From 503ed6cdb8d3e062bf23bcb9b7b0919079606eb3 Mon Sep 17 00:00:00 2001
From: Pete Birley <pete@port.direct>
Date: Thu, 2 Mar 2017 00:38:09 +0000
Subject: [PATCH 1/7] Add Revised Keystone Endpoint Lookup Functions into
Helm-Toolkit
This commit adds the revised helm lookup functions from cinder to
Helm-Toolkit.
---
helm-toolkit/templates/_endpoints.tpl | 43 ++++++++++++++++++++++++++-
1 file changed, 42 insertions(+), 1 deletion(-)
diff --git a/helm-toolkit/templates/_endpoints.tpl b/helm-toolkit/templates/_endpoints.tpl
index 7c2134bd02..dcc4f2bdf9 100644
--- a/helm-toolkit/templates/_endpoints.tpl
+++ b/helm-toolkit/templates/_endpoints.tpl
@@ -126,6 +126,29 @@
{{- end -}}
{{- end -}}
+# this function returns the endpoint uri for a service, it takes an tuple
+# input in the form: service-type, endpoint-class, port-name. eg:
+# { tuple "orchestration" "public" "api" . | include "helm-toolkit.endpoint_type_lookup_addr" }
+# will return the appropriate URI. Once merged this should phase out the above.
+
+{{- define "helm-toolkit.endpoint_type_lookup_addr" -}}
+{{- $type := index . 0 -}}
+{{- $endpoint := index . 1 -}}
+{{- $port := index . 2 -}}
+{{- $context := index . 3 -}}
+{{- $endpointMap := index $context.Values.endpoints $type }}
+{{- $fqdn := $context.Release.Namespace -}}
+{{- if $context.Values.endpoints.fqdn -}}
+{{- $fqdn := $context.Values.endpoints.fqdn -}}
+{{- end -}}
+{{- with $endpointMap -}}
+{{- $endpointScheme := .scheme }}
+{{- $endpointHost := index .hosts $endpoint | default .hosts.default}}
+{{- $endpointPort := index .port $port }}
+{{- $endpointPath := .path | default "" }}
+{{- printf "%s://%s.%s:%1.f%s" $endpointScheme $endpointHost $fqdn $endpointPort $endpointPath -}}
+{{- end -}}
+{{- end -}}
#-------------------------------
# endpoint type lookup
@@ -145,7 +168,25 @@
{{- $endpointType | quote -}}
{{- end -}}
+
+#-------------------------------
+# endpoint name lookup
+#-------------------------------
+
+# this function is used in endpoint management templates
+# it returns the service type for an openstack service eg:
+# { tuple orchestration . | include "ks_endpoint_type" }
+# will return "heat"
+
+{{- define "helm-toolkit.endpoint_name_lookup" -}}
+{{- $type := index . 0 -}}
+{{- $context := index . 1 -}}
+{{- $endpointMap := index $context.Values.endpoints $type }}
+{{- $endpointName := index $endpointMap "name" }}
+{{- $endpointName | quote -}}
+{{- end -}}
+
#-------------------------------
# kolla helpers
#-------------------------------
-{{ define "helm-toolkit.keystone_auth" }}{'auth_url':'{{ include "helm-toolkit.endpoint_keystone_internal" . }}', 'username':'{{ .Values.keystone.admin_user }}','password':'{{ .Values.keystone.admin_password }}','project_name':'{{ .Values.keystone.admin_project_name }}','domain_name':'default'}{{end}}
+{{ define "helm-toolkit.keystone_auth" }}{'auth_url':'{{ tuple "identity" "internal" "api" . | include "helm-toolkit.endpoint_type_lookup_addr" }}', 'username':'{{ .Values.keystone.admin_user }}','password':'{{ .Values.keystone.admin_password }}','project_name':'{{ .Values.keystone.admin_project_name }}','domain_name':'default'}{{end}}
From 754ab3ce05f39e0f400fed9fcae6818d13bbf743 Mon Sep 17 00:00:00 2001
From: Pete Birley <pete@port.direct>
Date: Thu, 2 Mar 2017 00:45:40 +0000
Subject: [PATCH 2/7] Update Cinder chart to use Keystone Endpoint functions
from Helm-Toolkit
---
cinder/templates/_helpers.tpl | 59 --------------------------
cinder/templates/job-ks-endpoints.yaml | 2 +-
cinder/templates/job-ks-service.yaml | 2 +-
3 files changed, 2 insertions(+), 61 deletions(-)
delete mode 100644 cinder/templates/_helpers.tpl
diff --git a/cinder/templates/_helpers.tpl b/cinder/templates/_helpers.tpl
deleted file mode 100644
index 51af65e071..0000000000
--- a/cinder/templates/_helpers.tpl
+++ /dev/null
@@ -1,59 +0,0 @@
-# Copyright 2017 The Openstack-Helm Authors.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# This file is required because we use a slightly different endpoint layout in
-# the values yaml, until we can make this change for all services.
