openstack/openstack-helm
Code Issues Proposed changes

Helm-Toolkit: Reduce delta between OSH and OSH-Infra to image repo

Browse Source 
This PS reduces the delta between OSH and OSH-Infra helm toolkits
to simply the image repo management functions.

Change-Id: I3addfbcda6a3c1d34c9f967be07eaceffb468f0e
This commit is contained in:
Pete Birley 2018-03-31 08:43:11 -05:00
parent 0c2e96d87e
commit 37de340600
17 changed files with 1385 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
helm-toolkit/.gitignore vendored
View File

@ -1,3 +1,3 @@
secrets/*
!secrets/.gitkeep
!secrets/.gitkeep
templates/_secrets.tpl

73
helm-toolkit/templates/manifests/_ingress.yaml.tpl Normal file
View File

@ -0,0 +1,73 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
# This function creates a manifest for a services ingress rules.
# It can be used in charts dict created similar to the following:
# {- $ingressOpts := dict "envAll" . "backendServiceType" "key-manager" -}
# { $ingressOpts | include "helm-toolkit.manifests.ingress" }
{{- define "helm-toolkit.manifests.ingress._host_rules" -}}
{{- $vHost := index . "vHost" -}}
{{- $backendName := index . "backendName" -}}
{{- $backendPort := index . "backendPort" -}}
- host: {{ $vHost }}
http:
paths:
- path: /
backend:
serviceName: {{ $backendName }}
servicePort: {{ $backendPort }}
{{- end }}
{{- define "helm-toolkit.manifests.ingress" -}}
{{- $envAll := index . "envAll" -}}
{{- $backendService := index . "backendService" | default "api" -}}
{{- $backendServiceType := index . "backendServiceType" -}}
{{- $backendPort := index . "backendPort" -}}
{{- $ingressName := tuple $backendServiceType "public" $envAll | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
{{- $backendName := tuple $backendServiceType "internal" $envAll | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
{{- $hostName := tuple $backendServiceType "public" $envAll | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
{{- $hostNameFull := tuple $backendServiceType "public" $envAll | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" }}
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: {{ $ingressName }}
annotations:
kubernetes.io/ingress.class: {{ index $envAll.Values.network $backendService "ingress" "classes" "namespace" | quote }}
{{ toYaml (index $envAll.Values.network $backendService "ingress" "annotations") | indent 4 }}
spec:
rules:
{{- range $key1, $vHost := tuple $hostName (printf "%s.%s" $hostName $envAll.Release.Namespace) (printf "%s.%s.svc.%s" $hostName $envAll.Release.Namespace $envAll.Values.endpoints.cluster_domain_suffix)}}
{{- $hostRules := dict "vHost" $vHost "backendName" $backendName "backendPort" $backendPort }}
{{ $hostRules | include "helm-toolkit.manifests.ingress._host_rules" | indent 4}}
{{- end }}
{{- if not ( hasSuffix ( printf ".%s.svc.%s" $envAll.Release.Namespace $envAll.Values.endpoints.cluster_domain_suffix) $hostNameFull) }}
{{- $hostNameFullRules := dict "vHost" $hostNameFull "backendName" $backendName "backendPort" $backendPort }}
{{ $hostNameFullRules | include "helm-toolkit.manifests.ingress._host_rules" | indent 4}}
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: {{ printf "%s-%s" $ingressName "fqdn" }}
annotations:
kubernetes.io/ingress.class: {{ index $envAll.Values.network $backendService "ingress" "classes" "cluster" | quote }}
{{ toYaml (index $envAll.Values.network $backendService "ingress" "annotations") | indent 4 }}
spec:
rules:
{{ $hostNameFullRules | include "helm-toolkit.manifests.ingress._host_rules" | indent 4}}
{{- end }}
{{- end }}

97
helm-toolkit/templates/manifests/_job-bootstrap.yaml Normal file
View File

@ -0,0 +1,97 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
# This function creates a manifest for db creation and user management.
# It can be used in charts dict created similar to the following:
# {- $dbSyncJob := dict "envAll" . "serviceName" "senlin" -}
# { $dbSyncJob | include "helm-toolkit.manifests.job_db_sync" }
{{- define "helm-toolkit.manifests.job_bootstrap" -}}
{{- $envAll := index . "envAll" -}}
{{- $serviceName := index . "serviceName" -}}
{{- $nodeSelector := index . "nodeSelector" | default ( dict $envAll.Values.labels.job.node_selector_key $envAll.Values.labels.job.node_selector_value ) -}}
{{- $dependencies := index . "dependencies" | default $envAll.Values.dependencies.static.bootstrap -}}
{{- $podVolMounts := index . "podVolMounts" | default false -}}
{{- $podVols := index . "podVols" | default false -}}
{{- $configMapBin := index . "configMapBin" | default (printf "%s-%s" $serviceName "bin" ) -}}
{{- $configMapEtc := index . "configMapEtc" | default (printf "%s-%s" $serviceName "etc" ) -}}
{{- $configFile := index . "configFile" | default (printf "/etc/%s/%s.conf" $serviceName $serviceName ) -}}
{{- $keystoneUser := index . "keystoneUser" | default $serviceName -}}
{{- $openrc := index . "openrc" | default "true" -}}
{{- $serviceNamePretty := $serviceName | replace "_" "-" -}}
{{- $serviceAccountName := printf "%s-%s" $serviceNamePretty "bootstrap" }}
{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
---
apiVersion: batch/v1
kind: Job
metadata:
name: {{ printf "%s-%s" $serviceNamePretty "bootstrap" | quote }}
spec:
template:
metadata:
labels:
{{ tuple $envAll $serviceName "bootstrap" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
spec:
serviceAccountName: {{ $serviceAccountName }}
restartPolicy: OnFailure
nodeSelector:
{{ toYaml $nodeSelector | indent 8 }}
initContainers:
{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
containers:
- name: bootstrap
image: {{ $envAll.Values.images.tags.bootstrap }}
imagePullPolicy: {{ $envAll.Values.images.pull_policy }}
{{ tuple $envAll $envAll.Values.pod.resources.jobs.bootstrap | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
{{- if eq $openrc "true" }}
env:
{{- with $env := dict "ksUserSecret" ( index $envAll.Values.secrets.identity $keystoneUser ) }}
{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }}
{{- end }}
{{- end }}
command:
- /tmp/bootstrap.sh
volumeMounts:
- name: bootstrap-sh
mountPath: /tmp/bootstrap.sh
subPath: bootstrap.sh
readOnly: true
- name: etc-service
mountPath: {{ dir $configFile | quote }}
- name: bootstrap-conf
mountPath: {{ $configFile | quote }}
subPath: {{ base $configFile | quote }}
readOnly: true
{{- if $podVolMounts }}
{{ $podVolMounts | toYaml | indent 12 }}
{{- end }}
volumes:
- name: bootstrap-sh
configMap:
name: {{ $configMapBin | quote }}
defaultMode: 0555
- name: etc-service
emptyDir: {}
- name: bootstrap-conf
configMap:
name: {{ $configMapEtc | quote }}
defaultMode: 0444
{{- if $podVols }}
{{ $podVols | toYaml | indent 8 }}
{{- end }}
{{- end }}

