From c7e2eb9e255e720c94b8302196e384eb60a80b6c Mon Sep 17 00:00:00 2001
From: portdirect <pete@port.direct>
Date: Sun, 18 Feb 2018 16:19:02 -0500
Subject: [PATCH] Bootstrap jobs: move template to helm toolkit
This PS moves the templates for bootstrap jobs to helm-toolkit.
Change-Id: I0fc0f7722cfc87b00e26510dee7ba79d2139a171
---
barbican/templates/job-bootstrap.yaml | 54 +----------
barbican/values.yaml | 1 +
ceilometer/templates/job-bootstrap.yaml | 20 ++++
ceilometer/values.yaml | 7 ++
cinder/templates/job-bootstrap.yaml | 57 +----------
cinder/values.yaml | 1 +
congress/templates/job-bootstrap.yaml | 20 ++++
congress/values.yaml | 17 +++-
glance/templates/bin/_bootstrap.sh.tpl | 6 +-
glance/templates/job-bootstrap.yaml | 68 +++-----------
glance/values.yaml | 31 +++---
gnocchi/templates/job-bootstrap.yaml | 20 ++++
gnocchi/values.yaml | 7 ++
heat/templates/job-bootstrap.yaml | 54 +----------
heat/values.yaml | 1 +
.../templates/manifests/_job-bootstrap.yaml | 94 +++++++++++++++++++
ironic/templates/job-bootstrap.yaml | 50 +---------
ironic/values.yaml | 3 +-
keystone/templates/job-bootstrap.yaml | 90 +-----------------
keystone/values.yaml | 1 +
magnum/templates/job-bootstrap.yaml | 54 +----------
magnum/values.yaml | 1 +
mistral/templates/job-bootstrap.yaml | 53 +----------
mistral/values.yaml | 1 +
neutron/templates/job-bootstrap.yaml | 53 +----------
neutron/values.yaml | 3 +-
nova/templates/bin/_bootstrap.sh.tpl | 5 +-
nova/templates/job-bootstrap.yaml | 62 +-----------
nova/values.yaml | 68 +++++++-------
senlin/templates/job-bootstrap.yaml | 53 +----------
senlin/values.yaml | 1 +
tools/overrides/releases/newton/kolla.yaml | 2 -
32 files changed, 289 insertions(+), 669 deletions(-)
create mode 100644 ceilometer/templates/job-bootstrap.yaml
create mode 100644 congress/templates/job-bootstrap.yaml
create mode 100644 gnocchi/templates/job-bootstrap.yaml
create mode 100644 helm-toolkit/templates/manifests/_job-bootstrap.yaml
diff --git a/barbican/templates/job-bootstrap.yaml b/barbican/templates/job-bootstrap.yaml
index 537ba80d72..ba1d10ab9e 100644
--- a/barbican/templates/job-bootstrap.yaml
+++ b/barbican/templates/job-bootstrap.yaml
@@ -14,55 +14,7 @@ See the License for the specific language governing permissions and
limitations under the License.
*/}}
-{{- if .Values.manifests.job_bootstrap }}
-{{- $envAll := . }}
-{{- if .Values.bootstrap.enabled }}
-{{- $dependencies := .Values.dependencies.bootstrap }}
-
-{{- $mounts_barbican_bootstrap := .Values.pod.mounts.barbican_bootstrap.barbican_bootstrap }}
-{{- $mounts_barbican_bootstrap_init := .Values.pod.mounts.barbican_bootstrap.init_container }}
-
-{{- $serviceAccountName := "barbican-bootstrap" }}
-{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
----
-apiVersion: batch/v1
-kind: Job
-metadata:
- name: barbican-bootstrap
-spec:
- template:
- metadata:
- labels:
-{{ tuple $envAll "barbican" "bootstrap" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
- spec:
- serviceAccountName: {{ $serviceAccountName }}
- restartPolicy: OnFailure
- nodeSelector:
- {{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }}
- initContainers:
-{{ tuple $envAll $dependencies $mounts_barbican_bootstrap_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
- containers:
- - name: barbican-bootstrap
- image: {{ .Values.images.tags.bootstrap }}
- imagePullPolicy: {{ .Values.images.pull_policy }}
-{{ tuple $envAll $envAll.Values.pod.resources.jobs.bootstrap | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
- env:
-{{- with $env := dict "ksUserSecret" .Values.secrets.identity.admin }}
-{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }}
-{{- end }}
- command:
- - /tmp/bootstrap.sh
- volumeMounts:
- - name: barbican-bin
- mountPath: /tmp/bootstrap.sh
- subPath: bootstrap.sh
- readOnly: true
-{{ if $mounts_barbican_bootstrap.volumeMounts }}{{ toYaml $mounts_barbican_bootstrap.volumeMounts | indent 12 }}{{ end }}
- volumes:
- - name: barbican-bin
- configMap:
- name: barbican-bin
- defaultMode: 0555
-{{ if $mounts_barbican_bootstrap.volumes }}{{ toYaml $mounts_barbican_bootstrap.volumes | indent 8 }}{{ end }}
-{{- end }}
+{{- if and .Values.manifests.job_bootstrap .Values.bootstrap.enabled }}
+{{- $bootstrapJob := dict "envAll" . "serviceName" "barbican" "keystoneUser" .Values.bootstrap.ks_user -}}
+{{ $bootstrapJob | include "helm-toolkit.manifests.job_bootstrap" }}
{{- end }}
diff --git a/barbican/values.yaml b/barbican/values.yaml
index fb793ba324..6ebf5c4a27 100644
--- a/barbican/values.yaml
+++ b/barbican/values.yaml
@@ -148,6 +148,7 @@ network:
bootstrap:
enabled: false
+ ks_user: barbican
script: |
openstack token issue
diff --git a/ceilometer/templates/job-bootstrap.yaml b/ceilometer/templates/job-bootstrap.yaml
new file mode 100644
index 0000000000..8d56fa00be
--- /dev/null
+++ b/ceilometer/templates/job-bootstrap.yaml
@@ -0,0 +1,20 @@
+{{/*
+Copyright 2017 The Openstack-Helm Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/}}
+
+{{- if and .Values.manifests.job_bootstrap .Values.bootstrap.enabled }}
+{{- $bootstrapJob := dict "envAll" . "serviceName" "ceilometer" "keystoneUser" .Values.bootstrap.ks_user -}}
+{{ $bootstrapJob | include "helm-toolkit.manifests.job_bootstrap" }}
+{{- end }}
diff --git a/ceilometer/values.yaml b/ceilometer/values.yaml
index 4e9b883dc3..f700377d67 100644
--- a/ceilometer/values.yaml
+++ b/ceilometer/values.yaml
@@ -1609,6 +1609,12 @@ secrets:
admin: ceilometer-mongodb-admin
ceilometer: ceilometer-mongodb-user
+bootstrap:
+ enabled: false
+ ks_user: ceilometer
+ script: |
+ openstack token issue
+
# typically overriden by environmental
# values, but should include all endpoints
# required by this chart
@@ -1914,6 +1920,7 @@ manifests:
deployment_compute: true
deployment_notification: true
ingress_api: true
+ job_bootstrap: true
job_db_init: true
job_db_init_mongodb: true
job_db_sync: true
diff --git a/cinder/templates/job-bootstrap.yaml b/cinder/templates/job-bootstrap.yaml
index 0893a975ef..4b5d048b66 100644
--- a/cinder/templates/job-bootstrap.yaml
+++ b/cinder/templates/job-bootstrap.yaml
@@ -14,58 +14,7 @@ See the License for the specific language governing permissions and
limitations under the License.