-
-
-# this function returns the endpoint uri for a service, it takes an tuple
-# input in the form: service-type, endpoint-class, port-name. eg:
-# { tuple "orchestration" "public" "api" . | include "helm-toolkit.endpoint_type_lookup_addr" }
-# will return the appropriate URI. Once merged this should phase out the above.
-
-{{- define "helm-toolkit.endpoint_type_lookup_addr" -}}
-{{- $type := index . 0 -}}
-{{- $endpoint := index . 1 -}}
-{{- $port := index . 2 -}}
-{{- $context := index . 3 -}}
-{{- $endpointMap := index $context.Values.endpoints $type }}
-{{- $fqdn := $context.Release.Namespace -}}
-{{- if $context.Values.endpoints.fqdn -}}
-{{- $fqdn := $context.Values.endpoints.fqdn -}}
-{{- end -}}
-{{- with $endpointMap -}}
-{{- $endpointScheme := .scheme }}
-{{- $endpointHost := index .hosts $endpoint | default .hosts.default}}
-{{- $endpointPort := index .port $port }}
-{{- $endpointPath := .path }}
-{{- printf "%s://%s.%s:%1.f%s" $endpointScheme $endpointHost $fqdn $endpointPort $endpointPath | quote -}}
-{{- end -}}
-{{- end -}}
-
-
-#-------------------------------
-# endpoint name lookup
-#-------------------------------
-
-# this function is used in endpoint management templates
-# it returns the service type for an openstack service eg:
-# { tuple orchestration . | include "ks_endpoint_type" }
-# will return "heat"
-
-{{- define "endpoint_name_lookup" -}}
-{{- $type := index . 0 -}}
-{{- $context := index . 1 -}}
-{{- $endpointMap := index $context.Values.endpoints $type }}
-{{- $endpointName := index $endpointMap "name" }}
-{{- $endpointName | quote -}}
-{{- end -}}
diff --git a/cinder/templates/job-ks-endpoints.yaml b/cinder/templates/job-ks-endpoints.yaml
index cafd4c8d54..f8e21622b5 100644
--- a/cinder/templates/job-ks-endpoints.yaml
+++ b/cinder/templates/job-ks-endpoints.yaml
@@ -60,7 +60,7 @@ spec:
- name: OS_SVC_ENDPOINT
value: {{ $osServiceEndPoint }}
- name: OS_SERVICE_NAME
- value: {{ tuple $osServiceType $envAll | include "endpoint_name_lookup" }}
+ value: {{ tuple $osServiceType $envAll | include "helm-toolkit.endpoint_name_lookup" }}
- name: OS_SERVICE_TYPE
value: {{ $osServiceType }}
- name: OS_SERVICE_ENDPOINT
diff --git a/cinder/templates/job-ks-service.yaml b/cinder/templates/job-ks-service.yaml
index de1e852150..1e17be59eb 100644
--- a/cinder/templates/job-ks-service.yaml
+++ b/cinder/templates/job-ks-service.yaml
@@ -57,7 +57,7 @@ spec:
{{- include "helm-toolkit.keystone_openrc_env_vars" $env | indent 12 }}
{{- end }}
- name: OS_SERVICE_NAME
- value: {{ tuple $osServiceType $envAll | include "endpoint_name_lookup" }}
+ value: {{ tuple $osServiceType $envAll | include "helm-toolkit.endpoint_name_lookup" }}
- name: OS_SERVICE_TYPE
value: {{ $osServiceType }}
{{- end }}
From 01028991c3e1091746688b5cb5d2091b402b4e37 Mon Sep 17 00:00:00 2001
From: Pete Birley <pete@port.direct>
Date: Thu, 2 Mar 2017 00:51:18 +0000
Subject: [PATCH 3/7] Move Keystone to endpoint type lookups
---
keystone/templates/bin/_db-sync.sh.tpl | 6 +++---
keystone/templates/deployment.yaml | 8 +++++---
keystone/templates/etc/_wsgi-keystone.conf.tpl | 4 ++--
keystone/templates/service.yaml | 2 +-
keystone/values.yaml | 18 +++++-------------
5 files changed, 16 insertions(+), 22 deletions(-)
diff --git a/keystone/templates/bin/_db-sync.sh.tpl b/keystone/templates/bin/_db-sync.sh.tpl
index 89a7901819..b084669166 100644
--- a/keystone/templates/bin/_db-sync.sh.tpl
+++ b/keystone/templates/bin/_db-sync.sh.tpl
@@ -22,7 +22,7 @@ keystone-manage --config-file=/etc/keystone/keystone.conf bootstrap \
--bootstrap-username {{ .Values.keystone.admin_user }} \
--bootstrap-password {{ .Values.keystone.admin_password }} \
--bootstrap-project-name {{ .Values.keystone.admin_project_name }} \
- --bootstrap-admin-url {{ include "helm-toolkit.endpoint_keystone_admin" . }} \
- --bootstrap-public-url {{ include "helm-toolkit.endpoint_keystone_internal" . }} \
