diff --git a/common/templates/_hosts.tpl b/common/templates/_hosts.tpl
index 01c6b90c9e..bf55a255ce 100644
--- a/common/templates/_hosts.tpl
+++ b/common/templates/_hosts.tpl
@@ -1,15 +1,15 @@
# fqdn
-{{define "region"}}cluster{{end}}
-{{define "tld"}}local{{end}}
+{{- define "region"}}cluster{{- end}}
+{{- define "tld"}}local{{- end}}
# infrastructure services
-{{define "rabbitmq_host"}}rabbitmq.{{.Release.Namespace}}.svc.{{ include "region" . }}.{{ include "tld" . }}{{end}}
-{{define "memcached_host"}}memcached.{{.Release.Namespace}}.svc.{{ include "region" . }}.{{ include "tld" . }}{{end}}
-{{define "mariadb_host"}}mariadb.{{.Release.Namespace}}.svc.kubernetes.{{ include "region" . }}.{{ include "tld" . }}{{end}}
+{{- define "rabbitmq_host"}}rabbitmq.{{.Release.Namespace}}.svc.{{ include "region" . }}.{{ include "tld" . }}{{- end}}
+{{- define "memcached_host"}}memcached.{{.Release.Namespace}}.svc.{{ include "region" . }}.{{ include "tld" . }}{{- end}}
+{{- define "mariadb_host"}}mariadb.{{.Release.Namespace}}.svc.{{ include "region" . }}.{{ include "tld" . }}{{- end}}
# keystone
-{{define "keystone_db_host"}} {{ include "mariadb_host" . }}{{end}}
-{{define "keystone_api_endpoint_host_admin"}}keystone-api.{{.Release.Namespace}}.svc.{{ include "region" . }}.{{ include "tld" . }}{{end}}
-{{define "keystone_api_endpoint_host_internal"}}keystone-api.{{.Release.Namespace}}.svc.{{ include "region" . }}.{{ include "tld" . }}{{end}}
-{{define "keystone_api_endpoint_host_public"}}keystone-api.{{ include "region" . }}.{{ include "tld" . }}{{end}}
-{{define "keystone_api_endpoint_host_admin_ext"}}keystone-api.{{ include "region" . }}.{{ include "tld" . }}{{end}}
+{{- define "keystone_db_host"}}{{ include "mariadb_host" . }}{{end}}
+{{- define "keystone_api_endpoint_host_admin"}}keystone-api.{{.Release.Namespace}}.svc.{{ include "region" . }}.{{ include "tld" . }}{{- end}}
+{{- define "keystone_api_endpoint_host_internal"}}keystone-api.{{.Release.Namespace}}.svc.{{ include "region" . }}.{{ include "tld" . }}{{- end}}
+{{- define "keystone_api_endpoint_host_public"}}keystone-api.{{ include "region" . }}.{{ include "tld" . }}{{- end}}
+{{- define "keystone_api_endpoint_host_admin_ext"}}keystone-api.{{ include "region" . }}.{{ include "tld" . }}{{- end}}
diff --git a/keystone/templates/bin-configmap.yaml b/keystone/templates/bin-configmap.yaml
new file mode 100644
index 0000000000..76e0f7cf14
--- /dev/null
+++ b/keystone/templates/bin-configmap.yaml
@@ -0,0 +1,11 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: keystone-bin
+data:
+ db-sync.sh: |
+{{ tuple "bin/_db-sync.sh.tpl" . | include "template" | indent 4 }}
+ init.sh: |
+{{ tuple "bin/_init.sh.tpl" . | include "template" | indent 4 }}
+ start.sh: |
+{{ tuple "bin/_start.sh.tpl" . | include "template" | indent 4 }}
diff --git a/keystone/templates/bin/_db-sync.sh.tpl b/keystone/templates/bin/_db-sync.sh.tpl
new file mode 100644
index 0000000000..b6679c7318
--- /dev/null
+++ b/keystone/templates/bin/_db-sync.sh.tpl
@@ -0,0 +1,21 @@
+#!/bin/bash
+set -ex
+
+# order of kolla_keystone_bootstrap urls