*/}}
-{{- if .Values.manifests.job_bootstrap }}
-{{- $envAll := . }}
-{{- if .Values.bootstrap.enabled }}
-{{- $dependencies := .Values.dependencies.bootstrap }}
-
-{{- $serviceAccountName := "cinder-bootstrap" }}
-{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
----
-apiVersion: batch/v1
-kind: Job
-metadata:
- name: cinder-bootstrap
-spec:
- template:
- metadata:
- labels:
-{{ tuple $envAll "cinder" "bootstrap" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
- spec:
- serviceAccountName: {{ $serviceAccountName }}
- restartPolicy: OnFailure
- nodeSelector:
- {{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }}
- initContainers:
-{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
- containers:
- - name: cinder-bootstrap
- image: {{ .Values.images.tags.bootstrap }}
- imagePullPolicy: {{ .Values.images.pull_policy }}
-{{ tuple $envAll $envAll.Values.pod.resources.jobs.bootstrap | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
- command:
- - /tmp/bootstrap.sh
- env:
-{{- with $env := dict "ksUserSecret" .Values.secrets.identity.admin }}
-{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }}
-{{- end }}
- volumeMounts:
- - name: cinder-etc
- mountPath: /etc/cinder/cinder.conf
- subPath: cinder.conf
- readOnly: true
- - name: cinder-bin
- mountPath: /tmp/bootstrap.sh
- subPath: bootstrap.sh
- readOnly: true
- volumes:
- - name: cinder-etc
- configMap:
- name: cinder-etc
- defaultMode: 0444
- - name: cinder-bin
- configMap:
- name: cinder-bin
- defaultMode: 0555
-{{- end }}
+{{- if and .Values.manifests.job_bootstrap .Values.bootstrap.enabled }}
+{{- $bootstrapJob := dict "envAll" . "serviceName" "cinder" "keystoneUser" .Values.bootstrap.ks_user -}}
+{{ $bootstrapJob | include "helm-toolkit.manifests.job_bootstrap" }}
{{- end }}
diff --git a/cinder/values.yaml b/cinder/values.yaml
index 0128827635..80b82763e4 100644
--- a/cinder/values.yaml
+++ b/cinder/values.yaml
@@ -224,6 +224,7 @@ pod:
bootstrap:
enabled: true
+ ks_user: admin
bootstrap_conf_backends: true
volume_types:
name:
diff --git a/congress/templates/job-bootstrap.yaml b/congress/templates/job-bootstrap.yaml
new file mode 100644
index 0000000000..88b80cbaa7
--- /dev/null
+++ b/congress/templates/job-bootstrap.yaml
@@ -0,0 +1,20 @@
+{{/*
+Copyright 2017 The Openstack-Helm Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/}}
+
+{{- if and .Values.manifests.job_bootstrap .Values.bootstrap.enabled }}
+{{- $bootstrapJob := dict "envAll" . "serviceName" "congress" "keystoneUser" .Values.bootstrap.ks_user -}}
+{{ $bootstrapJob | include "helm-toolkit.manifests.job_bootstrap" }}
+{{- end }}
diff --git a/congress/values.yaml b/congress/values.yaml
index 7ad70f96f0..4f10da2921 100644
--- a/congress/values.yaml
+++ b/congress/values.yaml
@@ -156,6 +156,12 @@ secrets:
congress: congress-db-user
rbd: images-rbd-keyring
+bootstrap:
+ enabled: false
+ ks_user: congress
+ script: |
+ openstack token issue
+
endpoints:
cluster_domain_suffix: cluster.local
identity:
@@ -433,16 +439,17 @@ manifests:
configmap_bin: true
configmap_etc: true
deployment_api: true
- deployment_policy_engine: true
deployment_datasource: true
+ deployment_policy_engine: true
+ ingress_api: true
+ job_bootstrap: true
job_db_init: true
job_db_sync: true
- secret_db: true
- secret_keystone: true
+ job_ds_create: true
job_ks_endpoints: true
job_ks_service: true
job_ks_user: true
- job_ds_create: true
+ secret_db: true
+ secret_keystone: true
service_api: true
- ingress_api: true
service_ingress_api: true
diff --git a/glance/templates/bin/_bootstrap.sh.tpl b/glance/templates/bin/_bootstrap.sh.tpl
index 7952084456..ddd6ebe960 100644
--- a/glance/templates/bin/_bootstrap.sh.tpl
+++ b/glance/templates/bin/_bootstrap.sh.tpl
@@ -18,11 +18,10 @@ limitations under the License.
set -ex
export HOME=/tmp
-{{ if .Values.bootstrap.enabled }}
cd /tmp/images
-{{ range .Values.bootstrap.images }}
+{{ range .Values.bootstrap.structured.images }}
openstack image show {{ .name | quote }} || \
{ curl -O {{ .source_url }}{{ .image_file }}; \
openstack image create {{ .name | quote }} \
@@ -39,5 +38,4 @@ openstack image show {{ .name | quote }} || \
{{- end -}}; }
{{ end }}
-{{ end }}
-exit 0
+{{ .Values.bootstrap.script | default "echo 'Not Enabled'" }}
diff --git a/glance/templates/job-bootstrap.yaml b/glance/templates/job-bootstrap.yaml
index d161011df2..d26ea7849a 100644
--- a/glance/templates/job-bootstrap.yaml
+++ b/glance/templates/job-bootstrap.yaml
@@ -14,60 +14,18 @@ See the License for the specific language governing permissions and
limitations under the License.
