variable: Show more |
string |
|
CA certificate data Environment variable: Show more |
string |
|
Client certificate file Environment variable: Show more |
string |
|
Client certificate data Environment variable: Show more |
string |
|
Client key file Environment variable: Show more |
string |
|
Client key data Environment variable: Show more |
string |
|
Client key algorithm Environment variable: Show more |
string |
|
Client key passphrase Environment variable: Show more |
string |
|
Kubernetes auth username Environment variable: Show more |
string |
|
Kubernetes auth password Environment variable: Show more |
string |
|
Kubernetes oauth token Environment variable: Show more |
string |
|
Watch reconnect interval Environment variable: Show more |
||
Maximum reconnect attempts in case of watch failure By default there is no limit to the number of reconnect attempts Environment variable: Show more |
int |
|
Maximum amount of time to wait for a connection with the API server to be established Environment variable: Show more |
||
Maximum amount of time to wait for a request to the API server to be completed Environment variable: Show more |
||
Maximum number of retry attempts for API requests that fail with an HTTP code of >= 500 Environment variable: Show more |
int |
|
Time interval between retry attempts for API requests that fail with an HTTP code of >= 500 Environment variable: Show more |
||
HTTP proxy used to access the Kubernetes API server Environment variable: Show more |
string |
|
HTTPS proxy used to access the Kubernetes API server Environment variable: Show more |
string |
|
Proxy username Environment variable: Show more |
string |
|
Proxy password Environment variable: Show more |
string |
|
IP addresses or hosts to exclude from proxying Environment variable: Show more |
list of string |
|
Enable the generation of the RBAC manifests. If enabled and no other role binding are provided using the properties Environment variable: Show more |
boolean |
|
类型 |
默认 |
|
If Dev Services for Kubernetes should be used. (default to true) If this is true and kubernetes client is not configured then a kubernetes cluster will be started and will be used. Environment variable: Show more |
boolean |
|
The kubernetes api server version to use. If not set, Dev Services for Kubernetes will use the latest supported version of the given flavor. see https://github.com/dajudge/kindcontainer/blob/master/k8s-versions.json Environment variable: Show more |
string |
|
The flavor to use (kind, k3s or api-only). Default to api-only. Environment variable: Show more |
|
|
By default, if a kubeconfig is found, Dev Services for Kubernetes will not start. Set this to true to override the kubeconfig config. Environment variable: Show more |
boolean |
|
Indicates if the Kubernetes cluster managed by Quarkus Dev Services is shared. When shared, Quarkus looks for running containers using label-based service discovery. If a matching container is found, it is used, and so a second one is not started. Otherwise, Dev Services for Kubernetes starts a new container. The discovery uses the Container sharing is only used in dev mode. Environment variable: Show more |
boolean |
|
The value of the This property is used when you need multiple shared Kubernetes clusters. Environment variable: Show more |
string |
|
Environment variables that are passed to the container. Environment variable: Show more |
Map<String,String> |
OpenShift
One way to deploy an application to OpenShift is to use s2i (source to image) to create an image stream from the source and then deploy the image stream:
quarkus extension remove kubernetes,jib
quarkus extension add openshift
oc new-project quarkus-project
quarkus build -Dquarkus.container-image.build=true
oc new-app --name=greeting quarkus-project/kubernetes-quickstart:1.0.0-SNAPSHOT
oc expose svc/greeting
oc get route
curl <route>/greeting./mvnw quarkus:remove-extension -Dextensions="kubernetes, jib"
./mvnw quarkus:add-extension -Dextensions="openshift"
oc new-project quarkus-project
./mvnw clean package -Dquarkus.container-image.build=true
oc new-app --name=greeting quarkus-project/kubernetes-quickstart:1.0.0-SNAPSHOT
oc expose svc/greeting
oc get route
curl <route>/greeting./gradlew removeExtension --extensions="kubernetes, jib"
./gradlew addExtension --extensions="openshift"
oc new-project quarkus-project
./gradlew build -Dquarkus.container-image.build=true
oc new-app --name=greeting quarkus-project/kubernetes-quickstart:1.0.0-SNAPSHOT
oc expose svc/greeting
oc get route
curl <route>/greetingSee further information in Deploying to OpenShift.
A description of OpenShift resources and customisable properties is given below alongside Kubernetes resources to show similarities where applicable. This includes an alternative to oc new-app … above, i.e. oc apply -f target/kubernetes/openshift.json .
To enable the generation of OpenShift resources, you need to include OpenShift in the target platforms:
quarkus.kubernetes.deployment-target=openshiftIf you need to generate resources for both platforms (vanilla Kubernetes and OpenShift), then you need to include both (comma separated).
quarkus.kubernetes.deployment-target=kubernetes,openshiftFollowing the execution of ./mvnw package -Dquarkus.container-image.build=true you will notice amongst the other files that are created, two files named
openshift.json and openshift.yml in the target/kubernetes/ directory.
These manifests can be deployed as is to a running cluster, using kubectl:
kubectl apply -f target/kubernetes/openshift.jsonOpenShift’s users might want to use oc rather than kubectl:
oc apply -f target/kubernetes/openshift.jsonFor users that prefer to keep the application.properties independent of the deployment platform, the deployment target can be specified directly in the deploy command by adding -Dquarkus.kubernetes.deployment-target=openshift
in addition to -Dquarkus.kubernetes.deploy=true. Furthermore, Quarkus allows collapsing the two properties into one: -Dquarkus.openshift.deploy=true.
./mvnw clean package -Dquarkus.openshift.deploy=trueThe equivalent with gradle:
./gradlew build -Dquarkus.openshift.deploy=trueIn case that both properties are used with conflicting values quarkus.kubernetes.deployment-target is used.
Quarkus also provides the OpenShift extension. This extension is basically a wrapper around the Kubernetes extension and
relieves OpenShift users of the necessity of setting the deployment-target property to openshift
|
The OpenShift resources can be customized in a similar approach with Kubernetes.
Configuration property fixed at build time - All other configuration properties are overridable at runtime
Configuration property |
类型 |
默认 |
|---|---|---|
The optional list of Secret names to load environment variables from. Environment variable: Show more |
list of string |
|
The optional list of ConfigMap names to load environment variables from. Environment variable: Show more |
list of string |
|
The map associating environment variable names to their associated field references they take their value from. Environment variable: Show more |
Map<String,String> |
|
The environment variable value Environment variable: Show more |
string |
|
The optional name of the Secret from which a value is to be extracted. Mutually exclusive with Environment variable: Show more |
string |
|
The optional name of the ConfigMap from which a value is to be extracted. Mutually exclusive with Environment variable: Show more |
string |
|
The key identifying the field from which the value is extracted. Environment variable: Show more |
string |
required |
The optional prefix to use when adding the environment variable to the container. Environment variable: Show more |
string |
|
The optional prefix to use when adding the environment variable to the container. Environment variable: Show more |
string |
|
The name of the group this component belongs too. Environment variable: Show more |
string |
|
The name of the application. This value will be used for naming Kubernetes resources like: - Deployment - Service and so on … Environment variable: Show more |
string |
|
The version of the application. Environment variable: Show more |
string |
|
The namespace the generated resources should belong to. If not value is set, then the 'namespace' field will not be added to the 'metadata' section of the generated manifests. This in turn means that when the manifests are applied to a cluster, the namespace will be resolved from the current Kubernetes context (see organize-cluster-access-kubeconfig for more details). Environment variable: Show more |
string |
|
Custom labels to add to all resources. Environment variable: Show more |
Map<String,String> |
|
Custom annotations to add to all resources. Environment variable: Show more |
Map<String,String> |
|
The type of service that will be generated for the application Environment variable: Show more |
|
|
Whether to add the build timestamp to the Kubernetes annotations This is a very useful way to have manifests of successive builds of the same application differ - thus ensuring that Kubernetes will apply the updated resources. Environment variable: Show more |
boolean |
|
If Environment variable: Show more |
boolean |
|
If Environment variable: Show more |
boolean |
|
Working directory. Environment variable: Show more |
string |
|
list of string |
||
The arguments. Environment variable: Show more |
list of string |
|
The service account. Environment variable: Show more |
string |
|
If set, it will change the name of the container according to the configuration. Environment variable: Show more |
string |
|
The port number. Refers to the container port. Environment variable: Show more |
int |
|
The host port. Environment variable: Show more |
int |
|
The application path (refers to web application path). Environment variable: Show more |
string |
|
The protocol. Environment variable: Show more |
|
|
The nodePort to which this port should be mapped to. This only takes affect when the serviceType is set to node-port. Environment variable: Show more |
int |
|
If enabled, the port will be configured to use the schema HTTPS. Environment variable: Show more |
boolean |
|
Image pull policy. Environment variable: Show more |
|
|
The image pull secret. Environment variable: Show more |
list of string |
|
Enable generation of image pull secret, when the container image username and password are provided. Environment variable: Show more |
boolean |
|
The port number to use when configuring the Environment variable: Show more |
int |
|
The port name for selecting the port of the Environment variable: Show more |
string |
|
The http path to use for the probe. For this to work, the container port also needs to be set. Assuming the container port has been set (as per above comment), if execAction or tcpSocketAction are not set, an HTTP probe will be used automatically even if no path is set (which will result in the root path being used). If Smallrye Health is used, the path will automatically be set according to the health check path. Environment variable: Show more |
string |
|
The scheme of the Environment variable: Show more |
string |
|
The command to use for the probe. Environment variable: Show more |
string |
|
The tcp socket to use for the probe (the format is host:port). Environment variable: Show more |
string |
|
The gRPC port to use for the probe (the format is either port or port:service). Environment variable: Show more |
string |
|
If enabled and Environment variable: Show more |
boolean |
|
The amount of time to wait before starting to probe. Environment variable: Show more |
|
|
The period in which the action should be called. Environment variable: Show more |
|
|
The amount of time to wait for each action. Environment variable: Show more |
|
|
The success threshold to use. Environment variable: Show more |
int |
|
The failure threshold to use. Environment variable: Show more |
int |
|
The port number to use when configuring the Environment variable: Show more |
int |
|
The port name for selecting the port of the Environment variable: Show more |
string |
|
The http path to use for the probe. For this to work, the container port also needs to be set. Assuming the container port has been set (as per above comment), if execAction or tcpSocketAction are not set, an HTTP probe will be used automatically even if no path is set (which will result in the root path being used). If Smallrye Health is used, the path will automatically be set according to the health check path. Environment variable: Show more |