- --bootstrap-internal-url {{ include "helm-toolkit.endpoint_keystone_internal" . }} \
+ --bootstrap-admin-url {{ tuple "identity" "admin" "admin" . | include "helm-toolkit.endpoint_type_lookup_addr" }} \
+ --bootstrap-public-url {{ tuple "identity" "public" "api" . | include "helm-toolkit.endpoint_type_lookup_addr" }} \
+ --bootstrap-internal-url {{ tuple "identity" "internal" "api" . | include "helm-toolkit.endpoint_type_lookup_addr" }} \
--bootstrap-region-id {{ .Values.keystone.admin_region_name }}
diff --git a/keystone/templates/deployment.yaml b/keystone/templates/deployment.yaml
index 514b3c2f44..c90e685186 100644
--- a/keystone/templates/deployment.yaml
+++ b/keystone/templates/deployment.yaml
@@ -58,8 +58,10 @@ spec:
- bash
- /tmp/start.sh
ports:
- - containerPort: {{ .Values.network.port.public }}
- - containerPort: {{ .Values.network.port.admin }}
+ - name: api-public
+ containerPort: {{ .Values.network.port.api }}
+ - name: api-admin
+ containerPort: {{ .Values.network.port.admin }}
lifecycle:
preStop:
exec:
@@ -69,7 +71,7 @@ spec:
- graceful-stop
readinessProbe:
tcpSocket:
- port: {{ .Values.network.port.public }}
+ port: {{ .Values.network.port.api }}
volumeMounts:
- name: pod-etc-keystone
mountPath: /etc/keystone
diff --git a/keystone/templates/etc/_wsgi-keystone.conf.tpl b/keystone/templates/etc/_wsgi-keystone.conf.tpl
index acf95af54c..d85cd8f9a1 100644
--- a/keystone/templates/etc/_wsgi-keystone.conf.tpl
+++ b/keystone/templates/etc/_wsgi-keystone.conf.tpl
@@ -12,8 +12,8 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-Listen {{ .Values.network.ip_address }}:{{ .Values.network.port.public }}
-Listen {{ .Values.network.ip_address }}:{{ .Values.network.port.admin }}
+Listen 0.0.0.0:{{ .Values.network.port.api }}
+Listen 0.0.0.0:{{ .Values.network.port.admin }}
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" proxy
diff --git a/keystone/templates/service.yaml b/keystone/templates/service.yaml
index 6300d21cf0..89b439fbcb 100644
--- a/keystone/templates/service.yaml
+++ b/keystone/templates/service.yaml
@@ -19,7 +19,7 @@ metadata:
spec:
ports:
- name: keystone-api-public
- port: {{ .Values.network.port.public }}
+ port: {{ .Values.network.port.api }}
- name: keystone-api-admin
port: {{ .Values.network.port.admin }}
selector:
diff --git a/keystone/values.yaml b/keystone/values.yaml
index ad4be87496..05bf4a52c7 100644
--- a/keystone/values.yaml
+++ b/keystone/values.yaml
@@ -54,15 +54,7 @@ api:
network:
port:
admin: 35357
- public: 5000
- # alanmeadows(TODO): I seem unable to use {{ .IP }} here
- # but it does work for wsrep.conf in mariadb, I have spent
- # time trying to figure this out am completely stumped
- #
- # helm --debug --dry-run shows me that the config map
- # contains {{ .IP }} but its simply translated by K8s
- # to ""
- ip_address: "0.0.0.0"
+ api: 5000
database:
port: 3306
@@ -120,12 +112,12 @@ resources:
# values, but should include all endpoints
# required by this chart
endpoints:
- keystone:
+ identity:
+ name: keystone
hosts:
default: keystone-api
path: /v3
- type: identity
scheme: 'http'
port:
- admin: 35357
- public: 5000
+ admin: 35357
+ api: 5000
From ff0d8ca2679903c1e8b78d78764d6f9a05c24786 Mon Sep 17 00:00:00 2001
From: Pete Birley <pete@port.direct>
Date: Thu, 2 Mar 2017 01:55:48 +0000
Subject: [PATCH 4/7] Finalise Cinder endpoint type lookup implementation
---
cinder/templates/deployment-api.yaml | 5 ++--
cinder/templates/etc/_cinder.conf.tpl | 10 ++++---
.../templates/secret-keystone-admin.env.yaml | 2 +-
.../templates/secret-keystone-user.env.yaml | 2 +-
cinder/templates/service-api.yaml | 4 +--
cinder/values.yaml | 27 ++++++++++---------
6 files changed, 27 insertions(+), 23 deletions(-)
diff --git a/cinder/templates/deployment-api.yaml b/cinder/templates/deployment-api.yaml
index b9d09c57a3..52705f8ad5 100644
--- a/cinder/templates/deployment-api.yaml
+++ b/cinder/templates/deployment-api.yaml
