openstack/openstack-helm
Code Issues Proposed changes
91bea58ee0
openstack-helm/glance/templates/configmap-etc.yaml

157 lines
8.7 KiB
YAML
Raw Normal View History

Licence: Remove licence header from rendered files This PS removes the licence header from rendered output from tiller, significantly reducing the configmap size of charts deployed to the cluster. Change-Id: I5d1b246f2068f3b83bf59ba79fe8b88bbc9a6161
2017-08-07 17:07:38 -05:00
{{/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
Unify and normalise K8s Resources and Upgrade Strategy This PS unifies and normalises Kubernetes resource allocation and update strategy across all OpenStack-Helm elements. Change-Id: Ia41fc453cb5191fa447ca6e1aa0f5b431c939dc8
2017-07-05 02:34:12 -05:00
Create Openstack common components umbrella chart ADD openstack chart with values_overrides * rabbitmq * mariadb * memcached * keystone * heat * glance This adds umbrella chart that references other charts via symlink and include global values. Because chart valeus_overrides yaml apply to the main chart, the umbrella chart has a chart-scoped replacement ADD openstack.sh deploy script This script deploys all components with a single release. ADD corresponding release notes CHG wait-for-pods-sh to accept timeout arguement CHG get-values-overrides.sh to modify file path for subchart Change-Id: I25cd9d6785c61540d6329657c0358f27299d3647
2022-03-16 14:55:47 -05:00
{{- if (.Values.global).subchart_release_name }}
{{- $_ := set . "deployment_name" .Chart.Name }}
{{- else }}
{{- $_ := set . "deployment_name" .Release.Name }}
{{- end }}
Charts: make manifests optional for all OpenStack elements This PS allows the rendering of manifests to be controlled. It enables both increased control over deployment when required but also makes development of a feature easier to target. Change-Id: I1716e8ee23fe5c53f935bd739ea283bc4a2a9963
2017-08-07 11:37:42 -05:00
{{- if .Values.manifests.configmap_etc }}
Unify and normalise K8s Resources and Upgrade Strategy This PS unifies and normalises Kubernetes resource allocation and update strategy across all OpenStack-Helm elements. Change-Id: Ia41fc453cb5191fa447ca6e1aa0f5b431c939dc8
2017-07-05 02:34:12 -05:00
{{- $envAll := . }}
Glance: remove oslo-genconfig This PS removes the modified oslo-genconfig from glance. Partially implements: blueprint remove-pregenerated-config-templates Change-Id: Ie4d5dd9e4b03ba360c62f508e98e206f6f894b63
2017-09-18 17:37:33 -05:00
{{- if empty .Values.conf.glance.keystone_authtoken.auth_uri -}}
Gotpl: remove quote and trunc to suppress output This PS removes the use of the `quote and truncate` approach to suppress output from gotpl actions in templates and replaces it with the recommended practice of defining `$_` instead. Change-Id: I5f35c5f7e70b4f7f461d772e3b72ed1c695c56a8 Signed-off-by: Pete Birley <pete@port.direct>
2018-06-15 19:26:57 -05:00
{{- $_ := tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.glance.keystone_authtoken "auth_uri" -}}
Glance Config Overrides This commit moves Glance to use the configuration methods from Heat, Nova, Neutron and Keystone. It includes a _values-mvp.yaml that applies values suitable for using a file backend, including the auto creation of a PVC. Change-Id: I55a96982a7d0adbc118492aff4b56adf127b2cd1
2017-04-12 00:50:59 -05:00
{{- end -}}
Glance: remove oslo-genconfig This PS removes the modified oslo-genconfig from glance. Partially implements: blueprint remove-pregenerated-config-templates Change-Id: Ie4d5dd9e4b03ba360c62f508e98e206f6f894b63
2017-09-18 17:37:33 -05:00
{{- if empty .Values.conf.glance.keystone_authtoken.auth_url -}}
Gotpl: remove quote and trunc to suppress output This PS removes the use of the `quote and truncate` approach to suppress output from gotpl actions in templates and replaces it with the recommended practice of defining `$_` instead. Change-Id: I5f35c5f7e70b4f7f461d772e3b72ed1c695c56a8 Signed-off-by: Pete Birley <pete@port.direct>
2018-06-15 19:26:57 -05:00
{{- $_ := tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.glance.keystone_authtoken "auth_url" -}}
Glance Config Overrides This commit moves Glance to use the configuration methods from Heat, Nova, Neutron and Keystone. It includes a _values-mvp.yaml that applies values suitable for using a file backend, including the auto creation of a PVC. Change-Id: I55a96982a7d0adbc118492aff4b56adf127b2cd1
2017-04-12 00:50:59 -05:00
{{- end -}}
Glance: remove oslo-genconfig This PS removes the modified oslo-genconfig from glance. Partially implements: blueprint remove-pregenerated-config-templates Change-Id: Ie4d5dd9e4b03ba360c62f508e98e206f6f894b63
2017-09-18 17:37:33 -05:00
{{- if empty .Values.conf.glance.keystone_authtoken.region_name -}}