string |
|
The scheme of the Environment variable: Show more |
string |
|
The command to use for the probe. Environment variable: Show more |
string |
|
The tcp socket to use for the probe (the format is host:port). Environment variable: Show more |
string |
|
The gRPC port to use for the probe (the format is either port or port:service). Environment variable: Show more |
string |
|
If enabled and Environment variable: Show more |
boolean |
|
The amount of time to wait before starting to probe. Environment variable: Show more |
|
|
The period in which the action should be called. Environment variable: Show more |
|
|
The amount of time to wait for each action. Environment variable: Show more |
|
|
The success threshold to use. Environment variable: Show more |
int |
|
The failure threshold to use. Environment variable: Show more |
int |
|
The port number to use when configuring the Environment variable: Show more |
int |
|
The port name for selecting the port of the Environment variable: Show more |
string |
|
The http path to use for the probe. For this to work, the container port also needs to be set. Assuming the container port has been set (as per above comment), if execAction or tcpSocketAction are not set, an HTTP probe will be used automatically even if no path is set (which will result in the root path being used). If Smallrye Health is used, the path will automatically be set according to the health check path. Environment variable: Show more |
string |
|
The scheme of the Environment variable: Show more |
string |
|
The command to use for the probe. Environment variable: Show more |
string |
|
The tcp socket to use for the probe (the format is host:port). Environment variable: Show more |
string |
|
The gRPC port to use for the probe (the format is either port or port:service). Environment variable: Show more |
string |
|
If enabled and Environment variable: Show more |
boolean |
|
The amount of time to wait before starting to probe. Environment variable: Show more |
|
|
The period in which the action should be called. Environment variable: Show more |
|
|
The amount of time to wait for each action. Environment variable: Show more |
|
|
The success threshold to use. Environment variable: Show more |
int |
|
The failure threshold to use. Environment variable: Show more |
int |
|
When true (the default), emit a set of annotations to identify services that should be scraped by prometheus for metrics. In configurations that use the Prometheus operator with ServiceMonitor, annotations may not be necessary. Environment variable: Show more |
boolean |
|
When true (the default), emit a set of annotations to identify services that should be scraped by prometheus for metrics. In configurations that use the Prometheus operator with ServiceMonitor, annotations may not be necessary. Environment variable: Show more |
boolean |
|
Define the annotation prefix used for scrape values, this value will be used as the base for other annotation name defaults. Altering the base for generated annotations can make it easier to define re-labeling rules and avoid unexpected knock-on effects. The default value is Environment variable: Show more |
string |
|
Define the annotation used to indicate services that should be scraped. By default, Environment variable: Show more |
string |
|
Define the annotation used to indicate the path to scrape. By default, Environment variable: Show more |
string |
|
Define the annotation used to indicate the port to scrape. By default, Environment variable: Show more |
string |
|
Define the annotation used to indicate the scheme to use for scraping By default, Environment variable: Show more |
string |
|
The name of the volumeName to mount. Environment variable: Show more |
string |
|
The path to mount. Environment variable: Show more |
string |
|
Path within the volumeName from which the container’s volumeName should be mounted. Environment variable: Show more |
string |
|
ReadOnly. Environment variable: Show more |
boolean |
|
The name of the secret to mount. Environment variable: Show more |
string |
required |
Default mode. When specifying an octal number, leading zero must be present. Environment variable: Show more |
string |
|
The path where the file will be mounted. Environment variable: Show more |
string |
required |
It must be a value between 0000 and 0777. If not specified, the volume defaultMode will be used. Environment variable: Show more |
int |
|
Optional Environment variable: Show more |
boolean |
|
The name of the ConfigMap to mount. Environment variable: Show more |
string |
required |
Default mode. When specifying an octal number, leading zero must be present. Environment variable: Show more |
string |
|
The path where the file will be mounted. Environment variable: Show more |
string |
required |
It must be a value between 0000 and 0777. If not specified, the volume defaultMode will be used. Environment variable: Show more |
int |
|
Optional Environment variable: Show more |
boolean |
|
EmptyDir volumes. Environment variable: Show more |
list of string |
|
Git repository URL. Environment variable: Show more |
string |
required |
The directory of the repository to mount. Environment variable: Show more |
string |
|
The commit hash to use. Environment variable: Show more |
string |
|
The name of the claim to mount. Environment variable: Show more |
string |
required |
Default mode. When specifying an octal number, leading zero must be present. Environment variable: Show more |
string |
|
Optional Environment variable: Show more |
boolean |
|
The name of the disk to mount. Environment variable: Show more |
string |
required |
The partition. Environment variable: Show more |
int |
|
Filesystem type. Environment variable: Show more |
string |
|
Whether the volumeName is read only or not. Environment variable: Show more |
boolean |
|
The share name. Environment variable: Show more |
string |
required |
The secret name. Environment variable: Show more |
string |
required |
Whether the volumeName is read only or not. Environment variable: Show more |
boolean |
|
The name of the disk to mount. Environment variable: Show more |
string |
required |
The URI of the vhd blob object OR the resourceID of an Azure managed data disk if Kind is Managed Environment variable: Show more |
string |
required |
Kind of disk. Environment variable: Show more |
|
|
Disk caching mode. Environment variable: Show more |
|
|
File system type. Environment variable: Show more |
string |
|
Whether the volumeName is read only or not. Environment variable: Show more |
boolean |
|
The optional list of Secret names to load environment variables from. Environment variable: Show more |
list of string |
|
The optional list of ConfigMap names to load environment variables from. Environment variable: Show more |
list of string |
|
The map associating environment variable names to their associated field references they take their value from. Environment variable: Show more |
Map<String,String> |
|
The environment variable value Environment variable: Show more |
string |
|
The optional name of the Secret from which a value is to be extracted. Mutually exclusive with Environment variable: Show more |
string |
|
The optional name of the ConfigMap from which a value is to be extracted. Mutually exclusive with Environment variable: Show more |
string |
|
The key identifying the field from which the value is extracted. Environment variable: Show more |
string |
required |
The optional prefix to use when adding the environment variable to the container. Environment variable: Show more |
string |
|
The optional prefix to use when adding the environment variable to the container. Environment variable: Show more |
string |
|
The container image. Environment variable: Show more |
string |
|
Working directory. Environment variable: Show more |
string |
|
The commands Environment variable: Show more |
list of string |
|
The arguments Environment variable: Show more |
list of string |
|
The service account. Environment variable: Show more |
string |
|
The host under which the application is going to be exposed. Environment variable: Show more |
string |
|
The port number. Refers to the container port. Environment variable: Show more |
int |
|
The host port. Environment variable: Show more |
int |
|
The application path (refers to web application path). Environment variable: Show more |
string |
|
The protocol. Environment variable: Show more |
|
|
The nodePort to which this port should be mapped to. This only takes affect when the serviceType is set to node-port. Environment variable: Show more |
int |
|
If enabled, the port will be configured to use the schema HTTPS. Environment variable: Show more |
boolean |
|
Image pull policy. Environment variable: Show more |
|
|
The image pull secrets. Environment variable: Show more |
list of string |
|
The port number to use when configuring the Environment variable: Show more |
int |
|
The port name for selecting the port of the Environment variable: Show more |
string |
|
The http path to use for the probe. For this to work, the container port also needs to be set. Assuming the container port has been set (as per above comment), if execAction or tcpSocketAction are not set, an HTTP probe will be used automatically even if no path is set (which will result in the root path being used). If Smallrye Health is used, the path will automatically be set according to the health check path. Environment variable: Show more |
string |
|
The scheme of the Environment variable: Show more |
string |
|
The command to use for the probe. Environment variable: Show more |
string |
|
The tcp socket to use for the probe (the format is host:port). Environment variable: Show more |
string |
|
The gRPC port to use for the probe (the format is either port or port:service). Environment variable: Show more |
string |
|
If enabled and Environment variable: Show more |
boolean |
|
The amount of time to wait before starting to probe. Environment variable: Show more |
|
|
The period in which the action should be called. Environment variable: Show more |
|
|
The amount of time to wait for each action. Environment variable: Show more |
|
|
The success threshold to use. Environment variable: Show more |
int |
|
The failure threshold to use. Environment variable: Show more |
int |
|
The port number to use when configuring the Environment variable: Show more |
int |
|
The port name for selecting the port of the Environment variable: Show more |
string |
|
The http path to use for the probe. For this to work, the container port also needs to be set. Assuming the container port has been set (as per above comment), if execAction or tcpSocketAction are not set, an HTTP probe will be used automatically even if no path is set (which will result in the root path being used). If Smallrye Health is used, the path will automatically be set according to the health check path. Environment variable: Show more |
string |
|
The scheme of the Environment variable: Show more |
string |
|
The command to use for the probe. Environment variable: Show more |
string |
|
The tcp socket to use for the probe (the format is host:port). Environment variable: Show more |
string |
|
The gRPC port to use for the probe (the format is either port or port:service). Environment variable: Show more |
string |
|
If enabled and Environment variable: Show more |
boolean |
|
The amount of time to wait before starting to probe. Environment variable: Show more |
|
|
The period in which the action should be called. Environment variable: Show more |
|
|
The amount of time to wait for each action. Environment variable: Show more |
|
|
The success threshold to use. Environment variable: Show more |
int |
|
The failure threshold to use. Environment variable: Show more |
int |
|
The name of the volumeName to mount. Environment variable: Show more |
string |
|
The path to mount. Environment variable: Show more |
string |
|
Path within the volumeName from which the container’s volumeName should be mounted. Environment variable: Show more |
string |
|
ReadOnly. Environment variable: Show more |
boolean |
|
CPU Requirements Environment variable: Show more |
string |
|
Memory Requirements Environment variable: Show more |
string |
|
CPU Requirements Environment variable: Show more |
string |
|
