0

我正在尝试在 OpenshiftContainer 的 deployconfig 中添加以下 JAVA_OPTIONS 但抛出语法错误。谁能帮我如何在 OpenshiftContainer 中添加参数请 JAVA_OPTIONS

-Djavax.net.ssl.trustStore={KEYSTORE_PATH}/cacerts.ts,
-Djavax.net.ssl.trustStorePassword=changeit,
Djavax.net.ssl.keyStore=${KEYSTORE_PATH}/keystore.pkcs12-Djavax.net.ssl.keyStorePassword=${KEYSTORE_PASS}
-Djava.awt.headless=true,

部署配置为 json:

{
            "apiVersion": "apps.openshift.io/v1",
            "kind": "DeploymentConfig",
            "metadata": {
                "labels": {
                    "app": "${APP_NAME}"
                },
                "name": "${APP_NAME}"
            },
            "spec": {
                "replicas": 1,
                "selector": {
                    "app": "${APP_NAME}",
                    "deploymentconfig": "${APP_NAME}"
                },
                "strategy": null,
                "template": {
                    "metadata": {
                        "labels": {
                            "app": "${APP_NAME}",
                            "deploymentconfig": "${APP_NAME}"
                        }
                    },
                    "spec": {
                        "containers": [
                            {
                                "env": [
                                    {
                                        "name": "SPRING_PROFILE",
                                        "value": "migration"
                                    },
                                    {
                                        "name": "JAVA_MAIN_CLASS",
                                        "value": "com.agcs.Application"
                                    },
                                    {
                                        "name": "JAVA_OPTIONS",
                                        "value":"-Djavax.net.ssl.trustStore={KEYSTORE_PATH}/cacerts.ts",
                                                 "-Djavax.net.ssl.trustStorePassword=changeit",
                                                -Djavax.net.ssl.keyStore=${KEYSTORE_PATH}/keystore.pkcs12
                                               -Djavax.net.ssl.keyStorePassword=${KEYSTORE_PASS}
                                                -Djava.awt.headless=true,
                                    },
                                    {
                                        "name": "MONGO_AUTH_DB",
                                        "valueFrom": {
                                            "secretKeyRef": {
                                                "key": "spring.data.mongodb.authentication-database",
                                                "name": "mongodb-secret"
                                            }
                                        }
                                    },
                                    
                                    
                                ],
        
                                "image": "${IMAGE_NAME}",
                                "imagePullPolicy": "Always",
                                "name": "${APP_NAME}",
                                "ports": [
                                    {
                                        "containerPort": 8103,
                                        "protocol": "TCP"
                                    }
                                ],
                                
                                "resources": {
                                    "limits": {
                                        "cpu": "500m",
                                        "memory": "1Gi"
                                    },
                                    "requests": {
                                        "cpu": "500m",
                                        "memory": "500Mi"
                                    }
                                },
                                "volumeMounts":[
                                    {
                                        "name": "secret-volume",
                                        "mountPath": "/mnt/secrets",
                                        "readOnly": true
                                    }
                                ]
                            
                            }
                        ],
                        "volumes": [
                            {
                                "name": "secret-volume",
                                "secret": {
                                    "secretName": "keystore-new"
                                }
                            }
                        ]
                        
                    }
                }
            }
        }
4

1 回答 1

0
{
    "name": "JAVA_OPTIONS",
    "value":"-Djavax.net.ssl.trustStore={KEYSTORE_PATH}/cacerts.ts",
             "-Djavax.net.ssl.trustStorePassword=changeit",
            -Djavax.net.ssl.keyStore=${KEYSTORE_PATH}/keystore.pkcs12
           -Djavax.net.ssl.keyStorePassword=${KEYSTORE_PASS}
            -Djava.awt.headless=true,
},

这是无效的 json,因为键value只能有一个值,而您提供了多个逗号分隔的字符串。

JAVA_OPTIONS不是标准环境变量,所以我们不知道它是如何处理的,但也许这会起作用?

{
    "name": "JAVA_OPTIONS",
    "value":"-Djavax.net.ssl.trustStore={KEYSTORE_PATH}/cacerts.ts -Djavax.net.ssl.trustStorePassword=changeit -Djavax.net.ssl.keyStore=${KEYSTORE_PATH}/keystore.pkcs12 -Djavax.net.ssl.keyStorePassword=${KEYSTORE_PASS} -Djava.awt.headless=true"
},

但是仍然可能存在一个问题,因为它似乎{KEYSTORE_PATH}应该是一个变量。在这个文件中没有定义或扩展。对于第一次尝试,可能只是硬编码所有这些变量的值。

对于机密(例如密码),您可以硬编码一些值以进行初始测试,但请使用 OpenShift Secrets 进行正式测试和实际部署。

于 2022-01-20T00:01:47.507 回答