oc new-project ${GUID}-nexus --display-name "${GUID} Shared Nexus"

oc new-app sonatype/nexus3:3.21.2 --name=nexus

oc expose svc nexus

oc rollout pause dc nexus

oc patch dc nexus --patch='{ "spec": { "strategy": { "type": "Recreate" }}}'

oc set resources dc nexus --limits=memory=1Gi,cpu=2 --requests=memory=500m,cpu=500m

oc set volume dc/nexus --add --overwrite --name=nexus-volume-1 --mount-path=/nexus-data/ --type persistentVolumeClaim --claim-name=nexus-pvc --claim-size=3Gi

oc set probe dc/nexus --liveness --failure-threshold 3 --initial-delay-seconds 60 — echo ok

oc set probe dc/nexus --readiness --failure-threshold 3 --initial-delay-seconds 60 --get-url=https://:8081/

oc rollout resume dc nexus

oc get pods

#<your-nexus-pod> nexus-1-vc8vv

export NEXUS_PASSWORD=$(oc rsh nexus-1-vc8vv cat /nexus-data/admin.password) export NEXUS_PASSWORD=qwert12345 echo $NEXUS_PASSWORD

qwert12345 curl -o setup_nexus3.sh -s https://raw.githubusercontent.com/redhat-gpte-devopsautomation/ocp_advanced_development_resources/master/nexus/setup_nexus3.sh chmod +x setup_nexus3.sh ./setup_nexus3.sh admin $NEXUS_PASSWORD https://$(oc get route nexus --template='{{ .spec.host }}') rm setup_nexus3.sh

vi /etc/hosts #add 192.168.85.13 nexus-cicd-nexus.apps.os311.test.it.example.com 192.168.85.13 sonarqube-cicd-sonarqube.apps.os311.test.it.example.com 192.168.85.13 jenkins-cicd-jenkins.apps.os311.test.it.example.com

oc expose dc nexus --port=5000 --name=nexus-registry oc create route edge nexus-registry --service=nexus-registry --port=5000

mvn -s ./nexus_openshift_settings.xml sonar:sonar -Dsonar.host.url=https://sonarqube-405f-sonarqube.apps.shared.na.openshift.opentlc.com/ -Dsonar.projectName=test1 -Dsonar.projectVersion=0" mvn -s ./nexus_openshift_settings.xml sonar:sonar -Dsonar.host.url=https://sonarqube-cicd-sonarqube.apps.os311.test.it.example.com/ -Dsonar.projectName=test1 -Dsonar.projectVersion=0" mvn -s ./nexus_openshift_settings.xml deploy -DskipTests=true -DaltDeploymentRepository=nexus::default::https://nexus-cicd-nexus.apps.os311.test.it.example.com:8081/repository/maven-public"

oc new-project ${GUID}-sonarqube --display-name "${GUID} Shared Sonarqube"

oc new-app --template=postgresql-persistent --param POSTGRESQL_USER=sonar --param POSTGRESQL_PASSWORD=sonar --param POSTGRESQL_DATABASE=sonar --param VOLUME_CAPACITY=2Gi --labels=app=sonarqube_db

oc new-app --docker-image=quay.io/gpte-devops-automation/sonarqube:7.9.1 --env=SONARQUBE_JDBC_USERNAME=sonar --env=SONARQUBE_JDBC_PASSWORD=sonar --env=SONARQUBE_JDBC_URL=jdbc:postgresql:https://postgresql/sonar --labels=app=sonarqube

oc rollout pause dc sonarqube

oc expose service sonarqube

oc set volume dc/sonarqube --add --overwrite --name=sonarqube-volume-1 --mount-path=/opt/sonarqube/data/ --type persistentVolumeClaim --claim-name=sonarqube-pvc --claim-size=2Gi

oc set resources dc/sonarqube --limits=memory=1Gi,cpu=2 --requests=memory=500m,cpu=500m