123
helm-toolkit/templates/manifests/_job-db-drop-mysql.yaml.tpl Normal file
View File

@ -0,0 +1,123 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
# This function creates a manifest for db creation and user management.
# It can be used in charts dict created similar to the following:
# {- $dbToDropJob := dict "envAll" . "serviceName" "senlin" -}
# { $dbToDropJob | include "helm-toolkit.manifests.job_db_drop_mysql" }
#
# If the service does not use olso then the db can be managed with:
# {- $dbToDrop := dict "inputType" "secret" "adminSecret" .Values.secrets.oslo_db.admin "userSecret" .Values.secrets.oslo_db.horizon -}
# {- $dbToDropJob := dict "envAll" . "serviceName" "horizon" "dbToDrop" $dbToDrop -}
# { $dbToDropJob | include "helm-toolkit.manifests.job_db_drop_mysql" }
{{- define "helm-toolkit.manifests.job_db_drop_mysql" -}}
{{- $envAll := index . "envAll" -}}
{{- $serviceName := index . "serviceName" -}}
{{- $nodeSelector := index . "nodeSelector" | default ( dict $envAll.Values.labels.job.node_selector_key $envAll.Values.labels.job.node_selector_value ) -}}
{{- $dependencies := index . "dependencies" | default $envAll.Values.dependencies.static.db_drop -}}
{{- $configMapBin := index . "configMapBin" | default (printf "%s-%s" $serviceName "bin" ) -}}
{{- $configMapEtc := index . "configMapEtc" | default (printf "%s-%s" $serviceName "etc" ) -}}
{{- $dbToDrop := index . "dbToDrop" | default ( dict "adminSecret" $envAll.Values.secrets.oslo_db.admin "configFile" (printf "/etc/%s/%s.conf" $serviceName $serviceName ) "configDbSection" "database" "configDbKey" "connection" ) -}}
{{- $dbsToDrop := default (list $dbToDrop) (index . "dbsToDrop") }}
{{- $serviceNamePretty := $serviceName | replace "_" "-" -}}
{{- $serviceAccountName := printf "%s-%s" $serviceNamePretty "db-drop" }}
{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
---
apiVersion: batch/v1
kind: Job
metadata:
name: {{ printf "%s-%s" $serviceNamePretty "db-drop" | quote }}
annotations:
"helm.sh/hook": pre-delete
"helm.sh/hook-delete-policy": hook-succeeded
spec:
template:
metadata:
labels:
{{ tuple $envAll $serviceName "db-drop" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
spec:
serviceAccountName: {{ $serviceAccountName }}
restartPolicy: OnFailure
nodeSelector:
{{ toYaml $nodeSelector | indent 8 }}
initContainers:
{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
containers:
{{- range $key1, $dbToDrop := $dbsToDrop }}
{{ $dbToDropType := default "oslo" $dbToDrop.inputType }}
- name: {{ printf "%s-%s-%d" $serviceNamePretty "db-drop" $key1 | quote }}
image: {{ $envAll.Values.images.tags.db_drop }}
imagePullPolicy: {{ $envAll.Values.images.pull_policy }}
{{ tuple $envAll $envAll.Values.pod.resources.jobs.db_drop | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
env:
- name: ROOT_DB_CONNECTION
valueFrom:
secretKeyRef:
name: {{ $dbToDrop.adminSecret | quote }}
key: DB_CONNECTION
{{- if eq $dbToDropType "oslo" }}
- name: OPENSTACK_CONFIG_FILE
value: {{ $dbToDrop.configFile | quote }}
- name: OPENSTACK_CONFIG_DB_SECTION
value: {{ $dbToDrop.configDbSection | quote }}
- name: OPENSTACK_CONFIG_DB_KEY
value: {{ $dbToDrop.configDbKey | quote }}
{{- end }}
{{- if eq $dbToDropType "secret" }}
- name: DB_CONNECTION
valueFrom:
secretKeyRef:
name: {{ $dbToDrop.userSecret | quote }}
key: DB_CONNECTION
{{- end }}
command:
- /tmp/db-drop.py
volumeMounts:
- name: db-drop-sh
mountPath: /tmp/db-drop.py
subPath: db-drop.py
readOnly: true
{{- if eq $dbToDropType "oslo" }}
- name: etc-service
mountPath: {{ dir $dbToDrop.configFile | quote }}
- name: db-drop-conf
mountPath: {{ $dbToDrop.configFile | quote }}
subPath: {{ base $dbToDrop.configFile | quote }}
readOnly: true
{{- end }}
{{- end }}
volumes:
- name: db-drop-sh
configMap:
name: {{ $configMapBin | quote }}
defaultMode: 0555
{{- $local := dict "configMapBinFirst" true -}}
{{- range $key1, $dbToDrop := $dbsToDrop }}
{{- $dbToDropType := default "oslo" $dbToDrop.inputType }}
{{- if and (eq $dbToDropType "oslo") $local.configMapBinFirst }}
{{- $_ := set $local "configMapBinFirst" false }}
- name: etc-service
emptyDir: {}
- name: db-drop-conf
configMap:
name: {{ $configMapEtc | quote }}
defaultMode: 0444
{{- end -}}
{{- end -}}
{{- end -}}

120
helm-toolkit/templates/manifests/_job-db-init-mysql.yaml.tpl Normal file
View File