+# for those of looking for a little expanation
+# to a mysterious blackbox
+#
+# these will feed into the keystone endpoints
+# so it is important they are correct
+#
+# keystone_admin_url
+# keystone_internal_url
+# keystone_public_url
+
+keystone-manage db_sync
+kolla_keystone_bootstrap {{ .Values.keystone.admin_user }} {{ .Values.keystone.admin_password }} \
+ {{ .Values.keystone.admin_project_name }} admin \
+ {{ .Values.keystone.scheme }}://{{ include "keystone_api_endpoint_host_admin" . }}:{{ .Values.network.port.admin }}/{{ .Values.keystone.version }} \
+ {{ .Values.keystone.scheme }}://{{ include "keystone_api_endpoint_host_internal" . }}:{{ .Values.network.port.public }}/{{ .Values.keystone.version }} \
+ {{ .Values.keystone.scheme }}://{{ include "keystone_api_endpoint_host_public" . }}:{{ .Values.network.port.public }}/{{ .Values.keystone.version }} \
+ {{ .Values.keystone.admin_region_name }}
diff --git a/keystone/templates/bin/_init.sh.tpl b/keystone/templates/bin/_init.sh.tpl
new file mode 100644
index 0000000000..0d47c4ba71
--- /dev/null
+++ b/keystone/templates/bin/_init.sh.tpl
@@ -0,0 +1,6 @@
+#!/bin/bash
+set -ex
+export HOME=/tmp
+
+ansible localhost -vvv -m mysql_db -a "login_host='{{ include "keystone_db_host" . }}' login_port='{{ .Values.database.port }}' login_user='{{ .Values.database.root_user }}' login_password='{{ .Values.database.root_password }}' name='{{ .Values.database.keystone_database_name }}'"
+ansible localhost -vvv -m mysql_user -a "login_host='{{ include "keystone_db_host" . }}' login_port='{{ .Values.database.port }}' login_user='{{ .Values.database.root_user }}' login_password='{{ .Values.database.root_password }}' name='{{ .Values.database.keystone_user }}' password='{{ .Values.database.keystone_password }}' host='%' priv='{{ .Values.database.keystone_database_name }}.*:ALL' append_privs='yes'"
diff --git a/keystone/templates/bin/_start.sh.tpl b/keystone/templates/bin/_start.sh.tpl
new file mode 100644
index 0000000000..69db497dee
--- /dev/null
+++ b/keystone/templates/bin/_start.sh.tpl
@@ -0,0 +1,12 @@
+#!/bin/bash
+set -ex
+
+# link our keystone wsgi to apaches running config
+ln -s /configmaps/wsgi-keystone.conf /etc/apache2/sites-enabled/wsgi-keystone.conf
+
+# Loading Apache2 ENV variables
+source /etc/apache2/envvars
+rm -rf /var/run/apache2/*
+APACHE_DIR="apache2"
+
+apache2 -DFOREGROUND
\ No newline at end of file
diff --git a/keystone/templates/db-sync.sh.yaml b/keystone/templates/db-sync.sh.yaml
deleted file mode 100644
index 934711e234..0000000000
--- a/keystone/templates/db-sync.sh.yaml
+++ /dev/null
@@ -1,27 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: keystone-dbsyncsh
-data:
- db-sync.sh: |+
- #!/bin/bash
- set -ex
-
- # order of kolla_keystone_bootstrap urls
- # for those of looking for a little expanation
- # to a mysterious blackbox
- #
- # these will feed into the keystone endpoints
- # so it is important they are correct
- #
- # keystone_admin_url
- # keystone_internal_url
- # keystone_public_url
-
- keystone-manage db_sync
- kolla_keystone_bootstrap {{ .Values.keystone.admin_user }} {{ .Values.keystone.admin_password }} \
