diff --git a/ceph/templates/daemonset.yaml b/ceph/templates/daemonset-osd.yaml similarity index 89% rename from ceph/templates/daemonset.yaml rename to ceph/templates/daemonset-osd.yaml index 6c350cbe05..1ad4b24fbf 100644 --- a/ceph/templates/daemonset.yaml +++ b/ceph/templates/daemonset-osd.yaml @@ -78,8 +78,8 @@ spec: timeoutSeconds: 5 resources: requests: - memory: "512Mi" - cpu: "1000m" + memory: {{ .Values.resources.osd.requests.memory | quote }} + cpu: {{ .Values.resources.osd.requests.cpu | quote }} limits: - memory: "1024Mi" - cpu: "2000m" + memory: {{ .Values.resources.osd.limits.memory | quote }} + cpu: {{ .Values.resources.osd.limits.cpu | quote }} diff --git a/ceph/templates/deployment-mds.yaml b/ceph/templates/deployment-mds.yaml new file mode 100644 index 0000000000..9a4f5eadd9 --- /dev/null +++ b/ceph/templates/deployment-mds.yaml @@ -0,0 +1,72 @@ +--- +kind: Deployment +apiVersion: extensions/v1beta1 +metadata: + labels: + app: ceph + daemon: mds + name: ceph-mds +spec: + replicas: 1 + template: + metadata: + name: ceph-mds + labels: + app: ceph + daemon: mds + spec: + nodeSelector: + {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} + serviceAccount: default + volumes: + - name: ceph-conf + secret: + secretName: ceph-conf-combined + - name: ceph-bootstrap-osd-keyring + secret: + secretName: ceph-bootstrap-osd-keyring + - name: ceph-bootstrap-mds-keyring + secret: + secretName: ceph-bootstrap-mds-keyring + - name: ceph-bootstrap-rgw-keyring + secret: + secretName: ceph-bootstrap-rgw-keyring + containers: + - name: ceph-mon + image: {{ .Values.images.daemon }} + ports: + - containerPort: 6800 + env: + - name: CEPH_DAEMON + value: MDS + - name: CEPHFS_CREATE + value: "1" + - name: KV_TYPE + value: k8s + - name: CLUSTER + value: ceph + volumeMounts: + - name: ceph-conf + mountPath: /etc/ceph + - name: ceph-bootstrap-osd-keyring + mountPath: /var/lib/ceph/bootstrap-osd + - name: ceph-bootstrap-mds-keyring + mountPath: /var/lib/ceph/bootstrap-mds + - name: ceph-bootstrap-rgw-keyring + mountPath: /var/lib/ceph/bootstrap-rgw + livenessProbe: + tcpSocket: + port: 6800 + initialDelaySeconds: 60 + timeoutSeconds: 5 + readinessProbe: + tcpSocket: + port: 6800 + timeoutSeconds: 5 + resources: + requests: + memory: {{ .Values.resources.mds.requests.memory | quote }} + cpu: {{ .Values.resources.mds.requests.cpu | quote }} + limits: + memory: {{ .Values.resources.mds.limits.memory | quote }} + cpu: {{ .Values.resources.mds.limits.cpu | quote }} diff --git a/ceph/templates/deployment-moncheck.yaml b/ceph/templates/deployment-moncheck.yaml new file mode 100644 index 0000000000..aa829b09c1 --- /dev/null +++ b/ceph/templates/deployment-moncheck.yaml @@ -0,0 +1,64 @@ +--- +kind: Deployment +apiVersion: extensions/v1beta1 +metadata: + labels: + app: ceph + daemon: moncheck + name: ceph-mon-check +spec: + replicas: {{ .Values.replicas.mon_check }} + template: + metadata: + name: ceph-mon + labels: + app: ceph + daemon: moncheck + spec: + nodeSelector: + {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} + serviceAccount: default + volumes: + - name: ceph-conf + secret: + secretName: ceph-conf-combined + - name: ceph-bootstrap-osd-keyring + secret: + secretName: ceph-bootstrap-osd-keyring + - name: ceph-bootstrap-mds-keyring + secret: + secretName: ceph-bootstrap-mds-keyring + - name: ceph-bootstrap-rgw-keyring + secret: + secretName: ceph-bootstrap-rgw-keyring + containers: + - name: ceph-mon + image: {{ .Values.images.daemon }} + imagePullPolicy: Always + ports: + - containerPort: 6789 + env: + - name: CEPH_DAEMON + value: MON_HEALTH + - name: KV_TYPE + value: k8s + - name: MON_IP_AUTO_DETECT + value: "1" + - name: CLUSTER + value: ceph + volumeMounts: + - name: ceph-conf + mountPath: /etc/ceph + - name: ceph-bootstrap-osd-keyring + mountPath: /var/lib/ceph/bootstrap-osd + - name: ceph-bootstrap-mds-keyring + mountPath: /var/lib/ceph/bootstrap-mds + - name: ceph-bootstrap-rgw-keyring + mountPath: /var/lib/ceph/bootstrap-rgw + resources: + requests: + memory: {{ .Values.resources.mon_check.requests.memory | quote }} + cpu: {{ .Values.resources.mon_check.requests.cpu | quote }} + limits: + memory: {{ .Values.resources.mon_check.limits.memory | quote }} + cpu: {{ .Values.resources.mon_check.limits.cpu | quote }} \ No newline at end of file diff --git a/ceph/templates/deployment-rgw.yaml b/ceph/templates/deployment-rgw.yaml new file mode 100644 index 0000000000..a22c2ad367 --- /dev/null +++ b/ceph/templates/deployment-rgw.yaml @@ -0,0 +1,77 @@ +{{- if .Values.rgw.enabled }} +--- +kind: Deployment +apiVersion: extensions/v1beta1 +metadata: + labels: + app: ceph + daemon: rgw + name: ceph-rgw +spec: + replicas: {{ .Values.replicas.rgw }} + template: + metadata: + name: ceph-rgw + labels: + app: ceph + daemon: rgw + spec: + hostNetwork: true + nodeSelector: + {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} + serviceAccount: default + volumes: + - name: ceph-conf + secret: + secretName: ceph-conf-combined + - name: ceph-bootstrap-osd-keyring + secret: + secretName: ceph-bootstrap-osd-keyring + - name: ceph-bootstrap-mds-keyring + secret: + secretName: ceph-bootstrap-mds-keyring + - name: ceph-bootstrap-rgw-keyring + secret: + secretName: ceph-bootstrap-rgw-keyring + containers: + - name: ceph-rgw + image: {{ .Values.images.daemon }} + ports: + - containerPort: {{ .Values.network.port.rgw_target }} + env: + - name: RGW_CIVETWEB_PORT + value: "{{ .Values.network.port.rgw_target }}" + - name: CEPH_DAEMON + value: RGW + - name: KV_TYPE + value: k8s + - name: CLUSTER + value: ceph + volumeMounts: + - name: ceph-conf + mountPath: /etc/ceph + - name: ceph-bootstrap-osd-keyring + mountPath: /var/lib/ceph/bootstrap-osd + - name: ceph-bootstrap-mds-keyring + mountPath: /var/lib/ceph/bootstrap-mds + - name: ceph-bootstrap-rgw-keyring + mountPath: /var/lib/ceph/bootstrap-rgw + livenessProbe: + httpGet: + path: / + port: {{ .Values.network.port.rgw_target }} + initialDelaySeconds: 120 + timeoutSeconds: 5 + readinessProbe: + httpGet: + path: / + port: {{ .Values.network.port.rgw_target }} + timeoutSeconds: 5 + resources: + requests: + memory: {{ .Values.resources.rgw.requests.memory | quote }} + cpu: {{ .Values.resources.rgwrequests.cpu | quote }} + limits: + memory: {{ .Values.resources.rgw.limits.memory | quote }} + cpu: {{ .Values.resources.rgw.limits.cpu | quote }} +{{- end }} diff --git a/ceph/templates/deployment.yaml b/ceph/templates/deployment.yaml deleted file mode 100644 index 26012c1167..0000000000 --- a/ceph/templates/deployment.yaml +++ /dev/null @@ -1,310 +0,0 @@ ---- -kind: Deployment -apiVersion: extensions/v1beta1 -metadata: - labels: - app: ceph - daemon: mds - name: ceph-mds -spec: - replicas: 1 - template: - metadata: - name: ceph-mds - labels: - app: ceph - daemon: mds - spec: - nodeSelector: - {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} - serviceAccount: default - volumes: - - name: ceph-conf - secret: - secretName: ceph-conf-combined - - name: ceph-bootstrap-osd-keyring - secret: - secretName: ceph-bootstrap-osd-keyring - - name: ceph-bootstrap-mds-keyring - secret: - secretName: ceph-bootstrap-mds-keyring - - name: ceph-bootstrap-rgw-keyring - secret: - secretName: ceph-bootstrap-rgw-keyring - containers: - - name: ceph-mon - image: {{ .Values.images.daemon }} - ports: - - containerPort: 6800 - env: - - name: CEPH_DAEMON - value: MDS - - name: CEPHFS_CREATE - value: "1" - - name: KV_TYPE - value: k8s - - name: CLUSTER - value: ceph - volumeMounts: - - name: ceph-conf - mountPath: /etc/ceph - - name: ceph-bootstrap-osd-keyring - mountPath: /var/lib/ceph/bootstrap-osd - - name: ceph-bootstrap-mds-keyring - mountPath: /var/lib/ceph/bootstrap-mds - - name: ceph-bootstrap-rgw-keyring - mountPath: /var/lib/ceph/bootstrap-rgw - livenessProbe: - tcpSocket: - port: 6800 - initialDelaySeconds: 60 - timeoutSeconds: 5 - readinessProbe: - tcpSocket: - port: 6800 - timeoutSeconds: 5 - resources: - requests: - memory: "10Mi" - cpu: "250m" - limits: - memory: "50Mi" - cpu: "500m" ---- -kind: Deployment -apiVersion: extensions/v1beta1 -metadata: - labels: - app: ceph - daemon: moncheck - name: ceph-mon-check -spec: - replicas: 1 - template: - metadata: - name: ceph-mon - labels: - app: ceph - daemon: moncheck - spec: - serviceAccount: default - volumes: - - name: ceph-conf - secret: - secretName: ceph-conf-combined - - name: ceph-bootstrap-osd-keyring - secret: - secretName: ceph-bootstrap-osd-keyring - - name: ceph-bootstrap-mds-keyring - secret: - secretName: ceph-bootstrap-mds-keyring - - name: ceph-bootstrap-rgw-keyring - secret: - secretName: ceph-bootstrap-rgw-keyring - containers: - - name: ceph-mon - image: {{ .Values.images.daemon }} - imagePullPolicy: Always - ports: - - containerPort: 6789 - env: - - name: CEPH_DAEMON - value: MON_HEALTH - - name: KV_TYPE - value: k8s - - name: MON_IP_AUTO_DETECT - value: "1" - - name: CLUSTER - value: ceph - volumeMounts: - - name: ceph-conf - mountPath: /etc/ceph - - name: ceph-bootstrap-osd-keyring - mountPath: /var/lib/ceph/bootstrap-osd - - name: ceph-bootstrap-mds-keyring - mountPath: /var/lib/ceph/bootstrap-mds - - name: ceph-bootstrap-rgw-keyring - mountPath: /var/lib/ceph/bootstrap-rgw - resources: - requests: - memory: "5Mi" - cpu: "250m" - limits: - memory: "50Mi" - cpu: "500m" ---- -kind: Deployment -apiVersion: extensions/v1beta1 -metadata: - labels: - app: ceph - daemon: mon - name: ceph-mon -spec: - replicas: 3 - template: - metadata: - name: ceph-mon - labels: - app: ceph - daemon: mon - annotations: - # alanmeadows: this soft requirement allows single - # host deployments to spawn several ceph-mon - # containers - scheduler.alpha.kubernetes.io/affinity: > - { - "podAntiAffinity": { - "preferredDuringSchedulingIgnoredDuringExecution": [{ - "labelSelector": { - "matchExpressions": [{ - "key": "daemon", - "operator": "In", - "values":["mon"] - }] - }, - "topologyKey": "kubernetes.io/hostname", - "weight": 10 - }] - } - } - spec: - serviceAccount: default - volumes: - - name: ceph-conf - secret: - secretName: ceph-conf-combined - - name: ceph-bootstrap-osd-keyring - secret: - secretName: ceph-bootstrap-osd-keyring - - name: ceph-bootstrap-mds-keyring - secret: - secretName: ceph-bootstrap-mds-keyring - - name: ceph-bootstrap-rgw-keyring - secret: - secretName: ceph-bootstrap-rgw-keyring - containers: - - name: ceph-mon - image: {{ .Values.images.daemon }} -# imagePullPolicy: Always - lifecycle: - preStop: - exec: - # remove the mon on Pod stop. - command: - - "/remove-mon.sh" - ports: - - containerPort: 6789 - env: - - name: CEPH_DAEMON - value: MON - - name: KV_TYPE - value: k8s - - name: NETWORK_AUTO_DETECT - value: "1" - - name: CLUSTER - value: ceph - volumeMounts: - - name: ceph-conf - mountPath: /etc/ceph - - name: ceph-bootstrap-osd-keyring - mountPath: /var/lib/ceph/bootstrap-osd - - name: ceph-bootstrap-mds-keyring - mountPath: /var/lib/ceph/bootstrap-mds - - name: ceph-bootstrap-rgw-keyring - mountPath: /var/lib/ceph/bootstrap-rgw - livenessProbe: - tcpSocket: - port: 6789 - initialDelaySeconds: 60 - timeoutSeconds: 5 - readinessProbe: - tcpSocket: - port: 6789 - timeoutSeconds: 5 - resources: - requests: - memory: "50Mi" - cpu: "1000m" - limits: - memory: "100Mi" - cpu: "2000m" ---- -# rgw not required: using if statement for deployment -{{- if .Values.rgw.enabled }} -kind: Deployment -apiVersion: extensions/v1beta1 -metadata: - labels: - app: ceph - daemon: rgw - name: ceph-rgw -spec: - replicas: 3 - template: - metadata: - name: ceph-rgw - labels: - app: ceph - daemon: rgw - spec: - hostNetwork: true - nodeSelector: - {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} - serviceAccount: default - volumes: - - name: ceph-conf - secret: - secretName: ceph-conf-combined - - name: ceph-bootstrap-osd-keyring - secret: - secretName: ceph-bootstrap-osd-keyring - - name: ceph-bootstrap-mds-keyring - secret: - secretName: ceph-bootstrap-mds-keyring - - name: ceph-bootstrap-rgw-keyring - secret: - secretName: ceph-bootstrap-rgw-keyring - containers: - - name: ceph-rgw - image: {{ .Values.images.daemon }} - ports: - - containerPort: {{ .Values.network.port.rgw_target }} - env: - - name: RGW_CIVETWEB_PORT - value: "{{ .Values.network.port.rgw_target }}" - - name: CEPH_DAEMON - value: RGW - - name: KV_TYPE - value: k8s - - name: CLUSTER - value: ceph - volumeMounts: - - name: ceph-conf - mountPath: /etc/ceph - - name: ceph-bootstrap-osd-keyring - mountPath: /var/lib/ceph/bootstrap-osd - - name: ceph-bootstrap-mds-keyring - mountPath: /var/lib/ceph/bootstrap-mds - - name: ceph-bootstrap-rgw-keyring - mountPath: /var/lib/ceph/bootstrap-rgw - livenessProbe: - httpGet: - path: / - port: {{ .Values.network.port.rgw_target }} - initialDelaySeconds: 120 - timeoutSeconds: 5 - readinessProbe: - httpGet: - path: / - port: {{ .Values.network.port.rgw_target }} - timeoutSeconds: 5 - resources: - requests: - memory: "500Mi" - cpu: ".5" - limits: - memory: "500Mi" - cpu: ".5" -{{ end }} -# end: rgw removed optionally diff --git a/ceph/templates/service.yaml b/ceph/templates/service.yaml index 49a9afb6c1..cdfd4f5590 100644 --- a/ceph/templates/service.yaml +++ b/ceph/templates/service.yaml @@ -15,6 +15,8 @@ spec: app: ceph daemon: mon clusterIP: None + +{{- if .Values.rgw.enabled }} --- apiVersion: v1 kind: Service @@ -32,3 +34,4 @@ spec: app: ceph daemon: rgw type: LoadBalancer +{{- end }} diff --git a/ceph/templates/statefulset-mon.yaml b/ceph/templates/statefulset-mon.yaml new file mode 100644 index 0000000000..5ef33cd8e2 --- /dev/null +++ b/ceph/templates/statefulset-mon.yaml @@ -0,0 +1,105 @@ +--- +apiVersion: apps/v1beta1 +kind: StatefulSet +metadata: + labels: + app: ceph + daemon: mon + name: ceph-mon +spec: + serviceName: {{ .Values.service.mon.name | quote }} + replicas: {{ .Values.replicas.mon }} + template: + metadata: + name: ceph-mon + labels: + app: ceph + daemon: mon + annotations: + # alanmeadows: this soft requirement allows single + # host deployments to spawn several ceph-mon + # containers + scheduler.alpha.kubernetes.io/affinity: > + { + "podAntiAffinity": { + "preferredDuringSchedulingIgnoredDuringExecution": [{ + "labelSelector": { + "matchExpressions": [{ + "key": "daemon", + "operator": "In", + "values":["mon"] + }] + }, + "topologyKey": "kubernetes.io/hostname", + "weight": 10 + }] + } + } + spec: + nodeSelector: + {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} + serviceAccount: default + volumes: + - name: ceph-conf + secret: + secretName: ceph-conf-combined + - name: ceph-bootstrap-osd-keyring + secret: + secretName: ceph-bootstrap-osd-keyring + - name: ceph-bootstrap-mds-keyring + secret: + secretName: ceph-bootstrap-mds-keyring + - name: ceph-bootstrap-rgw-keyring + secret: + secretName: ceph-bootstrap-rgw-keyring + - name: ceph-monfs + hostPath: + path: {{ .Values.storage.mon_directory }} + containers: + - name: ceph-mon + image: {{ .Values.images.daemon }} + imagePullPolicy: Always + lifecycle: + preStop: + exec: + # remove the mon on Pod stop. + command: + - "/remove-mon.sh" + ports: + - containerPort: 6789 + env: + - name: CEPH_DAEMON + value: MON + - name: KV_TYPE + value: k8s + - name: NETWORK_AUTO_DETECT + value: "1" + - name: CLUSTER + value: ceph + volumeMounts: + - name: ceph-conf + mountPath: /etc/ceph + - name: ceph-bootstrap-osd-keyring + mountPath: /var/lib/ceph/bootstrap-osd + - name: ceph-bootstrap-mds-keyring + mountPath: /var/lib/ceph/bootstrap-mds + - name: ceph-bootstrap-rgw-keyring + mountPath: /var/lib/ceph/bootstrap-rgw + - name: ceph-monfs + mountPath: /var/lib/ceph/mon + livenessProbe: + tcpSocket: + port: 6789 + initialDelaySeconds: 60 + timeoutSeconds: 5 + readinessProbe: + tcpSocket: + port: 6789 + timeoutSeconds: 5 + resources: + requests: + memory: {{ .Values.resources.mon.requests.memory | quote }} + cpu: {{ .Values.resources.mon.requests.cpu | quote }} + limits: + memory: {{ .Values.resources.mon.limits.memory | quote }} + cpu: {{ .Values.resources.mon.limits.cpu | quote }} diff --git a/ceph/templates/storage.yaml b/ceph/templates/storage.yaml index 9ef1eae2c7..b60221c10a 100644 --- a/ceph/templates/storage.yaml +++ b/ceph/templates/storage.yaml @@ -10,7 +10,8 @@ parameters: monitors: {{ .Values.storageclass.monitors | default "ceph-mon.ceph:6789" }} adminId: {{ .Values.storageclass.admin_id }} adminSecretName: {{ .Values.storageclass.admin_secret_name }} - ## forcing namespace due to issue with -- default "{{ .Release.Namespace }}" }} -- + # forcing namespace due to issue with default pipeline of "{{ .Release.Namespace }}" }} + # during helm lint adminSecretNamespace: {{ .Values.storageclass.admin_secret_namespace | default "ceph" }} pool: {{ .Values.storageclass.pool }} userId: {{ .Values.storageclass.user_id }} diff --git a/ceph/values.yaml b/ceph/values.yaml index 76b4ac4643..33c6da2410 100644 --- a/ceph/values.yaml +++ b/ceph/values.yaml @@ -7,6 +7,15 @@ # tunables available - parameterizing more of the elements # in the manifests is a work in progress +replicas: + mon: 3 + rgw: 3 + mon_check: 1 + +service: + mon: + name: ceph-mon + images: daemon: quay.io/attcomdev/ceph-daemon:latest @@ -23,11 +32,52 @@ network: storage: osd_directory: /var/lib/openstack-helm/ceph/osd var_directory: /var/lib/openstack-helm/ceph/ceph + mon_directory: /var/lib/openstack-helm/ceph/mon # rgw is optionall disabled rgw: enabled: false +rgw: + enabled: false + +resources: + osd: + requests: + memory: "512Mi" + cpu: "1000m" + limits: + memory: "1024Mi" + cpu: "2000m" + mds: + requests: + memory: "10Mi" + cpu: "250m" + limits: + memory: "50Mi" + cpu: "500m" + mon: + requests: + memory: "50Mi" + cpu: "1000m" + limits: + memory: "100Mi" + cpu: "2000m" + mon_check: + requests: + memory: "5Mi" + cpu: "250m" + limits: + memory: "50Mi" + cpu: "500m" + rgw: + requests: + memory: "5Mi" + cpu: "250m" + limits: + memory: "50Mi" + cpu: "500m" + # Setting this to false will assume you will # setup and orchestrate your own secrets and # configmaps outside of this helm chart @@ -63,7 +113,7 @@ secrets: storageclass: provision_storage_class: true name: general - monitors: null + monitors: null pool: rbd admin_id: admin admin_secret_name: pvc-ceph-conf-combined-storageclass diff --git a/common/templates/_endpoints.tpl b/common/templates/_endpoints.tpl index 0170b4eb5c..68914d6dfc 100644 --- a/common/templates/_endpoints.tpl +++ b/common/templates/_endpoints.tpl @@ -1,9 +1,94 @@ #----------------------------------------- # endpoints #----------------------------------------- + +# this should be a generic function leveraging a tuple +# for input, e.g. { endpoint keystone internal . } +# however, constructing this appears to be a +# herculean effort in gotpl + {{- define "endpoint_keystone_internal" -}} +{{- $fqdn := .Release.Namespace -}} +{{- if .Values.endpoints.fqdn -}} +{{- $fqdn := .Values.endpoints.fqdn -}} +{{- end -}} {{- with .Values.endpoints.keystone -}} - {{.scheme}}://{{.hosts.internal | default .hosts.default}}:{{.port.public}}{{.path}} + {{.scheme}}://{{.hosts.internal | default .hosts.default}}.{{ $fqdn }}:{{.port.public}}{{.path}} {{- end -}} {{- end -}} +{{- define "endpoint_keystone_admin" -}} +{{- $fqdn := .Release.Namespace -}} +{{- if .Values.endpoints.fqdn -}} +{{- $fqdn := .Values.endpoints.fqdn -}} +{{- end -}} +{{- with .Values.endpoints.keystone -}} + {{.scheme}}://{{.hosts.internal | default .hosts.default}}.{{ $fqdn }}:{{.port.admin}}{{.path}} +{{- end -}} +{{- end -}} + +{{- define "endpoint_nova_api_internal" -}} +{{- $fqdn := .Release.Namespace -}} +{{- if .Values.endpoints.fqdn -}} +{{- $fqdn := .Values.endpoints.fqdn -}} +{{- end -}} +{{- with .Values.endpoints.nova -}} + {{.scheme}}://{{.hosts.internal | default .hosts.default}}.