*/}}
-{{- if .Values.manifests.job_bootstrap }}
-{{- $envAll := . }}
-{{- $dependencies := .Values.dependencies.bootstrap }}
+{{- define "glance.templates._job_bootstrap.pod_volumes" -}}
+{{- $envAll := index . 0 -}}
+volumeMounts:
+ - name: imagedir
+ mountPath: /tmp/images
+volumes:
+ - name: imagedir
+ emptyDir: {}
+{{- end }}
-{{- $serviceAccountName := "glance-bootstrap" }}
-{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
----
-apiVersion: batch/v1
-kind: Job
-metadata:
- name: glance-bootstrap
-spec:
- template:
- metadata:
- labels:
-{{ tuple $envAll "glance" "bootstrap" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
- spec:
- serviceAccountName: {{ $serviceAccountName }}
- restartPolicy: OnFailure
- nodeSelector:
- {{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }}
- initContainers:
-{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
- containers:
- - name: glance-bootstrap
- image: {{ .Values.images.tags.glance_bootstrap }}
- imagePullPolicy: {{ .Values.images.pull_policy }}
-{{ tuple $envAll $envAll.Values.pod.resources.jobs.bootstrap | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
- env:
-{{- with $env := dict "ksUserSecret" .Values.secrets.identity.admin }}
-{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }}
-{{- end }}
- command:
- - /tmp/bootstrap.sh
- volumeMounts:
- - name: imagedir
- mountPath: /tmp/images
- - name: glance-bin
- mountPath: /tmp/bootstrap.sh
- subPath: bootstrap.sh
- readOnly: true
- - name: glance-etc
- mountPath: /etc/glance/glance-api.conf
- subPath: glance-api.conf
- readOnly: true
- volumes:
- - name: imagedir
- emptyDir: {}
- - name: glance-bin
- configMap:
- name: glance-bin
- defaultMode: 0555
- - name: glance-etc
- configMap:
- name: glance-etc
- defaultMode: 0444
+{{- if and .Values.manifests.job_bootstrap .Values.bootstrap.enabled }}
+{{- $podVolumes := tuple . | include "glance.templates._job_bootstrap.pod_volumes" | toString | fromYaml }}
+{{- $bootstrapJob := dict "envAll" . "serviceName" "glance" "keystoneUser" .Values.bootstrap.ks_user "podVolMounts" $podVolumes.volumeMounts "podVols" $podVolumes.volumes -}}
+{{ $bootstrapJob | include "helm-toolkit.manifests.job_bootstrap" }}
{{- end }}
diff --git a/glance/values.yaml b/glance/values.yaml
index 2c5d24840c..c2bcf0314b 100644
--- a/glance/values.yaml
+++ b/glance/values.yaml
@@ -46,25 +46,28 @@ images:
glance_api: docker.io/openstackhelm/glance:newton
glance_registry: docker.io/openstackhelm/glance:newton
# Bootstrap image requires curl
- glance_bootstrap: docker.io/openstackhelm/heat:newton
+ bootstrap: docker.io/openstackhelm/heat:newton
dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.2.1
pull_policy: "IfNotPresent"
bootstrap:
enabled: true
- images:
- cirros:
- id: null
- name: "Cirros 0.3.5 64-bit"
- source_url: "http://download.cirros-cloud.net/0.3.5/"
- image_file: "cirros-0.3.5-x86_64-disk.img"
- min_disk: 1
- image_type: qcow2
- container_format: bare
- private: true
- properties:
- hypervisor_type: "qemu"
- os_distro: "cirros"
+ ks_user: admin
+ script: null
+ structured:
+ images:
+ cirros:
+ id: null
+ name: "Cirros 0.3.5 64-bit"
+ source_url: "http://download.cirros-cloud.net/0.3.5/"
+ image_file: "cirros-0.3.5-x86_64-disk.img"
+ min_disk: 1
+ image_type: qcow2
+ container_format: bare
+ private: true
+ properties:
+ hypervisor_type: "qemu"
+ os_distro: "cirros"
conf:
rally_tests:
diff --git a/gnocchi/templates/job-bootstrap.yaml b/gnocchi/templates/job-bootstrap.yaml
new file mode 100644
index 0000000000..8b58185b90
--- /dev/null
+++ b/gnocchi/templates/job-bootstrap.yaml
@@ -0,0 +1,20 @@
+{{/*
+Copyright 2017 The Openstack-Helm Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/}}
+
+{{- if and .Values.manifests.job_bootstrap .Values.bootstrap.enabled }}
+{{- $bootstrapJob := dict "envAll" . "serviceName" "gnocchi" "keystoneUser" .Values.bootstrap.ks_user -}}
+{{ $bootstrapJob | include "helm-toolkit.manifests.job_bootstrap" }}
+{{- end }}
diff --git a/gnocchi/values.yaml b/gnocchi/values.yaml
index e97068ecda..dfc3d3ed4f 100644
--- a/gnocchi/values.yaml
+++ b/gnocchi/values.yaml
@@ -361,6 +361,12 @@ secrets:
gnocchi: gnocchi-db-indexer-user
rbd: gnocchi-rbd-keyring
+bootstrap:
+ enabled: false
+ ks_user: gnocchi
+ script: |
+ openstack token issue
+
# typically overriden by environmental
# values, but should include all endpoints
# required by this chart
@@ -467,6 +473,7 @@ manifests:
daemonset_statsd: true
deployment_api: true
ingress_api: true
+ job_bootstrap: true
job_clean: true
job_db_init_indexer: true
job_db_init: true
diff --git a/heat/templates/job-bootstrap.yaml b/heat/templates/job-bootstrap.yaml
index d6f8abc398..904e2140c8 100644
--- a/heat/templates/job-bootstrap.yaml
+++ b/heat/templates/job-bootstrap.yaml
@@ -14,55 +14,7 @@ See the License for the specific language governing permissions and
limitations under the License.
