openstack/openstack-helm
Code Issues Proposed changes

Merge pull request #127 from portdirect/glance/command

Browse Source 
Fix glance containers entrypoints
This commit is contained in:
Alan Meadows 2017-01-19 20:51:11 -06:00 committed by GitHub
commit 206215cee4
4 changed files with 68 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
glance/templates/configmap-etc.yaml
View File

@ -13,5 +13,7 @@ data:
{{ tuple "etc/_glance-api-paste.ini.tpl" . | include "template" | indent 4 }} {{ tuple "etc/_glance-api-paste.ini.tpl" . | include "template" | indent 4 }}
glance-registry.conf: |+ glance-registry.conf: |+
{{ tuple "etc/_glance-registry.conf.tpl" . | include "template" | indent 4 }} {{ tuple "etc/_glance-registry.conf.tpl" . | include "template" | indent 4 }}
glance-registry-paste.ini: |+
{{ tuple "etc/_glance-registry-paste.ini.tpl" . | include "template" | indent 4 }}
policy.json: |+ policy.json: |+
{{ tuple "etc/_policy.json.tpl" . | include "template" | indent 4 }} {{ tuple "etc/_policy.json.tpl" . | include "template" | indent 4 }}

13
glance/templates/deployment-api.yaml
View File

@ -34,24 +34,29 @@ spec:
image: {{ .Values.images.api }} image: {{ .Values.images.api }}
imagePullPolicy: {{ .Values.images.pull_policy }} imagePullPolicy: {{ .Values.images.pull_policy }}
command: command:
- glance-api --config-dir /etc/glance - glance-api
- --config-file
- /etc/glance/glance-api.conf
ports: ports:
- containerPort: {{ .Values.network.port.api }} - containerPort: {{ .Values.network.port.api }}
readinessProbe: readinessProbe:
tcpSocket: tcpSocket:
port: {{ .Values.network.port.api }} port: {{ .Values.network.port.api }}
volumeMounts: volumeMounts:
- name: etcglance
mountPath: /etc/glance
- name: glanceapiconf - name: glanceapiconf
mountPath: /etc/glance/glance-api.conf mountPath: /etc/glance/glance-api.conf
subPath: glance-api.conf subPath: glance-api.conf
readOnly: true
- name: glanceapipaste - name: glanceapipaste
mountPath: /etc/glance/glance-api-paste.ini mountPath: /etc/glance/glance-api-paste.ini
subPath: glance-api-paste.ini subPath: glance-api-paste.ini
- name: etcglance readOnly: true
mountPath: /etc/glance
- name: glancepolicy - name: glancepolicy
mountPath: /etc/glance/policy.json mountPath: /etc/glance/policy.json
subPath: policy.json subPath: policy.json
readOnly: true
{{- if .Values.development.enabled }} {{- if .Values.development.enabled }}
- name: glance-data - name: glance-data
mountPath: /var/lib/glance/images mountPath: /var/lib/glance/images
@ -59,9 +64,11 @@ spec:
- name: cephconf - name: cephconf
mountPath: /etc/ceph/ceph.conf mountPath: /etc/ceph/ceph.conf
subPath: ceph.conf subPath: ceph.conf
readOnly: true
- name: cephclientglancekeyring - name: cephclientglancekeyring
mountPath: /etc/ceph/ceph.client.{{ .Values.ceph.glance_user }}.keyring mountPath: /etc/ceph/ceph.client.{{ .Values.ceph.glance_user }}.keyring
subPath: ceph.client.{{ .Values.ceph.glance_user }}.keyring subPath: ceph.client.{{ .Values.ceph.glance_user }}.keyring
readOnly: true
{{- end }} {{- end }}
volumes: volumes:
- name: glanceapiconf - name: glanceapiconf

21
glance/templates/deployment-registry.yaml
View File

@ -27,16 +27,37 @@ spec:
imagePullPolicy: {{ .Values.images.pull_policy }} imagePullPolicy: {{ .Values.images.pull_policy }}
command: command:
- glance-registry - glance-registry
- --config-file
- /etc/glance/glance-registry.conf
ports: ports:
- containerPort: {{ .Values.network.port.registry }} - containerPort: {{ .Values.network.port.registry }}
readinessProbe: readinessProbe:
tcpSocket: tcpSocket:
port: {{ .Values.network.port.registry }} port: {{ .Values.network.port.registry }}
volumeMounts: volumeMounts:
- name: etcglance
mountPath: /etc/glance
- name: glanceregistryconf - name: glanceregistryconf
mountPath: /etc/glance/glance-registry.conf mountPath: /etc/glance/glance-registry.conf
subPath: glance-registry.conf subPath: glance-registry.conf
readOnly: true
- name: glanceregistrypaste
mountPath: /etc/glance/glance-registry-paste.ini
subPath: glance-registry-paste.ini
readOnly: true
- name: glancepolicy
mountPath: /etc/glance/policy.json
subPath: policy.json
readOnly: true
volumes: volumes:
- name: etcglance
emptyDir: {}
- name: glanceregistryconf - name: glanceregistryconf
configMap: configMap:
name: glance-etc name: glance-etc
- name: glanceregistrypaste
configMap:
name: glance-etc
- name: glancepolicy
configMap:
name: glance-etc

35
glance/templates/etc/_glance-registry-paste.ini.tpl Normal file
View File

@ -0,0 +1,35 @@
# Use this pipeline for no auth - DEFAULT
[pipeline:glance-registry]
pipeline = healthcheck osprofiler unauthenticated-context registryapp
# Use this pipeline for keystone auth
[pipeline:glance-registry-keystone]
pipeline = healthcheck osprofiler authtoken context registryapp
# Use this pipeline for authZ only. This means that the registry will treat a
# user as authenticated without making requests to keystone to reauthenticate
# the user.
[pipeline:glance-registry-trusted-auth]
pipeline = healthcheck osprofiler context registryapp
[app:registryapp]
paste.app_factory = glance.registry.api:API.factory
[filter:healthcheck]
paste.filter_factory = oslo_middleware:Healthcheck.factory
backends = disable_by_file
disable_by_file_path = /etc/glance/healthcheck_disable
[filter:context]
paste.filter_factory = glance.api.middleware.context:ContextMiddleware.factory
[filter:unauthenticated-context]
paste.filter_factory = glance.api.middleware.context:UnauthenticatedContextMiddleware.factory
[filter:authtoken]
paste.filter_factory = keystonemiddleware.auth_token:filter_factory
[filter:osprofiler]
paste.filter_factory = osprofiler.web:WsgiMiddleware.factory
hmac_keys = SECRET_KEY #DEPRECATED
enabled = yes #DEPRECATED