Memory Requirements Environment variable: Show more |
string |
|
The optional list of Secret names to load environment variables from. Environment variable: Show more |
list of string |
|
The optional list of ConfigMap names to load environment variables from. Environment variable: Show more |
list of string |
|
The map associating environment variable names to their associated field references they take their value from. Environment variable: Show more |
Map<String,String> |
|
The environment variable value Environment variable: Show more |
string |
|
The optional name of the Secret from which a value is to be extracted. Mutually exclusive with Environment variable: Show more |
string |
|
The optional name of the ConfigMap from which a value is to be extracted. Mutually exclusive with Environment variable: Show more |
string |
|
The key identifying the field from which the value is extracted. Environment variable: Show more |
string |
required |
The optional prefix to use when adding the environment variable to the container. Environment variable: Show more |
string |
|
The optional prefix to use when adding the environment variable to the container. Environment variable: Show more |
string |
|
The container image. Environment variable: Show more |
string |
|
Working directory. Environment variable: Show more |
string |
|
The commands Environment variable: Show more |
list of string |
|
The arguments Environment variable: Show more |
list of string |
|
The service account. Environment variable: Show more |
string |
|
The host under which the application is going to be exposed. Environment variable: Show more |
string |
|
The port number. Refers to the container port. Environment variable: Show more |
int |
|
The host port. Environment variable: Show more |
int |
|
The application path (refers to web application path). Environment variable: Show more |
string |
|
The protocol. Environment variable: Show more |
|
|
The nodePort to which this port should be mapped to. This only takes affect when the serviceType is set to node-port. Environment variable: Show more |
int |
|
If enabled, the port will be configured to use the schema HTTPS. Environment variable: Show more |
boolean |
|
Image pull policy. Environment variable: Show more |
|
|
The image pull secrets. Environment variable: Show more |
list of string |
|
The port number to use when configuring the Environment variable: Show more |
int |
|
The port name for selecting the port of the Environment variable: Show more |
string |
|
The http path to use for the probe. For this to work, the container port also needs to be set. Assuming the container port has been set (as per above comment), if execAction or tcpSocketAction are not set, an HTTP probe will be used automatically even if no path is set (which will result in the root path being used). If Smallrye Health is used, the path will automatically be set according to the health check path. Environment variable: Show more |
string |
|
The scheme of the Environment variable: Show more |
string |
|
The command to use for the probe. Environment variable: Show more |
string |
|
The tcp socket to use for the probe (the format is host:port). Environment variable: Show more |
string |
|
The gRPC port to use for the probe (the format is either port or port:service). Environment variable: Show more |
string |
|
If enabled and Environment variable: Show more |
boolean |
|
The amount of time to wait before starting to probe. Environment variable: Show more |
|
|
The period in which the action should be called. Environment variable: Show more |
|
|
The amount of time to wait for each action. Environment variable: Show more |
|
|
The success threshold to use. Environment variable: Show more |
int |
|
The failure threshold to use. Environment variable: Show more |
int |
|
The port number to use when configuring the Environment variable: Show more |
int |
|
The port name for selecting the port of the Environment variable: Show more |
string |
|
The http path to use for the probe. For this to work, the container port also needs to be set. Assuming the container port has been set (as per above comment), if execAction or tcpSocketAction are not set, an HTTP probe will be used automatically even if no path is set (which will result in the root path being used). If Smallrye Health is used, the path will automatically be set according to the health check path. Environment variable: Show more |
string |
|
The scheme of the Environment variable: Show more |
string |
|
The command to use for the probe. Environment variable: Show more |
string |
|
The tcp socket to use for the probe (the format is host:port). Environment variable: Show more |
string |
|
The gRPC port to use for the probe (the format is either port or port:service). Environment variable: Show more |
string |
|
If enabled and Environment variable: Show more |
boolean |
|
The amount of time to wait before starting to probe. Environment variable: Show more |
|
|
The period in which the action should be called. Environment variable: Show more |
|
|
The amount of time to wait for each action. Environment variable: Show more |
|
|
The success threshold to use. Environment variable: Show more |
int |
|
The failure threshold to use. Environment variable: Show more |
int |
|
The name of the volumeName to mount. Environment variable: Show more |
string |
|
The path to mount. Environment variable: Show more |
string |
|
Path within the volumeName from which the container’s volumeName should be mounted. Environment variable: Show more |
string |
|
ReadOnly. Environment variable: Show more |
boolean |
|
CPU Requirements Environment variable: Show more |
string |
|
Memory Requirements Environment variable: Show more |
string |
|
CPU Requirements Environment variable: Show more |
string |
|
Memory Requirements Environment variable: Show more |
string |
|
The ip address. Environment variable: Show more |
string |
|
The hostnames to resolve to the ip. Environment variable: Show more |
list of string |
|
The key of the nodeSelector. Environment variable: Show more |
string |
required |
The value of the nodeSelector. Environment variable: Show more |
string |
required |
CPU Requirements Environment variable: Show more |
string |
|
Memory Requirements Environment variable: Show more |
string |
|
CPU Requirements Environment variable: Show more |
string |
|
Memory Requirements Environment variable: Show more |
string |
|
If set, the secret will mounted to the application container and its contents will be used for application configuration. Environment variable: Show more |
string |
|
If set, the config map will be mounted to the application container and its contents will be used for application configuration. Environment variable: Show more |
string |
|
The name of the role. Environment variable: Show more |
string |
|
The namespace of the role. Environment variable: Show more |
string |
|
Labels to add into the Role resource. Environment variable: Show more |
Map<String,String> |
|
API groups of the policy rule. Environment variable: Show more |
list of string |
|
Non resource URLs of the policy rule. Environment variable: Show more |
list of string |
|
Resource names of the policy rule. Environment variable: Show more |
list of string |
|
Resources of the policy rule. Environment variable: Show more |
list of string |
|
Verbs of the policy rule. Environment variable: Show more |
list of string |
|
The name of the cluster role. Environment variable: Show more |
string |
|
Labels to add into the ClusterRole resource. Environment variable: Show more |
Map<String,String> |
|
API groups of the policy rule. Environment variable: Show more |
list of string |
|
Non resource URLs of the policy rule. Environment variable: Show more |
list of string |
|
Resource names of the policy rule. Environment variable: Show more |
list of string |
|
Resources of the policy rule. Environment variable: Show more |
list of string |
|
Verbs of the policy rule. Environment variable: Show more |
list of string |
|
The name of the service account. Environment variable: Show more |
string |
|
The namespace of the service account. Environment variable: Show more |
string |
|
Labels of the service account. Environment variable: Show more |
Map<String,String> |
|
If true, this service account will be used in the generated Deployment resource. Environment variable: Show more |
boolean |
|
Name of the RoleBinding resource to be generated. If not provided, it will use the application name plus the role ref name. Environment variable: Show more |
string |
|
Labels to add into the RoleBinding resource. Environment variable: Show more |
Map<String,String> |
|
The name of the Role resource to use by the RoleRef element in the generated Role Binding resource. By default, it’s "view" role name. Environment variable: Show more |
string |
|
If the Role sets in the Environment variable: Show more |
boolean |
|
The "name" resource to use by the Subject element in the generated Role Binding resource. Environment variable: Show more |
string |
|
The "kind" resource to use by the Subject element in the generated Role Binding resource. By default, it uses the "ServiceAccount" kind. Environment variable: Show more |
string |
|
The "apiGroup" resource that matches with the "kind" property. By default, it’s empty. Environment variable: Show more |
string |
|
The "namespace" resource to use by the Subject element in the generated Role Binding resource. By default, it will use the same as provided in the generated resources. Environment variable: Show more |
string |
|
Name of the ClusterRoleBinding resource to be generated. If not provided, it will use the application name plus the role ref name. Environment variable: Show more |
string |
|
Labels to add into the RoleBinding resource. Environment variable: Show more |
Map<String,String> |
|
The name of the ClusterRole resource to use by the RoleRef element in the generated ClusterRoleBinding resource. Environment variable: Show more |
string |
required |
The "name" resource to use by the Subject element in the generated Role Binding resource. Environment variable: Show more |
string |
|
The "kind" resource to use by the Subject element in the generated Role Binding resource. By default, it uses the "ServiceAccount" kind. Environment variable: Show more |
string |
|
The "apiGroup" resource that matches with the "kind" property. By default, it’s empty. Environment variable: Show more |
string |
|
The "namespace" resource to use by the Subject element in the generated Role Binding resource. By default, it will use the same as provided in the generated resources. Environment variable: Show more |
string |
|
The SELinux level label that applies to the container. Environment variable: Show more |
string |
|
The SELinux role label that applies to the container. Environment variable: Show more |
string |
|
The SELinux type label that applies to the container. Environment variable: Show more |
string |
|
The SELinux user label that applies to the container. Environment variable: Show more |
string |
|
The name of the GMSA credential spec to use. Environment variable: Show more |
string |
|
GMSACredentialSpec is where the GMSA admission webhook (windows-gsma) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field. Environment variable: Show more |
string |
|
The UserName in Windows to run the entrypoint of the container process. Environment variable: Show more |
string |
|
HostProcess determines if a container should be run as a 'Host Process' container. Environment variable: Show more |
boolean |
|
The UID to run the entrypoint of the container process. Environment variable: Show more |
long |
|
The GID to run the entrypoint of the container process. Environment variable: Show more |
long |
|
Indicates that the container must run as a non-root user. Environment variable: Show more |
boolean |
|
A list of groups applied to the first process run in each container, in addition to the container’s primary GID. If unspecified, no groups will be added to any container. Environment variable: Show more |
list of long |
|
A special supplemental group that applies to all containers in a pod. Environment variable: Show more |
long |
|
Sysctls hold a list of namespaced sysctls used for the pod. Environment variable: Show more |
Map<String,String> |
|
It holds policies that will be used for applying fsGroup to a volume when volume is mounted. Values: OnRootMismatch, Always Environment variable: Show more |