@@ -59,10 +59,11 @@ spec:
- --config-dir
- /etc/cinder/conf
ports:
- - containerPort: {{ .Values.service.api.port }}
+ - name: c-api
+ containerPort: {{ .Values.network.port.api }}
readinessProbe:
tcpSocket:
- port: {{ .Values.service.api.port }}
+ port: {{ .Values.network.port.api }}
volumeMounts:
- name: pod-etc-cinder
mountPath: /etc/cinder
diff --git a/cinder/templates/etc/_cinder.conf.tpl b/cinder/templates/etc/_cinder.conf.tpl
index b03a594774..cc42466ec2 100644
--- a/cinder/templates/etc/_cinder.conf.tpl
+++ b/cinder/templates/etc/_cinder.conf.tpl
@@ -22,11 +22,11 @@ volume_name_template = %s
osapi_volume_workers = {{ .Values.api.workers }}
osapi_volume_listen = 0.0.0.0
-osapi_volume_listen_port = {{ .Values.service.api.port }}
+osapi_volume_listen_port = {{ .Values.network.port.api }}
api_paste_config = /etc/cinder/api-paste.ini
-glance_api_servers = "{{ .Values.glance.proto }}://{{ .Values.glance.host }}:{{ .Values.glance.port }}"
+glance_api_servers = {{ tuple "image" "internal" "api" . | include "helm-toolkit.endpoint_type_lookup_addr" }}
glance_api_version = {{ .Values.glance.version }}
enabled_backends = {{ include "helm-toolkit.joinListWithComma" .Values.backends.enabled }}
@@ -44,11 +44,13 @@ connection = mysql+pymysql://{{ .Values.database.cinder_user }}:{{ .Values.datab
max_retries = -1
[keystone_authtoken]
-auth_url = {{ .Values.keystone.auth_url }}
+auth_version = v3
+auth_url = {{ tuple "identity" "internal" "api" . | include "helm-toolkit.endpoint_type_lookup_addr" }}
auth_type = password
+region_name = {{ .Values.keystone.cinder_region_name }}
project_domain_name = {{ .Values.keystone.cinder_project_domain }}
-user_domain_name = {{ .Values.keystone.cinder_user_domain }}
project_name = {{ .Values.keystone.cinder_project_name }}
+user_domain_name = {{ .Values.keystone.cinder_user_domain }}
username = {{ .Values.keystone.cinder_user }}
password = {{ .Values.keystone.cinder_password }}
diff --git a/cinder/templates/secret-keystone-admin.env.yaml b/cinder/templates/secret-keystone-admin.env.yaml
index 845b87d388..2bb76c347c 100644
--- a/cinder/templates/secret-keystone-admin.env.yaml
+++ b/cinder/templates/secret-keystone-admin.env.yaml
@@ -19,7 +19,7 @@ metadata:
type: Opaque
data:
OS_AUTH_URL: |
-{{ .Values.keystone.auth_url | b64enc | indent 4 }}
+{{ tuple "identity" "admin" "admin" . | include "helm-toolkit.endpoint_type_lookup_addr" | b64enc | indent 4 }}
OS_REGION_NAME: |
{{ .Values.keystone.admin_region_name | b64enc | indent 4 }}
OS_PROJECT_DOMAIN_NAME: |
diff --git a/cinder/templates/secret-keystone-user.env.yaml b/cinder/templates/secret-keystone-user.env.yaml
index 3fa0464ed2..ffaeca04a9 100644
--- a/cinder/templates/secret-keystone-user.env.yaml
+++ b/cinder/templates/secret-keystone-user.env.yaml
@@ -19,7 +19,7 @@ metadata:
type: Opaque
data:
OS_AUTH_URL: |
-{{ .Values.keystone.auth_url | b64enc | indent 4 }}
+{{ tuple "identity" "internal" "api" . | include "helm-toolkit.endpoint_type_lookup_addr" | b64enc | indent 4 }}
OS_REGION_NAME: |
{{ .Values.keystone.cinder_region_name | b64enc | indent 4 }}
OS_PROJECT_DOMAIN_NAME: |
diff --git a/cinder/templates/service-api.yaml b/cinder/templates/service-api.yaml
index e6ec8e6ac8..4347d8e95d 100644
--- a/cinder/templates/service-api.yaml
+++ b/cinder/templates/service-api.yaml
@@ -15,9 +15,9 @@
apiVersion: v1
kind: Service
metadata:
- name: {{ .Values.service.api.name }}
+ name: cinder-api
spec:
ports:
- - port: {{ .Values.service.api.port }}
+ - port: {{ .Values.network.port.api }}
selector:
app: cinder-api
diff --git a/cinder/values.yaml b/cinder/values.yaml
index a0d5e2b9a6..22e656036b 100644
--- a/cinder/values.yaml
+++ b/cinder/values.yaml
@@ -46,8 +46,6 @@ upgrades:
max_surge: 3
keystone:
- auth_uri: "http://keystone-api:5000"
- auth_url: "http://keystone-api:35357"
admin_user: "admin"
admin_user_domain: "default"
admin_password: "password"
@@ -63,11 +61,9 @@ keystone:
cinder_project_domain: "default"
cinder_region_name: "RegionOne"
-service:
- api:
- name: "cinder-api"
- port: 8776
- proto: "http"
+network:
+ port:
+ api: 8776
database:
address: mariadb
@@ -96,9 +92,6 @@ backends:
pool: "volumes"
glance:
- proto: "http"
- host: "glance-api"
- port: 9292
version: 2
messaging:
@@ -171,8 +164,17 @@ endpoints:
path: /v3
scheme: 'http'
port:
- admin: 35357
- public: 5000
+ admin: 35357
+ api: 5000
+ image:
+ name: glance
+ hosts:
+ default: glance-api
+ path: null
+ scheme: 'http'
+ port:
+ api: 9292
+ registry: 9191
volume:
name: cinder
hosts:
@@ -256,4 +258,3 @@ resources:
limits:
memory: "1024Mi"
cpu: "2000m"
-
From fe7a1cf62da63ee6db511f3aef6fd71617363e9d Mon Sep 17 00:00:00 2001
From: Pete Birley <pete@port.direct>
Date: Thu, 2 Mar 2017 02:11:59 +0000
Subject: [PATCH 5/7] Rename Keystone Endpoint type functions
---
cinder/templates/etc/_cinder.conf.tpl | 4 ++--
cinder/templates/job-ks-endpoints.yaml | 4 ++--
cinder/templates/job-ks-service.yaml | 2 +-
cinder/templates/secret-keystone-admin.env.yaml | 2 +-
cinder/templates/secret-keystone-user.env.yaml | 2 +-
helm-toolkit/templates/_endpoints.tpl | 8 ++++----
keystone/templates/bin/_db-sync.sh.tpl | 6 +++---
7 files changed, 14 insertions(+), 14 deletions(-)
diff --git a/cinder/templates/etc/_cinder.conf.tpl b/cinder/templates/etc/_cinder.conf.tpl
index cc42466ec2..cb336d6485 100644
--- a/cinder/templates/etc/_cinder.conf.tpl
+++ b/cinder/templates/etc/_cinder.conf.tpl
@@ -26,7 +26,7 @@ osapi_volume_listen_port = {{ .Values.network.port.api }}
api_paste_config = /etc/cinder/api-paste.ini
-glance_api_servers = {{ tuple "image" "internal" "api" . | include "helm-toolkit.endpoint_type_lookup_addr" }}
+glance_api_servers = {{ tuple "image" "internal" "api" . | include "helm-toolkit.keystone_endpoint_uri_lookup" }}
glance_api_version = {{ .Values.glance.version }}
enabled_backends = {{ include "helm-toolkit.joinListWithComma" .Values.backends.enabled }}
@@ -45,7 +45,7 @@ max_retries = -1
[keystone_authtoken]
auth_version = v3
-auth_url = {{ tuple "identity" "internal" "api" . | include "helm-toolkit.endpoint_type_lookup_addr" }}
+auth_url = {{ tuple "identity" "internal" "api" . | include "helm-toolkit.keystone_endpoint_uri_lookup" }}
auth_type = password
region_name = {{ .Values.keystone.cinder_region_name }}
project_domain_name = {{ .Values.keystone.cinder_project_domain }}
diff --git a/cinder/templates/job-ks-endpoints.yaml b/cinder/templates/job-ks-endpoints.yaml
index f8e21622b5..b554fb1b7f 100644
--- a/cinder/templates/job-ks-endpoints.yaml
+++ b/cinder/templates/job-ks-endpoints.yaml
@@ -60,11 +60,11 @@ spec:
- name: OS_SVC_ENDPOINT
value: {{ $osServiceEndPoint }}
- name: OS_SERVICE_NAME
- value: {{ tuple $osServiceType $envAll | include "helm-toolkit.endpoint_name_lookup" }}
+ value: {{ tuple $osServiceType $envAll | include "helm-toolkit.keystone_endpoint_name_lookup" }}
- name: OS_SERVICE_TYPE
value: {{ $osServiceType }}
- name: OS_SERVICE_ENDPOINT
- value: {{ tuple $osServiceType $osServiceEndPoint "api" $envAll | include "helm-toolkit.endpoint_type_lookup_addr" }}
+ value: {{ tuple $osServiceType $osServiceEndPoint "api" $envAll | include "helm-toolkit.keystone_endpoint_uri_lookup" }}
{{- end }}
{{- end }}
volumes:
diff --git a/cinder/templates/job-ks-service.yaml b/cinder/templates/job-ks-service.yaml
index 1e17be59eb..77c4257299 100644
--- a/cinder/templates/job-ks-service.yaml
+++ b/cinder/templates/job-ks-service.yaml
@@ -57,7 +57,7 @@ spec:
{{- include "helm-toolkit.keystone_openrc_env_vars" $env | indent 12 }}
{{- end }}
- name: OS_SERVICE_NAME
- value: {{ tuple $osServiceType $envAll | include "helm-toolkit.endpoint_name_lookup" }}
+ value: {{ tuple $osServiceType $envAll | include "helm-toolkit.keystone_endpoint_name_lookup" }}
- name: OS_SERVICE_TYPE
value: {{ $osServiceType }}
{{- end }}
diff --git a/cinder/templates/secret-keystone-admin.env.yaml b/cinder/templates/secret-keystone-admin.env.yaml