Gotpl: remove quote and trunc to suppress output This PS removes the use of the `quote and truncate` approach to suppress output from gotpl actions in templates and replaces it with the recommended practice of defining `$_` instead. Change-Id: I5f35c5f7e70b4f7f461d772e3b72ed1c695c56a8 Signed-off-by: Pete Birley <pete@port.direct>
2018-06-15 19:26:57 -05:00
{{- $_ := set .Values.conf.glance.keystone_authtoken "region_name" .Values.endpoints.identity.auth.glance.region_name -}}
Secret and endpoint standardisation. This PS moves keystone credentials to the endpoints section within the values.yaml, and also adds a 'secrets' key, allowing standardiation of secrets and credential management across OpenStack-Helm. Change-Id: I86a21e625afd822379ac11351603b2c606a3769f
2017-07-02 19:43:43 -05:00
{{- end -}}
Glance: remove oslo-genconfig This PS removes the modified oslo-genconfig from glance. Partially implements: blueprint remove-pregenerated-config-templates Change-Id: Ie4d5dd9e4b03ba360c62f508e98e206f6f894b63
2017-09-18 17:37:33 -05:00
{{- if empty .Values.conf.glance.keystone_authtoken.project_name -}}
Gotpl: remove quote and trunc to suppress output This PS removes the use of the `quote and truncate` approach to suppress output from gotpl actions in templates and replaces it with the recommended practice of defining `$_` instead. Change-Id: I5f35c5f7e70b4f7f461d772e3b72ed1c695c56a8 Signed-off-by: Pete Birley <pete@port.direct>
2018-06-15 19:26:57 -05:00
{{- $_ := set .Values.conf.glance.keystone_authtoken "project_name" .Values.endpoints.identity.auth.glance.project_name -}}
Secret and endpoint standardisation. This PS moves keystone credentials to the endpoints section within the values.yaml, and also adds a 'secrets' key, allowing standardiation of secrets and credential management across OpenStack-Helm. Change-Id: I86a21e625afd822379ac11351603b2c606a3769f
2017-07-02 19:43:43 -05:00
{{- end -}}
Glance: remove oslo-genconfig This PS removes the modified oslo-genconfig from glance. Partially implements: blueprint remove-pregenerated-config-templates Change-Id: Ie4d5dd9e4b03ba360c62f508e98e206f6f894b63
2017-09-18 17:37:33 -05:00
{{- if empty .Values.conf.glance.keystone_authtoken.project_domain_name -}}
Gotpl: remove quote and trunc to suppress output This PS removes the use of the `quote and truncate` approach to suppress output from gotpl actions in templates and replaces it with the recommended practice of defining `$_` instead. Change-Id: I5f35c5f7e70b4f7f461d772e3b72ed1c695c56a8 Signed-off-by: Pete Birley <pete@port.direct>
2018-06-15 19:26:57 -05:00
{{- $_ := set .Values.conf.glance.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.glance.project_domain_name -}}
Secret and endpoint standardisation. This PS moves keystone credentials to the endpoints section within the values.yaml, and also adds a 'secrets' key, allowing standardiation of secrets and credential management across OpenStack-Helm. Change-Id: I86a21e625afd822379ac11351603b2c606a3769f
2017-07-02 19:43:43 -05:00
{{- end -}}
Glance: remove oslo-genconfig This PS removes the modified oslo-genconfig from glance. Partially implements: blueprint remove-pregenerated-config-templates Change-Id: Ie4d5dd9e4b03ba360c62f508e98e206f6f894b63
2017-09-18 17:37:33 -05:00
{{- if empty .Values.conf.glance.keystone_authtoken.user_domain_name -}}
Gotpl: remove quote and trunc to suppress output This PS removes the use of the `quote and truncate` approach to suppress output from gotpl actions in templates and replaces it with the recommended practice of defining `$_` instead. Change-Id: I5f35c5f7e70b4f7f461d772e3b72ed1c695c56a8 Signed-off-by: Pete Birley <pete@port.direct>
2018-06-15 19:26:57 -05:00
{{- $_ := set .Values.conf.glance.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.glance.user_domain_name -}}
Secret and endpoint standardisation. This PS moves keystone credentials to the endpoints section within the values.yaml, and also adds a 'secrets' key, allowing standardiation of secrets and credential management across OpenStack-Helm. Change-Id: I86a21e625afd822379ac11351603b2c606a3769f
2017-07-02 19:43:43 -05:00
{{- end -}}
Glance: remove oslo-genconfig This PS removes the modified oslo-genconfig from glance. Partially implements: blueprint remove-pregenerated-config-templates Change-Id: Ie4d5dd9e4b03ba360c62f508e98e206f6f894b63
2017-09-18 17:37:33 -05:00
{{- if empty .Values.conf.glance.keystone_authtoken.username -}}
Gotpl: remove quote and trunc to suppress output This PS removes the use of the `quote and truncate` approach to suppress output from gotpl actions in templates and replaces it with the recommended practice of defining `$_` instead. Change-Id: I5f35c5f7e70b4f7f461d772e3b72ed1c695c56a8 Signed-off-by: Pete Birley <pete@port.direct>
2018-06-15 19:26:57 -05:00
{{- $_ := set .Values.conf.glance.keystone_authtoken "username" .Values.endpoints.identity.auth.glance.username -}}