oc patch dc sonarqube --patch='{ "spec": { "strategy": { "type": "Recreate" }}}'

oc set probe dc/sonarqube --liveness --failure-threshold 3 --initial-delay-seconds 40 --get-url=https://:9000/about

oc set probe dc/sonarqube --readiness --failure-threshold 3 --initial-delay-seconds 20 --get-url=https://:9000/about

oc patch dc/sonarqube --type=merge -p '{"spec": {"template": {"metadata": {"labels": {"tuned.openshift.io/elasticsearch": "true"}}}}}'

oc rollout resume dc sonarqube

https://sonarqube-cicd-sonarqube.apps.os311.test.it.example.com/

jenkins-cicd-jenkins.apps.os311.test.it.example.com

oc new-project ${GUID}-jenkins --display-name "${GUID} Shared Jenkins"

oc new-app jenkins-persistent --param ENABLE_OAUTH=true --param MEMORY_LIMIT=1Gi --param VOLUME_CAPACITY=2Gi --param DISABLE_ADMINISTRATIVE_MONITORS=true

oc set resources dc jenkins --limits=memory=2Gi,cpu=2 --requests=memory=500m,cpu=500m

oc rollout resume dc jenkins

oc rollout latest dc jenkins

oc adm policy add-scc-to-group anyuid system:serviceaccounts:jenkins #无法以root 运行需要增加权限

oc new-build --strategy=docker -D $'FROM quay.io/openshift/origin-jenkins-agent-maven:4.1.0\n USER root\n RUN curl https://copr.fedorainfracloud.org/coprs/alsadi/dumb-init/repo/epel-7/alsadi-dumb-init-epel-7.repo -o /etc/yum.repos.d/alsadi-dumb-init-epel-7.repo && \ \n curl https://raw.githubusercontent.com/cloudrouter/centos-repo/master/CentOS-Base.repo -o /etc/yum.repos.d/CentOS-Base.repo && \ \n curl https://mirror.centos.org/centos-7/7/os/x86_64/RPM-GPG-KEY-CentOS-7 -o /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 && \ \n DISABLES="--disablerepo=rhel-server-extras --disablerepo=rhel-server --disablerepo=rhel-fast-datapath --disablerepo=rhel-server-optional --disablerepo=rhel-server-ose --disablerepo=rhel-server-rhscl" && \ \n yum $DISABLES -y --setopt=tsflags=nodocs install skopeo &amp;&amp; yum clean all\n USER 1001' --name=jenkins-agent-appdev -n ${GUID}-jenkins

oc new-project ${GUID}-tasks-dev --display-name "${GUID} Tasks Development" oc policy add-role-to-user edit system:serviceaccount:${GUID}-jenkins:jenkins -n ${GUID}-tasks-dev # Set up Dev Application #oc new-build --binary=true --name="tasks" jboss-eap72-openshift:1.0 -n ${GUID}-tasks-dev oc new-build --binary=true --name="tasks" jboss-eap71-openshift:1.1 oc new-app ${GUID}-tasks-dev/tasks:0.0-0 --name=tasks --allow-missing-imagestream-tags=true -n ${GUID}-tasks-dev oc set triggers dc/tasks --remove-all -n ${GUID}-tasks-dev oc expose dc tasks --port 8080 -n ${GUID}-tasks-dev oc expose svc tasks -n ${GUID}-tasks-dev oc set probe dc/tasks -n ${GUID}-tasks-dev --readiness --failure-threshold 3 --initial-delay-seconds 60 --get-url=https://:8080/ oc create configmap tasks-config --from-literal="application-users.properties=Placeholder" --from-literal="application-roles.properties=Placeholder" -n ${GUID}-tasks-dev oc set volume dc/tasks --add --name=jboss-config --mount-path=/opt/eap/standalone/configuration/application-users.properties --sub-path=application-users.properties --configmap-name=tasks-config -n ${GUID}-tasks-dev oc set volume dc/tasks --add --name=jboss-config1 --mount-path=/opt/eap/standalone/configuration/application-roles.properties --sub-path=application-roles.properties --configmap-name=tasks-config -n ${GUID}-tasks-dev