*/}}
-{{- if .Values.manifests.job_bootstrap }}
-{{- $envAll := . }}
-{{- if .Values.bootstrap.enabled }}
-{{- $dependencies := .Values.dependencies.bootstrap }}
-
-{{- $mounts_heat_bootstrap := .Values.pod.mounts.heat_bootstrap.heat_bootstrap }}
-{{- $mounts_heat_bootstrap_init := .Values.pod.mounts.heat_bootstrap.init_container }}
-
-{{- $serviceAccountName := "heat-bootstrap" }}
-{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
----
-apiVersion: batch/v1
-kind: Job
-metadata:
- name: heat-bootstrap
-spec:
- template:
- metadata:
- labels:
-{{ tuple $envAll "heat" "bootstrap" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
- spec:
- serviceAccountName: {{ $serviceAccountName }}
- restartPolicy: OnFailure
- nodeSelector:
- {{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }}
- initContainers:
-{{ tuple $envAll $dependencies $mounts_heat_bootstrap_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
- containers:
- - name: heat-bootstrap
- image: {{ .Values.images.tags.bootstrap }}
- imagePullPolicy: {{ .Values.images.pull_policy }}
-{{ tuple $envAll $envAll.Values.pod.resources.jobs.bootstrap | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
- env:
-{{- with $env := dict "ksUserSecret" .Values.secrets.identity.admin }}
-{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }}
-{{- end }}
- command:
- - /tmp/bootstrap.sh
- volumeMounts:
- - name: heat-bin
- mountPath: /tmp/bootstrap.sh
- subPath: bootstrap.sh
- readOnly: true
-{{ if $mounts_heat_bootstrap.volumeMounts }}{{ toYaml $mounts_heat_bootstrap.volumeMounts | indent 12 }}{{ end }}
- volumes:
- - name: heat-bin
- configMap:
- name: heat-bin
- defaultMode: 0555
-{{ if $mounts_heat_bootstrap.volumes }}{{ toYaml $mounts_heat_bootstrap.volumes | indent 8 }}{{ end }}
-{{- end }}
+{{- if and .Values.manifests.job_bootstrap .Values.bootstrap.enabled }}
+{{- $bootstrapJob := dict "envAll" . "serviceName" "heat" "keystoneUser" .Values.bootstrap.ks_user -}}
+{{ $bootstrapJob | include "helm-toolkit.manifests.job_bootstrap" }}
{{- end }}
diff --git a/heat/values.yaml b/heat/values.yaml
index 9210d9cffe..fe042530ab 100644
--- a/heat/values.yaml
+++ b/heat/values.yaml
@@ -263,6 +263,7 @@ network:
bootstrap:
enabled: false
+ ks_user: heat
script: |
openstack token issue
diff --git a/helm-toolkit/templates/manifests/_job-bootstrap.yaml b/helm-toolkit/templates/manifests/_job-bootstrap.yaml
new file mode 100644
index 0000000000..086fc2370d
--- /dev/null
+++ b/helm-toolkit/templates/manifests/_job-bootstrap.yaml
@@ -0,0 +1,94 @@
+{{/*
+Copyright 2017 The Openstack-Helm Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/}}
+
+# This function creates a manifest for db creation and user management.
+# It can be used in charts dict created similar to the following:
+# {- $dbSyncJob := dict "envAll" . "serviceName" "senlin" -}
+# { $dbSyncJob | include "helm-toolkit.manifests.job_db_sync" }
+
+{{- define "helm-toolkit.manifests.job_bootstrap" -}}
+{{- $envAll := index . "envAll" -}}
+{{- $serviceName := index . "serviceName" -}}
+{{- $nodeSelector := index . "nodeSelector" | default ( dict $envAll.Values.labels.job.node_selector_key $envAll.Values.labels.job.node_selector_value ) -}}
+{{- $dependencies := index . "dependencies" | default $envAll.Values.dependencies.bootstrap -}}
+{{- $podVolMounts := index . "podVolMounts" | default false -}}
+{{- $podVols := index . "podVols" | default false -}}
+{{- $configMapBin := index . "configMapBin" | default (printf "%s-%s" $serviceName "bin" ) -}}
+{{- $configMapEtc := index . "configMapEtc" | default (printf "%s-%s" $serviceName "etc" ) -}}
+{{- $configFile := index . "configFile" | default (printf "/etc/%s/%s.conf" $serviceName $serviceName ) -}}
+{{- $keystoneUser := index . "keystoneUser" | default $serviceName -}}
+
+{{- $serviceNamePretty := $serviceName | replace "_" "-" -}}
+
+{{- $serviceAccountName := printf "%s-%s" $serviceNamePretty "bootstrap" }}
+{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
+---
+apiVersion: batch/v1
+kind: Job
+metadata:
+ name: {{ printf "%s-%s" $serviceNamePretty "bootstrap" | quote }}
+spec:
+ template:
+ metadata:
+ labels:
+{{ tuple $envAll $serviceName "bootstrap" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
+ spec:
+ serviceAccountName: {{ $serviceAccountName }}
+ restartPolicy: OnFailure
+ nodeSelector:
+{{ toYaml $nodeSelector | indent 8 }}
+ initContainers:
+{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
+ containers:
+ - name: bootstrap
+ image: {{ $envAll.Values.images.tags.bootstrap }}
+ imagePullPolicy: {{ $envAll.Values.images.pull_policy }}
+{{ tuple $envAll $envAll.Values.pod.resources.jobs.bootstrap | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
+ env:
+{{- with $env := dict "ksUserSecret" ( index $envAll.Values.secrets.identity $keystoneUser ) }}
+{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }}
+{{- end }}
+ command:
+ - /tmp/bootstrap.sh
+ volumeMounts:
+ - name: bootstrap-sh
+ mountPath: /tmp/bootstrap.sh
+ subPath: bootstrap.sh
+ readOnly: true
+ - name: etc-service
+ mountPath: {{ dir $configFile | quote }}
+ - name: bootstrap-conf
+ mountPath: {{ $configFile | quote }}
+ subPath: {{ base $configFile | quote }}
+ readOnly: true
+{{- if $podVolMounts }}
+{{ $podVolMounts | toYaml | indent 12 }}
+{{- end }}
+ volumes:
+ - name: bootstrap-sh
+ configMap:
+ name: {{ $configMapBin | quote }}
+ defaultMode: 0555
+ - name: etc-service
+ emptyDir: {}
+ - name: bootstrap-conf
+ configMap:
+ name: {{ $configMapEtc | quote }}
+ defaultMode: 0444
+{{- if $podVols }}
+{{ $podVols | toYaml | indent 8 }}
+{{- end }}
+{{- end }}
diff --git a/ironic/templates/job-bootstrap.yaml b/ironic/templates/job-bootstrap.yaml
index e7b932fd9b..c33a17f338 100644
--- a/ironic/templates/job-bootstrap.yaml
+++ b/ironic/templates/job-bootstrap.yaml
@@ -15,52 +15,6 @@ limitations under the License.