Secret and endpoint standardisation. This PS moves keystone credentials to the endpoints section within the values.yaml, and also adds a 'secrets' key, allowing standardiation of secrets and credential management across OpenStack-Helm. Change-Id: I86a21e625afd822379ac11351603b2c606a3769f
2017-07-02 19:43:43 -05:00
{{- end -}}
Glance: remove oslo-genconfig This PS removes the modified oslo-genconfig from glance. Partially implements: blueprint remove-pregenerated-config-templates Change-Id: Ie4d5dd9e4b03ba360c62f508e98e206f6f894b63
2017-09-18 17:37:33 -05:00
{{- if empty .Values.conf.glance.keystone_authtoken.password -}}
Gotpl: remove quote and trunc to suppress output This PS removes the use of the `quote and truncate` approach to suppress output from gotpl actions in templates and replaces it with the recommended practice of defining `$_` instead. Change-Id: I5f35c5f7e70b4f7f461d772e3b72ed1c695c56a8 Signed-off-by: Pete Birley <pete@port.direct>
2018-06-15 19:26:57 -05:00
{{- $_ := set .Values.conf.glance.keystone_authtoken "password" .Values.endpoints.identity.auth.glance.password -}}
Secret and endpoint standardisation. This PS moves keystone credentials to the endpoints section within the values.yaml, and also adds a 'secrets' key, allowing standardiation of secrets and credential management across OpenStack-Helm. Change-Id: I86a21e625afd822379ac11351603b2c606a3769f
2017-07-02 19:43:43 -05:00
{{- end -}}
Glance: remove oslo-genconfig This PS removes the modified oslo-genconfig from glance. Partially implements: blueprint remove-pregenerated-config-templates Change-Id: Ie4d5dd9e4b03ba360c62f508e98e206f6f894b63
2017-09-18 17:37:33 -05:00
{{- if empty .Values.conf.glance.keystone_authtoken.memcached_servers -}}
Gotpl: remove quote and trunc to suppress output This PS removes the use of the `quote and truncate` approach to suppress output from gotpl actions in templates and replaces it with the recommended practice of defining `$_` instead. Change-Id: I5f35c5f7e70b4f7f461d772e3b72ed1c695c56a8 Signed-off-by: Pete Birley <pete@port.direct>
2018-06-15 19:26:57 -05:00
{{- $_ := tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.glance.keystone_authtoken "memcached_servers" -}}
Glance Config Overrides This commit moves Glance to use the configuration methods from Heat, Nova, Neutron and Keystone. It includes a _values-mvp.yaml that applies values suitable for using a file backend, including the auto creation of a PVC. Change-Id: I55a96982a7d0adbc118492aff4b56adf127b2cd1
2017-04-12 00:50:59 -05:00
{{- end -}}
Revert "Revert "Keystone Authtoken Cache: allow universal secret key to be set"" This reverts commit 90d070390db08abf9da42a2bac54397112bbcd48. Change-Id: I017c6e9676b872e1aab21f9dc8aa2f93db58d49f
2020-02-21 17:12:38 +00:00
{{- if empty .Values.conf.glance.keystone_authtoken.memcache_secret_key -}}
{{- $_ := set .Values.conf.glance.keystone_authtoken "memcache_secret_key" ( default ( randAlphaNum 64 ) .Values.endpoints.oslo_cache.auth.memcache_secret_key ) -}}
{{- end -}}
Glance Config Overrides This commit moves Glance to use the configuration methods from Heat, Nova, Neutron and Keystone. It includes a _values-mvp.yaml that applies values suitable for using a file backend, including the auto creation of a PVC. Change-Id: I55a96982a7d0adbc118492aff4b56adf127b2cd1
2017-04-12 00:50:59 -05:00
Glance: remove oslo-genconfig This PS removes the modified oslo-genconfig from glance. Partially implements: blueprint remove-pregenerated-config-templates Change-Id: Ie4d5dd9e4b03ba360c62f508e98e206f6f894b63
2017-09-18 17:37:33 -05:00
{{- if empty .Values.conf.glance.database.connection -}}
feat(tls): Make openstack services compatible with mariadb with TLS Depends-on: https://review.opendev.org/#/c/741037/ Change-Id: I21f4ede3bd18c0af8da1eba60cd0b7b932a31410
2020-07-01 00:25:27 +00:00
{{- $connection := tuple "oslo_db" "internal" "glance" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" -}}
{{- if .Values.manifests.certificates -}}
{{- $_ := (printf "%s?charset=utf8&ssl_ca=/etc/mysql/certs/ca.crt&ssl_key=/etc/mysql/certs/tls.key&ssl_cert=/etc/mysql/certs/tls.crt&ssl_verify_cert" $connection ) | set .Values.conf.glance.database "connection" -}}
{{- else -}}
{{- $_ := set .Values.conf.glance.database "connection" $connection -}}
{{- end -}}
Glance Config Overrides This commit moves Glance to use the configuration methods from Heat, Nova, Neutron and Keystone. It includes a _values-mvp.yaml that applies values suitable for using a file backend, including the auto creation of a PVC. Change-Id: I55a96982a7d0adbc118492aff4b56adf127b2cd1
2017-04-12 00:50:59 -05:00
{{- end -}}
Glance: remove oslo-genconfig This PS removes the modified oslo-genconfig from glance. Partially implements: blueprint remove-pregenerated-config-templates Change-Id: Ie4d5dd9e4b03ba360c62f508e98e206f6f894b63
2017-09-18 17:37:33 -05:00
{{- if empty .Values.conf.glance.DEFAULT.transport_url -}}