- {{ .Values.keystone.admin_project_name }} admin \
- {{ .Values.keystone.scheme }}://{{ include "keystone_api_endpoint_host_admin" . }}:{{ .Values.network.port.admin }}/{{ .Values.keystone.version }} \
- {{ .Values.keystone.scheme }}://{{ include "keystone_api_endpoint_host_internal" . }}:{{ .Values.network.port.public }}/{{ .Values.keystone.version }} \
- {{ .Values.keystone.scheme }}://{{ include "keystone_api_endpoint_host_public" . }}:{{ .Values.network.port.public }}/{{ .Values.keystone.version }} \
- {{ .Values.keystone.admin_region_name }}
diff --git a/keystone/templates/deployment.yaml b/keystone/templates/deployment.yaml
index 8c124df54d..7e4c54fe2a 100644
--- a/keystone/templates/deployment.yaml
+++ b/keystone/templates/deployment.yaml
@@ -12,23 +12,23 @@ spec:
pod.beta.kubernetes.io/init-containers: '[
{
"name": "init",
- "image": "quay.io/stackanetes/kubernetes-entrypoint:v0.1.0",
+ "image": "{{ .Values.images.entrypoint }}",
"env": [
{
"name": "NAMESPACE",
"value": "{{ .Release.Namespace }}"
},
+ {
+ "name": "INTERFACE_NAME",
+ "value": "eth0"
+ },
{
"name": "DEPENDENCY_SERVICE",
"value": "mariadb,rabbitmq"
},
{
"name": "DEPENDENCY_JOBS",
- "value": "mariadb-seed"
- },
- {
- "name": "DEPENDENCY_CONFIG",
- "value": "/etc/apache2/conf-enabled/wsgi-keystone.conf"
+ "value": "mariadb-seed,keystone-db-sync"
},
{
"name": "COMMAND",
@@ -58,6 +58,7 @@ spec:
subPath: keystone.conf
- name: wsgikeystone
mountPath: /configmaps/wsgi-keystone.conf
+ subPath: wsgi_keystone.conf
- name: mpmeventconf
mountPath: /etc/apache2/mods-available/mpm_event.conf
subPath: mpm_event.conf
@@ -67,17 +68,22 @@ spec:
volumes:
- name: keystoneconf
configMap:
- name: keystone-keystoneconf
+ name: keystone-etc
+ items:
+ - key: keystone.conf
+ path: keystone.conf
- name: wsgikeystone
configMap:
- name: keystone-wsgikeystone
+ name: keystone-etc
+ items:
+ - key: wsgi-keystone.conf
+ path: wsgi_keystone.conf
- name: mpmeventconf
configMap:
- name: keystone-mpmeventconf
- # https://github.com/kubernetes/kubernetes/issues/23722
+ name: keystone-etc
items:
- key: mpm-event.conf
path: mpm_event.conf
- name: startsh
configMap:
- name: keystone-startsh
+ name: keystone-bin
diff --git a/keystone/templates/etc-configmap.yaml b/keystone/templates/etc-configmap.yaml
new file mode 100644
index 0000000000..48821fb3c8
--- /dev/null
+++ b/keystone/templates/etc-configmap.yaml
@@ -0,0 +1,11 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: keystone-etc
+data:
+ keystone.conf: |+
+{{ tuple "etc/_keystone.conf.tpl" . | include "template" | indent 4 }}
+ mpm-event.conf: |+
+{{ tuple "etc/_mpm_event.conf.tpl" . | include "template" | indent 4 }}
+ wsgi-keystone.conf: |+
+{{ tuple "etc/_wsgi-keystone.conf.tpl" . | include "template" | indent 4 }}
diff --git a/keystone/templates/etc/_keystone.conf.tpl b/keystone/templates/etc/_keystone.conf.tpl
new file mode 100644
index 0000000000..f4a2b03541
--- /dev/null
+++ b/keystone/templates/etc/_keystone.conf.tpl
@@ -0,0 +1,19 @@
+[DEFAULT]
+debug = {{ .Values.misc.debug }}
+use_syslog = False
+use_stderr = True
+workers = {{ .Values.misc.workers }}
+
+[database]