@ -0,0 +1,120 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
# This function creates a manifest for db creation and user management.
# It can be used in charts dict created similar to the following:
# {- $dbToInitJob := dict "envAll" . "serviceName" "senlin" -}
# { $dbToInitJob | include "helm-toolkit.manifests.job_db_init_mysql" }
#
# If the service does not use olso then the db can be managed with:
# {- $dbToInit := dict "inputType" "secret" "adminSecret" .Values.secrets.oslo_db.admin "userSecret" .Values.secrets.oslo_db.horizon -}
# {- $dbToInitJob := dict "envAll" . "serviceName" "horizon" "dbToInit" $dbToInit -}
# { $dbToInitJob | include "helm-toolkit.manifests.job_db_init_mysql" }
{{- define "helm-toolkit.manifests.job_db_init_mysql" -}}
{{- $envAll := index . "envAll" -}}
{{- $serviceName := index . "serviceName" -}}
{{- $nodeSelector := index . "nodeSelector" | default ( dict $envAll.Values.labels.job.node_selector_key $envAll.Values.labels.job.node_selector_value ) -}}
{{- $dependencies := index . "dependencies" | default $envAll.Values.dependencies.static.db_init -}}
{{- $configMapBin := index . "configMapBin" | default (printf "%s-%s" $serviceName "bin" ) -}}
{{- $configMapEtc := index . "configMapEtc" | default (printf "%s-%s" $serviceName "etc" ) -}}
{{- $dbToInit := index . "dbToInit" | default ( dict "adminSecret" $envAll.Values.secrets.oslo_db.admin "configFile" (printf "/etc/%s/%s.conf" $serviceName $serviceName ) "configDbSection" "database" "configDbKey" "connection" ) -}}
{{- $dbsToInit := default (list $dbToInit) (index . "dbsToInit") }}
{{- $serviceNamePretty := $serviceName | replace "_" "-" -}}
{{- $serviceAccountName := printf "%s-%s" $serviceNamePretty "db-init" }}
{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
---
apiVersion: batch/v1
kind: Job
metadata:
name: {{ printf "%s-%s" $serviceNamePretty "db-init" | quote }}
spec:
template:
metadata:
labels:
{{ tuple $envAll $serviceName "db-init" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
spec:
serviceAccountName: {{ $serviceAccountName }}
restartPolicy: OnFailure
nodeSelector:
{{ toYaml $nodeSelector | indent 8 }}
initContainers:
{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
containers:
{{- range $key1, $dbToInit := $dbsToInit }}
{{ $dbToInitType := default "oslo" $dbToInit.inputType }}
- name: {{ printf "%s-%s-%d" $serviceNamePretty "db-init" $key1 | quote }}
image: {{ $envAll.Values.images.tags.db_init }}
imagePullPolicy: {{ $envAll.Values.images.pull_policy }}
{{ tuple $envAll $envAll.Values.pod.resources.jobs.db_init | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
env:
- name: ROOT_DB_CONNECTION
valueFrom:
secretKeyRef:
name: {{ $dbToInit.adminSecret | quote }}
key: DB_CONNECTION
{{- if eq $dbToInitType "oslo" }}
- name: OPENSTACK_CONFIG_FILE
value: {{ $dbToInit.configFile | quote }}
- name: OPENSTACK_CONFIG_DB_SECTION
value: {{ $dbToInit.configDbSection | quote }}
- name: OPENSTACK_CONFIG_DB_KEY
value: {{ $dbToInit.configDbKey | quote }}
{{- end }}
{{- if eq $dbToInitType "secret" }}
- name: DB_CONNECTION
valueFrom:
secretKeyRef:
name: {{ $dbToInit.userSecret | quote }}
key: DB_CONNECTION
{{- end }}
command:
- /tmp/db-init.py
volumeMounts:
- name: db-init-sh
mountPath: /tmp/db-init.py
subPath: db-init.py
readOnly: true
{{- if eq $dbToInitType "oslo" }}
- name: etc-service
mountPath: {{ dir $dbToInit.configFile | quote }}
- name: db-init-conf
mountPath: {{ $dbToInit.configFile | quote }}
subPath: {{ base $dbToInit.configFile | quote }}
readOnly: true
{{- end }}
{{- end }}
volumes:
- name: db-init-sh
configMap:
name: {{ $configMapBin | quote }}
defaultMode: 0555
{{- $local := dict "configMapBinFirst" true -}}
{{- range $key1, $dbToInit := $dbsToInit }}
{{- $dbToInitType := default "oslo" $dbToInit.inputType }}
{{- if and (eq $dbToInitType "oslo") $local.configMapBinFirst }}
{{- $_ := set $local "configMapBinFirst" false }}
- name: etc-service
emptyDir: {}
- name: db-init-conf
configMap:
name: {{ $configMapEtc | quote }}
defaultMode: 0444
{{- end -}}
{{- end -}}
{{- end -}}

94
helm-toolkit/templates/manifests/_job-db-sync.yaml.tpl Normal file
View File

@ -0,0 +1,94 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
# This function creates a manifest for db migration and management.
# It can be used in charts dict created similar to the following:
# {- $dbSyncJob := dict "envAll" . "serviceName" "senlin" -}
# { $dbSyncJob | include "helm-toolkit.manifests.job_db_sync" }
{{- define "helm-toolkit.manifests.job_db_sync" -}}
{{- $envAll := index . "envAll" -}}
{{- $serviceName := index . "serviceName" -}}
{{- $nodeSelector := index . "nodeSelector" | default ( dict $envAll.Values.labels.job.node_selector_key $envAll.Values.labels.job.node_selector_value ) -}}
{{- $dependencies := $envAll.Values.dependencies.static.db_sync }}
{{- $configMapBin := index . "configMapBin" | default (printf "%s-%s" $serviceName "bin" ) -}}
{{- $configMapEtc := index . "configMapEtc" | default (printf "%s-%s" $serviceName "etc" ) -}}
{{- $podVolMounts := index . "podVolMounts" | default false -}}
{{- $podVols := index . "podVols" | default false -}}
{{- $podEnvVars := index . "podEnvVars" | default false -}}
{{- $dbToSync := index . "dbToSync" | default ( dict "configFile" (printf "/etc/%s/%s.conf" $serviceName $serviceName ) "image" ( index $envAll.Values.images.tags ( printf "%s_db_sync" $serviceName )) ) -}}
{{- $serviceNamePretty := $serviceName | replace "_" "-" -}}
{{- $serviceAccountName := printf "%s-%s" $serviceNamePretty "db-sync" }}
{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
---
apiVersion: batch/v1
kind: Job
metadata:
name: {{ printf "%s-%s" $serviceNamePretty "db-sync" | quote }}
spec:
template:
metadata:
labels:
{{ tuple $envAll $serviceName "db-sync" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
spec:
serviceAccountName: {{ $serviceAccountName }}
restartPolicy: OnFailure
nodeSelector:
{{ toYaml $nodeSelector | indent 8 }}
initContainers:
{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
containers:
- name: {{ printf "%s-%s" $serviceNamePretty "db-sync" | quote }}
image: {{ $dbToSync.image | quote }}
imagePullPolicy: {{ $envAll.Values.images.pull_policy | quote }}
{{ tuple $envAll $envAll.Values.pod.resources.jobs.db_sync | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
{{- if $podEnvVars }}
env:
{{ $podEnvVars | toYaml | indent 12 }}
{{- end }}
command:
- /tmp/db-sync.sh
volumeMounts:
- name: db-sync-sh
mountPath: /tmp/db-sync.sh
subPath: db-sync.sh
readOnly: true
- name: etc-service
mountPath: {{ dir $dbToSync.configFile | quote }}
- name: db-sync-conf
mountPath: {{ $dbToSync.configFile | quote }}
subPath: {{ base $dbToSync.configFile | quote }}
readOnly: true
{{- if $podVolMounts }}
{{ $podVolMounts | toYaml | indent 12 }}
{{- end }}
volumes:
- name: db-sync-sh
configMap:
name: {{ $configMapBin | quote }}
defaultMode: 0555
- name: etc-service
emptyDir: {}
- name: db-sync-conf
configMap:
name: {{ $configMapEtc | quote }}
defaultMode: 0444
{{- if $podVols }}
{{ $podVols | toYaml | indent 8 }}
{{- end }}
{{- end }}