index 2bb76c347c..5badd3e38c 100644
--- a/cinder/templates/secret-keystone-admin.env.yaml
+++ b/cinder/templates/secret-keystone-admin.env.yaml
@@ -19,7 +19,7 @@ metadata:
type: Opaque
data:
OS_AUTH_URL: |
-{{ tuple "identity" "admin" "admin" . | include "helm-toolkit.endpoint_type_lookup_addr" | b64enc | indent 4 }}
+{{ tuple "identity" "admin" "admin" . | include "helm-toolkit.keystone_endpoint_uri_lookup" | b64enc | indent 4 }}
OS_REGION_NAME: |
{{ .Values.keystone.admin_region_name | b64enc | indent 4 }}
OS_PROJECT_DOMAIN_NAME: |
diff --git a/cinder/templates/secret-keystone-user.env.yaml b/cinder/templates/secret-keystone-user.env.yaml
index ffaeca04a9..610df50108 100644
--- a/cinder/templates/secret-keystone-user.env.yaml
+++ b/cinder/templates/secret-keystone-user.env.yaml
@@ -19,7 +19,7 @@ metadata:
type: Opaque
data:
OS_AUTH_URL: |
-{{ tuple "identity" "internal" "api" . | include "helm-toolkit.endpoint_type_lookup_addr" | b64enc | indent 4 }}
+{{ tuple "identity" "internal" "api" . | include "helm-toolkit.keystone_endpoint_uri_lookup" | b64enc | indent 4 }}
OS_REGION_NAME: |
{{ .Values.keystone.cinder_region_name | b64enc | indent 4 }}
OS_PROJECT_DOMAIN_NAME: |
diff --git a/helm-toolkit/templates/_endpoints.tpl b/helm-toolkit/templates/_endpoints.tpl
index dcc4f2bdf9..6e26c5c9c2 100644
--- a/helm-toolkit/templates/_endpoints.tpl
+++ b/helm-toolkit/templates/_endpoints.tpl
@@ -128,10 +128,10 @@
# this function returns the endpoint uri for a service, it takes an tuple
# input in the form: service-type, endpoint-class, port-name. eg:
-# { tuple "orchestration" "public" "api" . | include "helm-toolkit.endpoint_type_lookup_addr" }
+# { tuple "orchestration" "public" "api" . | include "helm-toolkit.keystone_endpoint_uri_lookup" }
# will return the appropriate URI. Once merged this should phase out the above.
-{{- define "helm-toolkit.endpoint_type_lookup_addr" -}}
+{{- define "helm-toolkit.keystone_endpoint_uri_lookup" -}}
{{- $type := index . 0 -}}
{{- $endpoint := index . 1 -}}
{{- $port := index . 2 -}}
@@ -178,7 +178,7 @@
# { tuple orchestration . | include "ks_endpoint_type" }
# will return "heat"
-{{- define "helm-toolkit.endpoint_name_lookup" -}}
+{{- define "helm-toolkit.keystone_endpoint_name_lookup" -}}
{{- $type := index . 0 -}}
{{- $context := index . 1 -}}
{{- $endpointMap := index $context.Values.endpoints $type }}
@@ -189,4 +189,4 @@
#-------------------------------
# kolla helpers
#-------------------------------
-{{ define "helm-toolkit.keystone_auth" }}{'auth_url':'{{ tuple "identity" "internal" "api" . | include "helm-toolkit.endpoint_type_lookup_addr" }}', 'username':'{{ .Values.keystone.admin_user }}','password':'{{ .Values.keystone.admin_password }}','project_name':'{{ .Values.keystone.admin_project_name }}','domain_name':'default'}{{end}}
+{{ define "helm-toolkit.keystone_auth" }}{'auth_url':'{{ tuple "identity" "internal" "api" . | include "helm-toolkit.keystone_endpoint_uri_lookup" }}', 'username':'{{ .Values.keystone.admin_user }}','password':'{{ .Values.keystone.admin_password }}','project_name':'{{ .Values.keystone.admin_project_name }}','domain_name':'default'}{{end}}
diff --git a/keystone/templates/bin/_db-sync.sh.tpl b/keystone/templates/bin/_db-sync.sh.tpl
index b084669166..40ccbd8116 100644
--- a/keystone/templates/bin/_db-sync.sh.tpl
+++ b/keystone/templates/bin/_db-sync.sh.tpl
@@ -22,7 +22,7 @@ keystone-manage --config-file=/etc/keystone/keystone.conf bootstrap \
--bootstrap-username {{ .Values.keystone.admin_user }} \
--bootstrap-password {{ .Values.keystone.admin_password }} \
--bootstrap-project-name {{ .Values.keystone.admin_project_name }} \
- --bootstrap-admin-url {{ tuple "identity" "admin" "admin" . | include "helm-toolkit.endpoint_type_lookup_addr" }} \
- --bootstrap-public-url {{ tuple "identity" "public" "api" . | include "helm-toolkit.endpoint_type_lookup_addr" }} \