*/}}
{{- if and .Values.manifests.job_bootstrap .Values.bootstrap.enabled }}
-{{- $envAll := . }}
-{{- $dependencies := .Values.dependencies.bootstrap }}
-
-{{- $mounts_ironic_bootstrap := .Values.pod.mounts.ironic_bootstrap.ironic_bootstrap }}
-{{- $mounts_ironic_bootstrap_init := .Values.pod.mounts.ironic_bootstrap.init_container }}
-
-{{- $serviceAccountName := "ironic-bootstrap" }}
-{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
----
-apiVersion: batch/v1
-kind: Job
-metadata:
- name: ironic-bootstrap
-spec:
- template:
- metadata:
- labels:
-{{ tuple $envAll "ironic" "bootstrap" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
- spec:
- serviceAccountName: {{ $serviceAccountName }}
- restartPolicy: OnFailure
- nodeSelector:
- {{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }}
- initContainers:
-{{ tuple $envAll $dependencies $mounts_ironic_bootstrap_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
- containers:
- - name: ironic-bootstrap
- image: {{ .Values.images.tags.ironic_bootstrap }}
- imagePullPolicy: {{ .Values.images.pull_policy }}
-{{ tuple $envAll $envAll.Values.pod.resources.jobs.bootstrap | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
- env:
-{{- with $env := dict "ksUserSecret" .Values.secrets.identity.ironic }}
-{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }}
-{{- end }}
- command:
- - /tmp/bootstrap.sh
- volumeMounts:
- - name: ironic-bin
- mountPath: /tmp/bootstrap.sh
- subPath: bootstrap.sh
- readOnly: true
-{{- if $mounts_ironic_bootstrap.volumeMounts }}{{ toYaml $mounts_ironic_bootstrap.volumeMounts | indent 10 }}{{ end }}
- volumes:
- - name: ironic-bin
- configMap:
- name: ironic-bin
- defaultMode: 0555
-{{- if $mounts_ironic_bootstrap.volumes }}{{ toYaml $mounts_ironic_bootstrap.volumes | indent 6 }}{{ end }}
+{{- $bootstrapJob := dict "envAll" . "serviceName" "ironic" "keystoneUser" .Values.bootstrap.ks_user -}}
+{{ $bootstrapJob | include "helm-toolkit.manifests.job_bootstrap" }}
{{- end }}
diff --git a/ironic/values.yaml b/ironic/values.yaml
index 22a418d437..2107002482 100644
--- a/ironic/values.yaml
+++ b/ironic/values.yaml
@@ -33,7 +33,7 @@ images:
ironic_manage_cleaning_network: docker.io/openstackhelm/heat:newton
ironic_retrive_cleaning_network: docker.io/openstackhelm/heat:newton
# Bootstrap image requires curl
- ironic_bootstrap: docker.io/openstackhelm/heat:newton
+ bootstrap: docker.io/openstackhelm/heat:newton
db_init: docker.io/openstackhelm/heat:newton
ironic_db_sync: docker.io/openstackhelm/ironic:newton
ks_user: docker.io/openstackhelm/heat:newton
@@ -116,6 +116,7 @@ network:
bootstrap:
enabled: true
+ ks_user: ironic
script: |
RELEASE="newton"
IMAGE_URL_BASE="http://tarballs.openstack.org/ironic-python-agent/tinyipa/files"
diff --git a/keystone/templates/job-bootstrap.yaml b/keystone/templates/job-bootstrap.yaml
index b60bd1d218..c69d1286fa 100644
--- a/keystone/templates/job-bootstrap.yaml
+++ b/keystone/templates/job-bootstrap.yaml
@@ -14,91 +14,7 @@ See the License for the specific language governing permissions and
limitations under the License.
*/}}
-{{- if .Values.manifests.job_bootstrap }}
-{{- $envAll := . }}
-{{- if .Values.bootstrap.enabled }}
-{{- $dependencies := .Values.dependencies.bootstrap }}
-
-{{- $mounts_keystone_bootstrap := .Values.pod.mounts.keystone_bootstrap.keystone_bootstrap }}
-{{- $mounts_keystone_bootstrap_init := .Values.pod.mounts.keystone_bootstrap.init_container }}
-
-{{- $serviceAccountName := "keystone-bootstrap" }}
-{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
----
-apiVersion: batch/v1
-kind: Job
-metadata:
- name: keystone-bootstrap
-spec:
- template:
- metadata:
- labels:
-{{ tuple $envAll "keystone" "bootstrap" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
- spec:
- serviceAccountName: {{ $serviceAccountName }}
- restartPolicy: OnFailure
- nodeSelector:
- {{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }}
- initContainers:
-{{ tuple $envAll $dependencies $mounts_keystone_bootstrap_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
- containers:
- - name: keystone-bootstrap
- image: {{ .Values.images.tags.bootstrap }}
- imagePullPolicy: {{ .Values.images.pull_policy }}
-{{ tuple $envAll $envAll.Values.pod.resources.jobs.bootstrap | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
- env:
-{{- with $env := dict "ksUserSecret" .Values.secrets.identity.admin }}
-{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }}
-{{- end }}
- command:
- - /tmp/bootstrap.sh
- volumeMounts:
- - name: etckeystonedomains
- mountPath: {{ .Values.conf.keystone.identity.domain_config_dir | default "/etc/keystonedomains" }}
- - name: etckeystone
- mountPath: /etc/keystone
- - name: keystone-bin
- mountPath: /tmp/bootstrap.sh
- subPath: bootstrap.sh
- readOnly: true
- - name: keystone-etc
- mountPath: /etc/keystone/keystone.conf
- subPath: keystone.conf
- readOnly: true
-{{- range $k, $v := .Values.conf.ks_domains }}
- - name: keystone-etc
- mountPath: {{ $envAll.Values.conf.keystone.identity.domain_config_dir | default "/etc/keystonedomains" }}/keystone.{{ $k }}.conf
- subPath: keystone.{{ $k }}.conf
- readOnly: true
-{{- end }}
-{{- if eq .Values.conf.keystone.token.provider "fernet" }}
- - name: keystone-fernet-keys
- mountPath: {{ .Values.conf.keystone.fernet_tokens.key_repository }}
-{{- end }}
- - name: keystone-credential-keys
- mountPath: {{ .Values.conf.keystone.credential.key_repository }}
-{{ if $mounts_keystone_bootstrap.volumeMounts }}{{ toYaml $mounts_keystone_bootstrap.volumeMounts | indent 12 }}{{ end }}
- volumes:
- - name: etckeystone
- emptyDir: {}
- - name: etckeystonedomains
- emptyDir: {}
- - name: keystone-etc
- configMap:
- name: keystone-etc
- defaultMode: 0444
- - name: keystone-bin
- configMap:
- name: keystone-bin
- defaultMode: 0555
-{{- if eq .Values.conf.keystone.token.provider "fernet" }}
- - name: keystone-fernet-keys
- secret:
- secretName: keystone-fernet-keys
-{{- end }}
- - name: keystone-credential-keys
- secret:
- secretName: keystone-credential-keys
-{{ if $mounts_keystone_bootstrap.volumes }}{{ toYaml $mounts_keystone_bootstrap.volumes | indent 9 }}{{ end }}
-{{- end }}
+{{- if and .Values.manifests.job_bootstrap .Values.bootstrap.enabled }}
+{{- $bootstrapJob := dict "envAll" . "serviceName" "keystone" "keystoneUser" .Values.bootstrap.ks_user -}}
+{{ $bootstrapJob | include "helm-toolkit.manifests.job_bootstrap" }}
{{- end }}
diff --git a/keystone/values.yaml b/keystone/values.yaml
index eddd429add..34660bfd08 100644
--- a/keystone/values.yaml
+++ b/keystone/values.yaml
@@ -46,6 +46,7 @@ images:
bootstrap:
enabled: true
+ ks_user: admin
script: |
openstack role add \
--user="${OS_USERNAME}" \
diff --git a/magnum/templates/job-bootstrap.yaml b/magnum/templates/job-bootstrap.yaml
index d01bafb095..668f46c350 100644
--- a/magnum/templates/job-bootstrap.yaml
+++ b/magnum/templates/job-bootstrap.yaml
@@ -14,55 +14,7 @@ See the License for the specific language governing permissions and
limitations under the License.