83
helm-toolkit/templates/manifests/_job-ks-endpoints.yaml.tpl Normal file
View File

@ -0,0 +1,83 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
# This function creates a manifest for keystone service management.
# It can be used in charts dict created similar to the following:
# {- $ksEndpointJob := dict "envAll" . "serviceName" "senlin" "serviceTypes" ( tuple "clustering" ) -}
# { $ksEndpointJob | include "helm-toolkit.manifests.job_ks_endpoints" }
{{- define "helm-toolkit.manifests.job_ks_endpoints" -}}
{{- $envAll := index . "envAll" -}}
{{- $serviceName := index . "serviceName" -}}
{{- $serviceTypes := index . "serviceTypes" -}}
{{- $nodeSelector := index . "nodeSelector" | default ( dict $envAll.Values.labels.job.node_selector_key $envAll.Values.labels.job.node_selector_value ) -}}
{{- $dependencies := index . "dependencies" | default $envAll.Values.dependencies.static.ks_endpoints -}}
{{- $configMapBin := index . "configMapBin" | default (printf "%s-%s" $serviceName "bin" ) -}}
{{- $serviceNamePretty := $serviceName | replace "_" "-" -}}
{{- $serviceAccountName := printf "%s-%s" $serviceNamePretty "ks-endpoints" }}
{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
---
apiVersion: batch/v1
kind: Job
metadata:
name: {{ printf "%s-%s" $serviceNamePretty "ks-endpoints" | quote }}
spec:
template:
metadata:
labels:
{{ tuple $envAll $serviceName "ks-endpoints" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
spec:
serviceAccountName: {{ $serviceAccountName }}
restartPolicy: OnFailure
nodeSelector:
{{ toYaml $nodeSelector | indent 8 }}
initContainers:
{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
containers:
{{- range $key1, $osServiceType := $serviceTypes }}
{{- range $key2, $osServiceEndPoint := tuple "admin" "internal" "public" }}
- name: {{ printf "%s-%s-%s" $osServiceType "ks-endpoints" $osServiceEndPoint | quote }}
image: {{ $envAll.Values.images.tags.ks_endpoints }}
imagePullPolicy: {{ $envAll.Values.images.pull_policy }}
{{ tuple $envAll $envAll.Values.pod.resources.jobs.ks_endpoints | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
command:
- /tmp/ks-endpoints.sh
volumeMounts:
- name: ks-endpoints-sh
mountPath: /tmp/ks-endpoints.sh
subPath: ks-endpoints.sh
readOnly: true
env:
{{- with $env := dict "ksUserSecret" $envAll.Values.secrets.identity.admin }}
{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }}
{{- end }}
- name: OS_SVC_ENDPOINT
value: {{ $osServiceEndPoint | quote }}
- name: OS_SERVICE_NAME
value: {{ tuple $osServiceType $envAll | include "helm-toolkit.endpoints.keystone_endpoint_name_lookup" }}
- name: OS_SERVICE_TYPE
value: {{ $osServiceType | quote }}
- name: OS_SERVICE_ENDPOINT
value: {{ tuple $osServiceType $osServiceEndPoint "api" $envAll | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | quote }}
{{- end }}
{{- end }}
volumes:
- name: ks-endpoints-sh
configMap:
name: {{ $configMapBin | quote }}
defaultMode: 0555
{{- end }}

77
helm-toolkit/templates/manifests/_job-ks-service.yaml.tpl Normal file
View File

@ -0,0 +1,77 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
# This function creates a manifest for keystone service management.
# It can be used in charts dict created similar to the following:
# {- $ksServiceJob := dict "envAll" . "serviceName" "senlin" "serviceTypes" ( tuple "clustering" ) -}
# { $ksServiceJob | include "helm-toolkit.manifests.job_ks_service" }
{{- define "helm-toolkit.manifests.job_ks_service" -}}
{{- $envAll := index . "envAll" -}}
{{- $serviceName := index . "serviceName" -}}
{{- $serviceTypes := index . "serviceTypes" -}}
{{- $nodeSelector := index . "nodeSelector" | default ( dict $envAll.Values.labels.job.node_selector_key $envAll.Values.labels.job.node_selector_value ) -}}
{{- $dependencies := index . "dependencies" | default $envAll.Values.dependencies.static.ks_service -}}
{{- $configMapBin := index . "configMapBin" | default (printf "%s-%s" $serviceName "bin" ) -}}
{{- $serviceNamePretty := $serviceName | replace "_" "-" -}}
{{- $serviceAccountName := printf "%s-%s" $serviceNamePretty "ks-service" }}
{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
---
apiVersion: batch/v1
kind: Job
metadata:
name: {{ printf "%s-%s" $serviceNamePretty "ks-service" | quote }}
spec:
template:
metadata:
labels:
{{ tuple $envAll $serviceName "ks-service" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
spec:
serviceAccountName: {{ $serviceAccountName }}
restartPolicy: OnFailure
nodeSelector:
{{ toYaml $nodeSelector | indent 8 }}
initContainers:
{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
containers:
{{- range $key1, $osServiceType := $serviceTypes }}
- name: {{ printf "%s-%s" $osServiceType "ks-service-registration" | quote }}
image: {{ $envAll.Values.images.tags.ks_service }}
imagePullPolicy: {{ $envAll.Values.images.pull_policy }}
{{ tuple $envAll $envAll.Values.pod.resources.jobs.ks_service | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
command:
- /tmp/ks-service.sh
volumeMounts:
- name: ks-service-sh
mountPath: /tmp/ks-service.sh
subPath: ks-service.sh
readOnly: true
env:
{{- with $env := dict "ksUserSecret" $envAll.Values.secrets.identity.admin }}
{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }}
{{- end }}
- name: OS_SERVICE_NAME
value: {{ tuple $osServiceType $envAll | include "helm-toolkit.endpoints.keystone_endpoint_name_lookup" }}
- name: OS_SERVICE_TYPE
value: {{ $osServiceType | quote }}
{{- end }}
volumes:
- name: ks-service-sh
configMap:
name: {{ $configMapBin | quote }}
defaultMode: 0555
{{- end }}