Messaging: use htk function to directly hit RabbitMQ servers This PS updates the charts to use the htk function recently introduced to allow oslo.messaging clients ans servers to directly hit their backends rather than using either DNS or K8S svc based routing. Depends-On: I5150a64bd29fa062e30496c1f2127de138322863 Change-Id: I458b4313c57fc50c8181cedeca9919670487926a Signed-off-by: Pete Birley <pete@port.direct>
2019-06-17 08:56:59 -05:00
{{- $_ := tuple "oslo_messaging" "internal" "glance" "amqp" . | include "helm-toolkit.endpoints.authenticated_transport_endpoint_uri_lookup" | set .Values.conf.glance.DEFAULT "transport_url" -}}
Glance Config Overrides This commit moves Glance to use the configuration methods from Heat, Nova, Neutron and Keystone. It includes a _values-mvp.yaml that applies values suitable for using a file backend, including the auto creation of a PVC. Change-Id: I55a96982a7d0adbc118492aff4b56adf127b2cd1
2017-04-12 00:50:59 -05:00
{{- end -}}
add license headers to glance
2017-02-17 09:59:51 -05:00
Glance: remove oslo-genconfig This PS removes the modified oslo-genconfig from glance. Partially implements: blueprint remove-pregenerated-config-templates Change-Id: Ie4d5dd9e4b03ba360c62f508e98e206f6f894b63
2017-09-18 17:37:33 -05:00
{{- if empty .Values.conf.glance.DEFAULT.public_endpoint -}}
Gotpl: remove quote and trunc to suppress output This PS removes the use of the `quote and truncate` approach to suppress output from gotpl actions in templates and replaces it with the recommended practice of defining `$_` instead. Change-Id: I5f35c5f7e70b4f7f461d772e3b72ed1c695c56a8 Signed-off-by: Pete Birley <pete@port.direct>
2018-06-15 19:26:57 -05:00
{{- $_ := tuple "image" "public" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | set .Values.conf.glance.DEFAULT "public_endpoint" -}}
Glance: Backend support and auth improvements This PS enables the following backends for glance: * PVC * RBD * RadosGW (direct) * Swift It also moves the creation of the RBD pool when required to a storage init job. This job also creates credentials as required for glance to use when accessing the required backend, rather than using the admin keyring. Change-Id: I90fead961ff73a9263826acc794128fa73ead2e1
2017-09-07 02:22:41 -05:00
{{- end -}}
Glance: remove oslo-genconfig This PS removes the modified oslo-genconfig from glance. Partially implements: blueprint remove-pregenerated-config-templates Change-Id: Ie4d5dd9e4b03ba360c62f508e98e206f6f894b63
2017-09-18 17:37:33 -05:00
{{- if empty .Values.conf.glance.glance_store.stores -}}
Glance: Backend support and auth improvements This PS enables the following backends for glance: * PVC * RBD * RadosGW (direct) * Swift It also moves the creation of the RBD pool when required to a storage init job. This job also creates credentials as required for glance to use when accessing the required backend, rather than using the admin keyring. Change-Id: I90fead961ff73a9263826acc794128fa73ead2e1
2017-09-07 02:22:41 -05:00
{{- if eq .Values.storage "rbd" }}
Gotpl: remove quote and trunc to suppress output This PS removes the use of the `quote and truncate` approach to suppress output from gotpl actions in templates and replaces it with the recommended practice of defining `$_` instead. Change-Id: I5f35c5f7e70b4f7f461d772e3b72ed1c695c56a8 Signed-off-by: Pete Birley <pete@port.direct>
2018-06-15 19:26:57 -05:00
{{- $_ := "file, http, rbd" | set .Values.conf.glance.glance_store "stores" -}}
Glance: Backend support and auth improvements This PS enables the following backends for glance: * PVC * RBD * RadosGW (direct) * Swift It also moves the creation of the RBD pool when required to a storage init job. This job also creates credentials as required for glance to use when accessing the required backend, rather than using the admin keyring. Change-Id: I90fead961ff73a9263826acc794128fa73ead2e1
2017-09-07 02:22:41 -05:00
{{- end -}}
{{- if eq .Values.storage "pvc" }}
Gotpl: remove quote and trunc to suppress output This PS removes the use of the `quote and truncate` approach to suppress output from gotpl actions in templates and replaces it with the recommended practice of defining `$_` instead. Change-Id: I5f35c5f7e70b4f7f461d772e3b72ed1c695c56a8 Signed-off-by: Pete Birley <pete@port.direct>
2018-06-15 19:26:57 -05:00
{{- $_ := "file, http" | set .Values.conf.glance.glance_store "stores" -}}
Glance: Backend support and auth improvements This PS enables the following backends for glance: * PVC * RBD * RadosGW (direct) * Swift It also moves the creation of the RBD pool when required to a storage init job. This job also creates credentials as required for glance to use when accessing the required backend, rather than using the admin keyring. Change-Id: I90fead961ff73a9263826acc794128fa73ead2e1
2017-09-07 02:22:41 -05:00
{{- end -}}