*/}}
-{{- if .Values.manifests.job_bootstrap }}
-{{- $envAll := . }}
-{{- if .Values.bootstrap.enabled }}
-{{- $dependencies := .Values.dependencies.bootstrap }}
-
-{{- $mounts_magnum_bootstrap := .Values.pod.mounts.magnum_bootstrap.magnum_bootstrap }}
-{{- $mounts_magnum_bootstrap_init := .Values.pod.mounts.magnum_bootstrap.init_container }}
-
-{{- $serviceAccountName := "magnum-bootstrap" }}
-{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
----
-apiVersion: batch/v1
-kind: Job
-metadata:
- name: magnum-bootstrap
-spec:
- template:
- metadata:
- labels:
-{{ tuple $envAll "magnum" "bootstrap" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
- spec:
- serviceAccountName: {{ $serviceAccountName }}
- restartPolicy: OnFailure
- nodeSelector:
- {{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }}
- initContainers:
-{{ tuple $envAll $dependencies $mounts_magnum_bootstrap_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
- containers:
- - name: magnum-bootstrap
- image: {{ .Values.images.tags.bootstrap }}
- imagePullPolicy: {{ .Values.images.pull_policy }}
-{{ tuple $envAll $envAll.Values.pod.resources.jobs.bootstrap | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
- env:
-{{- with $env := dict "ksUserSecret" .Values.secrets.identity.admin }}
-{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }}
-{{- end }}
- command:
- - /tmp/bootstrap.sh
- volumeMounts:
- - name: magnum-bin
- mountPath: /tmp/bootstrap.sh
- subPath: bootstrap.sh
- readOnly: true
-{{ if $mounts_magnum_bootstrap.volumeMounts }}{{ toYaml $mounts_magnum_bootstrap.volumeMounts | indent 12 }}{{ end }}
- volumes:
- - name: magnum-bin
- configMap:
- name: magnum-bin
- defaultMode: 0555
-{{ if $mounts_magnum_bootstrap.volumes }}{{ toYaml $mounts_magnum_bootstrap.volumes | indent 8 }}{{ end }}
-{{- end }}
+{{- if and .Values.manifests.job_bootstrap .Values.bootstrap.enabled }}
+{{- $bootstrapJob := dict "envAll" . "serviceName" "magnum" "keystoneUser" .Values.bootstrap.ks_user -}}
+{{ $bootstrapJob | include "helm-toolkit.manifests.job_bootstrap" }}
{{- end }}
diff --git a/magnum/values.yaml b/magnum/values.yaml
index cc5c0b2903..d22f67ba75 100644
--- a/magnum/values.yaml
+++ b/magnum/values.yaml
@@ -132,6 +132,7 @@ network:
bootstrap:
enabled: false
+ ks_user: magnum
script: |
openstack token issue
diff --git a/mistral/templates/job-bootstrap.yaml b/mistral/templates/job-bootstrap.yaml
index 15d20da04c..00e463e956 100644
--- a/mistral/templates/job-bootstrap.yaml
+++ b/mistral/templates/job-bootstrap.yaml
@@ -14,54 +14,7 @@ See the License for the specific language governing permissions and
limitations under the License.
*/}}
-{{- if .Values.manifests.job_bootstrap }}
-{{- $envAll := . }}
-{{- if .Values.bootstrap.enabled }}
-{{- $dependencies := .Values.dependencies.bootstrap }}
-{{- $mounts_mistral_bootstrap := .Values.pod.mounts.mistral_bootstrap.mistral_bootstrap }}
-{{- $mounts_mistral_bootstrap_init := .Values.pod.mounts.mistral_bootstrap.init_container }}
-
-{{- $serviceAccountName := "mistral-bootstrap" }}
-{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
----
-apiVersion: batch/v1
-kind: Job
-metadata:
- name: mistral-bootstrap
-spec:
- template:
- metadata:
- labels:
-{{ tuple $envAll "mistral" "bootstrap" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
- spec:
- serviceAccountName: {{ $serviceAccountName }}
- restartPolicy: OnFailure
- nodeSelector:
- {{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }}
- initContainers:
-{{ tuple $envAll $dependencies $mounts_mistral_bootstrap_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
- containers:
- - name: mistral-bootstrap
- image: {{ .Values.images.tags.bootstrap }}
- imagePullPolicy: {{ .Values.images.pull_policy }}
-{{ tuple $envAll $envAll.Values.pod.resources.jobs.bootstrap | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
- env:
-{{- with $env := dict "ksUserSecret" .Values.secrets.identity.admin }}
-{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }}
-{{- end }}
- command:
- - /tmp/bootstrap.sh
- volumeMounts:
- - name: mistral-bin
- mountPath: /tmp/bootstrap.sh
- subPath: bootstrap.sh
- readOnly: true
-{{ if $mounts_mistral_bootstrap.volumeMounts }}{{ toYaml $mounts_mistral_bootstrap.volumeMounts | indent 12 }}{{ end }}
- volumes:
- - name: mistral-bin
- configMap:
- name: mistral-bin
- defaultMode: 0555
-{{ if $mounts_mistral_bootstrap.volumes }}{{ toYaml $mounts_mistral_bootstrap.volumes | indent 8 }}{{ end }}
-{{- end }}
+{{- if and .Values.manifests.job_bootstrap .Values.bootstrap.enabled }}
+{{- $bootstrapJob := dict "envAll" . "serviceName" "mistral" "keystoneUser" .Values.bootstrap.ks_user -}}
+{{ $bootstrapJob | include "helm-toolkit.manifests.job_bootstrap" }}
{{- end }}
diff --git a/mistral/values.yaml b/mistral/values.yaml
index c6ae5ef26c..9e974b9484 100644
--- a/mistral/values.yaml
+++ b/mistral/values.yaml
@@ -65,6 +65,7 @@ network:
bootstrap:
enabled: false
+ ks_user: mistral
script: |
openstack token issue
diff --git a/neutron/templates/job-bootstrap.yaml b/neutron/templates/job-bootstrap.yaml
index 9bbda9d44c..d705809aef 100644
--- a/neutron/templates/job-bootstrap.yaml
+++ b/neutron/templates/job-bootstrap.yaml
@@ -14,54 +14,7 @@ See the License for the specific language governing permissions and
limitations under the License.
