From 922967ee7f1fb182f07e65e308626f3002d61881 Mon Sep 17 00:00:00 2001 From: Larry Rensing Date: Thu, 5 Jan 2017 16:26:47 +0000 Subject: [PATCH 01/45] maas-region cleanup --- maas/templates/_helpers.tpl | 3 -- .../_maas-region-controller.postinst.tpl | 33 ------------------- maas/templates/configmap-bin.yaml | 2 ++ maas/templates/configmap-etc.yaml | 2 ++ maas/templates/configmap-var.yaml | 10 ------ maas/templates/deploy-region.yaml | 14 ++++---- maas/templates/{var => etc}/_secret.tpl | 0 maas/templates/service.yaml | 1 - maas/values.yaml | 2 +- 9 files changed, 11 insertions(+), 56 deletions(-) delete mode 100644 maas/templates/_helpers.tpl rename maas/templates/{var => bin}/_maas-region-controller.postinst.tpl (77%) delete mode 100644 maas/templates/configmap-var.yaml rename maas/templates/{var => etc}/_secret.tpl (100%) diff --git a/maas/templates/_helpers.tpl b/maas/templates/_helpers.tpl deleted file mode 100644 index d2f33bc897..0000000000 --- a/maas/templates/_helpers.tpl +++ /dev/null @@ -1,3 +0,0 @@ -{{- define "joinListWithColon" -}} -{{ range $k, $v := . }}{{ if $k }},{{ end }}{{ $v }}{{ end }} -{{- end -}} diff --git a/maas/templates/var/_maas-region-controller.postinst.tpl b/maas/templates/bin/_maas-region-controller.postinst.tpl similarity index 77% rename from maas/templates/var/_maas-region-controller.postinst.tpl rename to maas/templates/bin/_maas-region-controller.postinst.tpl index 6c6ac31f12..ae7e846397 100644 --- a/maas/templates/var/_maas-region-controller.postinst.tpl +++ b/maas/templates/bin/_maas-region-controller.postinst.tpl @@ -35,30 +35,6 @@ configure_maas_default_url() { maas-region local_config_set --maas-url "http://${ipaddr}/MAAS" } -get_default_route_ip6() { - while read Src SrcPref Dest DestPref Gateway Metric RefCnt Use Flags Iface - do - [ "$SrcPref" = 00 ] && [ "$Iface" != lo ] && break - done < /proc/net/ipv6_route - if [ -n "$Iface" ]; then - LC_ALL=C /sbin/ip -6 addr list dev "$Iface" scope global permanent | - sed -n '/ inet6 /s/.*inet6 \([0-9a-fA-F:]*\).*/[\1]/p' | head -1 - fi -} - -get_default_route_ip4() { - while read Iface Destination Gateway Flags RefCnt Use Metric Mask MTU Window IRTT - do - [ "$Mask" = "00000000" ] && break - done < /proc/net/route - if [ -n "$Iface" ]; then - ipaddr=$(LC_ALL=C /sbin/ip -4 addr list dev "$Iface" scope global) - ipaddr=${ipaddr#* inet } - ipaddr=${ipaddr%%/*} - echo $ipaddr - fi -} - extract_default_maas_url() { # Extract DEFAULT_MAAS_URL IP/host setting from config file $1. grep "^DEFAULT_MAAS_URL" "$1" | cut -d"/" -f3 @@ -86,17 +62,8 @@ if [ "$1" = "configure" ] && [ -z "$2" ]; then db_get maas/default-maas-url ipaddr="$RET" if [ -z "$ipaddr" ]; then - #ipaddr=$(get_default_route_ip4) ipaddr="maas-region-ui.{{ .Release.Namespace }}" fi - if [ -z "$ipaddr" ]; then - #ipaddr=$(get_default_route_ip6) - ipaddr="maas-region-ui.{{ .Release.Namespace }}" - fi - # Fallback default is "localhost" - if [ -z "$ipaddr" ]; then - ipaddr=localhost - fi # Set the IP address of the interface with default route configure_maas_default_url "$ipaddr" db_subst maas/installation-note MAAS_URL "$ipaddr" diff --git a/maas/templates/configmap-bin.yaml b/maas/templates/configmap-bin.yaml index 53b2d94dbc..c7c2108d76 100644 --- a/maas/templates/configmap-bin.yaml +++ b/maas/templates/configmap-bin.yaml @@ -5,3 +5,5 @@ metadata: data: start.sh: | {{ tuple "bin/_start.sh.tpl" . | include "template" | indent 4 }} + maas-region-controller.postinst: | +{{ tuple "bin/_maas-region-controller.postinst.tpl" . | include "template" | indent 4 }} diff --git a/maas/templates/configmap-etc.yaml b/maas/templates/configmap-etc.yaml index 2597a28cac..ececffc02c 100644 --- a/maas/templates/configmap-etc.yaml +++ b/maas/templates/configmap-etc.yaml @@ -5,3 +5,5 @@ metadata: data: named.conf.options: |+ {{ tuple "etc/_region-dns-config.tpl" . | include "template" | indent 4 }} + secret: | +{{ tuple "etc/_secret.tpl" . | include "template" | indent 4 }} diff --git a/maas/templates/configmap-var.yaml b/maas/templates/configmap-var.yaml deleted file mode 100644 index 422c0ed503..0000000000 --- a/maas/templates/configmap-var.yaml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: maas-region-var -data: - maas-region-controller.postinst: | -{{ tuple "var/_maas-region-controller.postinst.tpl" . | include "template" | indent 4 }} - secret: | -{{ tuple "var/_secret.tpl" . | include "template" | indent 4 }} - diff --git a/maas/templates/deploy-region.yaml b/maas/templates/deploy-region.yaml index f044a09c5d..31567170f2 100644 --- a/maas/templates/deploy-region.yaml +++ b/maas/templates/deploy-region.yaml @@ -14,12 +14,7 @@ spec: "name": "init", "image": "{{ .Values.images.maas_region }}", "imagePullPolicy": "Always", - "command": [ - "/bin/bash", "-c" - ], - "args": [ - "chmod +x /tmp/start.sh; /tmp/start.sh" - ], + "command": ["bash", "/tmp/start.sh"], "volumeMounts": [ { "name": "maas-config", @@ -59,6 +54,9 @@ spec: imagePullPolicy: Always ports: - containerPort: {{ .Values.network.port.region_container }} + readinessProbe: + tcpSocket: + port: {{ .Values.network.port.region_container }} securityContext: privileged: true volumeMounts: @@ -91,7 +89,7 @@ spec: emptyDir: {} - name: maas-region-secret configMap: - name: maas-region-var + name: maas-region-etc - name: maas-config emptyDir: {} - name: maas-dns-config @@ -102,4 +100,4 @@ spec: name: maas-region-bin - name: maasregionpostinst configMap: - name: maas-region-var + name: maas-region-bin diff --git a/maas/templates/var/_secret.tpl b/maas/templates/etc/_secret.tpl similarity index 100% rename from maas/templates/var/_secret.tpl rename to maas/templates/etc/_secret.tpl diff --git a/maas/templates/service.yaml b/maas/templates/service.yaml index fce28c7ac8..0a78d6c56d 100644 --- a/maas/templates/service.yaml +++ b/maas/templates/service.yaml @@ -5,7 +5,6 @@ metadata: labels: app: maas-region-ui spec: - type: NodePort ports: - port: {{ .Values.network.port.service_gui }} targetPort: {{ .Values.network.port.service_gui_target }} diff --git a/maas/values.yaml b/maas/values.yaml index 0f46f04f67..8a7862ec89 100644 --- a/maas/values.yaml +++ b/maas/values.yaml @@ -4,7 +4,7 @@ images: maas_region: quay.io/attcomdev/maas-region:2.1.2-1 - maas_rack: quay.io/attcomdev/maas-rack:2.1.2 + maas_rack: quay.io/attcomdev/maas-rack:2.1.2-1 labels: node_selector_key: openstack-control-plane From d9a390e0c7ac00aaa47885feb245a266d634e672 Mon Sep 17 00:00:00 2001 From: Pete Birley Date: Thu, 12 Jan 2017 21:44:09 +0000 Subject: [PATCH 02/45] Use Upstream Memcached Image This commit changes the default Memcached Image to the Upstream: * https://hub.docker.com/_/memcached/ --- memcached/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/memcached/values.yaml b/memcached/values.yaml index c00dcdcc03..62ed983c01 100644 --- a/memcached/values.yaml +++ b/memcached/values.yaml @@ -4,7 +4,7 @@ # name: value images: - memcached: quay.io/stackanetes/stackanetes-memcached:newton + memcached: docker.io/memcached:latest pull_policy: "IfNotPresent" upgrades: From d43b95a1526bf9a9626185c3141f683a0d372516 Mon Sep 17 00:00:00 2001 From: Alan Meadows Date: Thu, 12 Jan 2017 15:23:09 -0800 Subject: [PATCH 03/45] Allow specifying the keystone token provider The new default for mitaka+ is fernet tokens which not all container images support. This allows the operator to specify the token provider, allowing uuid token usage in images which is required until the infrastructure to setup and distribute fernet keys is created. --- keystone/templates/etc/_keystone.conf.tpl | 5 ++++- keystone/values.yaml | 9 ++++++--- 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/keystone/templates/etc/_keystone.conf.tpl b/keystone/templates/etc/_keystone.conf.tpl index a503b4a0e5..573eba9e0e 100644 --- a/keystone/templates/etc/_keystone.conf.tpl +++ b/keystone/templates/etc/_keystone.conf.tpl @@ -1,5 +1,5 @@ [DEFAULT] -debug = {{ .Values.misc.debug }} +debug = {{ .Values.api.default.debug }} use_syslog = False use_stderr = True @@ -10,6 +10,9 @@ max_retries = -1 [memcache] servers = {{ include "memcached_host" . }}:11211 +[token] +provider = {{ .Values.api.token.provider }} + [cache] backend = dogpile.cache.memcached memcache_servers = {{ include "memcached_host" . }}:11211 diff --git a/keystone/values.yaml b/keystone/values.yaml index e6ead52acc..a4a84a67bf 100644 --- a/keystone/values.yaml +++ b/keystone/values.yaml @@ -31,6 +31,12 @@ keystone: admin_password: password admin_project_name: admin +api: + default: + debug: false + token: + provider: uuid + network: port: admin: 35357 @@ -52,9 +58,6 @@ database: keystone_password: password keystone_user: keystone -misc: - debug: false - dependencies: api: jobs: From f1ef55de6ec8768a91bd3cda94cb5f74f22411bd Mon Sep 17 00:00:00 2001 From: Pete Birley Date: Thu, 12 Jan 2017 23:50:26 +0000 Subject: [PATCH 04/45] Update Heat to mount Policy at engine statefulsets and set client endpoints --- heat/templates/etc/_heat.conf.tpl | 8 ++++++++ heat/templates/statefulset-engine.yaml | 7 +++++++ heat/values.yaml | 2 +- 3 files changed, 16 insertions(+), 1 deletion(-) diff --git a/heat/templates/etc/_heat.conf.tpl b/heat/templates/etc/_heat.conf.tpl index e902fe7114..b268a6ecfd 100644 --- a/heat/templates/etc/_heat.conf.tpl +++ b/heat/templates/etc/_heat.conf.tpl @@ -80,3 +80,11 @@ region_name = {{ .Values.keystone.heat_trustee_region_name }} user_domain_name = {{ .Values.keystone.heat_trustee_user_domain }} username = {{ .Values.keystone.heat_trustee_user }} password = {{ .Values.keystone.heat_trustee_password }} + + +[clients] +endpoint_type = internalURL + +[clients_keystone] +endpoint_type = internalURL +auth_uri = {{ include "endpoint_keystone_internal" . }} diff --git a/heat/templates/statefulset-engine.yaml b/heat/templates/statefulset-engine.yaml index 0478e39173..36aacba350 100644 --- a/heat/templates/statefulset-engine.yaml +++ b/heat/templates/statefulset-engine.yaml @@ -55,6 +55,10 @@ spec: mountPath: /etc/heat/conf/heat.conf subPath: heat.conf readOnly: true + - name: heatpolicy + mountPath: /etc/heat/policy.json + subPath: policy.json + readOnly: true volumes: - name: pod-etc-heat emptyDir: {} @@ -63,3 +67,6 @@ spec: - name: heatconf configMap: name: heat-etc + - name: heatpolicy + configMap: + name: heat-etc diff --git a/heat/values.yaml b/heat/values.yaml index 6373aa22de..ecd9c02ccf 100644 --- a/heat/values.yaml +++ b/heat/values.yaml @@ -108,7 +108,7 @@ resources: workers: 8 misc: - debug: false + debug: true secrets: keystone_admin: From fcc594aac86714f52204ab7f1d9c5d19af86f7bf Mon Sep 17 00:00:00 2001 From: DTadrzak Date: Wed, 11 Jan 2017 14:29:04 +0100 Subject: [PATCH 05/45] Adding: templates for init-containers. Unfortunately I need to break it for two templates, because i don't how to pass two variables to template. PR also adjust layout of configuration files in Nova. Signed-off-by: DTadrzak --- cinder/templates/deployment-api.yaml | 27 ++------------- cinder/templates/deployment-scheduler.yaml | 27 ++------------- cinder/templates/deployment-volume.yaml | 27 ++------------- cinder/templates/job-db-init.yaml | 27 ++------------- cinder/templates/job-db-sync.yaml | 27 ++------------- cinder/templates/job-ks-endpoints.yaml.yaml | 23 ++----------- cinder/templates/job-ks-service.yaml | 23 ++----------- cinder/templates/job-ks-user.yaml | 23 ++----------- common/templates/_funcs.tpl | 35 +++++++++++++++++++ glance/templates/api.yaml | 28 ++-------------- glance/templates/db-sync.yaml | 27 ++------------- glance/templates/init.yaml | 27 ++------------- glance/templates/post.yaml | 27 ++------------- glance/templates/registry.yaml | 27 ++------------- glance/values.yaml | 1 + heat/templates/deployment-api.yaml | 27 ++------------- heat/templates/deployment-cfn.yaml | 27 ++------------- heat/templates/deployment-cloudwatch.yaml | 27 ++------------- heat/templates/job-db-init.yaml | 27 ++------------- heat/templates/job-db-sync.yaml | 27 ++------------- heat/templates/job-ks-endpoints.yaml.yaml | 23 ++----------- heat/templates/job-ks-service.yaml | 23 ++----------- heat/templates/job-ks-user.yaml | 23 ++----------- heat/templates/statefulset-engine.yaml | 27 ++------------- horizon/templates/deployment.yaml | 23 ++----------- horizon/values.yaml | 2 +- keystone/templates/deployment.yaml | 33 ++---------------- keystone/templates/job-db-sync.yaml | 27 ++------------- keystone/templates/job-init.yaml | 27 ++------------- keystone/values.yaml | 2 +- nova/templates/daemonset-compute.yaml | 35 +++---------------- nova/templates/daemonset-libvirt.yaml | 35 +++---------------- nova/templates/deployment-api-metadata.yaml | 37 +++------------------ nova/templates/deployment-api-osapi.yaml | 35 +++---------------- nova/templates/deployment-conductor.yaml | 33 ++---------------- nova/templates/deployment-consoleauth.yaml | 33 ++---------------- nova/templates/deployment-scheduler.yaml | 33 ++---------------- nova/templates/job-db-sync.yaml | 31 +++-------------- nova/templates/job-init.yaml | 31 +++-------------- nova/templates/job-post.yaml | 31 +++-------------- nova/values.yaml | 4 +-- 41 files changed, 131 insertions(+), 928 deletions(-) diff --git