|
|
Switch used to control whether non-idempotent fields are included in generated kubernetes resources to improve git-ops compatibility. Environment variable: Show more |
boolean |
|
Whether the vcs-uri annotation should be added to the generated configuration. Environment variable: Show more |
boolean |
|
Optional override of the vcs-uri annotation. Environment variable: Show more |
string |
|
The OpenShift flavor / version to use. Older versions of OpenShift have minor differences in the labels and fields they support. This option allows users to have their manifests automatically aligned to the OpenShift 'flavor' they use. Environment variable: Show more |
|
|
The kind of the deployment resource to use. Supported values are 'Deployment', 'StatefulSet', 'Job', 'CronJob' and 'DeploymentConfig'. Defaults to 'DeploymentConfig' if Environment variable: Show more |
|
|
The number of desired pods Environment variable: Show more |
int |
|
The nodePort to set when serviceType is set to nodePort Environment variable: Show more |
int |
|
If true, the service will be exposed Environment variable: Show more |
boolean |
|
The host under which the application is going to be exposed Environment variable: Show more |
string |
|
The target named port. If not provided, it will be deducted from the Service resource ports. Options are: "http" and "https". Environment variable: Show more |
string |
|
Custom annotations to add to exposition (route or ingress) resources Environment variable: Show more |
Map<String,String> |
|
Custom labels to add to exposition (route or ingress) resources Environment variable: Show more |
Map<String,String> |
|
The cert authority certificate contents. Environment variable: Show more |
string |
|
The certificate contents. Environment variable: Show more |
string |
|
The contents of the ca certificate of the final destination. Environment variable: Show more |
string |
|
The desired behavior for insecure connections to a route. Environment variable: Show more |
string |
|
The key file contents. Environment variable: Show more |
string |
|
The termination type. Environment variable: Show more |
string |
|
Specifies the maximum desired number of pods the job should run at any given time. Environment variable: Show more |
int |
|
Specifies the desired number of successfully finished pods the job should be run with. Environment variable: Show more |
int |
|
CompletionMode specifies how Pod completions are tracked. Environment variable: Show more |
|
|
Specifies the number of retries before marking this job failed. Environment variable: Show more |
int |
|
Specifies the duration in seconds relative to the startTime that the job may be continuously active before the system tries to terminate it; value must be positive integer. Environment variable: Show more |
long |
|
Limits the lifetime of a Job that has finished execution (either Complete or Failed). If this field is set, ttlSecondsAfterFinished after the Job finishes, it is eligible to be automatically deleted. Environment variable: Show more |
int |
|
Suspend specifies whether the Job controller should create Pods or not. Environment variable: Show more |
boolean |
|
Restart policy when the job container fails. Environment variable: Show more |
|
|
The schedule in Cron format, see Cron. Environment variable: Show more |
string |
|
The time zone for the job schedule. The default value is the local time of the kube-controller-manager. Environment variable: Show more |
string |
|
ConcurrencyPolicy describes how the job will be handled. Environment variable: Show more |
|
|
Deadline in seconds for starting the job if it misses scheduled time for any reason. Missed jobs executions will be counted as failed ones. Environment variable: Show more |
long |
|
The number of failed finished jobs to retain. The default value is 1. Environment variable: Show more |
int |
|
The number of successful finished jobs to retain. The default value is 3. Environment variable: Show more |
int |
|
Specifies the maximum desired number of pods the job should run at any given time. Environment variable: Show more |
int |
|
Specifies the desired number of successfully finished pods the job should be run with. Environment variable: Show more |
int |
|
CompletionMode specifies how Pod completions are tracked. Environment variable: Show more |
|
|
Specifies the number of retries before marking this job failed. Environment variable: Show more |
int |
|
Specifies the duration in seconds relative to the startTime that the job may be continuously active before the system tries to terminate it; value must be positive integer. Environment variable: Show more |
long |
|
Limits the lifetime of a Job that has finished execution (either Complete or Failed). If this field is set, ttlSecondsAfterFinished after the Job finishes, it is eligible to be automatically deleted. Environment variable: Show more |
int |
|
Suspend specifies whether the Job controller should create Pods or not. Environment variable: Show more |
boolean |
|
Restart policy when the job container fails. Environment variable: Show more |
|
|
If true, the debug mode in pods will be enabled. Environment variable: Show more |
boolean |
|
The transport to use. Environment variable: Show more |
string |
|
If enabled, it means the JVM will wait for the debugger to attach before executing the main class. If false, the JVM will immediately execute the main class, while listening for the debugger connection. Environment variable: Show more |
string |
|
It specifies the address at which the debug socket will listen. Environment variable: Show more |
int |
|
If true, the init task will be generated. Otherwise, the init task resource generation will be skipped. Environment variable: Show more |
boolean |
|
The init task image to use by the init container. Environment variable: Show more |
string |
|
Image pull policy. Environment variable: Show more |
|
|
If true, the init task will be generated. Otherwise, the init task resource generation will be skipped. Environment variable: Show more |
boolean |
|
The init task image to use by the init container. Environment variable: Show more |
string |
|
Image pull policy. Environment variable: Show more |
|
|
If set to true, Quarkus will attempt to deploy the application to the target Kubernetes cluster Environment variable: Show more |
boolean |
|
If deploy is enabled, it will follow this strategy to update the resources to the target Kubernetes cluster. Environment variable: Show more |
|
|
Knative
To enable the generation of Knative resources, you need to include Knative in the target platforms:
quarkus.kubernetes.deployment-target=knativeFollowing the execution of ./mvnw package you will notice amongst the other files that are created, two files named
knative.json and knative.yml in the target/kubernetes/ directory.
If you look at either file you will see that it contains a Knative Service.
The full source of the knative.json file looks something like this:
{
{
"apiVersion" : "serving.quarkus.knative.dev/v1alpha1",
"kind" : "Service",
"metadata" : {
"annotations": {
"app.quarkus.io/vcs-uri" : "<some url>",
"app.quarkus.io/commit-id" : "<some git SHA>"
},
"labels" : {
"app.kubernetes.io/name" : "test-quarkus-app",
"app.kubernetes.io/version" : "1.0.0-SNAPSHOT"
},
"name" : "knative"
},
"spec" : {
"runLatest" : {
"configuration" : {
"revisionTemplate" : {
"spec" : {
"container" : {
"image" : "dev.local/yourDockerUsername/test-quarkus-app:1.0.0-SNAPSHOT",
"imagePullPolicy" : "Always"
}
}
}
}
}
}
}
}The generated manifest can be deployed as is to a running cluster, using kubectl:
kubectl apply -f target/kubernetes/knative.jsonThe generated service can be customized using the following properties:
Configuration property fixed at build time - All other configuration properties are overridable at runtime
Configuration property |
类型 |
默认 |
|---|---|---|
The optional list of Secret names to load environment variables from. Environment variable: Show more |
list of string |
|
The optional list of ConfigMap names to load environment variables from. Environment variable: Show more |
list of string |
|
The map associating environment variable names to their associated field references they take their value from. Environment variable: Show more |
Map<String,String> |
|
The environment variable value Environment variable: Show more |
string |
|
The optional name of the Secret from which a value is to be extracted. Mutually exclusive with Environment variable: Show more |
string |
|
The optional name of the ConfigMap from which a value is to be extracted. Mutually exclusive with Environment variable: Show more |
string |
|
The key identifying the field from which the value is extracted. Environment variable: Show more |
string |
required |
The optional prefix to use when adding the environment variable to the container. Environment variable: Show more |
string |
|
The optional prefix to use when adding the environment variable to the container. Environment variable: Show more |
string |
|
The name of the group this component belongs too. Environment variable: Show more |
string |
|
The name of the application. This value will be used for naming Kubernetes resources like: - Deployment - Service and so on … Environment variable: Show more |
string |
|
The version of the application. Environment variable: Show more |
string |
|
The namespace the generated resources should belong to. If not value is set, then the 'namespace' field will not be added to the 'metadata' section of the generated manifests. This in turn means that when the manifests are applied to a cluster, the namespace will be resolved from the current Kubernetes context (see organize-cluster-access-kubeconfig for more details). Environment variable: Show more |
string |
|
Custom labels to add to all resources. Environment variable: Show more |
Map<String,String> |
|
Custom annotations to add to all resources. Environment variable: Show more |
Map<String,String> |
|
The type of service that will be generated for the application Environment variable: Show more |
|
|
Whether to add the build timestamp to the Kubernetes annotations This is a very useful way to have manifests of successive builds of the same application differ - thus ensuring that Kubernetes will apply the updated resources. Environment variable: Show more |
boolean |
|
If Environment variable: Show more |
boolean |
|
If Environment variable: Show more |
boolean |
|
Working directory. Environment variable: Show more |
string |
|
list of string |
||
list of string |
||
The service account. Environment variable: Show more |
string |
|
If set, it will change the name of the container according to the configuration. Environment variable: Show more |
string |
|
The port number. Refers to the container port. Environment variable: Show more |
int |
|
The host port. Environment variable: Show more |
int |
|
The application path (refers to web application path). Environment variable: Show more |
string |
|
The protocol. Environment variable: Show more |
|
|
The nodePort to which this port should be mapped to. This only takes affect when the serviceType is set to node-port. Environment variable: Show more |
int |
|
If enabled, the port will be configured to use the schema HTTPS. Environment variable: Show more |
boolean |
|
Image pull policy. Environment variable: Show more |
|
|
The image pull secret. Environment variable: Show more |
list of string |
|
Enable generation of image pull secret, when the container image username and password are provided. Environment variable: Show more |
boolean |
|
The port number to use when configuring the Environment variable: Show more |
int |
|
The port name for selecting the port of the Environment variable: Show more |
string |
|
The http path to use for the probe. For this to work, the container port also needs to be set. Assuming the container port has been set (as per above comment), if execAction or tcpSocketAction are not set, an HTTP probe will be used automatically even if no path is set (which will result in the root path being used). If Smallrye Health is used, the path will automatically be set according to the health check path. Environment variable: Show more |
string |
|
The scheme of the Environment variable: Show more |
string |
|
The command to use for the probe. Environment variable: Show more |
string |
|
The tcp socket to use for the probe (the format is host:port). Environment variable: Show more |