{{ if or (eq .Values.storage "radosgw") (eq .Values.storage "swift") }}
Gotpl: remove quote and trunc to suppress output This PS removes the use of the `quote and truncate` approach to suppress output from gotpl actions in templates and replaces it with the recommended practice of defining `$_` instead. Change-Id: I5f35c5f7e70b4f7f461d772e3b72ed1c695c56a8 Signed-off-by: Pete Birley <pete@port.direct>
2018-06-15 19:26:57 -05:00
{{- $_ := "file, http, swift" | set .Values.conf.glance.glance_store "stores" -}}
Glance: Backend support and auth improvements This PS enables the following backends for glance: * PVC * RBD * RadosGW (direct) * Swift It also moves the creation of the RBD pool when required to a storage init job. This job also creates credentials as required for glance to use when accessing the required backend, rather than using the admin keyring. Change-Id: I90fead961ff73a9263826acc794128fa73ead2e1
2017-09-07 02:22:41 -05:00
{{- end -}}
{{- end -}}
Glance: remove oslo-genconfig This PS removes the modified oslo-genconfig from glance. Partially implements: blueprint remove-pregenerated-config-templates Change-Id: Ie4d5dd9e4b03ba360c62f508e98e206f6f894b63
2017-09-18 17:37:33 -05:00
{{- if empty .Values.conf.glance.glance_store.default_store -}}
Glance: Backend support and auth improvements This PS enables the following backends for glance: * PVC * RBD * RadosGW (direct) * Swift It also moves the creation of the RBD pool when required to a storage init job. This job also creates credentials as required for glance to use when accessing the required backend, rather than using the admin keyring. Change-Id: I90fead961ff73a9263826acc794128fa73ead2e1
2017-09-07 02:22:41 -05:00
{{- if eq .Values.storage "rbd" }}
Gotpl: remove quote and trunc to suppress output This PS removes the use of the `quote and truncate` approach to suppress output from gotpl actions in templates and replaces it with the recommended practice of defining `$_` instead. Change-Id: I5f35c5f7e70b4f7f461d772e3b72ed1c695c56a8 Signed-off-by: Pete Birley <pete@port.direct>
2018-06-15 19:26:57 -05:00
{{- $_ := "rbd" | set .Values.conf.glance.glance_store "default_store" -}}
Glance: Backend support and auth improvements This PS enables the following backends for glance: * PVC * RBD * RadosGW (direct) * Swift It also moves the creation of the RBD pool when required to a storage init job. This job also creates credentials as required for glance to use when accessing the required backend, rather than using the admin keyring. Change-Id: I90fead961ff73a9263826acc794128fa73ead2e1
2017-09-07 02:22:41 -05:00
{{- end -}}
{{- if eq .Values.storage "pvc" }}
Gotpl: remove quote and trunc to suppress output This PS removes the use of the `quote and truncate` approach to suppress output from gotpl actions in templates and replaces it with the recommended practice of defining `$_` instead. Change-Id: I5f35c5f7e70b4f7f461d772e3b72ed1c695c56a8 Signed-off-by: Pete Birley <pete@port.direct>
2018-06-15 19:26:57 -05:00
{{- $_ := "file" | set .Values.conf.glance.glance_store "default_store" -}}
Glance: Backend support and auth improvements This PS enables the following backends for glance: * PVC * RBD * RadosGW (direct) * Swift It also moves the creation of the RBD pool when required to a storage init job. This job also creates credentials as required for glance to use when accessing the required backend, rather than using the admin keyring. Change-Id: I90fead961ff73a9263826acc794128fa73ead2e1
2017-09-07 02:22:41 -05:00
{{- end -}}
{{ if or (eq .Values.storage "radosgw") (eq .Values.storage "swift") }}
Gotpl: remove quote and trunc to suppress output This PS removes the use of the `quote and truncate` approach to suppress output from gotpl actions in templates and replaces it with the recommended practice of defining `$_` instead. Change-Id: I5f35c5f7e70b4f7f461d772e3b72ed1c695c56a8 Signed-off-by: Pete Birley <pete@port.direct>
2018-06-15 19:26:57 -05:00
{{- $_ := "swift" | set .Values.conf.glance.glance_store "default_store" -}}
Glance: Backend support and auth improvements This PS enables the following backends for glance: * PVC * RBD * RadosGW (direct) * Swift It also moves the creation of the RBD pool when required to a storage init job. This job also creates credentials as required for glance to use when accessing the required backend, rather than using the admin keyring. Change-Id: I90fead961ff73a9263826acc794128fa73ead2e1
2017-09-07 02:22:41 -05:00
{{- end -}}
Ingress controller for public endpoints This PS provides the framework for Ingress controller based access to public APIs. Services covered: * Barbican * Cinder * Glance * Heat * Horizon * Keystone * Magnum * Mistral * Neutron * Nova * Senlin Change-Id: I82d55f6ca41859ebed3312ec7d95b353df09e772 Implements: blueprint api-ingress External-Tracking-Id: OSH-58, OSH-62
2017-06-14 20:04:05 -05:00