83
helm-toolkit/templates/manifests/_job-ks-user.yaml.tpl Normal file
View File

@ -0,0 +1,83 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
# This function creates a manifest for keystone user management.
# It can be used in charts dict created similar to the following:
# {- $ksUserJob := dict "envAll" . "serviceName" "senlin" }
# { $ksUserJob | include "helm-toolkit.manifests.job_ks_user" }
{{- define "helm-toolkit.manifests.job_ks_user" -}}
{{- $envAll := index . "envAll" -}}
{{- $serviceName := index . "serviceName" -}}
{{- $nodeSelector := index . "nodeSelector" | default ( dict $envAll.Values.labels.job.node_selector_key $envAll.Values.labels.job.node_selector_value ) -}}
{{- $dependencies := index . "dependencies" | default $envAll.Values.dependencies.static.ks_user -}}
{{- $configMapBin := index . "configMapBin" | default (printf "%s-%s" $serviceName "bin" ) -}}
{{- $serviceUser := index . "serviceUser" | default $serviceName -}}
{{- $serviceUserPretty := $serviceUser | replace "_" "-" -}}
{{- $serviceAccountName := printf "%s-%s" $serviceUserPretty "ks-user" }}
{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
---
apiVersion: batch/v1
kind: Job
metadata:
name: {{ printf "%s-%s" $serviceUserPretty "ks-user" | quote }}
spec:
template:
metadata:
labels:
{{ tuple $envAll $serviceName "ks-user" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
spec:
serviceAccountName: {{ $serviceAccountName | quote }}
restartPolicy: OnFailure
nodeSelector:
{{ toYaml $nodeSelector | indent 8 }}
initContainers:
{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
containers:
- name: ks-user
image: {{ $envAll.Values.images.tags.ks_user }}
imagePullPolicy: {{ $envAll.Values.images.pull_policy }}
{{ tuple $envAll $envAll.Values.pod.resources.jobs.ks_user | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
command:
- /tmp/ks-user.sh
volumeMounts:
- name: ks-user-sh
mountPath: /tmp/ks-user.sh
subPath: ks-user.sh
readOnly: true
env:
{{- with $env := dict "ksUserSecret" $envAll.Values.secrets.identity.admin }}
{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }}
{{- end }}
- name: SERVICE_OS_SERVICE_NAME
value: {{ $serviceName | quote }}
{{- with $env := dict "ksUserSecret" (index $envAll.Values.secrets.identity $serviceUser ) }}
{{- include "helm-toolkit.snippets.keystone_user_create_env_vars" $env | indent 12 }}
{{- end }}
- name: SERVICE_OS_ROLES
{{- $serviceOsRoles := index $envAll.Values.endpoints.identity.auth $serviceUser "role" }}
{{- if kindIs "slice" $serviceOsRoles }}
value: {{ include "helm-toolkit.utils.joinListWithComma" $serviceOsRoles | quote }}
{{- else }}
value: {{ $serviceOsRoles | quote }}
{{- end }}
volumes:
- name: ks-user-sh
configMap:
name: {{ $configMapBin | quote }}
defaultMode: 0555
{{- end -}}

74
helm-toolkit/templates/manifests/_job-rabbit-init.yaml.tpl Normal file
View File

@ -0,0 +1,74 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- define "helm-toolkit.manifests.job_rabbit_init" -}}
{{- $envAll := index . "envAll" -}}
{{- $serviceName := index . "serviceName" -}}
{{- $nodeSelector := index . "nodeSelector" | default ( dict $envAll.Values.labels.job.node_selector_key $envAll.Values.labels.job.node_selector_value ) -}}
{{- $dependencies := index . "dependencies" | default $envAll.Values.dependencies.static.rabbit_init -}}
{{- $configMapBin := index . "configMapBin" | default (printf "%s-%s" $serviceName "bin" ) -}}
{{- $serviceUser := index . "serviceUser" | default $serviceName -}}
{{- $serviceUserPretty := $serviceUser | replace "_" "-" -}}
{{- $serviceAccountName := printf "%s-%s" $serviceUserPretty "rabbit-init" }}
{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
---
apiVersion: batch/v1
kind: Job
metadata:
name: {{ printf "%s-%s" $serviceUserPretty "rabbit-init" | quote }}
spec:
template:
metadata:
labels:
{{ tuple $envAll $serviceName "rabbit-init" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
spec:
serviceAccountName: {{ $serviceAccountName | quote }}
restartPolicy: OnFailure
nodeSelector:
{{ toYaml $nodeSelector | indent 8 }}
initContainers:
{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
containers:
- name: rabbit-init
image: {{ $envAll.Values.images.tags.rabbit_init | quote }}
imagePullPolicy: {{ $envAll.Values.images.pull_policy | quote }}
{{ tuple $envAll $envAll.Values.pod.resources.jobs.rabbit_init | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
command:
- /tmp/rabbit-init.sh
volumeMounts:
- name: rabbit-init-sh
mountPath: /tmp/rabbit-init.sh
subPath: rabbit-init.sh
readOnly: true
env:
- name: RABBITMQ_ADMIN_CONNECTION
valueFrom:
secretKeyRef:
name: {{ $envAll.Values.secrets.oslo_messaging.admin }}
key: RABBITMQ_CONNECTION
- name: RABBITMQ_USER_CONNECTION
valueFrom:
secretKeyRef:
name: {{ index $envAll.Values.secrets.oslo_messaging $serviceName }}
key: RABBITMQ_CONNECTION
volumes:
- name: rabbit-init-sh
configMap:
name: {{ $configMapBin | quote }}
defaultMode: 0555
{{- end -}}

43
helm-toolkit/templates/manifests/_service-ingress.tpl Normal file
View File

@ -0,0 +1,43 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
# This function creates a manifest for a services ingress rules.
# It can be used in charts dict created similar to the following:
# {- $serviceIngressOpts := dict "envAll" . "backendServiceType" "key-manager" -}
# { $serviceIngressOpts | include "helm-toolkit.manifests.service_ingress" }
{{- define "helm-toolkit.manifests.service_ingress" -}}
{{- $envAll := index . "envAll" -}}
{{- $backendServiceType := index . "backendServiceType" -}}
---
apiVersion: v1
kind: Service
metadata:
name: {{ tuple $backendServiceType "public" $envAll | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
spec:
ports:
- name: http
port: 80
selector:
app: ingress-api
{{- if index $envAll.Values.endpoints $backendServiceType }}
{{- if index $envAll.Values.endpoints $backendServiceType "ip" }}
{{- if index $envAll.Values.endpoints $backendServiceType "ip" "ingress" }}
clusterIP: {{ (index $envAll.Values.endpoints $backendServiceType "ip" "ingress") }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}