string |
|
The gRPC port to use for the probe (the format is either port or port:service). Environment variable: Show more |
string |
|
If enabled and Environment variable: Show more |
boolean |
|
The amount of time to wait before starting to probe. Environment variable: Show more |
|
|
The period in which the action should be called. Environment variable: Show more |
|
|
The amount of time to wait for each action. Environment variable: Show more |
|
|
The success threshold to use. Environment variable: Show more |
int |
|
The failure threshold to use. Environment variable: Show more |
int |
|
The port number to use when configuring the Environment variable: Show more |
int |
|
The port name for selecting the port of the Environment variable: Show more |
string |
|
The http path to use for the probe. For this to work, the container port also needs to be set. Assuming the container port has been set (as per above comment), if execAction or tcpSocketAction are not set, an HTTP probe will be used automatically even if no path is set (which will result in the root path being used). If Smallrye Health is used, the path will automatically be set according to the health check path. Environment variable: Show more |
string |
|
The scheme of the Environment variable: Show more |
string |
|
The command to use for the probe. Environment variable: Show more |
string |
|
The tcp socket to use for the probe (the format is host:port). Environment variable: Show more |
string |
|
The gRPC port to use for the probe (the format is either port or port:service). Environment variable: Show more |
string |
|
If enabled and Environment variable: Show more |
boolean |
|
The amount of time to wait before starting to probe. Environment variable: Show more |
|
|
The period in which the action should be called. Environment variable: Show more |
|
|
The amount of time to wait for each action. Environment variable: Show more |
|
|
The success threshold to use. Environment variable: Show more |
int |
|
The failure threshold to use. Environment variable: Show more |
int |
|
The port number to use when configuring the Environment variable: Show more |
int |
|
The port name for selecting the port of the Environment variable: Show more |
string |
|
The http path to use for the probe. For this to work, the container port also needs to be set. Assuming the container port has been set (as per above comment), if execAction or tcpSocketAction are not set, an HTTP probe will be used automatically even if no path is set (which will result in the root path being used). If Smallrye Health is used, the path will automatically be set according to the health check path. Environment variable: Show more |
string |
|
The scheme of the Environment variable: Show more |
string |
|
The command to use for the probe. Environment variable: Show more |
string |
|
The tcp socket to use for the probe (the format is host:port). Environment variable: Show more |
string |
|
The gRPC port to use for the probe (the format is either port or port:service). Environment variable: Show more |
string |
|
If enabled and Environment variable: Show more |
boolean |
|
The amount of time to wait before starting to probe. Environment variable: Show more |
|
|
The period in which the action should be called. Environment variable: Show more |
|
|
The amount of time to wait for each action. Environment variable: Show more |
|
|
The success threshold to use. Environment variable: Show more |
int |
|
The failure threshold to use. Environment variable: Show more |
int |
|
When true (the default), emit a set of annotations to identify services that should be scraped by prometheus for metrics. In configurations that use the Prometheus operator with ServiceMonitor, annotations may not be necessary. Environment variable: Show more |
boolean |
|
When true (the default), emit a set of annotations to identify services that should be scraped by prometheus for metrics. In configurations that use the Prometheus operator with ServiceMonitor, annotations may not be necessary. Environment variable: Show more |
boolean |
|
Define the annotation prefix used for scrape values, this value will be used as the base for other annotation name defaults. Altering the base for generated annotations can make it easier to define re-labeling rules and avoid unexpected knock-on effects. The default value is Environment variable: Show more |
string |
|
Define the annotation used to indicate services that should be scraped. By default, Environment variable: Show more |
string |
|
Define the annotation used to indicate the path to scrape. By default, Environment variable: Show more |
string |
|
Define the annotation used to indicate the port to scrape. By default, Environment variable: Show more |
string |
|
Define the annotation used to indicate the scheme to use for scraping By default, Environment variable: Show more |
string |
|
The name of the volumeName to mount. Environment variable: Show more |
string |
|
The path to mount. Environment variable: Show more |
string |
|
Path within the volumeName from which the container’s volumeName should be mounted. Environment variable: Show more |
string |
|
ReadOnly. Environment variable: Show more |
boolean |
|
The name of the secret to mount. Environment variable: Show more |
string |
required |
Default mode. When specifying an octal number, leading zero must be present. Environment variable: Show more |
string |
|
The path where the file will be mounted. Environment variable: Show more |
string |
required |
It must be a value between 0000 and 0777. If not specified, the volume defaultMode will be used. Environment variable: Show more |
int |
|
Optional Environment variable: Show more |
boolean |
|
The name of the ConfigMap to mount. Environment variable: Show more |
string |
required |
Default mode. When specifying an octal number, leading zero must be present. Environment variable: Show more |
string |
|
The path where the file will be mounted. Environment variable: Show more |
string |
required |
It must be a value between 0000 and 0777. If not specified, the volume defaultMode will be used. Environment variable: Show more |
int |
|
Optional Environment variable: Show more |
boolean |
|
EmptyDir volumes. Environment variable: Show more |
list of string |
|
Git repository URL. Environment variable: Show more |
string |
required |
The directory of the repository to mount. Environment variable: Show more |
string |
|
The commit hash to use. Environment variable: Show more |
string |
|
The name of the claim to mount. Environment variable: Show more |
string |
required |
Default mode. When specifying an octal number, leading zero must be present. Environment variable: Show more |
string |
|
Optional Environment variable: Show more |
boolean |
|
The name of the disk to mount. Environment variable: Show more |
string |
required |
The partition. Environment variable: Show more |
int |
|
Filesystem type. Environment variable: Show more |
string |
|
Whether the volumeName is read only or not. Environment variable: Show more |
boolean |
|
The share name. Environment variable: Show more |
string |
required |
The secret name. Environment variable: Show more |
string |
required |
Whether the volumeName is read only or not. Environment variable: Show more |
boolean |
|
The name of the disk to mount. Environment variable: Show more |
string |
required |
The URI of the vhd blob object OR the resourceID of an Azure managed data disk if Kind is Managed Environment variable: Show more |
string |
required |
Kind of disk. Environment variable: Show more |
|
|
Disk caching mode. Environment variable: Show more |
|
|
File system type. Environment variable: Show more |
string |
|
Whether the volumeName is read only or not. Environment variable: Show more |
boolean |
|
The optional list of Secret names to load environment variables from. Environment variable: Show more |
list of string |
|
The optional list of ConfigMap names to load environment variables from. Environment variable: Show more |
list of string |
|
The map associating environment variable names to their associated field references they take their value from. Environment variable: Show more |
Map<String,String> |
|
The environment variable value Environment variable: Show more |
string |
|
The optional name of the Secret from which a value is to be extracted. Mutually exclusive with Environment variable: Show more |
string |
|
The optional name of the ConfigMap from which a value is to be extracted. Mutually exclusive with Environment variable: Show more |
string |
|
The key identifying the field from which the value is extracted. Environment variable: Show more |
string |
required |
The optional prefix to use when adding the environment variable to the container. Environment variable: Show more |
string |
|
The optional prefix to use when adding the environment variable to the container. Environment variable: Show more |
string |
|
The container image. Environment variable: Show more |
string |
|
Working directory. Environment variable: Show more |
string |
|
The commands Environment variable: Show more |
list of string |
|
The arguments Environment variable: Show more |
list of string |
|
The service account. Environment variable: Show more |
string |
|
The host under which the application is going to be exposed. Environment variable: Show more |
string |
|
The port number. Refers to the container port. Environment variable: Show more |
int |
|
The host port. Environment variable: Show more |
int |
|
The application path (refers to web application path). Environment variable: Show more |
string |
|
The protocol. Environment variable: Show more |
|
|
The nodePort to which this port should be mapped to. This only takes affect when the serviceType is set to node-port. Environment variable: Show more |
int |
|
If enabled, the port will be configured to use the schema HTTPS. Environment variable: Show more |
boolean |
|
Image pull policy. Environment variable: Show more |
|
|
The image pull secrets. Environment variable: Show more |
list of string |
|
The port number to use when configuring the Environment variable: Show more |
int |
|
The port name for selecting the port of the Environment variable: Show more |
string |
|
The http path to use for the probe. For this to work, the container port also needs to be set. Assuming the container port has been set (as per above comment), if execAction or tcpSocketAction are not set, an HTTP probe will be used automatically even if no path is set (which will result in the root path being used). If Smallrye Health is used, the path will automatically be set according to the health check path. Environment variable: Show more |
string |
|
The scheme of the Environment variable: Show more |
string |
|
The command to use for the probe. Environment variable: Show more |
string |
|
The tcp socket to use for the probe (the format is host:port). Environment variable: Show more |
string |
|
The gRPC port to use for the probe (the format is either port or port:service). Environment variable: Show more |
string |
|
If enabled and Environment variable: Show more |
boolean |
|
The amount of time to wait before starting to probe. Environment variable: Show more |
|
|
The period in which the action should be called. Environment variable: Show more |
|
|
The amount of time to wait for each action. Environment variable: Show more |
|
|
The success threshold to use. Environment variable: Show more |
int |
|
The failure threshold to use. Environment variable: Show more |
int |
|
The port number to use when configuring the Environment variable: Show more |
int |
|
The port name for selecting the port of the Environment variable: Show more |
string |
|
The http path to use for the probe. For this to work, the container port also needs to be set. Assuming the container port has been set (as per above comment), if execAction or tcpSocketAction are not set, an HTTP probe will be used automatically even if no path is set (which will result in the root path being used). If Smallrye Health is used, the path will automatically be set according to the health check path. Environment variable: Show more |
string |
|
The scheme of the Environment variable: Show more |
string |
|
The command to use for the probe. Environment variable: Show more |
string |
|
The tcp socket to use for the probe (the format is host:port). Environment variable: Show more |
