$ docker pull registry.redhat.io/redhat-openjdk-18/openjdk18-openshift $ docker pull registry.redhat.io/openjdk/openjdk-11-rhel7
OKD provides S2I builder images for building Java applications. These builder images take your application source or binary artifacts, build the source using Maven, if the source was provided, and assemble the artifacts with any required dependencies to create a new, ready-to-run image containing your Java application. This resulting image can be run on OKD or run directly with Docker.
The builder images are intended for use with Maven-based Java standalone projects that are run via main class.
The current version of the Java S2I builder images support OpenJDK 1.8 and 11, Jolokia 1.6.2, and Maven 3.6.
The RHEL 7 and RHEL 8 images are available through the Red Hat Registry.
registry.redhat.io requires authentication. For details on how to configure your environment for registry.redhat.io, see Red Hat Container Registry Authentication. |
RHEL 7 based images
$ docker pull registry.redhat.io/redhat-openjdk-18/openjdk18-openshift $ docker pull registry.redhat.io/openjdk/openjdk-11-rhel7
RHEL 8 based images
$ docker pull registry.redhat.io/ubi8/openjdk-8 $ docker pull registry.redhat.io/ubi8/openjdk-11
To use these images on OKD, you can either access them directly from the Red Hat Registry or push them into your OKD container image registry. Additionally, you can create an image stream that points to the image, either in your container image registry or at the external location. Your OKD resources can then reference the image stream definition.
S2I produces ready-to-run images by injecting source code into a container and letting the container prepare that source code for execution. It performs the following steps:
Starts a container from the builder image.
Downloads the application source.
Streams the scripts and application sources into the builder image container.
Runs the assemble script (from the builder image).
Saves the final image.
See S2I Build Process for a detailed overview of the build process.
By default, the Java S2I builder image uses Maven to build the project with the following goals and options:
mvn -e -Popenshift -DskipTests -Dcom.redhat.xpaas.repo.redhatga -Dfabric8.skip=true --batch-mode -Djava.net.preferIPv4Stack=true -s /tmp/artifacts/configuration/settings.xml -Dmaven.repo.local=/tmp/artifacts/m2 package
Based on these defaults, the builder image compiles the project and copies all
the transitive dependencies into the output directory without running tests.
Additionally, if the project has a profile named openshift
, it is
activated for the build.
You can override these default goals and options by specifying the following environment variables:
Variable name | Description |
---|---|
|
Relative paths of source directories to scan for build output, which are copied to |
|
A main class to use as the argument for |
|
The arguments that are passed to the |
|
Additional Maven arguments. |
This is a selection of the environment variables available for configuring the behavior of the OpenJDK containers. For a comprehensive list, see Java Environment Variables.
The same S2I builder image can be used to build a Java application from source or from binary artifacts.
The Java S2I builder image can be used to build an application from source by running oc new-app
against a source repository:
$ oc new-app registry.redhat.io/redhat-openjdk-18/openjdk18-openshift~https://github.com/jboss-openshift/openshift-quickstarts --context-dir=undertow-servlet
By default, tests are not run. To build an application and run tests as part of
the build, override the default MAVEN_ARGS
, as shown in the following command:
$ oc new-app registry.redhat.io/redhat-openjdk-18/openjdk18-openshift~<git_repo_URL> --context-dir=<context_dir> --build-env='MAVEN_ARGS=-e -Popenshift -Dcom.redhat.xpaas.repo.redhatga package'
If a Java project consists of multiple Maven modules, it can be useful to explicitly specify the artifact output directory. Specifying the directory where the Maven project outputs the artifacts enables the S2I build to pick them up.
To specify the modules to build and the artifact output directory, use the following command:
$ oc new-app registry.redhat.io/redhat-openjdk-18/openjdk18-openshift~<git_repo_URL> --context-dir=<context_dir> --build-env='MAVEN_S2I_ARTIFACT_DIRS=relative/path/to/artifacts/dir' --build-env='MAVEN_ARGS=install -pl <groupId>:<artifactId> -am'
You can use the Java S2I builder image to build an application using binary artifacts that you provide.
Create a new binary build:
$ oc new-build --name=<application_name> registry.redhat.io/redhat-openjdk-18/openjdk18-openshift --binary=true
Start a build and specify the path to the binary artifacts on your local machine:
$ oc start-build <application_name> --from-dir=/path/to/artifacts --follow
Create an application:
$ oc new-app <application_name>
The following tables provide a comprehensive list of Java environment variables used for configuring the behavior of the OpenJDK containers.