+connection = mysql+pymysql://{{ .Values.database.keystone_user }}:{{ .Values.database.keystone_password }}@{{ include "keystone_db_host" . }}/{{ .Values.database.keystone_database_name }}
+max_retries = -1
+
+[memcache]
+servers = {{ include "memcached_host" . }}
+
+[cache]
+backend = dogpile.cache.memcached
+memcache_servers = {{ include "memcached_host" . }}
+config_prefix = cache.keystone
+distributed_lock = True
+enabled = True
\ No newline at end of file
diff --git a/keystone/templates/etc/_mpm_event.conf.tpl b/keystone/templates/etc/_mpm_event.conf.tpl
new file mode 100644
index 0000000000..48e7cf7cdf
--- /dev/null
+++ b/keystone/templates/etc/_mpm_event.conf.tpl
@@ -0,0 +1,9 @@
+<IfModule mpm_event_module>
+ ServerLimit 1024
+ StartServers 32
+ MinSpareThreads 32
+ MaxSpareThreads 256
+ ThreadsPerChild 25
+ MaxRequestsPerChild 128
+ ThreadLimit 720
+</IfModule>
\ No newline at end of file
diff --git a/keystone/templates/etc/_wsgi-keystone.conf.tpl b/keystone/templates/etc/_wsgi-keystone.conf.tpl
new file mode 100644
index 0000000000..df16532c44
--- /dev/null
+++ b/keystone/templates/etc/_wsgi-keystone.conf.tpl
@@ -0,0 +1,28 @@
+Listen {{ .Values.network.ip_address }}:{{ .Values.network.port.public }}
+Listen {{ .Values.network.ip_address }}:{{ .Values.network.port.admin }}
+
+<VirtualHost *:{{ .Values.network.port.public }}>
+ WSGIDaemonProcess keystone-public processes=16 threads=6 user=keystone group=keystone display-name=%{GROUP}
+ WSGIProcessGroup keystone-public
+ WSGIScriptAlias / /var/www/cgi-bin/keystone/main
+ WSGIApplicationGroup %{GLOBAL}
+ WSGIPassAuthorization On
+ <IfVersion >= 2.4>
+ ErrorLogFormat "%{cu}t %M"
+ </IfVersion>
+ ErrorLog "|$/bin/cat 1>&2"
+ CustomLog "|/bin/cat" combined
+</VirtualHost>
+
+<VirtualHost *:{{ .Values.network.port.admin }}>
+ WSGIDaemonProcess keystone-admin processes=16 threads=5 user=keystone group=keystone display-name=%{GROUP}
+ WSGIProcessGroup keystone-admin
+ WSGIScriptAlias / /var/www/cgi-bin/keystone/admin
+ WSGIApplicationGroup %{GLOBAL}
+ WSGIPassAuthorization On
+ <IfVersion >= 2.4>
+ ErrorLogFormat "%{cu}t %M"
+ </IfVersion>
+ ErrorLog "|$/bin/cat 1>&2"
+ CustomLog "|/bin/cat" combined
+</VirtualHost>
\ No newline at end of file
diff --git a/keystone/templates/init.sh.yaml b/keystone/templates/init.sh.yaml
deleted file mode 100644
index 61e1477ac0..0000000000
--- a/keystone/templates/init.sh.yaml
+++ /dev/null
@@ -1,13 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: keystone-initsh
-data:
- init.sh: |+
- #!/bin/bash
- set -ex
- export HOME=/tmp
-
- ansible localhost -vvv -m mysql_db -a "login_host='{{ include "keystone_db_host" . }}' login_port='{{ .Values.database.port }}' login_user='{{ .Values.database.root_user }}' login_password='{{ .Values.database.root_password }}' name='{{ .Values.database.keystone_database_name }}'"
- ansible localhost -vvv -m mysql_user -a "login_host='{{ include "keystone_db_host" . }}' login_port='{{ .Values.database.port }}' login_user='{{ .Values.database.root_user }}' login_password='{{ .Values.database.root_password }}' name='{{ .Values.database.keystone_user }}' password='{{ .Values.database.keystone_password }}' host='%' priv='{{ .Values.database.keystone_database_name }}.*:ALL' append_privs='yes'"