string |
|
The gRPC port to use for the probe (the format is either port or port:service). Environment variable: Show more |
string |
|
If enabled and Environment variable: Show more |
boolean |
|
The amount of time to wait before starting to probe. Environment variable: Show more |
|
|
The period in which the action should be called. Environment variable: Show more |
|
|
The amount of time to wait for each action. Environment variable: Show more |
|
|
The success threshold to use. Environment variable: Show more |
int |
|
The failure threshold to use. Environment variable: Show more |
int |
|
The name of the volumeName to mount. Environment variable: Show more |
string |
|
The path to mount. Environment variable: Show more |
string |
|
Path within the volumeName from which the container’s volumeName should be mounted. Environment variable: Show more |
string |
|
ReadOnly. Environment variable: Show more |
boolean |
|
CPU Requirements Environment variable: Show more |
string |
|
Memory Requirements Environment variable: Show more |
string |
|
CPU Requirements Environment variable: Show more |
string |
|
Memory Requirements Environment variable: Show more |
string |
|
The optional list of Secret names to load environment variables from. Environment variable: Show more |
list of string |
|
The optional list of ConfigMap names to load environment variables from. Environment variable: Show more |
list of string |
|
The map associating environment variable names to their associated field references they take their value from. Environment variable: Show more |
Map<String,String> |
|
The environment variable value Environment variable: Show more |
string |
|
The optional name of the Secret from which a value is to be extracted. Mutually exclusive with Environment variable: Show more |
string |
|
The optional name of the ConfigMap from which a value is to be extracted. Mutually exclusive with Environment variable: Show more |
string |
|
The key identifying the field from which the value is extracted. Environment variable: Show more |
string |
required |
The optional prefix to use when adding the environment variable to the container. Environment variable: Show more |
string |
|
The optional prefix to use when adding the environment variable to the container. Environment variable: Show more |
string |
|
The container image. Environment variable: Show more |
string |
|
Working directory. Environment variable: Show more |
string |
|
The commands Environment variable: Show more |
list of string |
|
The arguments Environment variable: Show more |
list of string |
|
The service account. Environment variable: Show more |
string |
|
The host under which the application is going to be exposed. Environment variable: Show more |
string |
|
The port number. Refers to the container port. Environment variable: Show more |
int |
|
The host port. Environment variable: Show more |
int |
|
The application path (refers to web application path). Environment variable: Show more |
string |
|
The protocol. Environment variable: Show more |
|
|
The nodePort to which this port should be mapped to. This only takes affect when the serviceType is set to node-port. Environment variable: Show more |
int |
|
If enabled, the port will be configured to use the schema HTTPS. Environment variable: Show more |
boolean |
|
Image pull policy. Environment variable: Show more |
|
|
The image pull secrets. Environment variable: Show more |
list of string |
|
The port number to use when configuring the Environment variable: Show more |
int |
|
The port name for selecting the port of the Environment variable: Show more |
string |
|
The http path to use for the probe. For this to work, the container port also needs to be set. Assuming the container port has been set (as per above comment), if execAction or tcpSocketAction are not set, an HTTP probe will be used automatically even if no path is set (which will result in the root path being used). If Smallrye Health is used, the path will automatically be set according to the health check path. Environment variable: Show more |
string |
|
The scheme of the Environment variable: Show more |
string |
|
The command to use for the probe. Environment variable: Show more |
string |
|
The tcp socket to use for the probe (the format is host:port). Environment variable: Show more |
string |
|
The gRPC port to use for the probe (the format is either port or port:service). Environment variable: Show more |
string |
|
If enabled and Environment variable: Show more |
boolean |
|
The amount of time to wait before starting to probe. Environment variable: Show more |
|
|
The period in which the action should be called. Environment variable: Show more |
|
|
The amount of time to wait for each action. Environment variable: Show more |
|
|
The success threshold to use. Environment variable: Show more |
int |
|
The failure threshold to use. Environment variable: Show more |
int |
|
The port number to use when configuring the Environment variable: Show more |
int |
|
The port name for selecting the port of the Environment variable: Show more |
string |
|
The http path to use for the probe. For this to work, the container port also needs to be set. Assuming the container port has been set (as per above comment), if execAction or tcpSocketAction are not set, an HTTP probe will be used automatically even if no path is set (which will result in the root path being used). If Smallrye Health is used, the path will automatically be set according to the health check path. Environment variable: Show more |
string |
|
The scheme of the Environment variable: Show more |
string |
|
The command to use for the probe. Environment variable: Show more |
string |
|
The tcp socket to use for the probe (the format is host:port). Environment variable: Show more |
string |
|
The gRPC port to use for the probe (the format is either port or port:service). Environment variable: Show more |
string |
|
If enabled and Environment variable: Show more |
boolean |
|
The amount of time to wait before starting to probe. Environment variable: Show more |
|
|
The period in which the action should be called. Environment variable: Show more |
|
|
The amount of time to wait for each action. Environment variable: Show more |
|
|
The success threshold to use. Environment variable: Show more |
int |
|
The failure threshold to use. Environment variable: Show more |
int |
|
The name of the volumeName to mount. Environment variable: Show more |
string |
|
The path to mount. Environment variable: Show more |
string |
|
Path within the volumeName from which the container’s volumeName should be mounted. Environment variable: Show more |
string |
|
ReadOnly. Environment variable: Show more |
boolean |
|
CPU Requirements Environment variable: Show more |
string |
|
Memory Requirements Environment variable: Show more |
string |
|
CPU Requirements Environment variable: Show more |
string |
|
Memory Requirements Environment variable: Show more |
string |
|
The ip address. Environment variable: Show more |
string |
|
The hostnames to resolve to the ip. Environment variable: Show more |
list of string |
|
The key of the nodeSelector. Environment variable: Show more |
string |
required |
The value of the nodeSelector. Environment variable: Show more |
string |
required |
CPU Requirements Environment variable: Show more |
string |
|
Memory Requirements Environment variable: Show more |
string |
|
CPU Requirements Environment variable: Show more |
string |
|
Memory Requirements Environment variable: Show more |
string |
|
If set, the secret will mounted to the application container and its contents will be used for application configuration. Environment variable: Show more |
string |
|
If set, the config map will be mounted to the application container and its contents will be used for application configuration. Environment variable: Show more |
string |
|
The name of the role. Environment variable: Show more |
string |
|
The namespace of the role. Environment variable: Show more |
string |
|
Labels to add into the Role resource. Environment variable: Show more |
Map<String,String> |
|
API groups of the policy rule. Environment variable: Show more |
list of string |
|
Non resource URLs of the policy rule. Environment variable: Show more |
list of string |
|
Resource names of the policy rule. Environment variable: Show more |
list of string |
|
Resources of the policy rule. Environment variable: Show more |
list of string |
|
Verbs of the policy rule. Environment variable: Show more |
list of string |
|
The name of the cluster role. Environment variable: Show more |
string |
|
Labels to add into the ClusterRole resource. Environment variable: Show more |
Map<String,String> |
|
API groups of the policy rule. Environment variable: Show more |
list of string |
|
Non resource URLs of the policy rule. Environment variable: Show more |
list of string |
|
Resource names of the policy rule. Environment variable: Show more |
list of string |
|
Resources of the policy rule. Environment variable: Show more |
list of string |
|
Verbs of the policy rule. Environment variable: Show more |
list of string |
|
The name of the service account. Environment variable: Show more |
string |
|
The namespace of the service account. Environment variable: Show more |
string |
|
Labels of the service account. Environment variable: Show more |
Map<String,String> |
|
If true, this service account will be used in the generated Deployment resource. Environment variable: Show more |
boolean |
|
Name of the RoleBinding resource to be generated. If not provided, it will use the application name plus the role ref name. Environment variable: Show more |
string |
|
Labels to add into the RoleBinding resource. Environment variable: Show more |
Map<String,String> |
|
The name of the Role resource to use by the RoleRef element in the generated Role Binding resource. By default, it’s "view" role name. Environment variable: Show more |
string |
|
If the Role sets in the Environment variable: Show more |
boolean |
|
The "name" resource to use by the Subject element in the generated Role Binding resource. Environment variable: Show more |
string |
|
The "kind" resource to use by the Subject element in the generated Role Binding resource. By default, it uses the "ServiceAccount" kind. Environment variable: Show more |
string |
|
The "apiGroup" resource that matches with the "kind" property. By default, it’s empty. Environment variable: Show more |
string |
|
The "namespace" resource to use by the Subject element in the generated Role Binding resource. By default, it will use the same as provided in the generated resources. Environment variable: Show more |
string |
|
Name of the ClusterRoleBinding resource to be generated. If not provided, it will use the application name plus the role ref name. Environment variable: Show more |
string |
|
Labels to add into the RoleBinding resource. Environment variable: Show more |
Map<String,String> |
|
The name of the ClusterRole resource to use by the RoleRef element in the generated ClusterRoleBinding resource. Environment variable: Show more |
string |
required |
The "name" resource to use by the Subject element in the generated Role Binding resource. Environment variable: Show more |
string |
|
The "kind" resource to use by the Subject element in the generated Role Binding resource. By default, it uses the "ServiceAccount" kind. Environment variable: Show more |
string |
|
The "apiGroup" resource that matches with the "kind" property. By default, it’s empty. Environment variable: Show more |
string |
|
The "namespace" resource to use by the Subject element in the generated Role Binding resource. By default, it will use the same as provided in the generated resources. Environment variable: Show more |
string |
|
The SELinux level label that applies to the container. Environment variable: Show more |
string |
|
The SELinux role label that applies to the container. Environment variable: Show more |
string |
|
The SELinux type label that applies to the container. Environment variable: Show more |
string |
|
The SELinux user label that applies to the container. Environment variable: Show more |
string |
|
The name of the GMSA credential spec to use. Environment variable: Show more |
string |
|
GMSACredentialSpec is where the GMSA admission webhook (windows-gsma) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field. Environment variable: Show more |