67
helm-toolkit/templates/scripts/_rabbit-init.sh.tpl Normal file
View File

@ -0,0 +1,67 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- define "helm-toolkit.scripts.rabbit_init" }}
#!/bin/bash
set -ex
# Extract connection details
RABBIT_HOSTNAME=`echo $RABBITMQ_ADMIN_CONNECTION | awk -F'[@]' '{print $2}' \
| awk -F'[:/]' '{print $1}'`
RABBIT_PORT=`echo $RABBITMQ_ADMIN_CONNECTION | awk -F'[@]' '{print $2}' \
| awk -F'[:/]' '{print $2}'`
# Extract Admin User creadential
RABBITMQ_ADMIN_USERNAME=`echo $RABBITMQ_ADMIN_CONNECTION | awk -F'[@]' '{print $1}' \
| awk -F'[//:]' '{print $4}'`
RABBITMQ_ADMIN_PASSWORD=`echo $RABBITMQ_ADMIN_CONNECTION | awk -F'[@]' '{print $1}' \
| awk -F'[//:]' '{print $5}'`
# Extract User creadential
RABBITMQ_USERNAME=`echo $RABBITMQ_USER_CONNECTION | awk -F'[@]' '{print $1}' \
| awk -F'[//:]' '{print $4}'`
RABBITMQ_PASSWORD=`echo $RABBITMQ_USER_CONNECTION | awk -F'[@]' '{print $1}' \
| awk -F'[//:]' '{print $5}'`
# Using admin creadential, list current rabbitmq users
rabbitmqadmin --host=$RABBIT_HOSTNAME --port=$RABBIT_PORT \
--username=$RABBITMQ_ADMIN_USERNAME --password=$RABBITMQ_ADMIN_PASSWORD \
list users
# if user already exist, credentials will be overwritten
# Using admin creadential, adding new admin rabbitmq user"
rabbitmqadmin --host=$RABBIT_HOSTNAME --port=$RABBIT_PORT \
--username=$RABBITMQ_ADMIN_USERNAME --password=$RABBITMQ_ADMIN_PASSWORD \
declare user name=$RABBITMQ_USERNAME password=$RABBITMQ_PASSWORD \
tags="administrator"
# Declare permissions for new user
rabbitmqadmin --host=$RABBIT_HOSTNAME --port=$RABBIT_PORT \
--username=$RABBITMQ_ADMIN_USERNAME --password=$RABBITMQ_ADMIN_PASSWORD \
declare permission vhost="/" user=$RABBITMQ_USERNAME \
configure=".*" write=".*" read=".*"
# Using new user creadential, list current rabbitmq users
rabbitmqadmin --host=$RABBIT_HOSTNAME --port=$RABBIT_PORT \
--username=$RABBITMQ_USERNAME --password=$RABBITMQ_PASSWORD \
list users
# Using new user creadential, list permissions
rabbitmqadmin --host=$RABBIT_HOSTNAME --port=$RABBIT_PORT \
--username=$RABBITMQ_USERNAME --password=$RABBITMQ_PASSWORD \
list permissions
{{- end }}