*/}}
-{{- if .Values.manifests.job_bootstrap }}
-{{- $envAll := . }}
-{{- if .Values.bootstrap.enabled }}
-{{- $dependencies := .Values.dependencies.bootstrap }}
-
-{{- $mounts_neutron_bootstrap := .Values.pod.mounts.neutron_bootstrap.neutron_bootstrap }}
-{{- $mounts_neutron_bootstrap_init := .Values.pod.mounts.neutron_bootstrap.init_container }}
-
-{{- $serviceAccountName := "neutron-bootstrap" }}
-{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
----
-apiVersion: batch/v1
-kind: Job
-metadata:
- name: neutron-bootstrap
-spec:
- template:
- metadata:
- labels:
-{{ tuple $envAll "neutron" "bootstrap" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
- spec:
- serviceAccountName: {{ $serviceAccountName }}
- restartPolicy: OnFailure
- nodeSelector:
- {{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }}
- initContainers:
-{{ tuple $envAll $dependencies $mounts_neutron_bootstrap_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
- containers:
- - name: neutron-bootstrap
- image: {{ .Values.images.tags.bootstrap }}
- imagePullPolicy: {{ .Values.images.pull_policy }}
-{{ tuple $envAll $envAll.Values.pod.resources.jobs.bootstrap | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
- env:
-{{- with $env := dict "ksUserSecret" .Values.secrets.identity.admin }}
-{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }}
-{{- end }}
- command:
- - /tmp/bootstrap.sh
- volumeMounts:
- - name: neutron-bin
- mountPath: /tmp/bootstrap.sh
- subPath: bootstrap.sh
-{{ if $mounts_neutron_bootstrap.volumeMounts }}{{ toYaml $mounts_neutron_bootstrap.volumeMounts | indent 12 }}{{ end }}
- volumes:
- - name: neutron-bin
- configMap:
- name: neutron-bin
- defaultMode: 0555
-{{ if $mounts_neutron_bootstrap.volumes }}{{ toYaml $mounts_neutron_bootstrap.volumes | indent 8 }}{{ end }}
-{{- end }}
+{{- if and .Values.manifests.job_bootstrap .Values.bootstrap.enabled }}
+{{- $bootstrapJob := dict "envAll" . "serviceName" "neutron" "keystoneUser" .Values.bootstrap.ks_user -}}
+{{ $bootstrapJob | include "helm-toolkit.manifests.job_bootstrap" }}
{{- end }}
diff --git a/neutron/values.yaml b/neutron/values.yaml
index 6089c49bec..f33c57fdd8 100644
--- a/neutron/values.yaml
+++ b/neutron/values.yaml
@@ -104,8 +104,9 @@ network:
bootstrap:
enabled: false
+ ks_user: neutron
script: |
- neutron agent-list
+ openstack token issue
dependencies:
db_init:
diff --git a/nova/templates/bin/_bootstrap.sh.tpl b/nova/templates/bin/_bootstrap.sh.tpl
index 25eb3280ed..2f1cb41203 100644
--- a/nova/templates/bin/_bootstrap.sh.tpl
+++ b/nova/templates/bin/_bootstrap.sh.tpl
@@ -19,8 +19,8 @@ limitations under the License.
set -ex
export HOME=/tmp
-{{ if .Values.bootstrap.flavors.enabled }}
-{{ range .Values.bootstrap.flavors.options }}
+{{ if .Values.bootstrap.structured.flavors.enabled }}
+{{ range .Values.bootstrap.structured.flavors.options }}
openstack flavor show {{ .name }} || \
openstack flavor create {{ .name }} \
--id {{ .id }} \
@@ -31,4 +31,3 @@ openstack flavor show {{ .name }} || \
{{ end }}
{{ .Values.bootstrap.script | default "echo 'Not Enabled'" }}
-exit 0
diff --git a/nova/templates/job-bootstrap.yaml b/nova/templates/job-bootstrap.yaml
index 30ce26d5d5..6620f2d776 100644
--- a/nova/templates/job-bootstrap.yaml
+++ b/nova/templates/job-bootstrap.yaml
@@ -14,63 +14,7 @@ See the License for the specific language governing permissions and
limitations under the License.
*/}}
-{{- if .Values.manifests.job_bootstrap }}
-{{- $envAll := . }}
-{{- if .Values.bootstrap.enabled }}
-{{- $dependencies := .Values.dependencies.bootstrap }}
-
-{{- $mounts_nova_bootstrap := .Values.pod.mounts.nova_bootstrap.nova_bootstrap }}
-{{- $mounts_nova_bootstrap_init := .Values.pod.mounts.nova_bootstrap.init_container }}
-
-{{- $serviceAccountName := "nova-bootstrap" }}
-{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
----
-apiVersion: batch/v1
-kind: Job
-metadata:
- name: nova-bootstrap
-spec:
- template:
- metadata:
- labels:
-{{ tuple $envAll "nova" "bootstrap" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
- spec:
- serviceAccountName: {{ $serviceAccountName }}
- restartPolicy: OnFailure
- nodeSelector:
- {{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }}
- initContainers:
-{{ tuple $envAll $dependencies $mounts_nova_bootstrap_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
- containers:
- - name: nova-bootstrap
- image: {{ .Values.images.tags.bootstrap }}
- imagePullPolicy: {{ .Values.images.pull_policy }}
-{{ tuple $envAll $envAll.Values.pod.resources.jobs.bootstrap | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
- command:
- - /tmp/bootstrap.sh
- env:
-{{- with $env := dict "ksUserSecret" .Values.secrets.identity.admin }}
-{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }}
-{{- end }}
- volumeMounts:
- - name: nova-bin
- mountPath: /tmp/bootstrap.sh
- subPath: bootstrap.sh
- readOnly: true
- - name: nova-etc
- mountPath: /etc/nova/nova.conf
- subPath: nova.conf
- readOnly: true
-{{ if $mounts_nova_bootstrap.volumeMounts }}{{ toYaml $mounts_nova_bootstrap.volumeMounts | indent 12 }}{{ end }}
- volumes:
- - name: nova-etc
- configMap:
- name: nova-etc
- defaultMode: 0444
- - name: nova-bin
- configMap:
- name: nova-bin
- defaultMode: 0555