{{ $fqdn }}:{{.port.api}}{{.path}} +{{- end -}} +{{- end -}} + +{{- define "endpoint_nova_metadata_internal" -}} +{{- $fqdn := .Release.Namespace -}} +{{- if .Values.endpoints.fqdn -}} +{{- $fqdn := .Values.endpoints.fqdn -}} +{{- end -}} +{{- with .Values.endpoints.nova -}} + {{.scheme}}://{{.hosts.internal | default .hosts.default}}.{{ $fqdn }}:{{.port.metadata}}{{.path}} +{{- end -}} +{{- end -}} + +{{- define "endpoint_nova_novncproxy_internal" -}} +{{- $fqdn := .Release.Namespace -}} +{{- if .Values.endpoints.fqdn -}} +{{- $fqdn := .Values.endpoints.fqdn -}} +{{- end -}} +{{- with .Values.endpoints.nova -}} + {{.scheme}}://{{.hosts.internal | default .hosts.default}}.{{ $fqdn }}:{{.port.novncproxy}}{{.path}} +{{- end -}} +{{- end -}} + +{{- define "endpoint_glance_api_internal" -}} +{{- $fqdn := .Release.Namespace -}} +{{- if .Values.endpoints.fqdn -}} +{{- $fqdn := .Values.endpoints.fqdn -}} +{{- end -}} +{{- with .Values.endpoints.glance -}} + {{.scheme}}://{{.hosts.internal | default .hosts.default}}.{{ $fqdn }}:{{.port.api}}{{.path}} +{{- end -}} +{{- end -}} + +{{- define "endpoint_glance_registry_internal" -}} +{{- $fqdn := .Release.Namespace -}} +{{- if .Values.endpoints.fqdn -}} +{{- $fqdn := .Values.endpoints.fqdn -}} +{{- end -}} +{{- with .Values.endpoints.glance -}} + {{.scheme}}://{{.hosts.internal | default .hosts.default}}.{{ $fqdn }}:{{.port.registry}}{{.path}} +{{- end -}} +{{- end -}} + +{{- define "endpoint_neutron_api_internal" -}} +{{- $fqdn := .Release.Namespace -}} +{{- if .Values.endpoints.fqdn -}} +{{- $fqdn := .Values.endpoints.fqdn -}} +{{- end -}} +{{- with .Values.endpoints.neutron -}} + {{.scheme}}://{{.hosts.internal | default .hosts.default}}.{{ $fqdn }}:{{.port.api}}{{.path}} +{{- end -}} +{{- end -}} + +#------------------------------- +# kolla helpers +#------------------------------- +{{ define "keystone_auth" }}{'auth_url':'{{ include "endpoint_keystone_internal" . }}', 'username':'{{ .Values.keystone.admin_user }}','password':'{{ .Values.keystone.admin_password }}','project_name':'{{ .Values.keystone.admin_project_name }}','domain_name':'default'}{{end}} + diff --git a/common/templates/_hosts.tpl b/common/templates/_hosts.tpl index 6655a88710..941ece39c6 100644 --- a/common/templates/_hosts.tpl +++ b/common/templates/_hosts.tpl @@ -2,6 +2,14 @@ {{- define "region"}}cluster{{- end}} {{- define "tld"}}local{{- end}} +{{- define "fqdn" -}} +{{- $fqdn := .Release.Namespace -}} +{{- if .Values.endpoints.fqdn -}} +{{- $fqdn := .Values.endpoints.fqdn -}} +{{- end -}} +{{- $fqdn -}} +{{- end -}} + #----------------------------------------- # hosts #----------------------------------------- @@ -17,3 +25,14 @@ {{- define "keystone_api_endpoint_host_internal"}}keystone-api.{{.Release.Namespace}}.svc.{{ include "region" . }}.{{ include "tld" . }}{{- end}} {{- define "keystone_api_endpoint_host_public"}}keystone-api.{{ include "region" . }}.{{ include "tld" . }}{{- end}} {{- define "keystone_api_endpoint_host_admin_ext"}}keystone-api.{{ include "region" . }}.{{ include "tld" . }}{{- end}} + +# glance defaults +{{- define "glance_registry_host"}}glance-registry.{{ include "fqdn" . }}{{- end}} + +# nova defaults +{{- define "nova_metadata_host"}}nova-api.{{ include "fqdn" . }}{{- end}} + +# neutron defaults +{{- define "neutron_db_host"}}{{ include "mariadb_host" . }}{{- end}} +{{- define "neutron_rabbit_host"}}{{- include "rabbitmq_host" .}}{{- end}} + diff --git a/common/values.yaml b/common/values.yaml index da62e63235..20eb7c7c3c 100644 --- a/common/values.yaml +++ b/common/values.yaml @@ -7,3 +7,6 @@ global: region: cluster tld: local +endpoints: + fqdn: null + diff --git a/glance/templates/_helpers.tpl b/glance/templates/_helpers.tpl deleted file mode 100644 index 932d1900b7..0000000000 --- a/glance/templates/_helpers.tpl +++ /dev/null @@ -1,5 +0,0 @@ -{{- define "joinListWithColon" -}} -{{ range $k, $v := . }}{{ if $k }},{{ end }}{{ $v }}{{ end }} -{{- end -}} - -{{ define "keystone_auth" }}{'auth_url':'{{ .Values.keystone.auth_url }}', 'username':'{{ .Values.keystone.admin_user }}','password':'{{ .Values.keystone.admin_password }}','project_name':'{{ .Values.keystone.admin_project_name }}','domain_name':'default'}{{end}} diff --git a/glance/templates/ceph.client.glance.keyring.yaml b/glance/templates/ceph.client.glance.keyring.yaml index 27eeac7ed2..915324809b 100644 --- a/glance/templates/ceph.client.glance.keyring.yaml +++ b/glance/templates/ceph.client.glance.keyring.yaml @@ -5,5 +5,9 @@ metadata: data: ceph.client.