271
helm-toolkit/templates/utils/_daemonset_overrides.tpl Normal file
View File

@ -0,0 +1,271 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- define "helm-toolkit.utils.daemonset_overrides" }}
{{- $daemonset := index . 0 }}
{{- $daemonset_yaml := index . 1 }}
{{- $configmap_include := index . 2 }}
{{- $configmap_name := index . 3 }}
{{- $context := index . 4 }}
{{- $_ := unset $context ".Files" }}
{{- $_ := set $context.Values "__daemonset_yaml" $daemonset_yaml }}
{{- $daemonset_root_name := printf (print $context.Chart.Name "_" $daemonset) }}
{{- $_ := set $context.Values "__daemonset_list" list }}
{{- $_ := set $context.Values "__default" dict }}
{{- if hasKey $context.Values.conf "overrides" }}
{{- range $key, $val := $context.Values.conf.overrides }}
{{- if eq $key $daemonset_root_name }}
{{- range $type, $type_data := . }}
{{- if eq $type "hosts" }}
{{- range $host_data := . }}
{{/* dictionary that will contain all info needed to generate this
iteration of the daemonset */}}
{{- $current_dict := dict }}
{{/* set daemonset name */}}
{{- $_ := set $current_dict "name" $host_data.name }}
{{/* apply overrides */}}
{{- $override_conf_copy := $host_data.conf }}
{{- $root_conf_copy := omit $context.Values.conf "overrides" }}
{{- $merged_dict := merge $override_conf_copy $root_conf_copy }}
{{- $root_conf_copy2 := dict "conf" $merged_dict }}
{{- $context_values := omit $context.Values "conf" }}
{{- $root_conf_copy3 := merge $context_values $root_conf_copy2 }}
{{- $root_conf_copy4 := dict "Values" $root_conf_copy3 }}
{{- $_ := set $current_dict "nodeData" $root_conf_copy4 }}
{{/* Schedule to this host explicitly. */}}
{{- $nodeSelector_dict := dict }}
{{- $_ := set $nodeSelector_dict "key" "kubernetes.io/hostname" }}
{{- $_ := set $nodeSelector_dict "operator" "In" }}
{{- $values_list := list $host_data.name }}
{{- $_ := set $nodeSelector_dict "values" $values_list }}
{{- $list_aggregate := list $nodeSelector_dict }}
{{- $_ := set $current_dict "matchExpressions" $list_aggregate }}
{{/* store completed daemonset entry/info into global list */}}
{{- $list_aggregate := append $context.Values.__daemonset_list $current_dict }}
{{- $_ := set $context.Values "__daemonset_list" $list_aggregate }}
{{- end }}
{{- end }}
{{- if eq $type "labels" }}
{{- $_ := set $context.Values "__label_list" . }}
{{- range $label_data := . }}
{{/* dictionary that will contain all info needed to generate this
iteration of the daemonset. */}}
{{- $_ := set $context.Values "__current_label" dict }}
{{/* set daemonset name */}}
{{- $_ := set $context.Values.__current_label "name" $label_data.label.key }}
{{/* apply overrides */}}
{{- $override_conf_copy := $label_data.conf }}
{{- $root_conf_copy := omit $context.Values.conf "overrides" }}
{{- $merged_dict := merge $override_conf_copy $root_conf_copy }}
{{- $root_conf_copy2 := dict "conf" $merged_dict }}
{{- $context_values := omit $context.Values "conf" }}
{{- $root_conf_copy3 := merge $context_values $root_conf_copy2 }}
{{- $root_conf_copy4 := dict "Values" $root_conf_copy3 }}
{{- $_ := set $context.Values.__current_label "nodeData" $root_conf_copy4 }}
{{/* Schedule to the provided label value(s) */}}
{{- $label_dict := omit $label_data.label "NULL" }}
{{- $_ := set $label_dict "operator" "In" }}
{{- $list_aggregate := list $label_dict }}
{{- $_ := set $context.Values.__current_label "matchExpressions" $list_aggregate }}
{{/* Do not schedule to other specified labels, with higher
precedence as the list position increases. Last defined label
is highest priority. */}}
{{- $other_labels := without $context.Values.__label_list $label_data }}
{{- range $label_data2 := $other_labels }}
{{- $label_dict := omit $label_data2.label "NULL" }}
{{- $_ := set $label_dict "operator" "NotIn" }}
{{- $list_aggregate := append $context.Values.__current_label.matchExpressions $label_dict }}
{{- $_ := set $context.Values.__current_label "matchExpressions" $list_aggregate }}
{{- end }}
{{- $_ := set $context.Values "__label_list" $other_labels }}
{{/* Do not schedule to any other specified hosts */}}
{{- range $type, $type_data := $val }}
{{- if eq $type "hosts" }}
{{- range $host_data := . }}
{{- $label_dict := dict }}
{{- $_ := set $label_dict "key" "kubernetes.io/hostname" }}
{{- $_ := set $label_dict "operator" "NotIn" }}
{{- $values_list := list $host_data.name }}
{{- $_ := set $label_dict "values" $values_list }}
{{- $list_aggregate := append $context.Values.__current_label.matchExpressions $label_dict }}
{{- $_ := set $context.Values.__current_label "matchExpressions" $list_aggregate }}
{{- end }}
{{- end }}
{{- end }}
{{/* store completed daemonset entry/info into global list */}}
{{- $list_aggregate := append $context.Values.__daemonset_list $context.Values.__current_label }}
{{- $_ := set $context.Values "__daemonset_list" $list_aggregate }}
{{- $_ := unset $context.Values "__current_label" }}
{{- end }}
{{- end }}
{{- end }}
{{/* scheduler exceptions for the default daemonset */}}
{{- $_ := set $context.Values.__default "matchExpressions" list }}
{{- range $type, $type_data := . }}
{{/* Do not schedule to other specified labels */}}
{{- if eq $type "labels" }}
{{- range $label_data := . }}
{{- $default_dict := omit $label_data.label "NULL" }}
{{- $_ := set $default_dict "operator" "NotIn" }}
{{- $list_aggregate := append $context.Values.__default.matchExpressions $default_dict }}
{{- $_ := set $context.Values.__default "matchExpressions" $list_aggregate }}
{{- end }}
{{- end }}
{{/* Do not schedule to other specified hosts */}}
{{- if eq $type "hosts" }}
{{- range $host_data := . }}
{{- $default_dict := dict }}
{{- $_ := set $default_dict "key" "kubernetes.io/hostname" }}
{{- $_ := set $default_dict "operator" "NotIn" }}
{{- $values_list := list $host_data.name }}
{{- $_ := set $default_dict "values" $values_list }}
{{- $list_aggregate := append $context.Values.__default.matchExpressions $default_dict }}
{{- $_ := set $context.Values.__default "matchExpressions" $list_aggregate }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}
{{/* generate the default daemonset */}}
{{/* set name */}}
{{- $_ := set $context.Values.__default "name" "default" }}
{{/* no overrides apply, so copy as-is */}}
{{- $root_conf_copy1 := omit $context.Values.conf "overrides" }}
{{- $root_conf_copy2 := dict "conf" $root_conf_copy1 }}
{{- $context_values := omit $context.Values "conf" }}
{{- $root_conf_copy3 := merge $context_values $root_conf_copy2 }}
{{- $root_conf_copy4 := dict "Values" $root_conf_copy3 }}
{{- $_ := set $context.Values.__default "nodeData" $root_conf_copy4 }}
{{/* add to global list */}}
{{- $list_aggregate := append $context.Values.__daemonset_list $context.Values.__default }}
{{- $_ := set $context.Values "__daemonset_list" $list_aggregate }}
{{- $_ := set $context.Values "__last_configmap_name" $configmap_name }}
{{- range $current_dict := $context.Values.__daemonset_list }}
{{- $context_novalues := omit $context "Values" }}
{{- $merged_dict := merge $current_dict.nodeData $context_novalues }}
{{- $_ := set $current_dict "nodeData" $merged_dict }}
{{/* name needs to be a DNS-1123 compliant name. Ensure lower case */}}
{{- $name_format1 := printf (print $daemonset_root_name "-" $current_dict.name) | lower }}
{{/* labels may contain underscores which would be invalid here, so we replace them with dashes
there may be other valid label names which would make for an invalid DNS-1123 name
but these will be easier to handle in future with sprig regex* functions
(not availabile in helm 2.5.1) */}}
{{- $name_format2 := $name_format1 | replace "_" "-" }}
{{/* To account for the case where the same label is defined multiple times in overrides
(but with different label values), we add a sha of the scheduling data to ensure
name uniqueness */}}
{{- $_ := set $current_dict "dns_1123_name" dict }}
{{- if hasKey $current_dict "matchExpressions" }}
{{- $_ := set $current_dict "dns_1123_name" (printf (print $name_format2 "-" ($current_dict.matchExpressions | quote | sha256sum | trunc 8))) }}
{{- else }}
{{- $_ := set $current_dict "dns_1123_name" $name_format2 }}
{{- end }}
{{/* set daemonset metadata name */}}
{{- if not $context.Values.__daemonset_yaml.metadata }}{{- $_ := set $context.Values.__daemonset_yaml "metadata" dict }}{{- end }}
{{- if not $context.Values.__daemonset_yaml.metadata.name }}{{- $_ := set $context.Values.__daemonset_yaml.metadata "name" dict }}{{- end }}
{{- $_ := set $context.Values.__daemonset_yaml.metadata "name" $current_dict.dns_1123_name }}
{{/* set container name
assume not more than one container is defined */}}
{{- $container := first $context.Values.__daemonset_yaml.spec.template.spec.containers }}
{{- $_ := set $container "name" $current_dict.dns_1123_name }}
{{- $cont_list := list $container }}
{{- $_ := set $context.Values.__daemonset_yaml.spec.template.spec "containers" $cont_list }}
{{/* cross-reference configmap name to container volume definitions */}}
{{- $_ := set $context.Values "__volume_list" list }}
{{- range $current_volume := $context.Values.__daemonset_yaml.spec.template.spec.volumes }}
{{- $_ := set $context.Values "__volume" $current_volume }}
{{- if hasKey $context.Values.__volume "configMap" }}
{{- if eq $context.Values.__volume.configMap.name $context.Values.__last_configmap_name }}
{{- $_ := set $context.Values.__volume.configMap "name" $current_dict.dns_1123_name }}
{{- end }}
{{- end }}
{{- $updated_list := append $context.Values.__volume_list $context.Values.__volume }}
{{- $_ := set $context.Values "__volume_list" $updated_list }}
{{- end }}
{{- $_ := set $context.Values.__daemonset_yaml.spec.template.spec "volumes" $context.Values.__volume_list }}
{{/* populate scheduling restrictions */}}
{{- if hasKey $current_dict "matchExpressions" }}
{{- if not $context.Values.__daemonset_yaml.spec.template.spec }}{{- $_ := set $context.Values.__daemonset_yaml.spec.template "spec" dict }}{{- end }}
{{- if not $context.Values.__daemonset_yaml.spec.template.spec.affinity }}{{- $_ := set $context.Values.__daemonset_yaml.spec.template.spec "affinity" dict }}{{- end }}
{{- if not $context.Values.__daemonset_yaml.spec.template.spec.affinity.nodeAffinity }}{{- $_ := set $context.Values.__daemonset_yaml.spec.template.spec.affinity "nodeAffinity" dict }}{{- end }}
{{- if not $context.Values.__daemonset_yaml.spec.template.spec.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution }}{{- $_ := set $context.Values.__daemonset_yaml.spec.template.spec.affinity.nodeAffinity "requiredDuringSchedulingIgnoredDuringExecution" dict }}{{- end }}
{{- $match_exprs := dict }}
{{- $_ := set $match_exprs "matchExpressions" $current_dict.matchExpressions }}
{{- $appended_match_expr := list $match_exprs }}
{{- $_ := set $context.Values.__daemonset_yaml.spec.template.spec.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution "nodeSelectorTerms" $appended_match_expr }}
{{- end }}
{{/* input value hash for current set of values overrides */}}
{{- if not $context.Values.__daemonset_yaml.spec }}{{- $_ := set $context.Values.__daemonset_yaml "spec" dict }}{{- end }}
{{- if not $context.Values.__daemonset_yaml.spec.template }}{{- $_ := set $context.Values.__daemonset_yaml.spec "template" dict }}{{- end }}
{{- if not $context.Values.__daemonset_yaml.spec.template.metadata }}{{- $_ := set $context.Values.__daemonset_yaml.spec.template "metadata" dict }}{{- end }}
{{- if not $context.Values.__daemonset_yaml.spec.template.metadata.annotations }}{{- $_ := set $context.Values.__daemonset_yaml.spec.template.metadata "annotations" dict }}{{- end }}
{{- $cmap := list $current_dict.dns_1123_name $current_dict.nodeData | include $configmap_include }}
{{- $values_hash := $cmap | quote | sha256sum }}
{{- $_ := set $context.Values.__daemonset_yaml.spec.template.metadata.annotations "configmap-etc-hash" $values_hash }}
{{/* generate configmap */}}
---
{{ $cmap }}
{{/* generate daemonset yaml */}}
---
{{ $context.Values.__daemonset_yaml | toYaml }}
{{- $_ := set $context.Values "__last_configmap_name" $current_dict.dns_1123_name }}
{{- end }}
{{- end }}