-{{ if $mounts_nova_bootstrap.volumes }}{{ toYaml $mounts_nova_bootstrap.volumes | indent 8 }}{{ end }}
-{{- end }}
+{{- if and .Values.manifests.job_bootstrap .Values.bootstrap.enabled }}
+{{- $bootstrapJob := dict "envAll" . "serviceName" "nova" "keystoneUser" .Values.bootstrap.ks_user -}}
+{{ $bootstrapJob | include "helm-toolkit.manifests.job_bootstrap" }}
{{- end }}
diff --git a/nova/values.yaml b/nova/values.yaml
index 420c2d49c2..398c4dcc37 100644
--- a/nova/values.yaml
+++ b/nova/values.yaml
@@ -83,40 +83,42 @@ images:
bootstrap:
enabled: true
+ ks_user: admin
script: null
- flavors:
- enabled: true
- options:
- m1_tiny:
- name: "m1.tiny"
- id: "auto"
- ram: 512
- disk: 1
- vcpus: 1
- m1_small:
- name: "m1.small"
- id: "auto"
- ram: 2048
- disk: 20
- vcpus: 1
- m1_medium:
- name: "m1.medium"
- id: "auto"
- ram: 4096
- disk: 40
- vcpus: 2
- m1_large:
- name: "m1.large"
- id: "auto"
- ram: 8192
- disk: 80
- vcpus: 4
- m1_xlarge:
- name: "m1.xlarge"
- id: "auto"
- ram: 16384
- disk: 160
- vcpus: 8
+ structured:
+ flavors:
+ enabled: true
+ options:
+ m1_tiny:
+ name: "m1.tiny"
+ id: "auto"
+ ram: 512
+ disk: 1
+ vcpus: 1
+ m1_small:
+ name: "m1.small"
+ id: "auto"
+ ram: 2048
+ disk: 20
+ vcpus: 1
+ m1_medium:
+ name: "m1.medium"
+ id: "auto"
+ ram: 4096
+ disk: 40
+ vcpus: 2
+ m1_large:
+ name: "m1.large"
+ id: "auto"
+ ram: 8192
+ disk: 80
+ vcpus: 4
+ m1_xlarge:
+ name: "m1.xlarge"
+ id: "auto"
+ ram: 16384
+ disk: 160
+ vcpus: 8
network:
osapi:
diff --git a/senlin/templates/job-bootstrap.yaml b/senlin/templates/job-bootstrap.yaml
index c2e9d28cde..662dfa3138 100644
--- a/senlin/templates/job-bootstrap.yaml
+++ b/senlin/templates/job-bootstrap.yaml
@@ -14,54 +14,7 @@ See the License for the specific language governing permissions and
limitations under the License.
*/}}
-{{- if .Values.manifests.job_bootstrap }}
-{{- $envAll := . }}
-{{- if .Values.bootstrap.enabled }}
-{{- $dependencies := .Values.dependencies.bootstrap }}
-{{- $mounts_senlin_bootstrap := .Values.pod.mounts.senlin_bootstrap.senlin_bootstrap }}
-{{- $mounts_senlin_bootstrap_init := .Values.pod.mounts.senlin_bootstrap.init_container }}
-
-{{- $serviceAccountName := "senlin-bootstrap" }}
-{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
----
-apiVersion: batch/v1
-kind: Job
-metadata:
- name: senlin-bootstrap
-spec:
- template:
- metadata:
- labels:
-{{ tuple $envAll "senlin" "bootstrap" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
- spec:
- serviceAccountName: {{ $serviceAccountName }}
- restartPolicy: OnFailure
- nodeSelector:
- {{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }}
- initContainers:
-{{ tuple $envAll $dependencies $mounts_senlin_bootstrap_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
- containers:
- - name: senlin-bootstrap
- image: {{ .Values.images.tags.bootstrap }}
- imagePullPolicy: {{ .Values.images.pull_policy }}
-{{ tuple $envAll $envAll.Values.pod.resources.jobs.bootstrap | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
- env:
-{{- with $env := dict "ksUserSecret" .Values.secrets.identity.admin }}
-{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }}
-{{- end }}
- command:
- - /tmp/bootstrap.sh
- volumeMounts:
- - name: senlin-bin
- mountPath: /tmp/bootstrap.sh
- subPath: bootstrap.sh
- readOnly: true
-{{ if $mounts_senlin_bootstrap.volumeMounts }}{{ toYaml $mounts_senlin_bootstrap.volumeMounts | indent 12 }}{{ end }}
- volumes:
- - name: senlin-bin
- configMap:
- name: senlin-bin
- defaultMode: 0555
-{{ if $mounts_senlin_bootstrap.volumes }}{{ toYaml $mounts_senlin_bootstrap.volumes | indent 8 }}{{ end }}
-{{- end }}
+{{- if and .Values.manifests.job_bootstrap .Values.bootstrap.enabled }}
+{{- $bootstrapJob := dict "envAll" . "serviceName" "senlin" "keystoneUser" .Values.bootstrap.ks_user -}}
+{{ $bootstrapJob | include "helm-toolkit.manifests.job_bootstrap" }}
{{- end }}
diff --git a/senlin/values.yaml b/senlin/values.yaml
index 33f475e75f..916d03ff4e 100644
--- a/senlin/values.yaml
+++ b/senlin/values.yaml
@@ -144,6 +144,7 @@ network:
bootstrap:
enabled: false
+ ks_user: senlin
script: |
openstack token issue
diff --git a/tools/overrides/releases/newton/kolla.yaml b/tools/overrides/releases/newton/kolla.yaml
index c77f3ca2a4..29f9aec131 100644
--- a/tools/overrides/releases/newton/kolla.yaml
+++ b/tools/overrides/releases/newton/kolla.yaml
@@ -25,7 +25,6 @@ images:
db_drop: 'docker.io/kolla/ubuntu-source-heat-engine:3.0.3'
db_init: 'docker.io/kolla/ubuntu-source-heat-engine:3.0.3'
glance_api: 'docker.io/kolla/ubuntu-source-glance-api:3.0.3'
- glance_bootstrap: 'docker.io/kolla/ubuntu-source-heat-engine:3.0.3'
glance_db_sync: 'docker.io/kolla/ubuntu-source-glance-api:3.0.3'
glance_registry: 'docker.io/kolla/ubuntu-source-glance-registry:3.0.3'
heat_api: 'docker.io/kolla/ubuntu-source-heat-api:3.0.3'
@@ -36,7 +35,6 @@ images:
horizon: 'docker.io/kolla/ubuntu-source-horizon:ocata'
horizon_db_sync: 'docker.io/kolla/ubuntu-source-horizon:ocata'
ironic_api: 'docker.io/kolla/ubuntu-source-ironic-api:3.0.3'
- ironic_bootstrap: 'docker.io/kolla/ubuntu-source-heat-engine:3.0.3'
ironic_conductor: 'docker.io/kolla/ubuntu-source-ironic-conductor:3.0.3'
ironic_db_sync: 'docker.io/kolla/ubuntu-source-ironic-api:3.0.3'
ironic_pxe: 'docker.io/kolla/ubuntu-source-ironic-pxe:3.0.3'