Variable name | Description | Example value |
---|---|---|
|
If set, uses this file, including path, as Jolokia JVM agent properties, as described in the Jolokia reference manual. If not set, the |
|
|
Enable Jolokia discovery. Defaults to |
|
|
Host address to bind to. Defaults to |
|
|
Agent ID to use. Defaults to |
|
|
If set, disables activation of Jolokia, for example, echos an empty value. By default, Jolokia is enabled. |
|
|
Additional options to be appended to the agent configuration. They should be given in the format |
|
|
Password for basic authentication. By default, authentication is switched off. |
|
|
Port to listen to. Defaults to |
|
|
User for basic authentication. Defaults to |
|
|
Enable the use of the Prometheus agent. |
|
|
Port to use for the Prometheus JMX Exporter. |
|
|
A calculated core limit as described in CFS Bandwidth Control. |
|
|
Memory limit given to the container. |
|
|
The weighting given to the current GC time versus previous GC times. |
|
|
Specify the Java GC to use. The value of this variable should contain the necessary JRE command-line interface options to specify the required GC, which overrides the default of |
|
|
Maximum percentage of heap free after GC to avoid shrinking. |
|
|
The maximum metaspace size. |
|
|
The initial metaspace size. |
|
|
Minimum percentage of heap free after GC to avoid expansion. |
|
|
Specifies the ratio of the time spent outside the garbage collection, for example, the time spent for application execution, to the time spent in the garbage collection. |
|
|
The location of the https proxy. This takes precedence over |
|
|
The location of the http proxy. This is used for both Maven builds and Java runtime. |
|
|
The directory where the application resides. All paths in your application are relative to this directory. |
|
|
Arguments passed to the |
- |
|
The classpath to use. If not given, the startup script checks for a file |
- |
|
If set, remote debugging is switched on. Disabled by default. |
|
|
Port used for remote debugging. Defaults to |
|
|
Set this variable to get some diagnostics information to standard output when things are happening. Disabled by default. |
|
|
Used when no |
|
|
Directory holding the Java jar files and an optional |
- |
|
A main class to use as the argument for |
|
|
Used when no |
|
|
Used when no |
- |
|
JVM options passed to the |
|
|
User specified Java options to be appended to generated options in |
|
|
Set to |
|
|
Arguments to use when calling Maven, replacing the default |
|
|
Additional Maven arguments. |
|
|
If set, the Maven repository is removed after the artifact is built. This is useful for keeping the created application image small, but prevents incremental builds. This variable is overridden by |
- |
|
Directory to use as the local Maven repository. |
|
|
If set, multi-mirror support is enabled, and other |
|
|
The base URL of a mirror used for retrieving artifacts. |
|
|
If set, multi-repo support is enabled, and other |
|
|
Relative paths of source directories to scan for build output, which are copied to |
|
|
Space separated list of goals to be run with the maven build. For example, |
|
|
Location of custom Maven settings.xml file to use. |
|
|
A comma separated list of hosts, IP addresses or domains that can be accessed directly. This is used for both Maven builds and Java runtime. |
|
|
Location mount for artifacts persisted with |
|
|
Root directory for S2I mount, as specified by the |
|
|
Do not remove source and intermediate build files so they can be saved for use with future builds. Defaults to |
|
|
Comma separated list of relative paths in the source directory which should be included in the image. The list can include wildcards, which are expanded using find. By default, the contents of mounted directories are processed similarly to source folders, where the contents of |
|
|
Relative path to directory containing application configuration files to be copied over to the product configuration directory, see |
|
|
Relative path to directory containing application data files to be copied over to the product data directory, see |
|
|
Relative path to directory containing binary files to be copied over to the product deployment directory, see |
|
|
Location of mount for source code to be built. This must not be overridden by end users. |
|
|
Absolute path to which files located in |
|
|
Absolute path to which files located in |
|
|
Absolute path to which files located in |
|
|
The location of the http proxy. This takes precedence over |
|
|
The location of the https proxy. This takes precedence over |
|
|
A comma separated list of hosts, IP addresses or domains that can be accessed directly. This takes precedence over |
|
|
ID to be used for the specified mirror. If omitted, a unique ID is generated. |
|
|
Repository IDs mirrored by this entry. Defaults to |
- |
|
The URL of the mirror. |
|
|
Maven repository directory permissions. |
|
|
Maven repository file permissions. |
|
|
Maven repository host, if not using fully defined URL, falls back to service. |
|
|
Maven repository ID. |
|
|
Maven repository layout. |
|
|
Maven repository name. |
|
|
Maven repository passphrase. |
|
|
Maven repository password. |
|
|
Maven repository path, if not using fully defined URL, falls back to service. |
|
|
Maven repository port, if not using fully defined URL, falls back to service. |
|
|
Maven repository private key. |
|
|
Maven repository protocol, if not using fully defined URL, falls back to service. |
|
|
Maven repository releases checksum policy. |
|
|
Maven repository releases enabled. |
|
|
Maven repository releases update policy. |
|
|
Maven repository service to lookup if |
|
|
Maven repository snapshots checksum policy. |
|
|
Maven repository snapshots enabled. |
|
|
Maven repository snapshots update policy. |
|
|
Maven repository fully defined URL. |
|
|
Maven repository username. |
|
Variable name | Description | Value |
---|---|---|
|
Switch on client authentication for OpenShift TLS communication. The value of this parameter can be a relative distinguished name which must be contained in a presented client’s certificate. Enabling this parameter automatically switches Jolokia into https communication mode. The default CA cert is set to |
|
|
Switch on secure communication with https. By default, self-signed server certificates are generated if no |
|
|
Determines whether a random |
|
|
Path to configuration to use for the Prometheus JMX Exporter. |
|
|
A space separated list of filters to be applied when copying deployments. Defaults to |
|
Find additional information and examples in the Red Hat JBoss Middleware documentation.