-
diff --git a/keystone/templates/db-sync.yaml b/keystone/templates/job-db-sync.yaml
similarity index 86%
rename from keystone/templates/db-sync.yaml
rename to keystone/templates/job-db-sync.yaml
index a270d68a4e..5f92cc15dd 100644
--- a/keystone/templates/db-sync.yaml
+++ b/keystone/templates/job-db-sync.yaml
@@ -9,7 +9,7 @@ spec:
pod.beta.kubernetes.io/init-containers: '[
{
"name": "init",
- "image": "quay.io/stackanetes/kubernetes-entrypoint:v0.1.0",
+ "image": "{{ .Values.images.entrypoint }}",
"env": [
{
"name": "NAMESPACE",
@@ -43,13 +43,13 @@ spec:
- name: keystoneconf
mountPath: /etc/keystone/keystone.conf
subPath: keystone.conf
- - name: dbsyncsh
+ - name: keystone-bin
mountPath: /tmp/db-sync.sh
subPath: db-sync.sh
volumes:
- name: keystoneconf
configMap:
- name: keystone-keystoneconf
- - name: dbsyncsh
+ name: keystone-etc
+ - name: keystone-bin
configMap:
- name: keystone-dbsyncsh
+ name: keystone-bin
diff --git a/keystone/templates/init.yaml b/keystone/templates/job-init.yaml
similarity index 82%
rename from keystone/templates/init.yaml
rename to keystone/templates/job-init.yaml
index 5fc9b4776f..e9c674b45b 100644
--- a/keystone/templates/init.yaml
+++ b/keystone/templates/job-init.yaml
@@ -9,7 +9,7 @@ spec:
pod.beta.kubernetes.io/init-containers: '[
{
"name": "init",
- "image": "quay.io/stackanetes/kubernetes-entrypoint:v0.1.0",
+ "image": "{{ .Values.images.entrypoint }}",
"env": [
{
"name": "NAMESPACE",
@@ -36,11 +36,14 @@ spec:
- name: keystone-init
image: {{ .Values.images.init }}
imagePullPolicy: Always
+ command:
+ - bash
+ - /tmp/init.sh
volumeMounts:
- - name: initsh
+ - name: keystone-bin
mountPath: /tmp/init.sh
subPath: init.sh
volumes:
- - name: initsh
+ - name: keystone-bin
configMap:
- name: keystone-initsh
+ name: keystone-bin
diff --git a/keystone/templates/keystone.conf.yaml b/keystone/templates/keystone.conf.yaml
deleted file mode 100644
index 45b1275f33..0000000000
--- a/keystone/templates/keystone.conf.yaml
+++ /dev/null
@@ -1,26 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: keystone-keystoneconf
-data:
- keystone.conf: |+
- [DEFAULT]
- debug = {{ .Values.misc.debug }}
- use_syslog = False
- use_stderr = True
- workers = {{ .Values.misc.workers }}
-
- [database]
- connection = mysql+pymysql://{{ .Values.database.keystone_user }}:{{ .Values.database.keystone_password }}@{{ include "keystone_db_host" . }}/{{ .Values.database.keystone_database_name }}
- max_retries = -1
-
- [memcache]
- servers = {{ include "memcached_host" . }}
-
- [cache]
- backend = dogpile.cache.memcached
- memcache_servers = {{ include "memcached_host" . }}
- config_prefix = cache.keystone
- distributed_lock = True
- enabled = True
-
diff --git a/keystone/templates/mpm_event.conf.yaml b/keystone/templates/mpm_event.conf.yaml
deleted file mode 100644
index 8e5555c949..0000000000
--- a/keystone/templates/mpm_event.conf.yaml
+++ /dev/null
@@ -1,15 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: keystone-mpmeventconf
