diff --git a/common/templates/snippets/_k8s_init_dep_check.tpl b/common/templates/snippets/_k8s_init_dep_check.tpl index 4deb1b762c..b918b10d74 100644 --- a/common/templates/snippets/_k8s_init_dep_check.tpl +++ b/common/templates/snippets/_k8s_init_dep_check.tpl @@ -8,12 +8,16 @@ "env": [ { "name": "POD_NAME", + {{- if $deps.pod -}} + "value": "{{ index $deps.pod 0 }}" + {{- else -}} "valueFrom": { "fieldRef": { "APIVersion": "v1", "fieldPath": "metadata.name" } } + {{- end -}} }, { "name": "NAMESPACE", @@ -40,6 +44,10 @@ "name": "DEPENDENCY_DAEMONSET", "value": "{{ include "joinListWithComma" $deps.daemonset }}" }, + { + "name": "DEPENDENCY_CONTAINER", + "value": "{{ include "joinListWithComma" $deps.container }}" + }, { "name": "COMMAND", "value": "echo done" diff --git a/maas/templates/bin/_import-boot-resources.sh.tpl b/maas/templates/bin/_import-boot-resources.sh.tpl new file mode 100644 index 0000000000..6dda0c1674 --- /dev/null +++ b/maas/templates/bin/_import-boot-resources.sh.tpl @@ -0,0 +1,36 @@ +#!/bin/sh + +set -ex + +function check_for_download { + + TIMEOUT={{ .Values.jobs.import_boot_resources.timeout }} + while [[ ${TIMEOUT} -gt 0 ]]; do + if maas {{ .Values.credentials.admin_username }} boot-resources read | grep -q '\[\]'; + then + echo 'Did not find boot resources. Will try again' + let TIMEOUT-={{ .Values.jobs.import_boot_resources.retry_timer }} + sleep {{ .Values.jobs.import_boot_resources.retry_timer }} + else + echo 'Boot resources found' + exit 0 + fi + done + exit 1 +} + +maas-region local_config_set \ + --database-host "{{ .Values.db_service_name }}.{{ .Release.Namespace }}" \ + --database-name "{{ .Values.database.db_name }}" \ + --database-user "{{ .Values.database.db_user }}" \ + --database-pass "{{ .Values.database.db_password }}" \ + --maas-url "http://{{ .Values.ui_service_name }}.{{ .Release.Namespace }}:{{ .Values.network.port.service_gui }}/MAAS" + +KEY=$(maas-region apikey --username={{ .Values.credentials.admin_username }}) +maas login {{ .Values.credentials.admin_username }} http://{{ .Values.ui_service_name }}.{{ .Release.Namespace }}/MAAS/ $KEY + +# make call to import images +maas {{ .Values.credentials.admin_username }} boot-resources import +# see if we can find > 0 images +sleep {{ .Values.jobs.import_boot_resources.retry_timer }} +check_for_download \ No newline at end of file diff --git a/maas/templates/bin/_job-readiness.sh.tpl b/maas/templates/bin/_job-readiness.sh.tpl new file mode 100644 index 0000000000..9eb9659fe4 --- /dev/null +++ b/maas/templates/bin/_job-readiness.sh.tpl @@ -0,0 +1,6 @@ +#!/bin/bash + + /tmp/env -echo "register-rack-controller URL: "{{ .Values.service_name }}.{{ .Release.Namespace }} +echo "register-rack-controller URL: "{{ .Values.ui_service_name }}.{{ .Release.Namespace }} # note the secret must be a valid hex value # register forever while [ 1 ]; do - if maas-rack register --url=http://{{ .Values.service_name }}.{{ .Release.Namespace }}/MAAS --secret={{ .Values.secret | quote }}; + if maas-rack register --url=http://{{ .Values.ui_service_name }}.{{ .Release.Namespace }}/MAAS --secret={{ .Values.secret | quote }}; then echo "Successfully registered with MaaS Region Controller" break else - echo "Unable to register with http://{{ .Values.service_name }}.{{ .Release.Namespace }}/MAAS... will try again" + echo "Unable to register with http://{{ .Values.ui_service_name }}.{{ .Release.Namespace }}/MAAS... will try again" sleep 10 fi; diff --git a/maas/templates/bin/_start.sh.tpl b/maas/templates/bin/_start.sh.tpl index 372bd5c0d6..a99555a73e 100644 --- a/maas/templates/bin/_start.sh.tpl +++ b/maas/templates/bin/_start.sh.tpl @@ -3,6 +3,12 @@ set -ex if ! find "/etc/postgresql" -mindepth 1 -print -quit | grep -q .; then pg_createcluster 9.5 main + + #allow external connections to postgresql + sed -i '/#listen_addresses/s/^#//g' /etc/postgresql/9.5/main/postgresql.conf + sed -i '/^listen_addresses/ s/localhost/*/' /etc/postgresql/9.5/main/postgresql.conf + sed -i '$ a host all all 0.0.0.0/0 md5' /etc/postgresql/9.5/main/pg_hba.conf + sed -i '$ a host all all ::/0 md5' /etc/postgresql/9.5/main/pg_hba.conf fi cp -r /etc/postgresql/9.5/main/*.conf /var/lib/postgresql/9.5/main/ @@ -12,3 +18,5 @@ echo 'running postinst' chmod 755 /var/lib/dpkg/info/maas-region-controller.postinst /bin/sh /var/lib/dpkg/info/maas-region-controller.postinst configure + +maas-region createadmin --username={{ .Values.credentials.admin_username }} --password={{ .Values.credentials.admin_password }} --email={{ .Values.credentials.admin_email }} || true diff --git a/maas/templates/configmap-bin.yaml b/maas/templates/configmap-bin.yaml index db17c81355..ef95068fb5 100644 --- a/maas/templates/configmap-bin.yaml +++ b/maas/templates/configmap-bin.yaml @@ -7,5 +7,9 @@ data: {{ tuple "bin/_start.sh.tpl" . | include "template" | indent 4 }} maas-region-controller.postinst: | {{ tuple "bin/_maas-region-controller.postinst.tpl" . | include "template" | indent 4 }} + import-boot-resources.sh: | +{{ tuple "bin/_import-boot-resources.sh.tpl" . | include "template" | indent 4 }} + job-readiness.sh: | +{{ tuple "bin/_job-readiness.sh.tpl" . | include "template" | indent 4 }} register-rack-controller.sh: | {{ tuple "bin/_register-rack-controller.sh.tpl" . | include "template" | indent 4 }} diff --git a/maas/templates/configmap-etc.yaml b/maas/templates/configmap-etc.yaml index 9437409738..5dae1fb15b 100644 --- a/maas/templates/configmap-etc.yaml +++ b/maas/templates/configmap-etc.yaml @@ -7,3 +7,5 @@ data: {{ tuple "etc/_region-dns-config.tpl" . | include "template" | indent 4 }} secret: | {{ tuple "etc/_secret.tpl" . | include "template" | indent 4 }} + maas-region-controller.conf: | +{{ tuple "etc/_postgresql-config.tpl" . | include "template" | indent 4 }} diff --git a/maas/templates/db-service.yaml b/maas/templates/db-service.yaml new file mode 100644 index 0000000000..7f18ae56ed --- /dev/null +++ b/maas/templates/db-service.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.db_service_name }} + labels: + app: db-service +spec: + ports: + - port: {{ .Values.network.port.db_service }} + targetPort: {{ .Values.network.port.db_service_target }} + name: db-service + selector: + app: maas-region diff --git a/maas/templates/deploy-region.yaml b/maas/templates/deploy-region.yaml index 313d690e86..d663ac051a 100644 --- a/maas/templates/deploy-region.yaml +++ b/maas/templates/deploy-region.yaml @@ -3,7 +3,7 @@ kind: StatefulSet metadata: name: maas-region spec: - serviceName: "{{ .Values.service_name }}" + serviceName: "{{ .Values.ui_service_name }}" template: metadata: labels: @@ -13,7 +13,7 @@ spec: { "name": "init", "image": "{{ .Values.images.maas_region }}", - "imagePullPolicy": "Always", + "imagePullPolicy": "{{ .Values.images.pull_policy }}", "command": ["bash", "/tmp/start.sh"], "volumeMounts": [ { @@ -41,6 +41,11 @@ spec: "name": "maasregionpostinst", "mountPath": "/var/lib/dpkg/info/maas-region-controller.postinst", "subPath": "maas-region-controller.postinst" + }, + { + "name": "postgresql-defaults", + "mountPath": "/etc/dbconfig-common/maas-region-controller.conf", + "subPath": "maas-region-controller.conf" } ] } @@ -62,7 +67,10 @@ spec: memory: {{ .Values.resources.maas_region.requests.memory | quote}} {{- end }} ports: - - containerPort: {{ .Values.network.port.region_container }} + - name: region-ui + containerPort: {{ .Values.network.port.region_container }} + - name: postgresql + containerPort: {{ .Values.network.port.db_service }} readinessProbe: tcpSocket: port: {{ .Values.network.port.region_container }} @@ -104,6 +112,9 @@ spec: - name: maas-dns-config configMap: name: maas-etc + - name: postgresql-defaults + configMap: + name: maas-etc - name: startsh configMap: name: maas-bin diff --git a/maas/templates/etc/_postgresql-config.tpl b/maas/templates/etc/_postgresql-config.tpl new file mode 100644 index 0000000000..8f193da565 --- /dev/null +++ b/maas/templates/etc/_postgresql-config.tpl @@ -0,0 +1,44 @@ +# dbc_install: configure database with dbconfig-common? +# set to anything but "true" to opt out of assistance +dbc_install='true' + +# dbc_upgrade: upgrade database with dbconfig-common? +# set to anything but "true" to opt out of assistance +dbc_upgrade='true' + +# dbc_remove: deconfigure database with dbconfig-common? +# set to anything but "true" to opt out of assistance +dbc_remove='true' + +# dbc_dbtype: type of underlying database to use +# this exists primarily to let dbconfig-common know what database +# type to use when a package supports multiple database types. +# don't change this value unless you know for certain that this +# package supports multiple database