- --bootstrap-internal-url {{ tuple "identity" "internal" "api" . | include "helm-toolkit.endpoint_type_lookup_addr" }} \
+ --bootstrap-admin-url {{ tuple "identity" "admin" "admin" . | include "helm-toolkit.keystone_endpoint_uri_lookup" }} \
+ --bootstrap-public-url {{ tuple "identity" "public" "api" . | include "helm-toolkit.keystone_endpoint_uri_lookup" }} \
+ --bootstrap-internal-url {{ tuple "identity" "internal" "api" . | include "helm-toolkit.keystone_endpoint_uri_lookup" }} \
--bootstrap-region-id {{ .Values.keystone.admin_region_name }}
From 5e692febcca2da8116ab961f0b19c7de33b53fc9 Mon Sep 17 00:00:00 2001
From: Pete Birley <pete@port.direct>
Date: Fri, 3 Mar 2017 00:44:45 +0000
Subject: [PATCH 6/7] Keystone Apache.conf port fix
---
keystone/templates/etc/_wsgi-keystone.conf.tpl | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/keystone/templates/etc/_wsgi-keystone.conf.tpl b/keystone/templates/etc/_wsgi-keystone.conf.tpl
index d85cd8f9a1..61785240a5 100644
--- a/keystone/templates/etc/_wsgi-keystone.conf.tpl
+++ b/keystone/templates/etc/_wsgi-keystone.conf.tpl
@@ -18,7 +18,7 @@ Listen 0.0.0.0:{{ .Values.network.port.admin }}
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" proxy
-<VirtualHost *:{{ .Values.network.port.public }}>
+<VirtualHost *:{{ .Values.network.port.api }}>
WSGIDaemonProcess keystone-public processes=1 threads=4 user=keystone group=keystone display-name=%{GROUP}
WSGIProcessGroup keystone-public
WSGIScriptAlias / /var/www/cgi-bin/keystone/main
From acc243a768d79336d825c36ddbdb093986367159 Mon Sep 17 00:00:00 2001
From: Pete Birley <pete@port.direct>
Date: Fri, 3 Mar 2017 01:08:59 +0000
Subject: [PATCH 7/7] Move Glance to endpoint type lookups
---
glance/templates/bin/_post.sh.tpl | 6 ++--
glance/templates/etc/_glance-api.conf.tpl | 21 +++++++------
.../templates/etc/_glance-registry.conf.tpl | 20 ++++++------
glance/values.yaml | 31 ++++++++++---------
4 files changed, 42 insertions(+), 36 deletions(-)
diff --git a/glance/templates/bin/_post.sh.tpl b/glance/templates/bin/_post.sh.tpl
index 3ee65fd939..8aa44495fd 100644
--- a/glance/templates/bin/_post.sh.tpl
+++ b/glance/templates/bin/_post.sh.tpl
@@ -21,7 +21,7 @@ ansible localhost -vvv -m kolla_keystone_service -a "service_name=glance \
service_type=image \
description='Openstack Image' \
endpoint_region='{{ .Values.keystone.glance_region_name }}' \
-url='{{ include "helm-toolkit.endpoint_glance_api_internal" . }}' \
+url='{{ tuple "image" "admin" "api" . | include "helm-toolkit.keystone_endpoint_uri_lookup" }}' \
interface=admin \
region_name='{{ .Values.keystone.admin_region_name }}' \
auth='{{ include "helm-toolkit.keystone_auth" . }}'" \
@@ -31,7 +31,7 @@ ansible localhost -vvv -m kolla_keystone_service -a "service_name=glance \
service_type=image \
description='Openstack Image' \
endpoint_region='{{ .Values.keystone.glance_region_name }}' \
-url='{{ include "helm-toolkit.endpoint_glance_api_internal" . }}' \
+url='{{ tuple "image" "internal" "api" . | include "helm-toolkit.keystone_endpoint_uri_lookup" }}' \
interface=internal \
region_name='{{ .Values.keystone.admin_region_name }}' \
auth='{{ include "helm-toolkit.keystone_auth" . }}'" \
@@ -41,7 +41,7 @@ ansible localhost -vvv -m kolla_keystone_service -a "service_name=glance \
service_type=image \
description='Openstack Image' \
endpoint_region='{{ .Values.keystone.glance_region_name }}' \
-url='{{ include "helm-toolkit.endpoint_glance_api_internal" . }}' \
+url='{{ tuple "image" "public" "api" . | include "helm-toolkit.keystone_endpoint_uri_lookup" }}' \
interface=public \
region_name='{{ .Values.keystone.admin_region_name }}' \
auth='{{ include "helm-toolkit.keystone_auth" . }}'" \
diff --git a/glance/templates/etc/_glance-api.conf.tpl b/glance/templates/etc/_glance-api.conf.tpl
index f291b9884b..03648ab9e9 100644
--- a/glance/templates/etc/_glance-api.conf.tpl
