how can JAVA_OPTIONS added in deployconfig in OpenshiftContainer

Question

I am trying to add below JAVA_OPTIONS in deployconfig in OpenshiftContainer but is throwing syntax error .Could anyone help me how to add parameters in OpenshiftContainer please JAVA_OPTIONS

-Djavax.net.ssl.trustStore={KEYSTORE_PATH}/cacerts.ts,
-Djavax.net.ssl.trustStorePassword=changeit,
Djavax.net.ssl.keyStore=${KEYSTORE_PATH}/keystore.pkcs12-Djavax.net.ssl.keyStorePassword=${KEYSTORE_PASS}
-Djava.awt.headless=true,

deploymentConfig as json:

{
            "apiVersion": "apps.openshift.io/v1",
            "kind": "DeploymentConfig",
            "metadata": {
                "labels": {
                    "app": "${APP_NAME}"
                },
                "name": "${APP_NAME}"
            },
            "spec": {
                "replicas": 1,
                "selector": {
                    "app": "${APP_NAME}",
                    "deploymentconfig": "${APP_NAME}"
                },
                "strategy": null,
                "template": {
                    "metadata": {
                        "labels": {
                            "app": "${APP_NAME}",
                            "deploymentconfig": "${APP_NAME}"
                        }
                    },
                    "spec": {
                        "containers": [
                            {
                                "env": [
                                    {
                                        "name": "SPRING_PROFILE",
                                        "value": "migration"
                                    },
                                    {
                                        "name": "JAVA_MAIN_CLASS",
                                        "value": "com.agcs.Application"
                                    },
                                    {
                                        "name": "JAVA_OPTIONS",
                                        "value":"-Djavax.net.ssl.trustStore={KEYSTORE_PATH}/cacerts.ts",
                                                 "-Djavax.net.ssl.trustStorePassword=changeit",
                                                -Djavax.net.ssl.keyStore=${KEYSTORE_PATH}/keystore.pkcs12
                                               -Djavax.net.ssl.keyStorePassword=${KEYSTORE_PASS}
                                                -Djava.awt.headless=true,
                                    },
                                    {
                                        "name": "MONGO_AUTH_DB",
                                        "valueFrom": {
                                            "secretKeyRef": {
                                                "key": "spring.data.mongodb.authentication-database",
                                                "name": "mongodb-secret"
                                            }
                                        }
                                    },
                                    
                                    
                                ],
        
                                "image": "${IMAGE_NAME}",
                                "imagePullPolicy": "Always",
                                "name": "${APP_NAME}",
                                "ports": [
                                    {
                                        "containerPort": 8103,
                                        "protocol": "TCP"
                                    }
                                ],
                                
                                "resources": {
                                    "limits": {
                                        "cpu": "500m",
                                        "memory": "1Gi"
                                    },
                                    "requests": {
                                        "cpu": "500m",
                                        "memory": "500Mi"
                                    }
                                },
                                "volumeMounts":[
                                    {
                                        "name": "secret-volume",
                                        "mountPath": "/mnt/secrets",
                                        "readOnly": true
                                    }
                                ]
                            
                            }
                        ],
                        "volumes": [
                            {
                                "name": "secret-volume",
                                "secret": {
                                    "secretName": "keystore-new"
                                }
                            }
                        ]
                        
                    }
                }
            }
        }

a few calls for improvement and clarifications for us to better help you: add the deployment config as yaml file (as originally used in k8s and openshift), add the errors you are getting and the steps you've taken to get there, how or why are you using environment variables in the application definition (deployment config file itself)? also, as a self debugging step, try and use the hardcoded values to check if the usage at all is good or the values are an issue — Noam Yizraeli, Jan 14 '22 at 18:01

score 0 · Answer 1 · answered Jan 20 '22 at 00:01

{
    "name": "JAVA_OPTIONS",
    "value":"-Djavax.net.ssl.trustStore={KEYSTORE_PATH}/cacerts.ts",
             "-Djavax.net.ssl.trustStorePassword=changeit",
            -Djavax.net.ssl.keyStore=${KEYSTORE_PATH}/keystore.pkcs12
           -Djavax.net.ssl.keyStorePassword=${KEYSTORE_PASS}
            -Djava.awt.headless=true,
},

This is invalid json, as the key value can only have one value, while you have provided multiple comma separated strings.

JAVA_OPTIONS isn't a standard environment variable, so we don't know how it's processed but maybe this will work?

{
    "name": "JAVA_OPTIONS",
    "value":"-Djavax.net.ssl.trustStore={KEYSTORE_PATH}/cacerts.ts -Djavax.net.ssl.trustStorePassword=changeit -Djavax.net.ssl.keyStore=${KEYSTORE_PATH}/keystore.pkcs12 -Djavax.net.ssl.keyStorePassword=${KEYSTORE_PASS} -Djava.awt.headless=true"
},

But there's still probably an issue, because it seems like {KEYSTORE_PATH} is supposed to be a variable. That's not defined or expanded in this file. For a first attempt, probably just hardcode the values of all these variables.

For secrets (such as passwords) you can hardcode some value for initial testing, but please use OpenShift Secrets for formal testing and the actual deployment.

,Thank you for the quick response .Will try as suggested – Rose Jan 20 '22 at 13:18 — Rose, Jan 20 '22 at 13:18

how can JAVA_OPTIONS added in deployconfig in OpenshiftContainer

1 Answers1