{{ .Values.ceph.glance_user }}.keyring: |+ [client.{{ .Values.ceph.glance_user }}] + {{- if .Values.ceph.glance_keyring }} key = {{ .Values.ceph.glance_keyring }} - + {{- else }} + key = {{- include "secrets/ceph-client-key" . -}} + {{- end }} + diff --git a/glance/templates/ceph.conf.yaml b/glance/templates/ceph.conf.yaml index 28982f320e..3c3aed3074 100644 --- a/glance/templates/ceph.conf.yaml +++ b/glance/templates/ceph.conf.yaml @@ -7,12 +7,17 @@ data: [global] rgw_thread_pool_size = 1024 rgw_num_rados_handles = 100 + {{- if .Values.ceph.monitors }} [mon] {{ range .Values.ceph.monitors }} [mon.{{ . }}] host = {{ . }} mon_addr = {{ . }} {{ end }} + {{- else }} + mon_host = ceph-mon.ceph + {{- end }} [client] rbd_cache_enabled = true rbd_cache_writethrough_until_flush = true + diff --git a/glance/templates/glance-api.conf.yaml b/glance/templates/glance-api.conf.yaml index b7e45d36e7..ee61d333ec 100644 --- a/glance/templates/glance-api.conf.yaml +++ b/glance/templates/glance-api.conf.yaml @@ -12,7 +12,7 @@ data: bind_port = {{ .Values.network.port.api }} workers = {{ .Values.misc.workers }} - registry_host = glance-registry + registry_host = {{ include "glance_registry_host" . }} # Enable Copy-on-Write show_image_direct_url = True @@ -45,3 +45,4 @@ data: rbd_store_user = {{ .Values.ceph.glance_user }} rbd_store_ceph_conf = /etc/ceph/ceph.conf rbd_store_chunk_size = 8 + diff --git a/glance/templates/post.sh.yaml b/glance/templates/post.sh.yaml index 2415cc8e91..156b60d605 100644 --- a/glance/templates/post.sh.yaml +++ b/glance/templates/post.sh.yaml @@ -6,12 +6,13 @@ data: post.sh: |+ #!/bin/bash set -ex + export HOME=/tmp ansible localhost -vvv -m kolla_keystone_service -a "service_name=glance \ service_type=image \ description='Openstack Image' \ endpoint_region='{{ .Values.keystone.glance_region_name }}' \ - url='http://glance-api:{{ .Values.network.port.api }}' \ + url='{{ include "endpoint_glance_api_internal" . }}' \ interface=admin \ region_name='{{ .Values.keystone.admin_region_name }}' \ auth='{{ include "keystone_auth" . }}'" \ @@ -21,7 +22,7 @@ data: service_type=image \ description='Openstack Image' \ endpoint_region='{{ .Values.keystone.glance_region_name }}' \ - url='http://glance-api:{{ .Values.network.port.api }}' \ + url='{{ include "endpoint_glance_api_internal" . }}' \ interface=internal \ region_name='{{ .Values.keystone.admin_region_name }}' \ auth='{{ include "keystone_auth" . }}'" \ @@ -31,7 +32,7 @@ data: service_type=image \ description='Openstack Image' \ endpoint_region='{{ .Values.keystone.glance_region_name }}' \ - url='http://glance-api:{{ .Values.network.port.api }}' \ + url='{{ include "endpoint_glance_api_internal" . }}' \ interface=public \ region_name='{{ .Values.keystone.admin_region_name }}' \ auth='{{ include "keystone_auth" . }}'" \ @@ -44,3 +45,4 @@ data: region_name={{ .Values.keystone.admin_region_name }} \ auth='{{ include "keystone_auth" . }}'" \ -e "{ 'openstack_glance_auth': {{ include "keystone_auth" . }} }" + diff --git a/glance/templates/post.yaml b/glance/templates/post.yaml index 111f9bdcd7..4fe1c195bf 100644 --- a/glance/templates/post.yaml +++ b/glance/templates/post.yaml @@ -32,6 +32,8 @@ spec: } ]' spec: + nodeSelector: + {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} restartPolicy: OnFailure containers: - name: glance-post @@ -51,3 +53,4 @@ spec: - name: postsh configMap: name: glance-postsh + diff --git a/glance/values.yaml b/glance/values.yaml