{{- end -}}
Glance: use endpoints section and lookups to set port This PS moves glance to use the endpoints section and lookups to set the port it serves on. Change-Id: Ic22e5d59b0821b8482bcbfab1a72180f0b7375a8
2018-03-03 15:31:25 +00:00
{{- if empty .Values.conf.glance.DEFAULT.bind_port -}}
Distinguish between port number of internal endpoint and binding port number in glance Now binding ports of service and pod spec are configured using internal endpoint values. To support reverse proxy for internalUrl, need to distinguish between binding ports and internal endpoint ports. I added `service` section in endpoint items apart from admin, public, internal and default. Change-Id: I8fc8ea4e81648f3b98006491a7cb2aa9c0f479b6
2021-12-02 16:49:29 +02:00
{{- $_ := tuple "image" "service" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" | set .Values.conf.glance.DEFAULT "bind_port" -}}
Glance: use endpoints section and lookups to set port This PS moves glance to use the endpoints section and lookups to set the port it serves on. Change-Id: Ic22e5d59b0821b8482bcbfab1a72180f0b7375a8
2018-03-03 15:31:25 +00:00
{{- end -}}
Add logging.conf files to enabled loggers/handlers/formatters This introduces a mechanism for generating the logging.conf file for the openstack services via the values. This allows us to define loggers, handlers, and formatters for the services and the modules they're composed of. This also allows us to take advantage of the oslo fluent handler and formatter. The fluent handler and formatter give us the following benefits: sending logs directly to fluentd instead of routed to stdout/stderr and then through fluentbit to fluentd, project specific tags on the logged events (enables us to define more robust filters in fluentd for aggregation if required), full traceback support, and additional metadata (modules that created logged event, etc) Depends-On: https://review.openstack.org/577796 Change-Id: I63340ce6b03191d93a74d9ac6947f0b49b8a1a39
2018-06-17 16:12:25 -05:00
{{- if and (empty .Values.conf.logging.handler_fluent) (has "fluent" .Values.conf.logging.handlers.keys) -}}
{{- $fluentd_host := tuple "fluentd" "internal" $envAll | include "helm-toolkit.endpoints.hostname_namespaced_endpoint_lookup" }}
{{- $fluentd_port := tuple "fluentd" "internal" "service" $envAll | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
Create Openstack common components umbrella chart ADD openstack chart with values_overrides * rabbitmq * mariadb * memcached * keystone * heat * glance This adds umbrella chart that references other charts via symlink and include global values. Because chart valeus_overrides yaml apply to the main chart, the umbrella chart has a chart-scoped replacement ADD openstack.sh deploy script This script deploys all components with a single release. ADD corresponding release notes CHG wait-for-pods-sh to accept timeout arguement CHG get-values-overrides.sh to modify file path for subchart Change-Id: I25cd9d6785c61540d6329657c0358f27299d3647
2022-03-16 14:55:47 -05:00
{{- $fluent_args := printf "('%s.%s', '%s', %s)" .Release.Namespace .deployment_name $fluentd_host $fluentd_port }}
Add logging.conf files to enabled loggers/handlers/formatters This introduces a mechanism for generating the logging.conf file for the openstack services via the values. This allows us to define loggers, handlers, and formatters for the services and the modules they're composed of. This also allows us to take advantage of the oslo fluent handler and formatter. The fluent handler and formatter give us the following benefits: sending logs directly to fluentd instead of routed to stdout/stderr and then through fluentbit to fluentd, project specific tags on the logged events (enables us to define more robust filters in fluentd for aggregation if required), full traceback support, and additional metadata (modules that created logged event, etc) Depends-On: https://review.openstack.org/577796 Change-Id: I63340ce6b03191d93a74d9ac6947f0b49b8a1a39
2018-06-17 16:12:25 -05:00
{{- $handler_fluent := dict "class" "fluent.handler.FluentHandler" "formatter" "fluent" "args" $fluent_args -}}
{{- $_ := set .Values.conf.logging "handler_fluent" $handler_fluent -}}
{{- end -}}
{{- if and (empty .Values.conf.logging.formatter_fluent) (has "fluent" .Values.conf.logging.formatters.keys) -}}
{{- $formatter_fluent := dict "class" "oslo_log.formatters.FluentFormatter" -}}
{{- $_ := set .Values.conf.logging "formatter_fluent" $formatter_fluent -}}
Set glance.conf.cors.allowed_origin variable The patch sets allowed_origin in cors section to have ability to operate along with CSRF operations and direct upload in horizon dashboard. Change-Id: Icdd9aa97d24c5bf3cc42d3cd1dfd5b2f7adbefc9
2019-08-21 12:31:15 +03:00
{{- end -}}
{{- if empty .Values.conf.glance.cors.allowed_origin -}}