a/cinder/templates/deployment-api.yaml b/cinder/templates/deployment-api.yaml index 6abc136d1a..64a522d070 100644 --- a/cinder/templates/deployment-api.yaml +++ b/cinder/templates/deployment-api.yaml @@ -19,31 +19,8 @@ spec: annotations: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} - pod.beta.kubernetes.io/init-containers: '[ - { - "name": "init", - "image": {{ .Values.images.dep_check | quote }}, - "imagePullPolicy": {{ .Values.images.pull_policy | quote }}, - "env": [ - { - "name": "NAMESPACE", - "value": "{{ .Release.Namespace }}" - }, - { - "name": "DEPENDENCY_SERVICE", - "value": "{{ include "joinListWithColon" .Values.dependencies.api.service }}" - }, - { - "name": "DEPENDENCY_JOBS", - "value": "{{ include "joinListWithColon" .Values.dependencies.api.jobs }}" - }, - { - "name": "COMMAND", - "value": "echo done" - } - ] - } - ]' + {{ include "init-containers-header" . }} + {{ include "init-containers-footer" .Values.dependencies.api }} spec: nodeSelector: {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} diff --git a/cinder/templates/deployment-scheduler.yaml b/cinder/templates/deployment-scheduler.yaml index fabcf3361a..57a963a437 100644 --- a/cinder/templates/deployment-scheduler.yaml +++ b/cinder/templates/deployment-scheduler.yaml @@ -19,31 +19,8 @@ spec: annotations: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} - pod.beta.kubernetes.io/init-containers: '[ - { - "name": "init", - "image": {{ .Values.images.dep_check | quote }}, - "imagePullPolicy": {{ .Values.images.pull_policy | quote }}, - "env": [ - { - "name": "NAMESPACE", - "value": "{{ .Release.Namespace }}" - }, - { - "name": "DEPENDENCY_SERVICE", - "value": "{{ include "joinListWithColon" .Values.dependencies.scheduler.service }}" - }, - { - "name": "DEPENDENCY_JOBS", - "value": "{{ include "joinListWithColon" .Values.dependencies.scheduler.jobs }}" - }, - { - "name": "COMMAND", - "value": "echo done" - } - ] - } - ]' + {{ include "init-containers-header" . }} + {{ include "init-containers-footer" .Values.dependencies.scheduler }} spec: nodeSelector: {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} diff --git a/cinder/templates/deployment-volume.yaml b/cinder/templates/deployment-volume.yaml index 7f6cc18bd6..5debc13481 100644 --- a/cinder/templates/deployment-volume.yaml +++ b/cinder/templates/deployment-volume.yaml @@ -19,31 +19,8 @@ spec: annotations: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} - pod.beta.kubernetes.io/init-containers: '[ - { - "name": "init", - "image": {{ .Values.images.dep_check | quote }}, - "imagePullPolicy": {{ .Values.images.pull_policy | quote }}, - "env": [ - { - "name": "NAMESPACE", - "value": "{{ .Release.Namespace }}" - }, - { - "name": "DEPENDENCY_SERVICE", - "value": "{{ include "joinListWithColon" .Values.dependencies.volume.service }}" - }, - { - "name": "DEPENDENCY_JOBS", - "value": "{{ include "joinListWithColon" .Values.dependencies.volume.jobs }}" - }, - { - "name": "COMMAND", - "value": "echo done" - } - ] - } - ]' + {{ include "init-containers-header" . }} + {{ include "init-containers-footer" .Values.dependencies.volume }} spec: nodeSelector: {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} diff --git a/cinder/templates/job-db-init.yaml b/cinder/templates/job-db-init.yaml index 951c6d1718..96d36e70d5 100644 --- a/cinder/templates/job-db-init.yaml +++ b/cinder/templates/job-db-init.yaml @@ -6,31 +6,8 @@ spec: template: metadata: annotations: - pod.beta.kubernetes.io/init-containers: '[ - { - "name": "init", - "image": {{ .Values.images.dep_check | quote }}, - "imagePullPolicy": {{ .Values.images.pull_policy | quote }}, - "env": [ - { - "name": "NAMESPACE", - "value": "{{ .Release.Namespace }}" - }, - { - "name": "DEPENDENCY_SERVICE", - "value": "{{ include "joinListWithColon" .Values.dependencies.db_init.service }}" - }, - { - "name": "DEPENDENCY_JOBS", - "value": "{{ include "joinListWithColon" .Values.dependencies.db_init.jobs }}" - }, - { - "name": "COMMAND", - "value": "echo done" - } - ] - } - ]' + {{ include "init-containers-header" . }} + {{ include "init-containers-footer" .Values.dependencies.db_init }} spec: restartPolicy: OnFailure nodeSelector: diff --git a/cinder/templates/job-db-sync.yaml b/cinder/templates/job-db-sync.yaml index b44d4799cf..5b5c75beab 100644 --- a/cinder/templates/job-db-sync.yaml +++ b/cinder/templates/job-db-sync.yaml @@ -6,31 +6,8 @@ spec: template: metadata: annotations: - pod.beta.kubernetes.io/init-containers: '[ - { - "name": "init", - "image": {{ .Values.images.dep_check | quote }}, - "imagePullPolicy": {{ .Values.images.pull_policy | quote }}, - "env": [ - { - "name": "NAMESPACE", - "value": "{{ .Release.Namespace }}" - }, - { - "name": "DEPENDENCY_SERVICE", - "value": "{{ include "joinListWithColon" .Values.dependencies.db_sync.service }}" - }, - { - "name": "DEPENDENCY_JOBS", - "value": "{{ include "joinListWithColon" .Values.dependencies.db_sync.jobs }}" - }, - { - "name": "COMMAND", - "value": "echo done" - } - ] - } - ]' + {{ include "init-containers-header" . }} + {{ include "init-containers-footer" .Values.dependencies.db_sync }} spec: restartPolicy: OnFailure nodeSelector: diff --git a/cinder/templates/job-ks-endpoints.yaml.yaml b/cinder/templates/job-ks-endpoints.yaml.yaml index 936a866b1b..778359399c 100644 --- a/cinder/templates/job-ks-endpoints.yaml.yaml +++ b/cinder/templates/job-ks-endpoints.yaml.yaml @@ -8,27 +8,8 @@ spec: template: metadata: annotations: - pod.beta.kubernetes.io/init-containers: '[ - { - "name": "init", - "image": {{ .Values.images.dep_check | quote }}, - "imagePullPolicy": {{ .Values.images.pull_policy | quote }}, - "env": [ - { - "name": "NAMESPACE", - "value": "{{ .Release.Namespace }}" - }, - { - "name": "DEPENDENCY_SERVICE", - "value": "{{ include "joinListWithColon" .Values.dependencies.ks_service.service }}" - }, - { - "name": "COMMAND", - "value": "echo done" - } - ] - } - ]' + {{ include "init-containers-header" . }} + {{ include "init-containers-footer" .Values.dependencies.ks_endpoints }} spec: restartPolicy: OnFailure nodeSelector: diff --git a/cinder/templates/job-ks-service.yaml b/cinder/templates/job-ks-service.yaml index 6a6f32a42a..f6832e1870 100644 --- a/cinder/templates/job-ks-service.yaml +++ b/cinder/templates/job-ks-service.yaml @@ -8,27 +8,8 @@ spec: template: metadata: annotations: - pod.beta.kubernetes.io/init-containers: '[ - { - "name": "init", - "image": {{ .Values.images.dep_check | quote }}, - "imagePullPolicy": {{ .Values.images.pull_policy | quote }}, - "env": [ - { - "name": "NAMESPACE", - "value": "{{ .Release.Namespace }}" - }, - { - "name": "DEPENDENCY_SERVICE", - "value": "{{ include "joinListWithColon" .Values.dependencies.ks_service.service }}" - }, - { - "name": "COMMAND", - "value": "echo done" - } - ] - } - ]' + {{ include "init-containers-header" . }} + {{ include "init-containers-footer" .Values.dependencies.ks_service }} spec: restartPolicy: OnFailure nodeSelector: diff --git a/cinder/templates/job-ks-user.yaml b/cinder/templates/job-ks-user.yaml index 6690863997..fc7d50d5dc 100644 --- a/cinder/templates/job-ks-user.yaml +++ b/cinder/templates/job-ks-user.yaml @@ -8,27 +8,8 @@ spec: template: metadata: annotations: - pod.beta.kubernetes.io/init-containers: '[ - { - "name": "init", - "image": {{ .Values.images.dep_check | quote }}, - "imagePullPolicy": {{ .Values.images.pull_policy | quote }}, - "env": [ - { - "name": "NAMESPACE", - "value": "{{ .Release.Namespace }}" - }, - { - "name": "DEPENDENCY_SERVICE", - "value": "{{ include "joinListWithColon" .Values.dependencies.ks_user.service }}" - }, - { - "name": "COMMAND", - "value": "echo done" - } - ] - } - ]' + {{ include "init-containers-header" . }} + {{ include "init-containers-footer" .Values.dependencies.ks_user }} spec: restartPolicy: OnFailure nodeSelector: diff --git a/common/templates/_funcs.tpl b/common/templates/_funcs.tpl index fe6c9a675e..f6031fede9 100644 --- a/common/templates/_funcs.tpl +++ b/common/templates/_funcs.tpl @@ -21,3 +21,38 @@ {{- $wtf := $context.Template.Name | replace $last $name -}} {{- include $wtf $context | sha256sum | quote -}} {{- end -}} + +{{- define "init-containers-header"}} + pod.beta.kubernetes.io/init-containers: '[ + { + "name": "init", + "image": {{ .Values.images.dep_check | default "quay.io/stackanetes/kubernetes-entrypoint:v0.1.0" | quote }}, + "imagePullPolicy": {{ .Values.images.pull_policy | default "IfNotPresent" | quote }}, + "env": [ + { + "name": "NAMESPACE", + "value": "{{ .Release.Namespace }}" + }, +{{- end -}} + +{{- define "init-containers-footer" }} + { + "name": "INTERFACE_NAME", + "value": "eth0" + }, + { + "name": "DEPENDENCY_SERVICE", + "value": "{{ include "joinListWithColon" .service }}" + }, + { + "name": "DEPENDENCY_JOBS", + "value": "{{ include "joinListWithColon" .jobs }}" + }, + { + "name": "COMMAND", + "value": "echo done" + } + ] + } + ]' +{{- end -}} \ No newline at end of file diff --git a/glance/templates/api.yaml b/glance/templates/api.yaml index 53e9cc77b0..988e34ecaa 100644 --- a/glance/templates/api.yaml +++ b/glance/templates/api.yaml @@ -17,35 +17,11 @@ spec: labels: app: glance-api annotations: - pod.beta.kubernetes.io/init-containers: '[ - { - "name": "init", - "image": "quay.io/stackanetes/kubernetes-entrypoint:v0.1.0", - "imagePullPolicy": "{{ .Values.images.pull_policy }}", - "env": [ - { - "name": "NAMESPACE", - "value": "{{ .Release.Namespace }}" - }, - { - "name": "DEPENDENCY_SERVICE", - "value": "{{ include "joinListWithColon" .Values.dependencies.api.service }}" - }, - { - "name": "DEPENDENCY_JOBS", - "value": "{{ include "joinListWithColon" .Values.dependencies.api.jobs }}" - }, - { - "name": "COMMAND", - "value": "echo done" - } - ] - } - ]' + {{ include "init-containers-header" . }} + {{ include "init-containers-footer" .Values.dependencies.api }} spec: nodeSelector: {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} - containers: - name: glance-api image: {{ .Values.images.api }} diff --git a/glance/templates/db-sync.yaml b/glance/templates/db-sync.yaml index fe0c1f56a3..209485beef 100644 --- a/glance/templates/db-sync.yaml +++ b/glance/templates/db-sync.yaml @@ -6,31 +6,8 @@ spec: template: metadata: annotations: - pod.beta.kubernetes.io/init-containers: '[ - { - "name": "init", - "image": "quay.io/stackanetes/kubernetes-entrypoint:v0.1.0", - "imagePullPolicy": "{{ .Values.images.pull_policy }}", - "env": [ - { - "name": "NAMESPACE", - "value": "{{ .Release.Namespace }}" - }, - { - "name": "DEPENDENCY_SERVICE", - "value": "{{ include "joinListWithColon" .Values.dependencies.db_sync.service }}" - }, - { - "name": "DEPENDENCY_JOBS", - "value": "{{ include "joinListWithColon" .Values.dependencies.db_sync.jobs }}" - }, - { - "name": "COMMAND", - "value": "echo done" - } - ] - } - ]' + {{ include "init-containers-header" . }} + {{ include "init-containers-footer" .Values.dependencies.db_sync }} spec: restartPolicy: OnFailure nodeSelector: diff --git a/glance/templates/init.yaml b/glance/templates/init.yaml index 48b97a7cbd..f92855b1b0 100644 --- a/glance/templates/init.yaml +++ b/glance/templates/init.yaml @@ -6,31 +6,8 @@ spec: template: metadata: annotations: - pod.beta.kubernetes.io/init-containers: '[ - { - "name": "init", - "image": "quay.io/stackanetes/kubernetes-entrypoint:v0.1.0", - "imagePullPolicy": "{{ .Values.images.pull_policy }}", - "env": [ - { - "name": "NAMESPACE", - "value": "{{ .Release.Namespace }}" - }, - { - "name": "DEPENDENCY_SERVICE", - "value": "{{ include "joinListWithColon" .Values.dependencies.init.service }}" - }, - { - "name": "DEPENDENCY_JOBS", - "value": "{{ include "joinListWithColon" .Values.dependencies.init.jobs }}" - }, - { - "name": "COMMAND", - "value": "echo done" - } - ] - } - ]' + {{ include "init-containers-header" . }} + {{ include "init-containers-footer" .Values.dependencies.init }} spec: restartPolicy: OnFailure nodeSelector: diff --git a/glance/templates/post.yaml b/glance/templates/post.yaml index 4fe1c195bf..a0fa89c612 100644 --- a/glance/templates/post.yaml +++ b/glance/templates/post.yaml @@ -6,31 +6,8 @@ spec: template: metadata: annotations: - pod.beta.kubernetes.io/init-containers: '[ - { - "name": "init", - "image": "quay.io/stackanetes/kubernetes-entrypoint:v0.1.0", - "imagePullPolicy": "{{ .Values.images.pull_policy }}", - "env": [ - { - "name": "NAMESPACE", - "value": "{{ .Release.Namespace }}" - }, - { - "name": "DEPENDENCY_SERVICE", - "value": "{{ include "joinListWithColon" .Values.dependencies.post.service }}" - }, - { - "name": "DEPENDENCY_JOBS", - "value": "{{ include "joinListWithColon" .Values.dependencies.post.jobs }}" - }, - { - "name": "COMMAND", - "value": "echo done" - } - ] - } - ]' + {{ include "init-containers-header" . }} + {{ include "init-containers-footer" .Values.dependencies.post }} spec: nodeSelector: {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} diff --git a/glance/templates/registry.yaml b/glance/templates/registry.yaml index 998d64ad32..51fb9ec62c 100644 --- a/glance/templates/registry.yaml +++ b/glance/templates/registry.yaml @@ -9,31 +9,8 @@ spec: labels: app: glance-registry annotations: - pod.beta.kubernetes.io/init-containers: '[ - { - "name": "init", - "image": "quay.io/stackanetes/kubernetes-entrypoint:v0.1.0", - "imagePullPolicy": "{{ .Values.images.pull_policy }}", - "env": [ - { - "name": "NAMESPACE", - "value": "{{ .Release.Namespace }}" - }, - { - "name": "DEPENDENCY_SERVICE", - "value": "{{ include "joinListWithColon" .Values.dependencies.registry.service }}" - }, - { - "name": "DEPENDENCY_JOBS", - "value": "{{ include "joinListWithColon" .Values.dependencies.registry.jobs }}" - }, - { - "name": "COMMAND", - "value": "echo done" - } - ] - } - ]' + {{ include "init-containers-header" . }} + {{ include "init-containers-footer" .Values.dependencies.registry }} spec: nodeSelector: {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} diff --git a/glance/values.yaml b/glance/values.yaml index a3c6886a54..e45853064f 100644 --- a/glance/values.yaml +++ b/glance/values.yaml @@ -15,6 +15,7 @@ images: init: quay.io/stackanetes/stackanetes-kolla-toolbox:newton registry: quay.io/stackanetes/stackanetes-glance-registry:newton post: quay.io/stackanetes/stackanetes-kolla-toolbox:newton + dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.1.0 pull_policy: "IfNotPresent" upgrades: diff --git a/heat/templates/deployment-api.yaml b/heat/templates/deployment-api.yaml index 759571c4e3..d05e7fa3d5 100755 --- a/heat/templates/deployment-api.yaml +++ b/heat/templates/deployment-api.yaml @@ -9,31 +9,8 @@ spec: labels: app: heat-api annotations: - pod.beta.kubernetes.io/init-containers: '[ - { - "name": "init", - "image": {{ .Values.images.dep_check | quote }}, - "imagePullPolicy": {{ .Values.images.pull_policy | quote }}, - "env": [ - { - "name": "NAMESPACE", - "value": "{{ .Release.Namespace }}" - }, - { - "name": "DEPENDENCY_SERVICE", - "value": "{{ include "joinListWithColon" .Values.dependencies.api.service }}" - }, - { - "name": "DEPENDENCY_JOBS", - "value": "{{ include "joinListWithColon" .Values.dependencies.api.jobs }}" - }, - { - "name": "COMMAND", - "value": "echo done" - } - ] - } - ]' + {{ include "init-containers-header" . }} + {{ include "init-containers-footer" .Values.dependencies.api }} spec: nodeSelector: {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} diff --git a/heat/templates/deployment-cfn.yaml b/heat/templates/deployment-cfn.yaml index 94d6d55e35..ca1d998e81 100644 --- a/heat/templates/deployment-cfn.yaml +++ b/heat/templates/deployment-cfn.yaml @@ -9,31 +9,8 @@ spec: labels: app: heat-cfn annotations: - pod.beta.kubernetes.io/init-containers: '[ - { - "name": "init", - "image": {{ .Values.images.dep_check | quote }}, - "imagePullPolicy": {{ .Values.images.pull_policy | quote }}, - "env": [ - { - "name": "NAMESPACE", - "value": "{{ .Release.Namespace }}" - }, - { - "name": "DEPENDENCY_SERVICE", - "value": "{{ include "joinListWithColon" .Values.dependencies.cfn.service }}" - }, - { - "name": "DEPENDENCY_JOBS", - "value": "{{ include "joinListWithColon" .Values.dependencies.cfn.jobs }}" - }, - { - "name": "COMMAND", - "value": "echo done" - } - ] - } - ]' + {{ include "init-containers-header" . }} + {{ include "init-containers-footer" .Values.dependencies.cnf }} spec: nodeSelector: {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} diff --git a/heat/templates/deployment-cloudwatch.yaml b/heat/templates/deployment-cloudwatch.yaml index d4753011c6..3c350f402b 100644 --- a/heat/templates/deployment-cloudwatch.yaml +++ b/heat/templates/deployment-cloudwatch.yaml @@ -9,31 +9,8 @@ spec: labels: app: heat-cloudwatch annotations: - pod.beta.kubernetes.io/init-containers: '[ - { - "name": "init", - "image": {{ .Values.images.dep_check | quote }}, - "imagePullPolicy": {{ .Values.images.pull_policy | quote }}, - "env": [ - { - "name": "NAMESPACE", - "value": "{{ .Release.Namespace }}" - }, - { - "name": "DEPENDENCY_SERVICE", - "value": "{{ include "joinListWithColon" .Values.dependencies.cloudwatch.service }}" - }, - { - "name": "DEPENDENCY_JOBS", - "value": "{{ include "joinListWithColon" .Values.dependencies.cloudwatch.jobs }}" - }, - { - "name": "COMMAND", - "value": "echo done" - } - ] - } - ]' + {{ include "init-containers-header" . }} + {{ include "init-containers-footer" .Values.dependencies.cloudwatch }} spec: nodeSelector: {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} diff --git a/heat/templates/job-db-init.yaml b/heat/templates/job-db-init.yaml index de256fbdf0..bad7afa0b3 100644 --- a/heat/templates/job-db-init.yaml +++ b/heat/templates/job-db-init.yaml @@ -6,31 +6,8 @@ spec: template: metadata: annotations: - pod.beta.kubernetes.io/init-containers: '[ - { - "name": "init", - "image": {{ .Values.images.dep_check | quote }}, - "imagePullPolicy": {{ .Values.images.pull_policy | quote }}, - "env": [ - { - "name": "NAMESPACE", - "value": "{{ .Release.Namespace }}" - }, - { - "name": "DEPENDENCY_SERVICE", - "value": "{{ include "joinListWithColon" .Values.dependencies.db_init.service }}" - }, - { - "name": "DEPENDENCY_JOBS", - "value": "{{ include "joinListWithColon" .Values.dependencies.db_init.jobs }}" - }, - { - "name": "COMMAND", - "value": "echo done" - } - ] - } - ]' + {{ include "init-containers-header" . }} + {{ include "init-containers-footer" .Values.dependencies.db_init }} spec: restartPolicy: OnFailure nodeSelector: diff --git a/heat/templates/job-db-sync.yaml b/heat/templates/job-db-sync.yaml index 8a7f90f3ed..aa87773e04 100644 --- a/heat/templates/job-db-sync.yaml +++ b/heat/templates/job-db-sync.yaml @@ -6,31 +6,8 @@ spec: template: metadata: annotations: - pod.beta.kubernetes.io/init-containers: '[ - { - "name": "init", - "image": {{ .Values.images.dep_check | quote }}, - "imagePullPolicy": {{ .Values.images.pull_policy | quote }}, - "env": [ - { - "name": "NAMESPACE", - "value": "{{ .Release.Namespace }}" - }, - { - "name": "DEPENDENCY_SERVICE", - "value": "{{ include "joinListWithColon" .Values.dependencies.db_sync.service }}" - }, - { - "name": "DEPENDENCY_JOBS", - "value": "{{ include "joinListWithColon" .Values.dependencies.db_sync.jobs }}" - }, - { - "name": "COMMAND", - "value": "echo done" - } - ] - } - ]' + {{ include "init-containers-header" . }} + {{ include "init-containers-footer" .Values.dependencies.db_sync }} spec: restartPolicy: OnFailure nodeSelector: diff --git a/heat/templates/job-ks-endpoints.yaml.yaml b/heat/templates/job-ks-endpoints.yaml.yaml index d82c4fd525..a3dbc3a40d 100644 --- a/heat/templates/job-ks-endpoints.yaml.yaml +++ b/heat/templates/job-ks-endpoints.yaml.yaml @@ -8,27 +8,8 @@ spec: template: metadata: annotations: - pod.beta.kubernetes.io/init-containers: '[ - { - "name": "init", - "image": {{ .Values.images.dep_check | quote }}, - "imagePullPolicy": {{ .Values.images.pull_policy | quote }}, - "env": [ - { - "name": "NAMESPACE", - "value": "{{ .Release.Namespace }}" - }, - { - "name": "DEPENDENCY_SERVICE", - "value": "{{ include "joinListWithColon" .Values.dependencies.ks_service.service }}" - }, - { - "name": "COMMAND", - "value": "echo done" - } - ] - } - ]' + {{ include "init-containers-header" . }} + {{ include "init-containers-footer" .Values.dependencies.ks_endpoints }} spec: restartPolicy: OnFailure nodeSelector: diff --git a/heat/templates/job-ks-service.yaml b/heat/templates/job-ks-service.yaml index 651422c355..966671dcb4 100644 --- a/heat/templates/job-ks-service.yaml +++ b/heat/templates/job-ks-service.yaml @@ -8,27 +8,8 @@ spec: template: metadata: annotations: - pod.beta.kubernetes.io/init-containers: '[ - { - "name": "init", - "image": {{ .Values.images.dep_check | quote }}, - "imagePullPolicy": {{ .Values.images.pull_policy | quote }}, - "env": [ - { - "name": "NAMESPACE", - "value": "{{ .Release.Namespace }}" - }, - { - "name": "DEPENDENCY_SERVICE", - "value": "{{ include "joinListWithColon" .Values.dependencies.ks_service.service }}" - }, - { - "name": "COMMAND", - "value": "echo done" - } - ] - } - ]' + {{ include "init-containers-header" . }} + {{ include "init-containers-footer" .Values.dependencies.ks_service }} spec: restartPolicy: OnFailure nodeSelector: diff --git a/heat/templates/job-ks-user.yaml b/heat/templates/job-ks-user.yaml index 89c2d21f76..e6218b5623 100644 --- a/heat/templates/job-ks-user.yaml +++ b/heat/templates/job-ks-user.yaml @@ -11,27 +11,8 @@ spec: template: metadata: annotations: - pod.beta.kubernetes.io/init-containers: '[ - { - "name": "init", - "image": {{ .Values.images.dep_check | quote }}, - "imagePullPolicy": {{ .Values.images.pull_policy | quote }}, - "env": [ - { - "name": "NAMESPACE", - "value": "{{ .Release.Namespace }}" - }, - { - "name": "DEPENDENCY_SERVICE", - "value": "{{ include "joinListWithColon" .Values.dependencies.ks_user.service }}" - }, - { - "name": "COMMAND", - "value": "echo done" - } - ] - } - ]' + {{ include "init-containers-header" . }} + {{ include "init-containers-footer" .Values.dependencies.ks_user }} spec: restartPolicy: OnFailure nodeSelector: diff --git a/heat/templates/statefulset-engine.yaml b/heat/templates/statefulset-engine.yaml index 0478e39173..483d8bdff7 100644 --- a/heat/templates/statefulset-engine.yaml +++ b/heat/templates/statefulset-engine.yaml @@ -10,31 +10,8 @@ spec: labels: app: heat-engine annotations: - pod.beta.kubernetes.io/init-containers: '[ - { - "name": "init", - "image": {{ .Values.images.dep_check | quote }}, - "imagePullPolicy": {{ .Values.images.pull_policy | quote }}, - "env": [ - { - "name": "NAMESPACE", - "value": "{{ .Release.Namespace }}" - }, - { - "name": "DEPENDENCY_SERVICE", - "value": "{{ include "joinListWithColon" .Values.dependencies.engine.service }}" - }, - { - "name": "DEPENDENCY_JOBS", - "value": "{{ include "joinListWithColon" .Values.dependencies.engine.jobs }}" - }, - { - "name": "COMMAND", - "value": "echo done" - } - ] - } - ]' + {{ include "init-containers-header" . }} + {{ include "init-containers-footer" .Values.dependencies.engine }} spec: nodeSelector: {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} diff --git a/horizon/templates/deployment.yaml b/horizon/templates/deployment.yaml index f3a65f02e7..2e332b672f 100644 --- a/horizon/templates/deployment.yaml +++ b/horizon/templates/deployment.yaml @@ -19,27 +19,8 @@ spec: annotations: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} - pod.beta.kubernetes.io/init-containers: '[ - { - "name": "init", - "image": "{{ .Values.images.entrypoint }}", - "imagePullPolicy": "{{ .Values.images.pull_policy }}", - "env": [ - { - "name": "NAMESPACE", - "value": "{{ .Release.Namespace }}" - }, - { - "name": "DEPENDENCY_SERVICE", - "value": "{{ include "joinListWithColon" .Values.dependencies.dashboard.service }}" - }, - { - "name": "COMMAND", - "value": "echo done" - } - ] - } - ]' + {{ include "init-containers-header" . }} + {{ include "init-containers-footer" .Values.dependencies.dashboard }} spec: nodeSelector: {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} diff --git a/horizon/values.yaml b/horizon/values.yaml index f9a19fd4ee..84caa6d950 100644 --- a/horizon/values.yaml +++ b/horizon/values.yaml @@ -6,7 +6,7 @@ replicas: 1 images: - entrypoint: quay.io/stackanetes/kubernetes-entrypoint:v0.1.0 + dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.1.0 horizon: quay.io/stackanetes/stackanetes-horizon:newton pull_policy: "IfNotPresent" diff --git a/keystone/templates/deployment.yaml b/keystone/templates/deployment.yaml index 49917adaed..5094759d43 100644 --- a/keystone/templates/deployment.yaml +++ b/keystone/templates/deployment.yaml @@ -18,36 +18,9 @@ spec: app: keystone-api annotations: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} - configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} - pod.beta.kubernetes.io/init-containers: '[ - { - "name": "init", - "image": "{{ .Values.images.entrypoint }}", - "imagePullPolicy": "{{ .Values.images.pull_policy }}", - "env": [ - { - "name": "NAMESPACE", - "value": "{{ .Release.Namespace }}" - }, - { - "name": "INTERFACE_NAME", - "value": "eth0" - }, - { - "name": "DEPENDENCY_SERVICE", - "value": "{{ include "joinListWithColon" .Values.dependencies.api.service }}" - }, - { - "name": "DEPENDENCY_JOBS", - "value": "{{ include "joinListWithColon" .Values.dependencies.api.jobs }}" - }, - { - "name": "COMMAND", - "value": "echo done" - } - ] - } - ]' + configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} + {{ include "init-containers-header" . }} + {{ include "init-containers-footer" .Values.dependencies.api }} spec: nodeSelector: {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} diff --git a/keystone/templates/job-db-sync.yaml b/keystone/templates/job-db-sync.yaml index c1f4954279..d85320a435 100644 --- a/keystone/templates/job-db-sync.yaml +++ b/keystone/templates/job-db-sync.yaml @@ -6,31 +6,8 @@ spec: template: metadata: annotations: - pod.beta.kubernetes.io/init-containers: '[ - { - "name": "init", - "image": "{{ .Values.images.entrypoint }}", - "imagePullPolicy": "{{ .Values.images.pull_policy }}", - "env": [ - { - "name": "NAMESPACE", - "value": "{{ .Release.Namespace }}" - }, - { - "name": "DEPENDENCY_SERVICE", - "value": "{{ include "joinListWithColon" .Values.dependencies.db_sync.service }}" - }, - { - "name": "DEPENDENCY_JOBS", - "value": "{{ include "joinListWithColon" .Values.dependencies.db_sync.jobs }}" - }, - { - "name": "COMMAND", - "value": "echo