string |
|
The UserName in Windows to run the entrypoint of the container process. Environment variable: Show more |
string |
|
HostProcess determines if a container should be run as a 'Host Process' container. Environment variable: Show more |
boolean |
|
The UID to run the entrypoint of the container process. Environment variable: Show more |
long |
|
The GID to run the entrypoint of the container process. Environment variable: Show more |
long |
|
Indicates that the container must run as a non-root user. Environment variable: Show more |
boolean |
|
A list of groups applied to the first process run in each container, in addition to the container’s primary GID. If unspecified, no groups will be added to any container. Environment variable: Show more |
list of long |
|
A special supplemental group that applies to all containers in a pod. Environment variable: Show more |
long |
|
Sysctls hold a list of namespaced sysctls used for the pod. Environment variable: Show more |
Map<String,String> |
|
It holds policies that will be used for applying fsGroup to a volume when volume is mounted. Values: OnRootMismatch, Always Environment variable: Show more |
|
|
Switch used to control whether non-idempotent fields are included in generated kubernetes resources to improve git-ops compatibility. Environment variable: Show more |
boolean |
|
Whether the vcs-uri annotation should be added to the generated configuration. Environment variable: Show more |
boolean |
|
Optional override of the vcs-uri annotation. Environment variable: Show more |
string |
|
Whether this service is cluster-local. Cluster local services are not exposed to the outside world. More information in this link. Environment variable: Show more |
boolean |
|
This value controls the minimum number of replicas each revision should have. Knative will attempt to never have less than this number of replicas at any point in time. Environment variable: Show more |
int |
|
This value controls the maximum number of replicas each revision should have. Knative will attempt to never have more than this number of replicas running, or in the process of being created, at any point in time. Environment variable: Show more |
int |
|
The scale-to-zero values control whether Knative allows revisions to scale down to zero, or stops at “1”. Environment variable: Show more |
boolean |
|
The Autoscaler class. Knative Serving comes with its own autoscaler, the KPA (Knative Pod Autoscaler) but can also be configured to use Kubernetes’ HPA (Horizontal Pod Autoscaler) or even a custom third-party autoscaler. Possible values (kpa, hpa, default: kpa). Environment variable: Show more |
|
|
The autoscaling metric to use. Possible values (concurrency, rps, cpu). Environment variable: Show more |
|
|
The autoscaling target. Environment variable: Show more |
int |
|
The exact amount of requests allowed to the replica at a time. Its default value is “0”, which means an unlimited number of requests are allowed to flow into the replica. Environment variable: Show more |
int |
|
This value specifies a percentage of the target to actually be targeted by the autoscaler. Environment variable: Show more |
int |
|
The Autoscaler class. Knative Serving comes with its own autoscaler, the KPA (Knative Pod Autoscaler) but can also be configured to use Kubernetes’ HPA (Horizontal Pod Autoscaler) or even a custom third-party autoscaler. Possible values (kpa, hpa, default: kpa). Environment variable: Show more |
|
|
The exact amount of requests allowed to the replica at a time. Its default value is “0”, which means an unlimited number of requests are allowed to flow Integer>o the replica. Environment variable: Show more |
int |
|
This value specifies a percentage of the target to actually be targeted by the autoscaler. Environment variable: Show more |
int |
|
The requests per second per replica. Environment variable: Show more |
int |
|
The name of the revision. Environment variable: Show more |
string |
|
Tag is optionally used to expose a dedicated url for referencing this target exclusively. Environment variable: Show more |
string |
|
RevisionName of a specific revision to which to send this portion of traffic. Environment variable: Show more |
string |
|
LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty. Environment variable: Show more |
boolean |
|
Percent indicates that percentage based routing should be used and the value indicates the percent of traffic that is to be routed to this Revision or Configuration. Environment variable: Show more |
long |
|
If set to true, Quarkus will attempt to deploy the application to the target Kubernetes cluster Environment variable: Show more |
boolean |
|
If deploy is enabled, it will follow this strategy to update the resources to the target Kubernetes cluster. Environment variable: Show more |
|
|
Deployment targets
Mentioned in the previous sections was the concept of deployment-target. This concept allows users to control which Kubernetes manifests will be generated
and deployed to a cluster (if quarkus.kubernetes.deploy has been set to true).
By default, when no deployment-target is set, then only vanilla Kubernetes resources are generated and deployed. When multiple values are set (for example
quarkus.kubernetes.deployment-target=kubernetes,openshift) then the resources for all targets are generated, but only the resources
that correspond to the first target are applied to the cluster (if deployment is enabled).
For users that prefer to keep the application.properties independent of the deployment platform, the deployment target can be specified directly in the deploy command by adding -Dquarkus.kubernetes.deployment-target=knative
in addition to -Dquarkus.knative.deploy=true. Furthermore, Quarkus allows collapsing the two properties into one: -Dquarkus.knative.deploy=true.
./mvnw clean package -Dquarkus.knative.deploy=trueThe equivalent with gradle:
./gradlew build -Dquarkus.knative.deploy=trueIn case that both properties are used with conflicting values -Dquarkus.kubernetes.deployment-target is used.
In the case of wrapper extensions like OpenShift and Minikube, when these extensions have been explicitly added to the project, the default deployment-target
is set by those extensions. For example if quarkus-minikube has been added to a project, then minikube becomes the default deployment target and its
resources will be applied to the Kubernetes cluster when deployment via quarkus.kubernetes.deploy has been set.
Users can still override the deployment-targets manually using quarkus.kubernetes.deployment-target.
Deprecated configuration
The following categories of configuration properties have been deprecated.
Properties without the quarkus prefix
In earlier versions of the extension, the quarkus. was missing from those properties. These properties are now deprecated.
Docker and S2i properties
The properties for configuring docker and s2i are also deprecated in favor of the new container-image extensions.
Config group arrays
Properties referring to config group arrays (e.g. kubernetes.labels[0], kubernetes.env-vars[0] etc) have been converted to Maps to align with the rest of the Quarkus ecosystem.
The code below demonstrates the change in labels config:
# Old labels config:
kubernetes.labels[0].name=foo
kubernetes.labels[0].value=bar
# New labels
quarkus.kubernetes.labels.foo=barThe code below demonstrates the change in env-vars config:
# Old env-vars config:
kubernetes.env-vars[0].name=foo
kubernetes.env-vars[0].configmap=my-configmap
# New env-vars
quarkus.kubernetes.env-vars.foo.configmap=myconfigmapenv-vars properties
quarkus.kubernetes.env-vars are deprecated (though still currently supported as of this writing) and the new declaration style should be used instead.
See Environment variables and more specifically Backwards compatibility for more details.
Deployment
To trigger building and deploying a container image you need to enable the quarkus.kubernetes.deploy flag (the flag is disabled by default - furthermore it has no effect during test runs or dev mode).
This can be easily done with the command line:
./mvnw clean package -Dquarkus.kubernetes.deploy=trueBuilding a container image
Building a container image is possible, using any of the 3 available container-image extensions:
Each time deployment is requested, a container image build will be implicitly triggered (no additional properties are required when the Kubernetes deployment has been enabled).
Deploying
When deployment is enabled, the Kubernetes extension will select the resources specified by quarkus.kubernetes.deployment-target and deploy them.
This assumes that a .kube/config is available in your user directory that points to the target Kubernetes cluster.
In other words the extension will use whatever cluster kubectl uses. The same applies to credentials.
At the moment no additional options are provided for further customization.
Remote Debugging
To remotely debug applications that are running on a kubernetes environment, we need to deploy the application as described in the previous section and add as new property: quarkus.kubernetes.remote-debug.enabled=true. This property will automatically configure the Java application to append the java agent configuration (for example: -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=5005) and also the service resource to listen using the java agent port.
After your application has been deployed with the debug enabled, next you need to tunnel the traffic from your local host machine to the specified port of the java agent:
kubectl port-forward svc/<application name> 5005:5005Using this command, you’ll forward the traffic from the "localhost:5005" to the kubernetes service running the java agent using the port "5005" which is the one that the java agent uses by default for remote debugging. You can also configure another java agent port using the property quarkus.kubernetes.remote-debug.address-port.
Finally, all you need to do is to configure your favorite IDE to attach the java agent process that is forwarded to localhost:5005 and start to debug your application. For example, in IntelliJ IDEA, you can follow this tutorial to debug remote applications.
Using existing resources
Sometimes it’s desirable to either provide additional resources (e.g. a ConfigMap, a Secret, a Deployment for a database) or provide custom ones that will be used as a base for the generation process.
Those resources can be added under src/main/kubernetes directory and can be named after the target environment (e.g. kubernetes.json, openshift.json, knative.json, or the yml equivalents). The correlation between provided and generated files is done by file name.
So, a kubernetes.json/kubernetes.yml file added in src/main/kubernetes will only affect the generated kubernetes.json/kubernetes.yml. An openshift.json/openshift.yml file added in src/main/kubernetes will only affect the generated openshift.json/openshift.yml.
A knative.json/knative.yml file added in src/main/kubernetes will only affect the generated knative.json/knative.yml and so on. The provided file may be either in json or yaml format and may contain one or more resources. These resources will end up in both generated formats (json and yaml). For example, a secret added in src/main/kubernetes/kubernetes.yml will be added to both the generated kubernetes.yml and kubernetes.json.
Note: At the time of writing there is no mechanism in place that allows a one-to-many relationship between provided and generated files. Minikube is not an exception to the rule above, so if you want to customize the generated minikube manifests, the file placed under src/main/kubernetes will have to be named minikube.json or minikube.yml (naming it kubernetes.yml or kubernetes.json will result in having only the generated kubernetes.yml and kubernetes.json affected).
Any resource found will be added in the generated manifests. Global modifications (e.g. labels, annotations) will also be applied to those resources. If one of the provided resources has the same name as one of the generated ones, then the generated resource will be created on top of the provided resource, respecting existing content when possible (e.g. existing labels, annotations, environment variables, mounts, replicas etc).
The name of the resource is determined by the application name and may be overridden by quarkus.kubernetes.name, quarkus.openshift.name and quarkus.knative.name.