+++ b/glance/templates/etc/_glance-api.conf.tpl
@@ -22,27 +22,28 @@ workers = {{ .Values.misc.workers }}
registry_host = glance-registry
# Enable Copy-on-Write
show_image_direct_url = True
-
+
[database]
connection = mysql+pymysql://{{ .Values.database.glance_user }}:{{ .Values.database.glance_password }}@{{ .Values.database.address }}/{{ .Values.database.glance_database_name }}
max_retries = -1
-
+
[keystone_authtoken]
-auth_uri = {{ .Values.keystone.auth_uri }}
-auth_url = {{ .Values.keystone.auth_url }}
+auth_version = v3
+auth_url = {{ tuple "identity" "internal" "api" . | include "helm-toolkit.keystone_endpoint_uri_lookup" }}
auth_type = password
-project_domain_id = default
-user_domain_id = default
-project_name = service
+region_name = {{ .Values.keystone.glance_region_name }}
+project_domain_name = {{ .Values.keystone.glance_project_domain }}
+project_name = {{ .Values.keystone.glance_project_name }}
+user_domain_name = {{ .Values.keystone.glance_user_domain }}
username = {{ .Values.keystone.glance_user }}
password = {{ .Values.keystone.glance_password }}
-
+
[paste_deploy]
flavor = keystone
-
+
[oslo_messaging_notifications]
driver = noop
-
+
[glance_store]
filesystem_store_datadir = /var/lib/glance/images/
{{- if .Values.development.enabled }}
diff --git a/glance/templates/etc/_glance-registry.conf.tpl b/glance/templates/etc/_glance-registry.conf.tpl
index e7c80adbbd..24f60dc62b 100644
--- a/glance/templates/etc/_glance-registry.conf.tpl
+++ b/glance/templates/etc/_glance-registry.conf.tpl
@@ -16,25 +16,27 @@
debug = {{ .Values.misc.debug }}
use_syslog = False
use_stderr = True
+
bind_port = {{ .Values.network.port.registry }}
workers = {{ .Values.misc.workers }}
-
+
[database]
connection = mysql+pymysql://{{ .Values.database.glance_user }}:{{ .Values.database.glance_password }}@{{ .Values.database.address }}/{{ .Values.database.glance_database_name }}
max_retries = -1
-
+
[keystone_authtoken]
-auth_uri = {{ .Values.keystone.auth_uri }}
-auth_url = {{ .Values.keystone.auth_url }}
+auth_version = v3
+auth_url = {{ tuple "identity" "internal" "api" . | include "helm-toolkit.keystone_endpoint_uri_lookup" }}
auth_type = password
-project_domain_id = default
-user_domain_id = default
-project_name = service
+region_name = {{ .Values.keystone.glance_region_name }}
+project_domain_name = {{ .Values.keystone.glance_project_domain }}
+project_name = {{ .Values.keystone.glance_project_name }}
+user_domain_name = {{ .Values.keystone.glance_user_domain }}
username = {{ .Values.keystone.glance_user }}
password = {{ .Values.keystone.glance_password }}
-
+
[paste_deploy]
flavor = keystone
-
+
[oslo_messaging_notifications]
driver = noop
diff --git a/glance/values.yaml b/glance/values.yaml
index 51e4cd98bc..4d09b50c4d 100644
--- a/glance/values.yaml
+++ b/glance/values.yaml
@@ -46,22 +46,25 @@ upgrades:
max_surge: 3
keystone:
- auth_uri: "http://keystone-api:5000"
- auth_url: "http://keystone-api:35357"
admin_user: "admin"
+ admin_user_domain: "default"
admin_password: "password"
admin_project_name: "admin"
+ admin_project_domain: "default"
admin_region_name: "RegionOne"
glance_user: "glance"
+ glance_user_domain: "default"
+ glance_user_role: "admin"
glance_password: "password"
+ glance_project_name: "service"
+ glance_project_domain: "default"
glance_region_name: "RegionOne"
network:
port:
api: 9292
registry: 9191
- ip_address: "0.0.0.0"
database:
address: mariadb
@@ -173,21 +176,21 @@ dependencies:
# values, but should include all endpoints
# required by this chart
endpoints:
- glance:
+ identity:
+ name: keystone
+ hosts:
+ default: keystone-api
+ path: /v3
+ scheme: 'http'
+ port:
+ admin: 35357
+ api: 5000
+ image:
+ name: glance
hosts:
default: glance-api
- type: image
path: null
scheme: 'http'
port:
api: 9292
registry: 9191
- keystone:
- hosts:
- default: keystone-api
- path: /v3
- type: identity
- scheme: 'http'
- port:
- admin: 35357
- public: 5000