done" - } - ] - } - ]' + {{ include "init-containers-header" . }} + {{ include "init-containers-footer" .Values.dependencies.db_sync }} spec: restartPolicy: OnFailure nodeSelector: diff --git a/keystone/templates/job-init.yaml b/keystone/templates/job-init.yaml index 1f395255dc..f2e64c4804 100644 --- a/keystone/templates/job-init.yaml +++ b/keystone/templates/job-init.yaml @@ -6,31 +6,8 @@ spec: template: metadata: annotations: - pod.beta.kubernetes.io/init-containers: '[ - { - "name": "init", - "image": "{{ .Values.images.entrypoint }}", - "imagePullPolicy": "{{ .Values.images.pull_policy }}", - "env": [ - { - "name": "NAMESPACE", - "value": "{{ .Release.Namespace }}" - }, - { - "name": "DEPENDENCY_SERVICE", - "value": "{{ include "joinListWithColon" .Values.dependencies.init.service }}" - }, - { - "name": "DEPENDENCY_JOBS", - "value": "{{ include "joinListWithColon" .Values.dependencies.init.jobs }}" - }, - { - "name": "COMMAND", - "value": "echo done" - } - ] - } - ]' + {{ include "init-containers-header" . }} + {{ include "init-containers-footer" .Values.dependencies.init }} spec: restartPolicy: OnFailure nodeSelector: diff --git a/keystone/values.yaml b/keystone/values.yaml index e6ead52acc..ccd3546041 100644 --- a/keystone/values.yaml +++ b/keystone/values.yaml @@ -13,7 +13,7 @@ images: db_sync: quay.io/stackanetes/stackanetes-keystone-api:newton api: quay.io/stackanetes/stackanetes-keystone-api:newton init: quay.io/stackanetes/stackanetes-kolla-toolbox:newton - entrypoint: quay.io/stackanetes/kubernetes-entrypoint:v0.1.0 + dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.1.0 pull_policy: "IfNotPresent" upgrades: diff --git a/nova/templates/daemonset-compute.yaml b/nova/templates/daemonset-compute.yaml index f9fcafd931..d4fe85205e 100644 --- a/nova/templates/daemonset-compute.yaml +++ b/nova/templates/daemonset-compute.yaml @@ -10,35 +10,8 @@ spec: annotations: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} - pod.beta.kubernetes.io/init-containers: '[ - { - "name": "init", - "image": "{{ .Values.image.entrypoint }}", - "imagePullPolicy": "{{ .Values.image.pull_policy }}", - "env": [ - { - "name": "NAMESPACE", - "value": "{{ .Release.Namespace }}" - }, - { - "name": "INTERFACE_NAME", - "value": "eth0" - }, - { - "name": "DEPENDENCY_SERVICE", - "value": "{{ include "joinListWithColon" .Values.dependencies.compute.service }}" - }, - { - "name": "DEPENDENCY_JOBS", - "value": "{{ include "joinListWithColon" .Values.dependencies.compute.jobs }}" - }, - { - "name": "COMMAND", - "value": "echo done" - } - ] - } - ]' + {{ include "init-containers-header" . }} + {{ include "init-containers-footer" .Values.dependencies.compute }} spec: nodeSelector: {{ .Values.labels.compute_node_selector_key }}: {{ .Values.labels.compute_node_selector_value }} @@ -49,8 +22,8 @@ spec: dnsPolicy: ClusterFirst containers: - name: nova-compute - image: {{ .Values.image.compute }} - imagePullPolicy: {{ .Values.image.pull_policy }} + image: {{ .Values.images.compute }} + imagePullPolicy: Always securityContext: privileged: true command: diff --git a/nova/templates/daemonset-libvirt.yaml b/nova/templates/daemonset-libvirt.yaml index 3511c0a2e7..13e673e4e2 100644 --- a/nova/templates/daemonset-libvirt.yaml +++ b/nova/templates/daemonset-libvirt.yaml @@ -10,35 +10,8 @@ spec: annotations: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} - pod.beta.kubernetes.io/init-containers: '[ - { - "name": "init", - "image": "{{ .Values.image.entrypoint }}", - "imagePullPolicy": "{{ .Values.image.pull_policy }}", - "env": [ - { - "name": "NAMESPACE", - "value": "{{ .Release.Namespace }}" - }, - { - "name": "INTERFACE_NAME", - "value": "eth0" - }, - { - "name": "DEPENDENCY_SERVICE", - "value": "{{ include "joinListWithColon" .Values.dependencies.libvirt.service }}" - }, - { - "name": "DEPENDENCY_JOBS", - "value": "{{ include "joinListWithColon" .Values.dependencies.libvirt.jobs }}" - }, - { - "name": "COMMAND", - "value": "echo done" - } - ] - } - ]' + {{ include "init-containers-header" . }} + {{ include "init-containers-footer" .Values.dependencies.libvirt }} spec: nodeSelector: {{ .Values.labels.compute_node_selector_key }}: {{ .Values.labels.compute_node_selector_value }} @@ -48,8 +21,8 @@ spec: dnsPolicy: ClusterFirst containers: - name: nova-libvirt - image: {{ .Values.image.libvirt }} - imagePullPolicy: {{ .Values.image.pull_policy }} + image: {{ .Values.images.libvirt }} + imagePullPolicy: Always securityContext: privileged: true command: diff --git a/nova/templates/deployment-api-metadata.yaml b/nova/templates/deployment-api-metadata.yaml index 2e1a6929f6..fe3ce88d33 100644 --- a/nova/templates/deployment-api-metadata.yaml +++ b/nova/templates/deployment-api-metadata.yaml @@ -19,42 +19,15 @@ spec: annotations: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} - pod.beta.kubernetes.io/init-containers: '[ - { - "name": "init", - "image": "{{ .Values.image.entrypoint }}", - "imagePullPolicy": "{{ .Values.image.pull_policy }}", - "env": [ - { - "name": "NAMESPACE", - "value": "{{ .Release.Namespace }}" - }, - { - "name": "INTERFACE_NAME", - "value": "eth0" - }, - { - "name": "DEPENDENCY_SERVICE", - "value": "{{ include "joinListWithColon" .Values.dependencies.api.service }}" - }, - { - "name": "DEPENDENCY_JOBS", - "value": "{{ include "joinListWithColon" .Values.dependencies.api.jobs }}" - }, - { - "name": "COMMAND", - "value": "echo done" - } - ] - } - ]' + {{ include "init-containers-header" . }} + {{ include "init-containers-footer" .Values.dependencies.api }} spec: nodeSelector: {{ .Values.labels.control_node_selector_key }}: {{ .Values.labels.control_node_selector_value }} containers: - - name: nova-api-metadata - image: {{ .Values.image.api }} - imagePullPolicy: {{ .Values.image.pull_policy }} + - name: nova-api + image: {{ .Values.images.api }} + imagePullPolicy: {{ .Values.images.pull_policy }} # https://bugs.launchpad.net/kolla-mesos/+bug/1546007 securityContext: capabilities: diff --git a/nova/templates/deployment-api-osapi.yaml b/nova/templates/deployment-api-osapi.yaml index b37fe438fa..49e998fd92 100644 --- a/nova/templates/deployment-api-osapi.yaml +++ b/nova/templates/deployment-api-osapi.yaml @@ -19,41 +19,14 @@ spec: annotations: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} - pod.beta.kubernetes.io/init-containers: '[ - { - "name": "init", - "image": "{{ .Values.image.entrypoint }}", - "imagePullPolicy": "{{ .Values.image.pull_policy }}", - "env": [ - { - "name": "NAMESPACE", - "value": "{{ .Release.Namespace }}" - }, - { - "name": "INTERFACE_NAME", - "value": "eth0" - }, - { - "name": "DEPENDENCY_SERVICE", - "value": "{{ include "joinListWithColon" .Values.dependencies.api.service }}" - }, - { - "name": "DEPENDENCY_JOBS", - "value": "{{ include "joinListWithColon" .Values.dependencies.api.jobs }}" - }, - { - "name": "COMMAND", - "value": "echo done" - } - ] - } - ]' + {{ include "init-containers-header" . }} + {{ include "init-containers-footer" .Values.dependencies.api }} spec: nodeSelector: {{ .Values.labels.control_node_selector_key }}: {{ .Values.labels.control_node_selector_value }} containers: - - name: nova-api-osapi - image: {{ .Values.image.api }} + - name: nova-osapi + image: {{ .Values.images.api }} imagePullPolicy: {{ .Values.image.pull_policy }} securityContext: capabilities: diff --git a/nova/templates/deployment-conductor.yaml b/nova/templates/deployment-conductor.yaml index 1d300e109a..514e384a50 100644 --- a/nova/templates/deployment-conductor.yaml +++ b/nova/templates/deployment-conductor.yaml @@ -19,41 +19,14 @@ spec: annotations: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} - pod.beta.kubernetes.io/init-containers: '[ - { - "name": "init", - "image": "{{ .Values.image.entrypoint }}", - "imagePullPolicy": "{{ .Values.image.pull_policy }}", - "env": [ - { - "name": "NAMESPACE", - "value": "{{ .Release.Namespace }}" - }, - { - "name": "INTERFACE_NAME", - "value": "eth0" - }, - { - "name": "DEPENDENCY_SERVICE", - "value": "{{ include "joinListWithColon" .Values.dependencies.conductor.service }}" - }, - { - "name": "DEPENDENCY_JOBS", - "value": "{{ include "joinListWithColon" .Values.dependencies.conductor.jobs }}" - }, - { - "name": "COMMAND", - "value": "echo done" - } - ] - } - ]' + {{ include "init-containers-header" . }} + {{ include "init-containers-footer" .Values.dependencies.conductor }} spec: nodeSelector: {{ .Values.labels.control_node_selector_key }}: {{ .Values.labels.control_node_selector_value }} containers: - name: nova-conductor - image: {{ .Values.image.conductor }} + image: {{ .Values.images.conductor }} imagePullPolicy: {{ .Values.image.pull_policy }} command: - nova-conductor diff --git a/nova/templates/deployment-consoleauth.yaml b/nova/templates/deployment-consoleauth.yaml index 453647b41e..1ee8f4e257 100644 --- a/nova/templates/deployment-consoleauth.yaml +++ b/nova/templates/deployment-consoleauth.yaml @@ -19,41 +19,14 @@ spec: annotations: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} - pod.beta.kubernetes.io/init-containers: '[ - { - "name": "init", - "image": "{{ .Values.image.entrypoint }}", - "imagePullPolicy": "{{ .Values.image.pull_policy }}", - "env": [ - { - "name": "NAMESPACE", - "value": "{{ .Release.Namespace }}" - }, - { - "name": "INTERFACE_NAME", - "value": "eth0" - }, - { - "name": "DEPENDENCY_SERVICE", - "value": "{{ include "joinListWithColon" .Values.dependencies.consoleauth.service }}" - }, - { - "name": "DEPENDENCY_JOBS", - "value": "{{ include "joinListWithColon" .Values.dependencies.consoleauth.jobs }}" - }, - { - "name": "COMMAND", - "value": "echo done" - } - ] - } - ]' + {{ include "init-containers-header" . }} + {{ include "init-containers-footer" .Values.dependencies.consoleauth }} spec: nodeSelector: {{ .Values.labels.control_node_selector_key }}: {{ .Values.labels.control_node_selector_value }} containers: - name: nova-consoleauth - image: {{ .Values.image.consoleauth }} + image: {{ .Values.images.consoleauth }} imagePullPolicy: {{ .Values.image.pull_policy }} command: - nova-consoleauth diff --git a/nova/templates/deployment-scheduler.yaml b/nova/templates/deployment-scheduler.yaml index ebef279bc8..4d97c2a53d 100644 --- a/nova/templates/deployment-scheduler.yaml +++ b/nova/templates/deployment-scheduler.yaml @@ -19,41 +19,14 @@ spec: annotations: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} - pod.beta.kubernetes.io/init-containers: '[ - { - "name": "init", - "image": "{{ .Values.image.entrypoint }}", - "imagePullPolicy": "{{ .Values.image.pull_policy }}", - "env": [ - { - "name": "NAMESPACE", - "value": "{{ .Release.Namespace }}" - }, - { - "name": "INTERFACE_NAME", - "value": "eth0" - }, - { - "name": "DEPENDENCY_SERVICE", - "value": "{{ include "joinListWithColon" .Values.dependencies.scheduler.service }}" - }, - { - "name": "DEPENDENCY_JOBS", - "value": "{{ include "joinListWithColon" .Values.dependencies.scheduler.jobs }}" - }, - { - "name": "COMMAND", - "value": "echo done" - } - ] - } - ]' + {{ include "init-containers-header" . }} + {{ include "init-containers-footer" .Values.dependencies.scheduler }} spec: nodeSelector: {{ .Values.labels.control_node_selector_key }}: {{ .Values.labels.control_node_selector_value }} containers: - name: nova-scheduler - image: {{ .Values.image.scheduler }} + image: {{ .Values.images.scheduler }} imagePullPolicy: {{ .Values.image.pull_policy }} command: - nova-scheduler diff --git a/nova/templates/job-db-sync.yaml b/nova/templates/job-db-sync.yaml index da81fe0e13..881b1681dc 100644 --- a/nova/templates/job-db-sync.yaml +++ b/nova/templates/job-db-sync.yaml @@ -6,39 +6,16 @@ spec: template: metadata: annotations: - pod.beta.kubernetes.io/init-containers: '[ - { - "name": "init", - "image": "{{ .Values.image.entrypoint }}", - "imagePullPolicy": "{{ .Values.image.pull_policy }}", - "env": [ - { - "name": "NAMESPACE", - "value": "{{ .Release.Namespace }}" - }, - { - "name": "DEPENDENCY_SERVICE", - "value": "{{ include "joinListWithColon" .Values.dependencies.db_sync.service }}" - }, - { - "name": "DEPENDENCY_JOBS", - "value": "{{ include "joinListWithColon" .Values.dependencies.db_sync.jobs }}" - }, - { - "name": "COMMAND", - "value": "echo done" - } - ] - } - ]' + {{ include "init-containers-header" . }} + {{ include "init-containers-footer" .Values.dependencies.db_sync }} spec: restartPolicy: OnFailure nodeSelector: {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} containers: - name: nova-db-sync - image: {{ .Values.image.db_sync }} - imagePullPolicy: {{ .Values.image.pull_policy }} + image: {{ .Values.images.db_sync }} + imagePullPolicy: {{ .Values.images.pull_policy }} command: - bash - /tmp/db-sync.sh diff --git a/nova/templates/job-init.yaml b/nova/templates/job-init.yaml index 2ca373358a..39ee62cfc0 100644 --- a/nova/templates/job-init.yaml +++ b/nova/templates/job-init.yaml @@ -6,39 +6,16 @@ spec: template: metadata: annotations: - pod.beta.kubernetes.io/init-containers: '[ - { - "name": "init", - "image": "{{ .Values.image.entrypoint }}", - "imagePullPolicy": "{{ .Values.image.pull_policy }}", - "env": [ - { - "name": "NAMESPACE", - "value": "{{ .Release.Namespace }}" - }, - { - "name": "DEPENDENCY_SERVICE", - "value": "{{ include "joinListWithColon" .Values.dependencies.init.service }}" - }, - { - "name": "DEPENDENCY_JOBS", - "value": "{{ include "joinListWithColon" .Values.dependencies.init.jobs }}" - }, - { - "name": "COMMAND", - "value": "echo done" - } - ] - } - ]' + {{ include "init-containers-header" . }} + {{ include "init-containers-footer" .Values.dependencies.init }} spec: restartPolicy: OnFailure nodeSelector: {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} containers: - name: nova-init - image: {{ .Values.image.init }} - imagePullPolicy: {{ .Values.image.pull_policy }} + image: {{ .Values.images.init }} + imagePullPolicy: {{ .Values.images.pull_policy }} command: - bash - /tmp/init.sh diff --git a/nova/templates/job-post.yaml b/nova/templates/job-post.yaml index e22373e02f..ccf5059432 100644 --- a/nova/templates/job-post.yaml +++ b/nova/templates/job-post.yaml @@ -6,39 +6,16 @@ spec: template: metadata: annotations: - pod.beta.kubernetes.io/init-containers: '[ - { - "name": "init", - "image": "{{ .Values.image.entrypoint }}", - "imagePullPolicy": "{{ .Values.image.pull_policy }}", - "env": [ - { - "name": "NAMESPACE", - "value": "{{ .Release.Namespace }}" - }, - { - "name": "DEPENDENCY_SERVICE", - "value": "{{ include "joinListWithColon" .Values.dependencies.post.service }}" - }, - { - "name": "DEPENDENCY_JOBS", - "value": "{{ include "joinListWithColon" .Values.dependencies.post.jobs }}" - }, - { - "name": "COMMAND", - "value": "echo done" - } - ] - } - ]' + {{ include "init-containers-header" . }} + {{ include "init-containers-footer" .Values.dependencies.post }} spec: restartPolicy: OnFailure nodeSelector: {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} containers: - name: nova-post - image: {{ .Values.image.post }} - imagePullPolicy: {{ .Values.image.pull_policy }} + image: {{ .Values.images.post }} + imagePullPolicy: {{ .Values.images.pull_policy }} command: - bash - /tmp/post.sh diff --git a/nova/values.yaml b/nova/values.yaml index 199e2e2142..1888add52b 100644 --- a/nova/values.yaml +++ b/nova/values.yaml @@ -12,7 +12,7 @@ labels: control_replicas: 1 compute_replicas: 1 -image: +images: init: quay.io/stackanetes/stackanetes-kolla-toolbox:newton db_sync: quay.io/stackanetes/stackanetes-nova-api:newton api: quay.io/stackanetes/stackanetes-nova-api:newton @@ -23,7 +23,7 @@ image: compute: quay.io/stackanetes/stackanetes-nova-compute:newton libvirt: quay.io/stackanetes/stackanetes-nova-libvirt:newton post: quay.io/stackanetes/stackanetes-kolla-toolbox:newton - entrypoint: quay.io/stackanetes/kubernetes-entrypoint:v0.1.0 + dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.1.0 pull_policy: "IfNotPresent" upgrades: From d3d38876c86ae12835e7be6f4a8aaece27abfa26 Mon Sep 17 00:00:00 2001 From: DTadrzak Date: Fri, 13 Jan 2017 13:27:13 +0100 Subject: [PATCH 06/45] A few changes according to Alan's review. Signed-off-by: DTadrzak --- cinder/templates/deployment-api.yaml | 4 ++-- cinder/templates/deployment-scheduler.yaml | 4 ++-- cinder/templates/deployment-volume.yaml | 4 ++-- cinder/templates/job-db-init.yaml | 4 ++-- cinder/templates/job-db-sync.yaml | 4 ++-- cinder/templates/job-ks-endpoints.yaml.yaml | 4 ++-- cinder/templates/job-ks-service.yaml | 4 ++-- cinder/templates/job-ks-user.yaml | 4 ++-- common/templates/_funcs.tpl | 22 ++++++++++----------- glance/templates/api.yaml | 4 ++-- glance/templates/db-sync.yaml | 4 ++-- glance/templates/init.yaml | 4 ++-- glance/templates/post.yaml | 4 ++-- glance/templates/registry.yaml | 4 ++-- heat/templates/deployment-api.yaml | 4 ++-- heat/templates/deployment-cfn.yaml | 4 ++-- heat/templates/deployment-cloudwatch.yaml | 4 ++-- heat/templates/job-db-init.yaml | 4 ++-- heat/templates/job-db-sync.yaml | 4 ++-- heat/templates/job-ks-endpoints.yaml.yaml | 4 ++-- heat/templates/job-ks-service.yaml | 4 ++-- heat/templates/job-ks-user.yaml | 4 ++-- heat/templates/statefulset-engine.yaml | 4 ++-- horizon/templates/deployment.yaml | 4 ++-- keystone/templates/deployment.yaml | 4 ++-- keystone/templates/job-db-sync.yaml | 4 ++-- keystone/templates/job-init.yaml | 4 ++-- mariadb_restart.sh | 9 +++++++++ nova/templates/daemonset-compute.yaml | 4 ++-- nova/templates/daemonset-libvirt.yaml | 4 ++-- nova/templates/deployment-api-metadata.yaml | 4 ++-- nova/templates/deployment-api-osapi.yaml | 4 ++-- nova/templates/deployment-conductor.yaml | 4 ++-- nova/templates/deployment-consoleauth.yaml | 4 ++-- nova/templates/deployment-scheduler.yaml | 4 ++-- nova/templates/job-db-sync.yaml | 4 ++-- nova/templates/job-init.yaml | 4 ++-- nova/templates/job-post.yaml | 4 ++-- 38 files changed, 92 insertions(+), 83 deletions(-) create mode 100644 mariadb_restart.sh diff --git a/cinder/templates/deployment-api.yaml b/cinder/templates/deployment-api.yaml index 64a522d070..58f14d61c5 100644 --- a/cinder/templates/deployment-api.yaml +++ b/cinder/templates/deployment-api.yaml @@ -19,8 +19,8 @@ spec: annotations: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} - {{ include "init-containers-header" . }} - {{ include "init-containers-footer" .Values.dependencies.api }} +{{ include "dep-check-init-cont-header" . | indent 8 }} +{{ include "dep-check-init-cont-footer" .Values.dependencies.api | indent 8 }} spec: nodeSelector: {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} diff --git a/cinder/templates/deployment-scheduler.yaml b/cinder/templates/deployment-scheduler.yaml index 57a963a437..38f5e7c90d 100644 --- a/cinder/templates/deployment-scheduler.yaml +++ b/cinder/templates/deployment-scheduler.yaml @@ -19,8 +19,8 @@ spec: annotations: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} - {{ include "init-containers-header" . }} - {{ include "init-containers-footer" .Values.dependencies.scheduler }} +{{ include "dep-check-init-cont-header" . | indent 8 }} +{{ include "dep-check-init-cont-footer" .Values.dependencies.scheduler | indent 8 }} spec: nodeSelector: {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} diff --git a/cinder/templates/deployment-volume.yaml b/cinder/templates/deployment-volume.yaml index 5debc13481..1c3d5c29d6 100644 --- a/cinder/templates/deployment-volume.yaml +++ b/cinder/templates/deployment-volume.yaml @@ -19,8 +19,8 @@ spec: annotations: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} - {{ include "init-containers-header" . }} - {{ include "init-containers-footer" .Values.dependencies.volume }} +{{ include "dep-check-init-cont-header" . | indent 8 }} +{{ include "dep-check-init-cont-footer" .Values.dependencies.volume | indent 8 }} spec: nodeSelector: {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} diff --git a/cinder/templates/job-db-init.yaml b/cinder/templates/job-db-init.yaml index 96d36e70d5..d7f9f7dff2 100644 --- a/cinder/templates/job-db-init.yaml +++ b/cinder/templates/job-db-init.yaml @@ -6,8 +6,8 @@ spec: template: metadata: annotations: - {{ include "init-containers-header" . }} - {{ include "init-containers-footer" .Values.dependencies.db_init }} +{{ include "dep-check-init-cont-header" . | indent 8 }} +{{ include "dep-check-init-cont-footer" .Values.dependencies.db_init | indent 8 }} spec: restartPolicy: OnFailure nodeSelector: diff --git a/cinder/templates/job-db-sync.yaml b/cinder/templates/job-db-sync.yaml index 5b5c75beab..5639264b35 100644 --- a/cinder/templates/job-db-sync.yaml +++ b/cinder/templates/job-db-sync.yaml @@ -6,8 +6,8 @@ spec: template: metadata: annotations: - {{ include "init-containers-header" . }} - {{ include "init-containers-footer" .Values.dependencies.db_sync }} +{{ include "dep-check-init-cont-header" . | indent 8 }} +{{ include "dep-check-init-cont-footer" .Values.dependencies.db_sync | indent 8 }} spec: restartPolicy: OnFailure nodeSelector: diff --git a/cinder/templates/job-ks-endpoints.yaml.yaml b/cinder/templates/job-ks-endpoints.yaml.yaml index 778359399c..0f80510006 100644 --- a/cinder/templates/job-ks-endpoints.yaml.yaml +++ b/cinder/templates/job-ks-endpoints.yaml.yaml @@ -8,8 +8,8 @@ spec: template: metadata: annotations: - {{ include "init-containers-header" . }} - {{ include "init-containers-footer" .Values.dependencies.ks_endpoints }} +{{ include "dep-check-init-cont-header" . | indent 8 }} +{{ include "dep-check-init-cont-footer" .Values.dependencies.ks_endpoints | indent 8 }} spec: restartPolicy: OnFailure nodeSelector: diff --git a/cinder/templates/job-ks-service.yaml b/cinder/templates/job-ks-service.yaml index f6832e1870..ecc181bdd2 100644 --- a/cinder/templates/job-ks-service.yaml +++ b/cinder/templates/job-ks-service.yaml @@ -8,8 +8,8 @@ spec: template: metadata: annotations: - {{ include "init-containers-header" . }} - {{ include "init-containers-footer" .Values.dependencies.ks_service }} +{{ include "dep-check-init-cont-header" . | indent 8 }} +{{ include "dep-check-init-cont-footer" .Values.dependencies.ks_service | indent 8 }} spec: restartPolicy: OnFailure nodeSelector: diff --git a/cinder/templates/job-ks-user.yaml b/cinder/templates/job-ks-user.yaml index fc7d50d5dc..b25cf2f3e8 100644 --- a/cinder/templates/job-ks-user.yaml +++ b/cinder/templates/job-ks-user.yaml @@ -8,8 +8,8 @@ spec: template: metadata: annotations: - {{ include "init-containers-header" . }} - {{ include "init-containers-footer" .Values.dependencies.ks_user }} +{{ include "dep-check-init-cont-header" . | indent 8 }} +{{ include "dep-check-init-cont-footer" .Values.dependencies.ks_user | indent 8 }} spec: restartPolicy: OnFailure nodeSelector: diff --git a/common/templates/_funcs.tpl b/common/templates/_funcs.tpl index f6031fede9..abe6e1947b 100644 --- a/common/templates/_funcs.tpl +++ b/common/templates/_funcs.tpl @@ -22,17 +22,17 @@ {{- include $wtf $context | sha256sum | quote -}} {{- end -}} -{{- define "init-containers-header"}} - pod.beta.kubernetes.io/init-containers: '[ - { - "name": "init", - "image": {{ .Values.images.dep_check | default "quay.io/stackanetes/kubernetes-entrypoint:v0.1.0" | quote }}, - "imagePullPolicy": {{ .Values.images.pull_policy | default "IfNotPresent" | quote }}, - "env": [ - { - "name": "NAMESPACE", - "value": "{{ .Release.Namespace }}" - }, +{{- define "dep-check-init-cont-header"}} +pod.beta.kubernetes.io/init-containers: '[ + { + "name": "init", + "image": {{ .Values.images.dep_check | default "quay.io/stackanetes/kubernetes-entrypoint:v0.1.0" | quote }}, + "imagePullPolicy": {{ .Values.images.pull_policy | default "IfNotPresent" | quote }}, + "env": [ + { + "name": "NAMESPACE", + "value": "{{ .Release.Namespace }}" + }, {{- end -}} {{- define "init-containers-footer" }} diff --git a/glance/templates/api.yaml b/glance/templates/api.yaml index 988e34ecaa..ac67d19fb0 100644 --- a/glance/templates/api.yaml +++ b/glance/templates/api.yaml @@ -17,8 +17,8 @@ spec: labels: app: glance-api annotations: - {{ include "init-containers-header" . }} - {{ include "init-containers-footer" .Values.dependencies.api }} +{{ include "dep-check-init-cont-header" . | indent 8 }} +{{ include "dep-check-init-cont-footer" .Values.dependencies.api | indent 8 }} spec: nodeSelector: {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} diff --git a/glance/templates/db-sync.yaml b/glance/templates/db-sync.yaml index 209485beef..bae3d21222 100644 --- a/glance/templates/db-sync.yaml +++ b/glance/templates/db-sync.yaml @@ -6,8 +6,8 @@ spec: template: metadata: annotations: - {{ include "init-containers-header" . }} - {{ include "init-containers-footer" .Values.dependencies.db_sync }} +{{ include "dep-check-init-cont-header" . | indent 8 }} +{{ include "dep-check-init-cont-footer" .Values.dependencies.db_sync | indent 8 }} spec: restartPolicy: OnFailure nodeSelector: diff --git a/glance/templates/init.yaml b/glance/templates/init.yaml index f92855b1b0..c3d8c825a4 100644 --- a/glance/templates/init.yaml +++ b/glance/templates/init.yaml @@ -6,8 +6,8 @@ spec: template: metadata: annotations: - {{ include "init-containers-header" . }} - {{ include "init-containers-footer" .Values.dependencies.init }} +{{ include "dep-check-init-cont-header" . | indent 8 }} +{{ include "dep-check-init-cont-footer" .Values.dependencies.init | indent 8 }} spec: restartPolicy: OnFailure nodeSelector: diff --git a/glance/templates/post.yaml b/glance/templates/post.yaml index a0fa89c612..e9f3174365 100644 --- a/glance/templates/post.yaml +++ b/glance/templates/post.yaml @@ -6,8 +6,8 @@ spec: template: metadata: annotations: - {{ include "init-containers-header" . }} - {{ include "init-containers-footer" .Values.dependencies.post }} +{{ include "dep-check-init-cont-header" . | indent 8 }} +{{ include "dep-check-init-cont-footer" .Values.dependencies.post | indent 8 }} spec: nodeSelector: {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} diff --git a/glance/templates/registry.yaml b/glance/templates/registry.yaml index 51fb9ec62c..59936aca2b 100644 --- a/glance/templates/registry.yaml +++ b/glance/templates/registry.yaml @@ -9,8 +9,8 @@ spec: labels: app: glance-registry annotations: - {{ include "init-containers-header" . }} - {{ include "init-containers-footer" .Values.dependencies.registry }} +{{ include "dep-check-init-cont-header" . | indent 8 }} +{{ include "dep-check-init-cont-footer" .Values.dependencies.registry | indent 8 }} spec: nodeSelector: {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} diff --git a/heat/templates/deployment-api.yaml b/heat/templates/deployment-api.yaml index d05e7fa3d5..36c7461907 100755 --- a/heat/templates/deployment-api.yaml +++ b/heat/templates/deployment-api.yaml @@ -9,8 +9,8 @@ spec: labels: app: heat-api annotations: - {{ include "init-containers-header" . }} - {{ include "init-containers-footer" .Values.dependencies.api }} +{{ include "dep-check-init-cont-header" . | indent 8 }} +{{ include "dep-check-init-cont-footer" .Values.dependencies.api | indent 8 }} spec: nodeSelector: {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} diff --git a/heat/templates/deployment-cfn.yaml b/heat/templates/deployment-cfn.yaml index ca1d998e81..b0b1e53a48 100644 --- a/heat/templates/deployment-cfn.yaml +++ b/heat/templates/deployment-cfn.yaml @@ -9,8 +9,8 @@ spec: labels: app: heat-cfn annotations: - {{ include "init-containers-header" . }} - {{ include "init-containers-footer" .Values.dependencies.cnf }} +{{ include "dep-check-init-cont-header" . | indent 8 }} +{{ include "dep-check-init-cont-footer" .Values.dependencies.cnf | indent 8 }} spec: nodeSelector: {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} diff --git a/heat/templates/deployment-cloudwatch.yaml b/heat/templates/deployment-cloudwatch.yaml index 3c350f402b..3ae57ecd14 100644 --- a/heat/templates/deployment-cloudwatch.yaml +++ b/heat/templates/deployment-cloudwatch.yaml @@ -9,8 +9,8 @@ spec: labels: app: heat-cloudwatch annotations: - {{ include "init-containers-header" . }} - {{ include "init-containers-footer" .Values.dependencies.cloudwatch }} +{{ include "dep-check-init-cont-header" . | indent 8 }} +{{ include "dep-check-init-cont-footer" .Values.dependencies.cloudwatch | indent 8 }} spec: nodeSelector: {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} diff --git a/heat/templates/job-db-init.yaml b/heat/templates/job-db-init.yaml index bad7afa0b3..9e32324f3b 100644 --- a/heat/templates/job-db-init.yaml +++ b/heat/templates/job-db-init.yaml @@ -6,8 +6,8 @@ spec: template: metadata: annotations: - {{ include "init-containers-header" . }} - {{ include "init-containers-footer" .Values.dependencies.db_init }} +{{ include "dep-check-init-cont-header" . | indent 8 }} +{{ include "dep-check-init-cont-footer" .Values.dependencies.db_init | indent 8 }} spec: restartPolicy: OnFailure nodeSelector: diff --git a/heat/templates/job-db-sync.yaml b/heat/templates/job-db-sync.yaml index aa87773e04..50dbc303eb 100644 --- a/heat/templates/job-db-sync.yaml +++ b/heat/templates/job-db-sync.yaml @@ -6,8 +6,8 @@ spec: template: metadata: annotations: - {{ include "init-containers-header" . }} - {{ include "init-containers-footer" .Values.dependencies.db_sync }} +{{ include "dep-check-init-cont-header" . | indent 8 }} +{{ include "dep-check-init-cont-footer" .Values.dependencies.db_sync | indent 8 }} spec: restartPolicy: OnFailure nodeSelector: diff --git a/heat/templates/job-ks-endpoints.yaml.yaml b/heat/templates/job-ks-endpoints.yaml.yaml index a3dbc3a40d..ffa08abd68 100644 --- a/heat/templates/job-ks-endpoints.yaml.yaml +++ b/heat/templates/job-ks-endpoints.yaml.yaml @@ -8,8 +8,8 @@ spec: template: metadata: annotations: - {{ include "init-containers-header" . }} - {{ include "init-containers-footer" .Values.dependencies.ks_endpoints }} +{{ include "dep-check-init-cont-header" . | indent 8 }} +{{ include "dep-check-init-cont-footer" .Values.dependencies.ks_endpoints | indent 8 }} spec: restartPolicy: OnFailure nodeSelector: diff --git a/heat/templates/job-ks-service.yaml b/heat/templates/job-ks-service.yaml index 966671dcb4..fdb25e8690 100644 --- a/heat/templates/job-ks-service.yaml +++ b/heat/templates/job-ks-service.yaml @@ -8,8 +8,8 @@ spec: template: metadata: annotations: - {{ include "init-containers-header" . }} - {{ include "init-containers-footer" .Values.dependencies.ks_service }} +{{ include "dep-check-init-cont-header" . | indent 8 }} +{{ include "dep-check-init-cont-footer" .Values.dependencies.ks_service | indent 8 }} spec: restartPolicy: OnFailure nodeSelector: diff --git a/heat/templates/job-ks-user.yaml b/heat/templates/job-ks-user.yaml index e6218b5623..8df1fe0309 100644 --- a/heat/templates/job-ks-user.yaml +++ b/heat/templates/job-ks-user.yaml @@ -11,8 +11,8 @@ spec: template: metadata: annotations: - {{ include "init-containers-header" . }} - {{ include "init-containers-footer" .Values.dependencies.ks_user }} +{{ include "dep-check-init-cont-header" . | indent 8 }} +{{ include "dep-check-init-cont-footer" .Values.dependencies.ks_user | indent 8 }} spec: restartPolicy: OnFailure nodeSelector: diff --git a/heat/templates/statefulset-engine.yaml b/heat/templates/statefulset-engine.yaml index 483d8bdff7..5c63da0578 100644 --- a/heat/templates/statefulset-engine.yaml +++ b/heat/templates/statefulset-engine.yaml @@ -10,8 +10,8 @@ spec: labels: app: heat-engine annotations: - {{ include "init-containers-header" . }} - {{ include "init-containers-footer" .Values.dependencies.engine }} + {{ include "dep-check-init-cont-header" . }} + {{ include "dep-check-init-cont-footer" .Values.dependencies.engine }} spec: nodeSelector: {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} diff --git a/horizon/templates/deployment.yaml b/horizon/templates/deployment.yaml index 2e332b672f..ebb98c454d 100644 --- a/horizon/templates/deployment.yaml +++ b/horizon/templates/deployment.yaml @@ -19,8 +19,8 @@ spec: annotations: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} - {{ include "init-containers-header" . }} - {{ include "init-containers-footer" .Values.dependencies.dashboard }} +{{ include "dep-check-init-cont-header" . | indent 8 }} +{{ include "dep-check-init-cont-footer" .Values.dependencies.dashboard | indent 8 }} spec: nodeSelector: {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} diff --git a/keystone/templates/deployment.yaml b/keystone/templates/deployment.yaml index 5094759d43..514dace988 100644 --- a/keystone/templates/deployment.yaml +++ b/keystone/templates/deployment.yaml @@ -19,8 +19,8 @@ spec: annotations: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} - {{ include "init-containers-header" . }} - {{ include "init-containers-footer" .Values.dependencies.api }} +{{ include "dep-check-init-cont-header" . | indent 8 }} +{{ include "dep-check-init-cont-footer" .Values.dependencies.api | indent 8 }} spec: nodeSelector: {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} diff --git a/keystone/templates/job-db-sync.yaml b/keystone/templates/job-db-sync.yaml index d85320a435..f914435b28 100644 --- a/keystone/templates/job-db-sync.yaml +++ b/keystone/templates/job-db-sync.yaml @@ -6,8 +6,8 @@ spec: template: metadata: annotations: - {{ include "init-containers-header" . }} - {{ include "init-containers-footer" .Values.dependencies.db_sync }} +{{ include "dep-check-init-cont-header" . | indent 8 }} +{{ include "dep-check-init-cont-footer" .Values.dependencies.db_sync | indent 8 }} spec: restartPolicy: OnFailure nodeSelector: diff --git a/keystone/templates/job-init.yaml b/keystone/templates/job-init.yaml index f2e64c4804..b0de33d1e9 100644 --- a/keystone/templates/job-init.yaml +++ b/keystone/templates/job-init.yaml @@ -6,8 +6,8 @@ spec: template: metadata: annotations: - {{ include "init-containers-header" . }} - {{ include "init-containers-footer" .Values.dependencies.init }} +{{ include "dep-check-init-cont-header" . | indent 8 }} +{{ include "dep-check-init-cont-footer" .Values.dependencies.init | indent 8 }} spec: restartPolicy: OnFailure nodeSelector: diff --git a/mariadb_restart.sh b/mariadb_restart.sh new file mode 100644 index 0000000000..4e99ec0f0c --- /dev/null +++ b/mariadb_restart.sh @@ -0,0 +1,9 @@ +helm delete mariadb --purge && rm mariadb-0.1.0.tgz && helm lint mariadb && helm package mariadb && helm install --replace --name mariadb mariadb-0.1.0.tgz +helm delete keystone --purge && rm keystone-0.1.0.tgz && helm lint keystone && helm package keystone && helm install --replace --name keystone keystone-0.1.0.tgz --dry-run +helm delete memcached --purge && rm memcached-0.1.0.tgz && helm lint memcached && helm package memcached && helm install --replace --name memcached memcached-0.1.0.tgz +helm delete common --purge && rm common-0.1.0.tgz && helm lint common && helm package common && helm install --replace --name common common-0.1.0.tgz +helm delete glance --purge && rm glance-0.1.0.tgz && helm lint glance && helm package glance && helm install --replace --name glance glance-0.1.0.tgz +helm delete nova --purge && rm nova-0.1.0.tgz && helm lint nova && helm package nova && helm install --replace --name nova nova-0.1.0.tgz +helm delete rabbitmq --purge && rm rabbitmq-0.1.0.tgz && helm lint rabbitmq && helm package rabbitmq && helm install --replace --name rabbitmq rabbitmq-0.1.0.tgz + + diff --git a/nova/templates/daemonset-compute.yaml b/nova/templates/daemonset-compute.yaml index d4fe85205e..cba819b4d3 100644 --- a/nova/templates/daemonset-compute.yaml +++ b/nova/templates/daemonset-compute.yaml @@ -10,8 +10,8 @@ spec: annotations: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} - {{ include "init-containers-header" . }} - {{ include "init-containers-footer" .Values.dependencies.compute }} +{{ include "dep-check-init-cont-header" . | indent 8 }} +{{ include "dep-check-init-cont-footer" .Values.dependencies.compute | indent 8 }} spec: nodeSelector: {{ .Values.labels.compute_node_selector_key }}: {{ .Values.labels.compute_node_selector_value }} diff --git a/nova/templates/daemonset-libvirt.yaml b/nova/templates/daemonset-libvirt.yaml index 13e673e4e2..4e3649fded 100644 --- a/nova/templates/daemonset-libvirt.yaml +++ b/nova/templates/daemonset-libvirt.yaml @@ -10,8 +10,8 @@ spec: annotations: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} - {{ include "init-containers-header" . }} - {{ include "init-containers-footer" .Values.dependencies.libvirt }} +{{ include "dep-check-init-cont-header" . | indent 8 }} +{{ include "dep-check-init-cont-footer" .Values.dependencies.libvirt | indent 8 }} spec: nodeSelector: {{ .Values.labels.compute_node_selector_key }}: {{ .Values.labels.compute_node_selector_value }} diff --git a/nova/templates/deployment-api-metadata.yaml b/nova/templates/deployment-api-metadata.yaml index fe3ce88d33..10016e7c6f 100644 --- a/nova/templates/deployment-api-metadata.yaml +++ b/nova/templates/deployment-api-metadata.yaml @@ -19,8 +19,8 @@ spec: annotations: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} - {{ include "init-containers-header" . }} - {{ include "init-containers-footer" .Values.dependencies.api }} +{{ include "dep-check-init-cont-header" . | indent 8 }} +{{ include "dep-check-init-cont-footer" .Values.dependencies.api | indent 8 }} spec: nodeSelector: {{ .Values.labels.control_node_selector_key }}: {{ .Values.labels.control_node_selector_value }} diff --git a/nova/templates/deployment-api-osapi.yaml b/nova/templates/deployment-api-osapi.yaml index 49e998fd92..75c2985eac 100644 --- a/nova/templates/deployment-api-osapi.yaml +++ b/nova/templates/deployment-api-osapi.yaml @@ -19,8 +19,8 @@ spec: annotations: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} - {{ include "init-containers-header" . }} - {{ include "init-containers-footer" .Values.dependencies.api }} +{{ include "dep-check-init-cont-header" . | indent 8 }} +{{ include "dep-check-init-cont-footer" .Values.dependencies.api | indent 8 }} spec: nodeSelector: {{ .Values.labels.control_node_selector_key }}: {{ .Values.labels.control_node_selector_value }} diff --git a/nova/templates/deployment-conductor.yaml b/nova/templates/deployment-conductor.yaml index 514e384a50..52eb790e6d 100644 --- a/nova/templates/deployment-conductor.yaml +++ b/nova/templates/deployment-conductor.yaml @@ -19,8 +19,8 @@ spec: annotations: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} - {{ include "init-containers-header" . }} - {{ include "init-containers-footer" .Values.dependencies.conductor }} +{{ include "dep-check-init-cont-header" . | indent 8 }} +{{ include "dep-check-init-cont-footer" .Values.dependencies.conductor | indent 8 }} spec: nodeSelector: {{ .Values.labels.control_node_selector_key }}: {{ .Values.labels.control_node_selector_value }} diff --git a/nova/templates/deployment-consoleauth.yaml b/nova/templates/deployment-consoleauth.yaml index 1ee8f4e257..1c85319c5e 100644 --- a/nova/templates/deployment-consoleauth.yaml +++ b/nova/templates/deployment-consoleauth.yaml @@ -19,8 +19,8 @@ spec: annotations: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} - {{ include "init-containers-header" . }} - {{ include "init-containers-footer" .Values.dependencies.consoleauth }} +{{ include "dep-check-init-cont-header" . | indent 8 }} +{{ include "dep-check-init-cont-footer" .Values.dependencies.consoleauth | indent 8 }} spec: nodeSelector: {{ .Values.labels.control_node_selector_key }}: {{ .Values.labels.control_node_selector_value }} diff --git a/nova/templates/deployment-scheduler.yaml b/nova/templates/deployment-scheduler.yaml index 4d97c2a53d..abc86d6826 100644 --- a/nova/templates/deployment-scheduler.yaml +++ b/nova/templates/deployment-scheduler.yaml @@ -19,8 +19,8 @@ spec: annotations: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} - {{ include "init-containers-header" . }} - {{ include "init-containers-footer" .Values.dependencies.scheduler }} +{{ include "dep-check-init-cont-header" . | indent 8 }} +{{ include "dep-check-init-cont-footer" .Values.dependencies.scheduler | indent 8 }} spec: nodeSelector: {{ .Values.labels.control_node_selector_key }}: {{ .Values.labels.control_node_selector_value }} diff --git a/nova/templates/job-db-sync.yaml b/nova/templates/job-db-sync.yaml index 881b1681dc..dc3be3427b 100644 --- a/nova/templates/job-db-sync.yaml +++ b/nova/templates/job-db-sync.yaml @@ -6,8 +6,8 @@ spec: template: metadata: annotations: - {{ include "init-containers-header" . }} - {{ include "init-containers-footer" .Values.dependencies.db_sync }} +{{ include "dep-check-init-cont-header" . | indent 8 }} +{{ include "dep-check-init-cont-footer" .Values.dependencies.db_sync | indent 8 }} spec: restartPolicy: OnFailure nodeSelector: diff --git a/nova/templates/job-init.yaml b/nova/templates/job-init.yaml index 39ee62cfc0..6bd3cfd7d7 100644 --- a/nova/templates/job-init.yaml +++ b/nova/templates/job-init.yaml @@ -6,8 +6,8 @@ spec: template: metadata: annotations: - {{ include "init-containers-header" . }} - {{ include "init-containers-footer" .Values.dependencies.init }} +{{ include "dep-check-init-cont-header" . | indent 8 }} +{{ include "dep-check-init-cont-footer" .Values.dependencies.init | indent 8 }} spec: restartPolicy: OnFailure nodeSelector: diff --git a/nova/templates/job-post.yaml b/nova/templates/job-post.yaml index ccf5059432..0aada421e7 100644 --- a/nova/templates/job-post.yaml +++ b/nova/templates/job-post.yaml @@ -6,8 +6,8 @@ spec: template: metadata: annotations: - {{ include "init-containers-header" . }} - {{ include "init-containers-footer" .Values.dependencies.post }} +{{ include "dep-check-init-cont-header" . | indent 8 }} +{{ include "dep-check-init-cont-footer" .Values.dependencies.post | indent 8 }} spec: restartPolicy: OnFailure nodeSelector: From f4283675d5be5e4944221e3b51d332c6b5bd07fe Mon Sep 17 00:00:00 2001 From: DTadrzak Date: Fri, 13 Jan 2017 13:44:16 +0100 Subject: [PATCH 07/45] Adjust formatting Signed-off-by: DTadrzak --- common/templates/_funcs.tpl | 42 ++++++++++++++++++------------------- glance/templates/api.yaml | 4 ++-- 2 files changed, 23 insertions(+), 23 deletions(-) diff --git a/common/templates/_funcs.tpl b/common/templates/_funcs.tpl index abe6e1947b..dff059a994 100644 --- a/common/templates/_funcs.tpl +++ b/common/templates/_funcs.tpl @@ -22,7 +22,7 @@ {{- include $wtf $context | sha256sum | quote -}} {{- end -}} -{{- define "dep-check-init-cont-header"}} +{{- define "dep-check-init-cont-header" -}} pod.beta.kubernetes.io/init-containers: '[ { "name": "init", @@ -35,24 +35,24 @@ pod.beta.kubernetes.io/init-containers: '[ }, {{- end -}} -{{- define "init-containers-footer" }} - { - "name": "INTERFACE_NAME", - "value": "eth0" - }, - { - "name": "DEPENDENCY_SERVICE", - "value": "{{ include "joinListWithColon" .service }}" - }, - { - "name": "DEPENDENCY_JOBS", - "value": "{{ include "joinListWithColon" .jobs }}" - }, - { - "name": "COMMAND", - "value": "echo done" - } - ] - } - ]' +{{- define "dep-check-init-cont-footer" }} + { + "name": "INTERFACE_NAME", + "value": "eth0" + }, + { + "name": "DEPENDENCY_SERVICE", + "value": "{{ include "joinListWithColon" .service }}" + }, + { + "name": "DEPENDENCY_JOBS", + "value": "{{ include "joinListWithColon" .jobs }}" + }, + { + "name": "COMMAND", + "value": "echo done" + } + ] + } +]' {{- end -}} \ No newline at end of file diff --git a/glance/templates/api.yaml b/glance/templates/api.yaml index ac67d19fb0..5690a94262 100644 --- a/glance/templates/api.yaml +++ b/glance/templates/api.yaml @@ -17,8 +17,8 @@ spec: labels: app: glance-api annotations: -{{ include "dep-check-init-cont-header" . | indent 8 }} -{{ include "dep-check-init-cont-footer" .Values.dependencies.api | indent 8 }} +{{- include "dep-check-init-cont-header" . | indent 8 }} +{{- include "dep-check-init-cont-footer" .Values.dependencies.api | indent 8 }} spec: nodeSelector: {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} From f883f9742141b90a4478b81f4b19c92f1abc34c4 Mon Sep 17 00:00:00 2001 From: DTadrzak Date: Fri, 13 Jan 2017 13:45:32 +0100 Subject: [PATCH 08/45] Update _funcs.tpl --- common/templates/_funcs.tpl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/common/templates/_funcs.tpl b/common/templates/_funcs.tpl index dff059a994..03dafc3f99 100644 --- a/common/templates/_funcs.tpl +++ b/common/templates/_funcs.tpl @@ -55,4 +55,4 @@ pod.beta.kubernetes.io/init-containers: '[ ] } ]' -{{- end -}} \ No newline at end of file +{{- end -}} From 393ed4cf47177e43b94d0b98ad2bec1eebe158c1 Mon Sep 17 00:00:00 2001 From: Steve Wilkerson Date: Fri, 13 Jan 2017 15:40:38 -0600 Subject: [PATCH 09/45] Culmination of glance changes Due to some messy rebases and a botched git history, implemented all changes into one PR --- glance/templates/bin/_init.sh.tpl | 17 ++++ glance/templates/bin/_post.sh.tpl | 42 +++++++++ .../templates/ceph.client.glance.keyring.yaml | 13 --- glance/templates/ceph.conf.yaml | 23 ----- glance/templates/configmap-bin.yaml | 9 ++ glance/templates/configmap-etc.yaml | 17 ++++ glance/templates/db-sync.sh.yaml | 10 --- .../{api.yaml => deployment-api.yaml} | 42 ++++++--- ...registry.yaml => deployment-registry.yaml} | 8 +- .../etc/_ceph.client.glance.keyring.yaml.tpl | 2 + glance/templates/etc/_ceph.conf.tpl | 16 ++++ .../templates/etc/_glance-api-paste.ini.tpl | 90 +++++++++++++++++++ glance/templates/etc/_glance-api.conf.tpl | 44 +++++++++ .../templates/etc/_glance-registry.conf.tpl | 26 ++++++ glance/templates/etc/_policy.json.tpl | 61 +++++++++++++ glance/templates/glance-api.conf.yaml | 48 ---------- glance/templates/glance-registry.conf.yaml | 34 ------- glance/templates/init.sh.yaml | 12 --- .../{db-sync.yaml => job-db-sync.yaml} | 12 +-- glance/templates/{init.yaml => job-init.yaml} | 2 +- glance/templates/{post.yaml => job-post.yaml} | 3 +- glance/templates/post.sh.yaml | 48 ---------- glance/templates/start.sh.yaml | 12 --- glance/values.yaml | 8 +- 24 files changed, 373 insertions(+), 226 deletions(-) create mode 100644 glance/templates/bin/_init.sh.tpl create mode 100644 glance/templates/bin/_post.sh.tpl delete mode 100644 glance/templates/ceph.client.glance.keyring.yaml delete mode 100644 glance/templates/ceph.conf.yaml create mode 100644 glance/templates/configmap-bin.yaml create mode 100644 glance/templates/configmap-etc.yaml delete mode 100644 glance/templates/db-sync.sh.yaml rename glance/templates/{api.yaml => deployment-api.yaml} (74%) rename glance/templates/{registry.yaml => deployment-registry.yaml} (92%) create mode 100644 glance/templates/etc/_ceph.client.glance.keyring.yaml.tpl create mode 100644 glance/templates/etc/_ceph.conf.tpl create mode 100644 glance/templates/etc/_glance-api-paste.ini.tpl create mode 100644 glance/templates/etc/_glance-api.conf.tpl create mode 100644 glance/templates/etc/_glance-registry.conf.tpl create mode 100644 glance/templates/etc/_policy.json.tpl delete mode 100644 glance/templates/glance-api.conf.yaml delete mode 100644 glance/templates/glance-registry.conf.yaml delete mode 100644 glance/templates/init.sh.yaml rename glance/templates/{db-sync.yaml => job-db-sync.yaml} (84%) rename glance/templates/{init.yaml => job-init.yaml} (98%) rename glance/templates/{post.yaml => job-post.yaml} (97%) delete mode 100644 glance/templates/post.sh.yaml delete mode 100644 glance/templates/start.sh.yaml diff --git a/glance/templates/bin/_init.sh.tpl b/glance/templates/bin/_init.sh.tpl new file mode 100644 index 0000000000..9c0daef9b4 --- /dev/null +++ b/glance/templates/bin/_init.sh.tpl @@ -0,0 +1,17 @@ +#!/bin/bash +set -ex +export HOME=/tmp + +ansible localhost -vvv -m mysql_db -a "login_host='{{ .Values.database.address }}' \ +login_port='{{ .Values.database.port }}' \ +login_user='{{ .Values.database.root_user }}' \ +login_password='{{ .Values.database.root_password }}' \ +name='{{ .Values.database.glance_database_name }}'" + +ansible localhost -vvv -m mysql_user -a "login_host='{{ .Values.database.address }}' \ +login_port='{{ .Values.database.port }}' \ +login_user='{{ .Values.database.root_user }}' \ +login_password='{{ .Values.database.root_password }}' \ +name='{{ .Values.database.glance_user }}' \ +password='{{ .Values.database.glance_password }}' \ +host='%' priv='{{ .Values.database.glance_database_name }}.*:ALL' append_privs='yes'" diff --git a/glance/templates/bin/_post.sh.tpl b/glance/templates/bin/_post.sh.tpl new file mode 100644 index 0000000000..d46e924974 --- /dev/null +++ b/glance/templates/bin/_post.sh.tpl @@ -0,0 +1,42 @@ +#!/bin/bash +set -ex +export HOME=/tmp + +ansible localhost -vvv -m kolla_keystone_service -a "service_name=glance \ +service_type=image \ +description='Openstack Image' \ +endpoint_region='{{ .Values.keystone.glance_region_name }}' \ +url='{{ include "endpoint_glance_api_internal" . }}' \ +interface=admin \ +region_name='{{ .Values.keystone.admin_region_name }}' \ +auth='{{ include "keystone_auth" . }}'" \ +-e "{'openstack_glance_auth': {{ include "keystone_auth" . }}}" + +ansible localhost -vvv -m kolla_keystone_service -a "service_name=glance \ +service_type=image \ +description='Openstack Image' \ +endpoint_region='{{ .Values.keystone.glance_region_name }}' \ +url='{{ include "endpoint_glance_api_internal" . }}' \ +interface=internal \ +region_name='{{ .Values.keystone.admin_region_name }}' \ +auth='{{ include "keystone_auth" . }}'" \ +-e "{ 'openstack_glance_auth': {{ include "keystone_auth" . }} }" + +ansible localhost -vvv -m kolla_keystone_service -a "service_name=glance \ +service_type=image \ +description='Openstack Image' \ +endpoint_region='{{ .Values.keystone.glance_region_name }}' \ +url='{{ include "endpoint_glance_api_internal" . }}' \ +interface=public \ +region_name='{{ .Values.keystone.admin_region_name }}' \ +auth='{{ include "keystone_auth" . }}'" \ +-e "{ 'openstack_glance_auth': {{ include "keystone_auth" . }} }" + +ansible localhost -vvv -m kolla_keystone_user -a "project=service \ +user={{ .Values.keystone.glance_user }} \ +password={{ .Values.keystone.glance_password }} \ +role=admin \ +region_name={{ .Values.keystone.admin_region_name }} \ +auth='{{ include "keystone_auth" . }}'" \ +-e "{ 'openstack_glance_auth': {{ include "keystone_auth" . }} }" + diff --git a/glance/templates/ceph.client.glance.keyring.yaml b/glance/templates/ceph.client.glance.keyring.yaml deleted file mode 100644 index 915324809b..0000000000 --- a/glance/templates/ceph.client.glance.keyring.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: glance-cephclientglancekeyring -data: - ceph.client.{{ .Values.ceph.glance_user }}.keyring: |+ - [client.{{ .Values.ceph.glance_user }}] - {{- if .Values.ceph.glance_keyring }} - key = {{ .Values.ceph.glance_keyring }} - {{- else }} - key = {{- include "secrets/ceph-client-key" . -}} - {{- end }} - diff --git a/glance/templates/ceph.conf.yaml b/glance/templates/ceph.conf.yaml deleted file mode 100644 index 3c3aed3074..0000000000 --- a/glance/templates/ceph.conf.yaml +++ /dev/null @@ -1,23 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: glance-cephconf -data: - ceph.conf: |+ - [global] - rgw_thread_pool_size = 1024 - rgw_num_rados_handles = 100 - {{- if .Values.ceph.monitors }} - [mon] - {{ range .Values.ceph.monitors }} - [mon.{{ . }}] - host = {{ . }} - mon_addr = {{ . }} - {{ end }} - {{- else }} - mon_host = ceph-mon.ceph - {{- end }} - [client] - rbd_cache_enabled = true - rbd_cache_writethrough_until_flush = true - diff --git a/glance/templates/configmap-bin.yaml b/glance/templates/configmap-bin.yaml new file mode 100644 index 0000000000..fe1e9d9858 --- /dev/null +++ b/glance/templates/configmap-bin.yaml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: glance-bin +data: + init.sh: |+ +{{ tuple "bin/_init.sh.tpl" . | include "template" | indent 4 }} + post.sh: |+ +{{ tuple "bin/_post.sh.tpl" . | include "template" | indent 4 }} diff --git a/glance/templates/configmap-etc.yaml b/glance/templates/configmap-etc.yaml new file mode 100644 index 0000000000..2ba83442aa --- /dev/null +++ b/glance/templates/configmap-etc.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: glance-etc +data: + ceph.conf: |+ +{{ tuple "etc/_ceph.conf.tpl" . | include "template" | indent 4 }} + ceph.client.glance.keyring: |+ +{{ tuple "etc/_ceph.client.glance.keyring.yaml.tpl" . | include "template" | indent 4 }} + glance-api.conf: |+ +{{ tuple "etc/_glance-api.conf.tpl" . | include "template" | indent 4 }} + glance-api-paste.ini: |+ +{{ tuple "etc/_glance-api-paste.ini.tpl" . | include "template" | indent 4 }} + glance-registry.conf: |+ +{{ tuple "etc/_glance-registry.conf.tpl" . | include "template" | indent 4 }} + policy.json: |+ +{{ tuple "etc/_policy.json.tpl" . | include "template" | indent 4 }} diff --git a/glance/templates/db-sync.sh.yaml b/glance/templates/db-sync.sh.yaml deleted file mode 100644 index 78a95b4cd4..0000000000 --- a/glance/templates/db-sync.sh.yaml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: glance-dbsyncsh -data: - db-sync.sh: |+ - #!