For example, in the kubernetes-quickstart application, we can add a kubernetes.yml file in the src/main/kubernetes that looks like:
apiVersion: apps/v1
kind: Deployment
metadata:
name: kubernetes-quickstart
labels:
app: quickstart
spec:
replicas: 3
selector:
matchLabels:
app: quickstart
template:
metadata:
labels:
app: quickstart
spec:
containers:
- name: kubernetes-quickstart
image: someimage:latest
ports:
- containerPort: 80
env:
- name: FOO
value: BARThe generated kubernetes.yml will look like:
apiVersion: "apps/v1"
kind: "Deployment"
metadata:
annotations:
app.quarkus.io/build-timestamp: "2020-04-10 - 12:54:37 +0000"
labels:
app: "quickstart"
name: "kubernetes-quickstart"
spec:
replicas: 3 (1)
selector:
matchLabels:
app.kubernetes.io/name: "kubernetes-quickstart"
app.kubernetes.io/version: "1.0.0-SNAPSHOT"
template:
metadata:
annotations:
app.quarkus.io/build-timestamp: "2020-04-10 - 12:54:37 +0000"
labels:
app: "quickstart" (2)
spec:
containers:
- env:
- name: "FOO" (3)
value: "BAR"
image: "<<yourDockerUsername>>/kubernetes-quickstart:1.0.0-SNAPSHOT" (4)
imagePullPolicy: "Always"
name: "kubernetes-quickstart"
ports:
- containerPort: 8080 (5)
name: "http"
protocol: "TCP"
serviceAccount: "kubernetes-quickstart"| 1 | The provided replicas, |
| 2 | labels and |
| 3 | environment variables were retained. |
| 4 | However, the image and |
| 5 | the container port were modified. |
Moreover, the default annotations have been added.
|
Using common resources
When generating the manifests for multiple deployment targets like Kubernetes, OpenShift or Knative, we can place the common resources in src/main/kubernetes/common.yml, so these resources will be integrated into the generated kubernetes.json/kubernetes.yml, and openshift.json/openshift.yml files (if you configure the Kubernetes and OpenShift extensions at the same time).
For example, we can write a ConfigMap resource only once in the file src/main/kubernetes/common.yml:
apiVersion: v1
kind: ConfigMap
metadata:
name: common-configmap
data:
hello: worldAnd this config map resource will be integrated into the generated kubernetes.json/kubernetes.yml, and openshift.json/openshift.yml files.
Service Binding
Quarkus supports the Service Binding Specification for Kubernetes to bind services to applications.
Specifically, Quarkus implements the Workload Projection part of the specification, therefore allowing applications to bind to services, such as a Database or a Broker, without the need for user configuration.
To enable Service Binding for supported extensions, add the quarkus-kubernetes-service-binding extension to the application dependencies.
-
The following extensions can be used with Service Binding and are supported for Workload Projection:
-
quarkus-jdbc-mariadb -
quarkus-jdbc-mssql -
quarkus-jdbc-mysql -
quarkus-jdbc-postgresql -
quarkus-mongodb-client -
quarkus-kafka-client -
quarkus-messaging-kafka -
quarkus-reactive-db2-client -
quarkus-reactive-mssql-client -
quarkus-reactive-mysql-client -
quarkus-reactive-oracle-client -
quarkus-reactive-pg-client -
quarkus-infinispan-client
-
Workload Projection
Workload Projection is a process of obtaining the configuration for services from the Kubernetes cluster. This configuration takes the form of directory structures that follow certain conventions and is attached to an application or to a service as a mounted volume. The kubernetes-service-binding extension uses this directory structure to create configuration sources, which allows you to configure additional modules, such as databases or message brokers.
During application development, users can use workload projection to connect their application to a development database, or other locally-run services, without changing the actual application code or configuration.
For an example of a workload projection where the directory structure is included in the test resources and passed to integration test, see the Kubernetes Service Binding datasource GitHub repository.
|
Introduction to the Service Binding Operator
The Service Binding Operator is an Operator that implements Service Binding Specification for Kubernetes and is meant to simplify the binding of services to an application. Containerized applications that support Workload Projection obtain service binding information in the form of volume mounts. The Service Binding Operator reads binding service information and mounts it to the application containers that need it.
The correlation between application and bound services is expressed through the ServiceBinding resources, which declares the intent of what services are meant to be bound to what application.
The Service Binding Operator watches for ServiceBinding resources, which inform the Operator what applications are meant to be bound with what services. When a listed application is deployed, the Service Binding Operator collects all the binding information that must be passed to the application, then upgrades the application container by attaching a volume mount with the binding information.
The Service Binding Operator completes the following actions:
-
Observes
ServiceBindingresources for workloads intended to be bound to a particular service -
Applies the binding information to the workload using volume mounts
The following chapter describes the automatic and semi-automatic service binding approaches and their use cases. With either approach, the kubernetes-service-binding extension generates a ServiceBinding resource. With the semi-automatic approach, users must provide a configuration for target services manually. With the automatic approach, for a limited set of services generating the ServiceBinding resource, no additional configuration is needed.
Semi-automatic service binding
A service binding process starts with a user specification of required services that will be bound to a certain application. This expression is summarized in the ServiceBinding resource that is generated by the kubernetes-service-binding extension. The use of the kubernetes-service-binding extensions helps users to generate ServiceBinding resources with minimal configuration, therefore simplifying the process overall.
The Service Binding Operator responsible for the binding process then reads the information from the ServiceBinding resource and mounts the required files to a container accordingly.
-
An example of the
ServiceBindingresource:apiVersion: binding.operators.coreos.com/v1beta1 kind: ServiceBinding metadata: name: binding-request namespace: service-binding-demo spec: application: name: java-app group: apps version: v1 resource: deployments services: - group: postgres-operator.crunchydata.com version: v1beta1 kind: Database name: db-demo id: postgresDB-
The
quarkus-kubernetes-service-bindingextension provides a more compact way of expressing the same information. For example:quarkus.kubernetes-service-binding.services.db-demo.api-version=postgres-operator.crunchydata.com/v1beta1 quarkus.kubernetes-service-binding.services.db-demo.kind=Database
-
After adding the earlier configuration properties inside your application.properties, the quarkus-kubernetes, in combination with the quarkus-kubernetes-service-binding extension, automatically generates the ServiceBinding resource.
The earlier mentioned db-demo property-configuration identifier now has a double role and also completes the following actions:
-
Correlates and groups
api-versionandkindproperties together -
Defines the
nameproperty for the custom resource with a possibility for a later edit. For example:quarkus.kubernetes-service-binding.services.db-demo.api-version=postgres-operator.crunchydata.com/v1beta1 quarkus.kubernetes-service-binding.services.db-demo.kind=Database quarkus.kubernetes-service-binding.services.db-demo.name=my-db
-
For a semi-automatic service binding demonstration, see How to use Quarkus with the Service Binding Operator
Automatic service binding
The quarkus-kubernetes-service-binding extension can generate the ServiceBinding resource automatically after detecting that an application requires access to the external services that are provided by available bindable Operators.
| Automatic service binding can be generated for a limited number of service types. To be consistent with established terminology for Kubernetes and Quarkus services, this chapter refers to these service types as kinds. |
Operator |
API Version |
Kind |
|
|
postgres-operator.crunchydata.com/v1beta1 |
PostgresCluster |
|
|
pxc.percona.com/v1-9-0 |
PerconaXtraDBCluster |
|
|
psmdb.percona.com/v1-9-0 |
PerconaServerMongoDB |
Automatic datasource binding
For traditional databases, automatic binding is initiated whenever a datasource is configured as follows:
quarkus.datasource.db-kind=postgresqlThe previous configuration, combined with the presence of quarkus-datasource, quarkus-jdbc-postgresql, quarkus-kubernetes, and quarkus-kubernetes-service-binding properties in the application, results in the generation of the ServiceBinding resource for the postgresql database type.
By using the apiVersion and kind properties of the Operator resource, which matches the used postgresql Operator, the generated ServiceBinding resource binds the service or resource to the application.
When you do not specify a name for your database service, the value of the db-kind property is used as the default name.
services:
- apiVersion: postgres-operator.crunchydata.com/v1beta1
kind: PostgresCluster
name: postgresqlSpecified the name of the datasource as follows:
quarkus.datasource.fruits-db.db-kind=postgresqlThe service in the generated ServiceBinding then displays as follows:
services:
- apiVersion: postgres-operator.crunchydata.com/v1beta1
kind: PostgresCluster
name: fruits-dbSimilarly, if you use mysql, the name of the datasource can be specified as follows:
quarkus.datasource.fruits-db.db-kind=mysqlThe generated service contains the following:
services:
- apiVersion: pxc.percona.com/v1-9-0
kind: PerconaXtraDBCluster
name: fruits-dbCustomizing Automatic Service Binding
Even though automatic binding was developed to eliminate as much manual configuration as possible, there are cases where modifying the generated ServiceBinding resource might still be needed. The generation process exclusively relies on information extracted from the application and the knowledge of the supported Operators, which may not reflect what is deployed in the cluster. The generated resource is based purely on the knowledge of the supported bindable Operators for popular service kinds and a set of conventions that were developed to prevent possible mismatches, such as:
-
The target resource name does not match the datasource name
-
A specific Operator needs to be used rather than the default Operator for that service kind
-
Version conflicts that occur when a user needs to use any other version than default or latest
-
The target resource coordinates are determined based on the type of Operator and the kind of service.
-
The target resource name is set by default to match the service kind, such as
postgresql,mysql,mongo. -
For named datasources, the name of the datasource is used.
-
For named
mongoclients, the name of the client is used.
For cases in which you need to modify the generated ServiceBinding to fix a name mismatch, use the quarkus.kubernetes-service-binding.services properties and specify the service’s name as the service key.
The service key is usually the name of the service, for example the name of the datasource, or the name of the mongo client. When this value is not available, the datasource type, such as postgresql, mysql, mongo, is used instead.
To avoid naming conflicts between different types of services, prefix the service key with a specific datasource type, such as postgresql-<person>.
The following example shows how to customize the apiVersion property of the PostgresCluster resource:
quarkus.datasource.db-kind=postgresql
quarkus.kubernetes-service-binding.services.postgresql.api-version=postgres-operator.crunchydata.com/v1beta2In Example 1, the db-kind(postgresql) was used as a service key. In this example, because the datasource is named, according to convention, the datasource name (fruits-db) is used instead.
The following example shows that for a named datasource, the datasource name is used as the name of the target resource:
quarkus.datasource.fruits-db.db-kind=postgresqlThis has the same effect as the following configuration:
quarkus.kubernetes-service-binding.services.fruits-db.api-version=postgres-operator.crunchydata.com/v1beta1
quarkus.kubernetes-service-binding.services.fruits-db.kind=PostgresCluster
quarkus.kubernetes-service-binding.services.fruits-db.name=fruits-db-
For more details about the available properties and how do they work, see the Workload Projection part of the Service Binding specification.