types +dbc_dbtype='pgsql' + +# dbc_dbuser: database user +# the name of the user who we will use to connect to the database. +dbc_dbuser='{{ .Values.database.db_user }}' + +# dbc_dbpass: database user password +# the password to use with the above username when connecting +# to a database, if one is required +dbc_dbpass='{{ .Values.database.db_password }}' + +# dbc_dbname: name of database +# this is the name of your application's database. +dbc_dbname='{{ .Values.database.db_name }}' + +# dbc_dbadmin: name of the administrative user +# this is the administrative user that is used to create all of the above +# The exception is the MySQL/MariaDB localhost case, where this value is +# ignored and instead is determined from /etc/mysql/debian.cnf. +dbc_dbadmin='postgres' + +# dbc_authmethod_admin: authentication method for admin +# dbc_authmethod_user: authentication method for dbuser +# see the section titled "AUTHENTICATION METHODS" in +# /usr/share/doc/dbconfig-common/README.pgsql for more info +dbc_authmethod_admin='ident' +dbc_authmethod_user='password' diff --git a/maas/templates/job-import.yaml b/maas/templates/job-import.yaml new file mode 100644 index 0000000000..419ab3c023 --- /dev/null +++ b/maas/templates/job-import.yaml @@ -0,0 +1,48 @@ +{{- $envAll := . }} +{{- $dependencies := .Values.dependencies.import_resources }} +apiVersion: batch/v1 +kind: Job +metadata: + name: region-import-resources +spec: + template: + metadata: + annotations: + pod.beta.kubernetes.io/init-containers: '[ +{{ tuple $envAll $dependencies | include "dep_check_init_cont" | indent 10 }} + ]' + spec: + restartPolicy: OnFailure + containers: + - name: region-import-resources + image: {{ .Values.images.maas_region }} + imagePullPolicy: {{ .Values.images.pull_policy }} + command: + - bash + - /tmp/import-boot-resources.sh + readinessProbe: + exec: + command: + - bash + - /tmp/job-readiness.sh + initialDelaySeconds: 60 + volumeMounts: + - name: import-boot-resources + mountPath: /tmp/import-boot-resources.sh + subPath: import-boot-resources.sh + - name: job-readiness + mountPath: /tmp/job-readiness.sh + subPath: job-readiness.sh + - name: maas-dns-config + mountPath: /etc/bind/named.conf.options + subPath: named.conf.options + volumes: + - name: import-boot-resources + configMap: + name: maas-bin + - name: job-readiness + configMap: + name: maas-bin + - name: maas-dns-config + configMap: + name: maas-etc diff --git a/maas/templates/service.yaml b/maas/templates/maas-service.yaml similarity index 91% rename from maas/templates/service.yaml rename to maas/templates/maas-service.yaml index 0a78d6c56d..689022b54e 100644 --- a/maas/templates/service.yaml +++ b/maas/templates/maas-service.yaml @@ -1,7 +1,7 @@ apiVersion: v1 kind: Service metadata: - name: {{ .Values.service_name }} + name: {{ .Values.ui_service_name }} labels: app: maas-region-ui spec: diff --git a/maas/values.yaml b/maas/values.yaml index eee2544b45..fcf2570e5e 100644 --- a/maas/values.yaml +++ b/maas/values.yaml @@ -2,11 +2,38 @@ # This is a YAML-formatted file. # Declare variables to be passed into your templates. +credentials: + admin_username: admin + admin_password: admin + admin_email: support@nowhere.com + +database: + db_name: maasdb + db_user: maas + db_password: password + +dependencies: + import_resources: + pod: + - maas-region-0 + container: + - maas-region + service: + - maas-region-ui + - db-service + images: - maas_region: quay.io/attcomdev/maas-region:2.1.2-1 - maas_rack: quay.io/attcomdev/maas-rack:2.1.2-1 + maas_region: quay.io/attcomdev/maas-region:2.1.2-2 + maas_rack: quay.io/attcomdev/maas-rack:2.1.2-2 + dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.1.0 pull_policy: Always +jobs: + import_boot_resources: + retry_timer: 10 + #default timeout: 15 minutes + timeout: 900 + labels: node_selector_key: openstack-control-plane node_selector_value: enabled @@ -18,11 +45,13 @@ network: service_gui_target: 80 service_proxy: 8000 service_proxy_target: 8000 + db_service: 5432 + db_service_target: 5432 +ui_service_name: maas-region-ui +db_service_name: db-service secret: 3858f62230ac3c915f300c664312c63f -service_name: maas-region-ui - resources: enabled: false maas_rack_controller: @@ -38,4 +67,4 @@ resources: cpu: "500m" requests: memory: "128Mi" - cpu: "500m" + cpu: "500m" \ No newline at end of file