oc new-project ${GUID}-tasks-prod --display-name "${GUID} Tasks Prod"

oc policy add-role-to-group system:image-puller system:serviceaccounts:${GUID}-tasks-prod -n ${GUID}-tasks-dev oc policy add-role-to-user edit system:serviceaccount:${GUID}-jenkins:jenkins -n ${GUID}-tasks-prod

1. # Create Blue Application oc new-app ${GUID}-tasks-dev/tasks:0.0 --name=tasks-blue --allow-missing-imagestream-tags=true -n ${GUID}-tasks-prod oc set triggers dc/tasks-blue --remove-all -n ${GUID}-tasks-prod oc expose dc tasks-blue --port 8080 -n ${GUID}-tasks-prod oc set probe dc tasks-blue -n ${GUID}-tasks-prod --readiness --failure-threshold 3 --initial-delay-seconds 60 --get-url=https://:8080/ oc create configmap tasks-blue-config --from-literal="application-users.properties=Placeholder" --from-literal="application-roles.properties=Placeholder" -n ${GUID}-tasks-prod oc set volume dc/tasks-blue --add --name=jboss-config --mount-path=/opt/eap/standalone/configuration/application-users.properties --sub-path=application-users.properties --configmap-name=tasks-blue-config -n ${GUID}-tasks-prod oc set volume dc/tasks-blue --add --name=jboss-config1 --mount-path=/opt/eap/standalone/configuration/application-roles.properties --sub-path=application-roles.properties --configmap-name=tasks-blue-config -n ${GUID}-tasks-prod

The tasks-rs quickstart demonstrates how to implement a JAX-RS service that uses JPA 2.0 persistence deployed to Red Hat JBoss Enterprise Application Platform.

The application manages User and Task JPA entities. A user represents an authenticated principal and is associated with zero or more Tasks. Service methods validate that there is an authenticated principal and the first time a principal is seen, a JPA User entity is created to correspond to the principal. JAX-RS annotated methods are provided for associating Tasks with this User and for listing and removing Tasks.

Note: This quickstart uses the H2 database included with Red Hat JBoss Enterprise Application Platform 6. It is a lightweight, relational example datasource that is used for examples only. It is not robust or scalable, is not supported, and should NOT be used in a production environment!_

Note: This quickstart uses a *-ds.xml datasource configuration file for convenience and ease of database configuration. These files are deprecated in JBoss EAP 6.4 and should not be used in a production environment. Instead, you should configure the datasource using the Management CLI or Management Console. Datasource configuration is documented in the [Administration and Configuration Guide](https://access.redhat.com/documentation/en-US/JBoss_Enterprise_Application_Platform/) for Red Hat JBoss Enterprise Application Platform._

Users and passwords are defined in configuration\application-users.properties and application-roles.properties. Users can be created using the JBoss add-users.sh shell script in a JBoss EAP installation.

Currently the following users are defined:

• Create a task with name {task_name}

  curl -u tasks:redhat1 -H 'Content-Length: 0' -X POST https://{tasks_route}/ws/tasks/{task_name}

• Get a task by id

  curl -u 'tasks:redhat1' -H "Accept: application/json" -X GET https://{tasks_route}/ws/tasks/{tasks_id}

• Get all tasks for user

  curl -u 'tasks:redhat1' -H "Accept: application/json" -X GET https://{tasks_route}/ws/tasks

• Delete a task by id

  curl -i -u 'tasks:redhat1' -X DELETE https://{tasks_route}/ws/tasks/{tasks_id}

• Generate CPU load. Last parameter is duration of load in seconds

  # 5 seconds
  curl -X GET https://{tasks_route}/ws/demo/load/5