{{- $endpointScheme := tuple "dashboard" "public" "web" . | include "helm-toolkit.endpoints.keystone_endpoint_scheme_lookup" }}
{{- $endpointHost := tuple "dashboard" "public" . | include "helm-toolkit.endpoints.endpoint_host_lookup" }}
{{- $endpointPort := tuple "dashboard" "public" "web" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
upgrading umbrella w/o changes has no app changes If a Helm upgrade is performed on the OpenStack Umbrella chart using the exact same configuration as the first release, then it's expected for no DaemonSets, Deployments, or StatefulSets to be updated. This did not work as expected. A few changes were required to support this desired behavior: 1. Update glance's configmap-etc.yaml to trim whitespace and convert YAML comment to Helm template comment. Before this change, Helm rendered the template with the YAML comment and a newline for the install phase. On upgrades, Helm rendered the template without the YAML comment and newline causing the hash of configmap-etc to change, thus causing the glance-api Deployment to update. 2. Update openstack.sh script to create a randomly generated memcache secret for glance. Without this change, the glance-api deployment changes each time since Helm randomly generates a new memcache secret if not provided. This behavior is enforced via a new test script, validate-umbrella-upgrade-no-side-effects.sh. The following jobs are always recreated due to hooks: - keystone-bootstrap - keystone-credential-setup - keystone-db-init - keystone-db-sync - keystone-domain-manage - keystone-fernet-setup - keystone-rabbit-init - rabbitmq-cluster-wait Some Jobs are created via CronJobs and could be created during validation. So far, heat-engine-cleaner has been seen, but others could be caught too. So the validation script ignores these pod changes by ignoring if Jobs were recreated. Plus Jobs being recreated should not impact the OpenStack deployment. Change-Id: Iffaa346d814b8d0a3e2292849943219f70d50a23
2022-06-22 11:28:18 -05:00
{{- if eq $endpointPort "80" "443" -}}
{{/*
Common browsers don't add default ports like 80 and 443 to the headers
and URLs therefore CORS should allow to use URLs both with 80,443 and
without it in the URL.
*/}}
Set glance.conf.cors.allowed_origin variable The patch sets allowed_origin in cors section to have ability to operate along with CSRF operations and direct upload in horizon dashboard. Change-Id: Icdd9aa97d24c5bf3cc42d3cd1dfd5b2f7adbefc9
2019-08-21 12:31:15 +03:00
{{- $_ := set $envAll.Values.conf.glance.cors "allowed_origin" ( list ) }}
{{- $__allowed_origin := append $envAll.Values.conf.glance.cors.allowed_origin (printf "%s://%s" $endpointScheme $endpointHost) }}
{{- $_ := set $envAll.Values.conf.glance.cors "allowed_origin" $__allowed_origin }}
{{- $__allowed_origin := append $envAll.Values.conf.glance.cors.allowed_origin (printf "%s://%s:%s" $endpointScheme $endpointHost $endpointPort) }}
{{- $_ := set $envAll.Values.conf.glance.cors "allowed_origin" $__allowed_origin }}
{{- else }}
{{- printf "%s://%s:%s" $endpointScheme $endpointHost $endpointPort | set .Values.conf.glance.cors "allowed_origin" }}
{{- end }}
Add logging.conf files to enabled loggers/handlers/formatters This introduces a mechanism for generating the logging.conf file for the openstack services via the values. This allows us to define loggers, handlers, and formatters for the services and the modules they're composed of. This also allows us to take advantage of the oslo fluent handler and formatter. The fluent handler and formatter give us the following benefits: sending logs directly to fluentd instead of routed to stdout/stderr and then through fluentbit to fluentd, project specific tags on the logged events (enables us to define more robust filters in fluentd for aggregation if required), full traceback support, and additional metadata (modules that created logged event, etc) Depends-On: https://review.openstack.org/577796 Change-Id: I63340ce6b03191d93a74d9ac6947f0b49b8a1a39
2018-06-17 16:12:25 -05:00
{{- end -}}
Unify and normalise K8s Resources and Upgrade Strategy This PS unifies and normalises Kubernetes resource allocation and update strategy across all OpenStack-Helm elements. Change-Id: Ia41fc453cb5191fa447ca6e1aa0f5b431c939dc8
2017-07-05 02:34:12 -05:00
---
Culmination of glance changes Due to some messy rebases and a botched git history, implemented all changes into one PR
2017-01-13 15:40:38 -06:00
apiVersion: v1
Openstack: Use k8s secret to store config This PS moves openstack components in OSH to use secrets to store potentially sensitive config information. Depends-On: https://review.openstack.org/#/c/593732 Change-Id: I9bab586c03597effea0e48a58c69efff3f980a92 Signed-off-by: Pete Birley <pete@port.direct>
2018-08-08 14:56:30 -05:00
kind: Secret
Culmination of glance changes Due to some messy rebases and a botched git history, implemented all changes into one PR