36
helm-toolkit/templates/utils/_dependency_resolver.tpl Normal file
View File

@ -0,0 +1,36 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- define "helm-toolkit.utils.dependency_resolver" }}
{{- $envAll := index . "envAll" -}}
{{- $dependencyMixinParam := index . "dependencyMixinParam" -}}
{{- $dependencyKey := index . "dependencyKey" -}}
{{- if $dependencyMixinParam -}}
{{- $_ := set $envAll.Values "pod_dependency" dict -}}
{{- if kindIs "string" $dependencyMixinParam }}
{{- $_ := include "helm-toolkit.utils.merge" (tuple $envAll.Values.pod_dependency ( index $envAll.Values.dependencies.static $dependencyKey ) ( index $envAll.Values.dependencies.dynamic.targeted $dependencyMixinParam $dependencyKey ) ) -}}
{{- else if kindIs "slice" $dependencyMixinParam }}
{{- range $k, $v := $dependencyMixinParam -}}
{{- if not $envAll.Values.__deps }}{{- $_ := set $envAll.Values "__deps" ( index $envAll.Values.dependencies.static $dependencyKey ) }}{{- end }}
{{- $_ := include "helm-toolkit.utils.merge" (tuple $envAll.Values.pod_dependency $envAll.Values.__deps ( index $envAll.Values.dependencies.dynamic.targeted $v $dependencyKey ) ) -}}
{{- $_ := set $envAll.Values "__deps" $envAll.Values.pod_dependency -}}
{{- end }}
{{- end }}
{{- else -}}
{{- $_ := set $envAll.Values "pod_dependency" ( index $envAll.Values.dependencies.static $dependencyKey ) -}}
{{- end -}}
{{ $envAll.Values.pod_dependency | toYaml }}
{{- end }}

20
helm-toolkit/templates/utils/_joinListWithSpace.tpl Normal file
View File

@ -0,0 +1,20 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- define "helm-toolkit.utils.joinListWithSpace" -}}
{{- $local := dict "first" true -}}
{{- range $k, $v := . -}}{{- if not $local.first -}}{{- " " -}}{{- end -}}{{- $v -}}{{- $_ := set $local "first" false -}}{{- end -}}
{{- end -}}

42
helm-toolkit/templates/utils/_to_kv_list.tpl Normal file
View File

@ -0,0 +1,42 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
# This function returns key value pair in the INI format (key = value)
# as needed by openstack config files
#
# Sample key value pair format:
# conf:
# libvirt:
# log_level: 3
# Usage:
# { include "helm-toolkit.utils.to_kv_list" .Values.conf.libvirt }
# returns: log_level = 3
{{- define "helm-toolkit.utils.to_kv_list" -}}
{{- range $key, $value := . -}}
{{- if kindIs "slice" $value }}
{{ $key }} = {{ include "helm-toolkit.utils.joinListWithComma" $value | quote }}
{{- else if kindIs "string" $value }}
{{- if regexMatch "^[0-9]+$" $value }}
{{ $key }} = {{ $value }}
{{- else }}
{{ $key }} = {{ $value | quote }}
{{- end }}
{{- else }}
{{ $key }} = {{ $value }}
{{- end }}
{{- end -}}
{{- end -}}

81
helm-toolkit/templates/utils/_values_template_renderer.tpl Normal file
View File

@ -0,0 +1,81 @@
{{/*
Copyright 2018 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{/*
This function renders out configuration sections into a format suitable for
incorporation into a config-map. This allows various forms of input to be
rendered out as appropriate, as illustrated in the following example:
With the input:
conf:
some:
config_to_render: |
#We can use all of gotpl here: eg macros, ranges etc.
Listen 0.0.0.0:{{ tuple "dashboard" "internal" "web" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
config_to_complete:
#here we can fill out params, but things need to be valid yaml as input
'{{ .Release.Name }}': '{{ printf "%s-%s" .Release.Namespace "namespace" }}'
static_config:
#this is just passed though as yaml to the configmap
foo: bar
And the template:
{{- $envAll := . }}
---
apiVersion: v1
kind: ConfigMap
metadata:
name: application-etc
data:
{{- include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" .Values.conf.some.config_to_render "key" "config_to_render.conf") | indent 2 }}
{{- include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" .Values.conf.some.config_to_complete "key" "config_to_complete.yaml") | indent 2 }}
{{- include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" .Values.conf.some.static_config "key" "static_config.yaml") | indent 2 }}
The rendered output will match:
apiVersion: v1
kind: ConfigMap
metadata:
name: application-etc
data:
config_to_render.conf: |
#We can use all of gotpl here: eg macros, ranges etc.
Listen 0.0.0.0:80
config_to_complete.yaml: |
'RELEASE-NAME': 'default-namespace'
static_config.yaml: |
foo: bar
*/}}
{{- define "helm-toolkit.snippets.values_template_renderer" -}}
{{- $envAll := index . "envAll" -}}
{{- $template := index . "template" -}}
{{- $key := index . "key" -}}
{{- with $envAll -}}
{{- $templateRendered := tpl ( $template | toYaml ) . }}
{{- if hasPrefix "|\n" $templateRendered }}
{{ $key }}: {{ $templateRendered }}
{{- else }}
{{ $key }}: |
{{ $templateRendered | indent 2 }}
{{- end -}}
{{- end -}}
{{- end -}}