-data:
- mpm-event.conf: |+
- <IfModule mpm_event_module>
- ServerLimit 1024
- StartServers 32
- MinSpareThreads 32
- MaxSpareThreads 256
- ThreadsPerChild 25
- MaxRequestsPerChild 128
- ThreadLimit 720
- </IfModule>
diff --git a/keystone/templates/start.sh.yaml b/keystone/templates/start.sh.yaml
deleted file mode 100644
index f42d9deb45..0000000000
--- a/keystone/templates/start.sh.yaml
+++ /dev/null
@@ -1,15 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: keystone-startsh
-data:
- start.sh: |+
- #!/bin/bash
- set -ex
-
- # Loading Apache2 ENV variables
- source /etc/apache2/envvars
- rm -rf /var/run/apache2/*
- APACHE_DIR="apache2"
-
- apache2 -DFOREGROUND
diff --git a/keystone/templates/wsgi-keystone.conf.yaml b/keystone/templates/wsgi-keystone.conf.yaml
deleted file mode 100644
index c18d2e2320..0000000000
--- a/keystone/templates/wsgi-keystone.conf.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: keystone-wsgikeystone
-data:
- wsgi-keystone.conf: |+
- Listen {{ .Values.network.ip_address }}:{{ .Values.network.port.public }}
- Listen {{ .Values.network.ip_address }}:{{ .Values.network.port.admin }}
-
- <VirtualHost *:{{ .Values.network.port.public }}>
- WSGIDaemonProcess keystone-public processes=16 threads=6 user=keystone group=keystone display-name=%{GROUP}
- WSGIProcessGroup keystone-public
- WSGIScriptAlias / /var/www/cgi-bin/keystone/main
- WSGIApplicationGroup %{GLOBAL}
- WSGIPassAuthorization On
- <IfVersion >= 2.4>
- ErrorLogFormat "%{cu}t %M"
- </IfVersion>
- ErrorLog "|$/bin/cat 1>&2"
- CustomLog "|/bin/cat" combined
- </VirtualHost>
-
- <VirtualHost *:{{ .Values.network.port.admin }}>
- WSGIDaemonProcess keystone-admin processes=16 threads=5 user=keystone group=keystone display-name=%{GROUP}
- WSGIProcessGroup keystone-admin
- WSGIScriptAlias / /var/www/cgi-bin/keystone/admin
- WSGIApplicationGroup %{GLOBAL}
- WSGIPassAuthorization On
- <IfVersion >= 2.4>
- ErrorLogFormat "%{cu}t %M"
- </IfVersion>
- ErrorLog "|$/bin/cat 1>&2"
- CustomLog "|/bin/cat" combined
- </VirtualHost>
diff --git a/keystone/values.yaml b/keystone/values.yaml
index 27dac08811..3cf0bd4b1a 100644
--- a/keystone/values.yaml
+++ b/keystone/values.yaml
@@ -11,13 +11,14 @@ labels:
images:
db_sync: quay.io/stackanetes/stackanetes-keystone-api:newton
- api: quay.io/stackanetes/stackanetes-keystone-api:newton
+ api: quay.io/stackanetes/stackanetes-keystone-api:newton
init: quay.io/stackanetes/stackanetes-kolla-toolbox:newton
+ entrypoint: quay.io/stackanetes/kubernetes-entrypoint:v0.1.0
keystone:
version: v2.0
scheme: http
- admin_region_name: RegionOne
+ admin_region_name: RegionOne
admin_user: admin
admin_password: password
admin_project_name: admin
@@ -26,7 +27,14 @@ network:
port:
admin: 35357
public: 5000
- ip_address: "{{ .IP }}"
+ # alanmeadows(TODO): I seem unable to use {{ .IP }} here
+ # but it does work for wsrep.conf in mariadb, I have spent
+ # time trying to figure this out am completely stumped
+ #
+ # helm --debug --dry-run shows me that the config map
+ # contains {{ .IP }} but its simply translated by K8s
+ # to ""
+ ip_address: "0.0.0.0"
database:
port: 3306