2017-01-13 15:40:38 -06:00
metadata:
name: glance-etc
Openstack: Use k8s secret to store config This PS moves openstack components in OSH to use secrets to store potentially sensitive config information. Depends-On: https://review.openstack.org/#/c/593732 Change-Id: I9bab586c03597effea0e48a58c69efff3f980a92 Signed-off-by: Pete Birley <pete@port.direct>
2018-08-08 14:56:30 -05:00
type: Opaque
Culmination of glance changes Due to some messy rebases and a botched git history, implemented all changes into one PR
2017-01-13 15:40:38 -06:00
data:
Openstack: Use k8s secret to store config This PS moves openstack components in OSH to use secrets to store potentially sensitive config information. Depends-On: https://review.openstack.org/#/c/593732 Change-Id: I9bab586c03597effea0e48a58c69efff3f980a92 Signed-off-by: Pete Birley <pete@port.direct>
2018-08-08 14:56:30 -05:00
rally_tests.yaml: {{ toYaml .Values.conf.rally_tests.tests | b64enc }}
glance-api.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.glance | b64enc }}
logging.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.logging | b64enc }}
glance-api-paste.ini: {{ include "helm-toolkit.utils.to_ini" .Values.conf.paste | b64enc }}
Changing all policies to yaml format In the Victoria cycle oslo.policy decided to change all default policies to yaml format. Today on openstack-helm we have a mix of json and yaml on projects and, after having a bad time debugging policies that should have beeing mounted somewhere but was being mounted elsewhere, I'm proposing this change so we can unify the delivery method for all policies across components on yaml (that is supported for quite some time). This will also avoid having problems in the future as the services move from json to yaml. [1] https://specs.openstack.org/openstack/oslo-specs/specs/victoria/policy-json-to-yaml.html Signed-off-by: Thiago Brito <thiago.brito@windriver.com> Change-Id: Id170bf184e44fd77cd53929d474582022a5b6d4f
2021-05-17 19:16:54 -03:00
policy.yaml: {{ toYaml .Values.conf.policy | b64enc }}
Enable audit pipeline for glance This change adds the keystonemiddleware audit paste filter[0] and enables it for the glance-api and glance-registry services. This provides the ability to audit API requests for glance. [0] https://docs.openstack.org/keystonemiddleware/latest/audit.html Change-Id: I3b42717dbc11257c21b27e7c68dedc3283e1bd34
2019-04-10 15:32:38 -05:00
api_audit_map.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.api_audit_map | b64enc }}
feat(glance): add support for cinder This patch adds support for using Cinder as a backend inside Glance. Change-Id: Ic06749b2c54fee39bd56f2d88857bf7b9614e284
2022-09-08 17:01:41 -04:00
glance_sudoers: {{ $envAll.Values.conf.glance_sudoers | b64enc }}
rootwrap.conf: {{ $envAll.Values.conf.rootwrap | b64enc }}
{{- range $key, $value := $envAll.Values.conf.rootwrap_filters }}
{{- $filePrefix := replace "_" "-" $key }}
{{ printf "%s.filters" $filePrefix }}: {{ $value.content | b64enc }}
{{- end }}
Openstack: Use k8s secret to store config This PS moves openstack components in OSH to use secrets to store potentially sensitive config information. Depends-On: https://review.openstack.org/#/c/593732 Change-Id: I9bab586c03597effea0e48a58c69efff3f980a92 Signed-off-by: Pete Birley <pete@port.direct>
2018-08-08 14:56:30 -05:00
{{- include "helm-toolkit.snippets.values_template_renderer" ( dict "envAll" $envAll "template" .Values.conf.swift_store "key" "swift-store.conf" "format" "Secret" ) | indent 2 }}
feat(tls): add tls support to openstack services This patch set enables TLS for the following OpenStack services: keystone, horizon, glance, cinder, heat, nova, placement and neutron for s- (stein) and t- (train) release. This serves as a consolidation and clean up patch for the following patches: [0] https://review.opendev.org/#/c/733291 [1] https://review.opendev.org/#/c/735202 [2] https://review.opendev.org/#/c/733962 [3] https://review.opendev.org/#/c/733404 [4] https://review.opendev.org/#/c/734896 This also addresses comments mentioned in previous patches. Co-authored-by: Gage Hugo <gagehugo@gmail.com> Co-authored-by: sgupta <sg774j@att.com> Depends-on: https://review.opendev.org/#/c/737194/ Change-Id: Id34ace54298660b4b151522916e929a29f5731be Signed-off-by: Tin Lam <tin@irrational.io>
2020-06-03 12:40:40 -05:00
{{- include "helm-toolkit.snippets.values_template_renderer" ( dict "envAll" $envAll "template" .Values.conf.nginx "key" "nginx.conf" "format" "Secret" ) | indent 2 }}
Charts: make manifests optional for all OpenStack elements This PS allows the rendering of manifests to be controlled. It enables both increased control over deployment when required but also makes development of a feature easier to target. Change-Id: I1716e8ee23fe5c53f935bd739ea283bc4a2a9963
2017-08-07 11:37:42 -05:00
{{- end }}
Copy Permalink