index 6e2b4cd35b..a94a1bcc1c 100644 --- a/glance/values.yaml +++ b/glance/values.yaml @@ -33,7 +33,7 @@ network: port: api: 9292 registry: 9191 - ip_address: "{{ .IP }}" + ip_address: "0.0.0.0" database: address: mariadb @@ -47,9 +47,12 @@ database: ceph: enabled: true monitors: [] - glance_user: "glance" + glance_user: "admin" glance_pool: "images" - glance_keyring: "" + # a null value for the keyring will + # attempt to use the key from + # common/secrets/ceph-client-key + glance_keyring: null misc: workers: 8 @@ -97,4 +100,28 @@ dependencies: - mariadb - keystone-api - glance-api - - glance-registry \ No newline at end of file + - glance-registry + +# typically overriden by environmental +# values, but should include all endpoints +# required by this chart +endpoints: + glance: + hosts: + default: glance-api + type: image + path: null + scheme: 'http' + port: + api: 9292 + registry: 9191 + keystone: + hosts: + default: keystone-api + path: /v3 + type: identity + scheme: 'http' + port: + admin: 35357 + public: 5000 + diff --git a/horizon/values.yaml b/horizon/values.yaml index f1dd9a1aa9..6de7d8e116 100644 --- a/horizon/values.yaml +++ b/horizon/values.yaml @@ -38,6 +38,6 @@ endpoints: type: identity scheme: 'http' port: - admin: 35356 + admin: 35357 public: 5000 diff --git a/keystone/templates/_helpers.tpl b/keystone/templates/_helpers.tpl deleted file mode 100644 index d2f33bc897..0000000000 --- a/keystone/templates/_helpers.tpl +++ /dev/null @@ -1,3 +0,0 @@ -{{- define "joinListWithColon" -}} -{{ range $k, $v := . }}{{ if $k }},{{ end }}{{ $v }}{{ end }} -{{- end -}} diff --git a/keystone/templates/bin/_db-sync.sh.tpl b/keystone/templates/bin/_db-sync.sh.tpl index b6679c7318..89c4c5de84 100644 --- a/keystone/templates/bin/_db-sync.sh.tpl +++ b/keystone/templates/bin/_db-sync.sh.tpl @@ -15,7 +15,8 @@ set -ex keystone-manage db_sync kolla_keystone_bootstrap {{ .Values.keystone.admin_user }} {{ .Values.keystone.admin_password }} \ {{ .Values.keystone.admin_project_name }} admin \ - {{ .Values.keystone.scheme }}://{{ include "keystone_api_endpoint_host_admin" . }}:{{ .Values.network.port.admin }}/{{ .Values.keystone.version }} \ - {{ .Values.keystone.scheme }}://{{ include "keystone_api_endpoint_host_internal" . }}:{{ .Values.network.port.public }}/{{ .Values.keystone.version }} \ - {{ .Values.keystone.scheme }}://{{ include "keystone_api_endpoint_host_public" . }}:{{ .Values.network.port.public }}/{{ .Values.keystone.version }} \ + {{ include "endpoint_keystone_admin" . }} \ + {{ include "endpoint_keystone_internal" . }} \ + {{ include "endpoint_keystone_internal" . }} \ {{ .Values.keystone.admin_region_name }} + diff --git a/keystone/templates/etc/_keystone.conf.tpl b/keystone/templates/etc/_keystone.conf.tpl index c62d524516..58603001ba 100644 --- a/keystone/templates/etc/_keystone.conf.tpl +++ b/keystone/templates/etc/_keystone.conf.tpl @@ -9,11 +9,11 @@ connection = mysql+pymysql://{{ .Values.database.keystone_user }}:{{ .Values.dat max_retries = -1 [memcache] -servers = {{ include "memcached_host" . }} +servers = {{ include "memcached_host" . }}:11211 [cache] backend = dogpile.cache.memcached -memcache_servers = {{ include "memcached_host" . }} +memcache_servers = {{ include "memcached_host" . }}:11211 config_prefix = cache.keystone -distributed_lock = True enabled = True + diff --git a/keystone/values.yaml b/keystone/values.yaml index 3b7b8e67b0..80801204e7 100644 --- a/keystone/values.yaml +++ b/keystone/values.yaml @@ -17,7 +17,7 @@ images: pull_policy: "IfNotPresent" keystone: - version: v2.0 + version: v3 scheme: http admin_region_name: RegionOne admin_user: admin @@ -67,3 +67,18 @@ dependencies: - mariadb-seed service: - mariadb + +# typically overriden by environmental +# values, but should include all endpoints +# required by this chart +endpoints: + keystone: + hosts: + default: keystone-api + path: /v3 + type: identity + scheme: 'http' + port: + admin: 35357 + public: 5000 +