/bin/bash - set -ex - - glance-manage db_sync diff --git a/glance/templates/api.yaml b/glance/templates/deployment-api.yaml similarity index 74% rename from glance/templates/api.yaml rename to glance/templates/deployment-api.yaml index 53e9cc77b0..27141cce2c 100644 --- a/glance/templates/api.yaml +++ b/glance/templates/deployment-api.yaml @@ -3,7 +3,11 @@ kind: Deployment metadata: name: glance-api spec: - replicas: {{ .Values.replicas }} +{{- if .Values.development.enabled }} + replicas: 1 +{{- else }} + replicas: {{ .Values.replicas.api }} +{{- end }} revisionHistoryLimit: {{ .Values.upgrades.revision_history }} strategy: type: {{ .Values.upgrades.pod_replacement_strategy }} @@ -51,8 +55,7 @@ spec: image: {{ .Values.images.api }} imagePullPolicy: {{ .Values.images.pull_policy }} command: - - bash - - /tmp/start.sh + - glance-api ports: - containerPort: {{ .Values.network.port.api }} readinessProbe: @@ -62,29 +65,46 @@ spec: - name: glanceapiconf mountPath: /etc/glance/glance-api.conf subPath: glance-api.conf - - name: startsh - mountPath: /tmp/start.sh - subPath: start.sh + - name: glanceapipaste + mountPath: /etc/glance/glance-api-paste.ini + subPath: glance-api-paste.ini - name: etcglance mountPath: /etc/glance + - name: glancepolicy + mountPath: /etc/glance/policy.json + subPath: policy.json +{{- if .Values.development.enabled }} + - name: glance-data + mountPath: /var/lib/glance/images +{{- else }} - name: cephconf mountPath: /etc/ceph/ceph.conf subPath: ceph.conf - name: cephclientglancekeyring mountPath: /etc/ceph/ceph.client.{{ .Values.ceph.glance_user }}.keyring subPath: ceph.client.{{ .Values.ceph.glance_user }}.keyring +{{- end }} volumes: - name: glanceapiconf configMap: - name: glance-glanceapiconf - - name: startsh + name: glance-etc + - name: glanceapipaste configMap: - name: glance-startsh + name: glance-etc +{{- if .Values.development.enabled }} + - name: glance-data + hostPath: + path: {{ .Values.development.storage_path }} +{{- else }} - name: cephconf configMap: - name: glance-cephconf + name: glance-etc - name: cephclientglancekeyring configMap: - name: glance-cephclientglancekeyring + name: glance-etc +{{- end }} - name: etcglance emptyDir: {} + - name: glancepolicy + configMap: + name: glance-etc diff --git a/glance/templates/registry.yaml b/glance/templates/deployment-registry.yaml similarity index 92% rename from glance/templates/registry.yaml rename to glance/templates/deployment-registry.yaml index 998d64ad32..2a892429c5 100644 --- a/glance/templates/registry.yaml +++ b/glance/templates/deployment-registry.yaml @@ -3,7 +3,11 @@ kind: Deployment metadata: name: glance-registry spec: - replicas: {{ .Values.replicas }} +{{- if .Values.development.enabled }} + replicas: 1 +{{- else }} + replicas: {{ .Values.replicas.registry }} +{{- end }} template: metadata: labels: @@ -55,4 +59,4 @@ spec: volumes: - name: glanceregistryconf configMap: - name: glance-glanceregistryconf + name: glance-etc diff --git a/glance/templates/etc/_ceph.client.glance.keyring.yaml.tpl b/glance/templates/etc/_ceph.client.glance.keyring.yaml.tpl new file mode 100644 index 0000000000..f780dada8f --- /dev/null +++ b/glance/templates/etc/_ceph.client.glance.keyring.yaml.tpl @@ -0,0 +1,2 @@ +[client.{{ .Values.ceph.glance_user }}] + key = {{ .Values.ceph.glance_keyring }} diff --git a/glance/templates/etc/_ceph.conf.tpl b/glance/templates/etc/_ceph.conf.tpl new file mode 100644 index 0000000000..7d2576bf65 --- /dev/null +++ b/glance/templates/etc/_ceph.conf.tpl @@ -0,0 +1,16 @@ +[global] +rgw_thread_pool_size = 1024 +rgw_num_rados_handles = 100 +{{- if .Values.ceph.monitors }} +[mon] +{{ range .Values.ceph.monitors }} + [mon.{{ . }}] + host = {{ . }} + mon_addr = {{ . }} +{{ end }} +{{- else }} +mon_host = ceph-mon.ceph +{{- end }} +[client] + rbd_cache_enabled = true + rbd_cache_writethrough_until_flush = true diff --git a/glance/templates/etc/_glance-api-paste.ini.tpl b/glance/templates/etc/_glance-api-paste.ini.tpl new file mode 100644 index 0000000000..687902743a --- /dev/null +++ b/glance/templates/etc/_glance-api-paste.ini.tpl @@ -0,0 +1,90 @@ +# Use this pipeline for no auth or image caching - DEFAULT +[pipeline:glance-api] +pipeline = cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler unauthenticated-context rootapp + +# Use this pipeline for image caching and no auth +[pipeline:glance-api-caching] +pipeline = cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler unauthenticated-context cache rootapp + +# Use this pipeline for caching w/ management interface but no auth +[pipeline:glance-api-cachemanagement] +pipeline = cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler unauthenticated-context cache cachemanage rootapp + +# Use this pipeline for keystone auth +[pipeline:glance-api-keystone] +pipeline = cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler authtoken context rootapp + +# Use this pipeline for keystone auth with image caching +[pipeline:glance-api-keystone+caching] +pipeline = cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler authtoken context cache rootapp + +# Use this pipeline for keystone auth with caching and cache management +[pipeline:glance-api-keystone+cachemanagement] +pipeline = cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler authtoken context cache cachemanage rootapp + +# Use this pipeline for authZ only. This means that the registry will treat a +# user as authenticated without making requests to keystone to reauthenticate +# the user. +[pipeline:glance-api-trusted-auth] +pipeline = cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler context rootapp + +# Use this pipeline for authZ only. This means that the registry will treat a +# user as authenticated without making requests to keystone to reauthenticate +# the user and uses cache management +[pipeline:glance-api-trusted-auth+cachemanagement] +pipeline = cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler context cache cachemanage rootapp + +[composite:rootapp] +paste.composite_factory = glance.api:root_app_factory +/: apiversions +/v1: apiv1app +/v2: apiv2app + +[app:apiversions] +paste.app_factory = glance.api.versions:create_resource + +[app:apiv1app] +paste.app_factory = glance.api.v1.router:API.factory + +[app:apiv2app] +paste.app_factory = glance.api.v2.router:API.factory + +[filter:healthcheck] +paste.filter_factory = oslo_middleware:Healthcheck.factory +backends = disable_by_file +disable_by_file_path = /etc/glance/healthcheck_disable + +[filter:versionnegotiation] +paste.filter_factory = glance.api.middleware.version_negotiation:VersionNegotiationFilter.factory + +[filter:cache] +paste.filter_factory = glance.api.middleware.cache:CacheFilter.factory + +[filter:cachemanage] +paste.filter_factory = glance.api.middleware.cache_manage:CacheManageFilter.factory + +[filter:context] +paste.filter_factory = glance.api.middleware.context:ContextMiddleware.factory + +[filter:unauthenticated-context] +paste.filter_factory = glance.api.middleware.context:UnauthenticatedContextMiddleware.factory + +[filter:authtoken] +paste.filter_factory = keystonemiddleware.auth_token:filter_factory +delay_auth_decision = true + +[filter:gzip] +paste.filter_factory = glance.api.middleware.gzip:GzipMiddleware.factory + +[filter:osprofiler] +paste.filter_factory = osprofiler.web:WsgiMiddleware.factory +hmac_keys = SECRET_KEY #DEPRECATED +enabled = yes #DEPRECATED + +[filter:cors] +paste.filter_factory = oslo_middleware.cors:filter_factory +oslo_config_project = glance +oslo_config_program = glance-api + +[filter:http_proxy_to_wsgi] +paste.filter_factory = oslo_middleware:HTTPProxyToWSGI.factory diff --git a/glance/templates/etc/_glance-api.conf.tpl b/glance/templates/etc/_glance-api.conf.tpl new file mode 100644 index 0000000000..84134e653a --- /dev/null +++ b/glance/templates/etc/_glance-api.conf.tpl @@ -0,0 +1,44 @@ +[DEFAULT] +debug = {{ .Values.misc.debug }} +use_syslog = False +use_stderr = True + +bind_port = {{ .Values.network.port.api }} +workers = {{ .Values.misc.workers }} +registry_host = glance-registry +# Enable Copy-on-Write +show_image_direct_url = True + +[database] +connection = mysql+pymysql://{{ .Values.database.glance_user }}:{{ .Values.database.glance_password }}@{{ .Values.database.address }}/{{ .Values.database.glance_database_name }} +max_retries = -1 + +[keystone_authtoken] +auth_uri = {{ .Values.keystone.auth_uri }} +auth_url = {{ .Values.keystone.auth_url }} +auth_type = password +project_domain_id = default +user_domain_id = default +project_name = service +username = {{ .Values.keystone.glance_user }} +password = {{ .Values.keystone.glance_password }} + +[paste_deploy] +flavor = keystone + +[oslo_messaging_notifications] +driver = noop + +[glance_store] +filesystem_store_datadir = /var/lib/glance/images/ +{{- if .Values.development.enabled }} +stores = file, http +default_store = file +{{- else }} +stores = file, http, rbd +default_store = rbd +rbd_store_pool = {{ .Values.ceph.glance_pool }} +rbd_store_user = {{ .Values.ceph.glance_user }} +rbd_store_ceph_conf = /etc/ceph/ceph.conf +rbd_store_chunk_size = 8 +{{- end }} diff --git a/glance/templates/etc/_glance-registry.conf.tpl b/glance/templates/etc/_glance-registry.conf.tpl new file mode 100644 index 0000000000..9e4df8d9c1 --- /dev/null +++ b/glance/templates/etc/_glance-registry.conf.tpl @@ -0,0 +1,26 @@ +[DEFAULT] +debug = {{ .Values.misc.debug }} +use_syslog = False +use_stderr = True +bind_port = {{ .Values.network.port.registry }} +workers = {{ .Values.misc.workers }} + +[database] +connection = mysql+pymysql://{{ .Values.database.glance_user }}:{{ .Values.database.glance_password }}@{{ .Values.database.address }}/{{ .Values.database.glance_database_name }} +max_retries = -1 + +[keystone_authtoken] +auth_uri = {{ .Values.keystone.auth_uri }} +auth_url = {{ .Values.keystone.auth_url }} +auth_type = password +project_domain_id = default +user_domain_id = default +project_name = service +username = {{ .Values.keystone.glance_user }} +password = {{ .Values.keystone.glance_password }} + +[paste_deploy] +flavor = keystone + +[oslo_messaging_notifications] +driver = noop diff --git a/glance/templates/etc/_policy.json.tpl b/glance/templates/etc/_policy.json.tpl new file mode 100644 index 0000000000..0a058c1c5d --- /dev/null +++ b/glance/templates/etc/_policy.json.tpl @@ -0,0 +1,61 @@ +{ + "context_is_admin": "role:admin", + "default": "role:admin", + + "add_image": "", + "delete_image": "", + "get_image": "", + "get_images": "", + "modify_image": "", + "publicize_image": "role:admin", + "copy_from": "", + + "download_image": "", + "upload_image": "", + + "delete_image_location": "", + "get_image_location": "", + "set_image_location": "", + + "add_member": "", + "delete_member": "", + "get_member": "", + "get_members": "", + "modify_member": "", + + "manage_image_cache": "role:admin", + + "get_task": "role:admin", + "get_tasks": "role:admin", + "add_task": "role:admin", + "modify_task": "role:admin", + + "deactivate": "", + "reactivate": "", + + "get_metadef_namespace": "", + "get_metadef_namespaces":"", + "modify_metadef_namespace":"", + "add_metadef_namespace":"", + + "get_metadef_object":"", + "get_metadef_objects":"", + "modify_metadef_object":"", + "add_metadef_object":"", + + "list_metadef_resource_types":"", + "get_metadef_resource_type":"", + "add_metadef_resource_type_association":"", + + "get_metadef_property":"", + "get_metadef_properties":"", + "modify_metadef_property":"", + "add_metadef_property":"", + + "get_metadef_tag":"", + "get_metadef_tags":"", + "modify_metadef_tag":"", + "add_metadef_tag":"", + "add_metadef_tags":"" + +} diff --git a/glance/templates/glance-api.conf.yaml b/glance/templates/glance-api.conf.yaml deleted file mode 100644 index ee61d333ec..0000000000 --- a/glance/templates/glance-api.conf.yaml +++ /dev/null @@ -1,48 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: glance-glanceapiconf -data: - glance-api.conf: |+ - [DEFAULT] - debug = {{ .Values.misc.debug }} - use_syslog = False - use_stderr = True - - bind_port = {{ .Values.network.port.api }} - - workers = {{ .Values.misc.workers }} - registry_host = {{ include "glance_registry_host" . }} - - # Enable Copy-on-Write - show_image_direct_url = True - - [database] - connection = mysql+pymysql://{{ .Values.database.glance_user }}:{{ .Values.database.glance_password }}@{{ .Values.database.address }}/{{ .Values.database.glance_database_name }} - max_retries = -1 - - [keystone_authtoken] - auth_uri = {{ .Values.keystone.auth_uri }} - auth_url = {{ .Values.keystone.auth_url }} - auth_type = password - project_domain_id = default - user_domain_id = default - project_name = service - username = {{ .Values.keystone.glance_user }} - password = {{ .Values.keystone.glance_password }} - - [paste_deploy] - flavor = keystone - - [oslo_messaging_notifications] - driver = noop - - [glance_store] - filesystem_store_datadir = /var/lib/glance/images/ - stores = file, http, rbd - default_store = rbd - rbd_store_pool = {{ .Values.ceph.glance_pool }} - rbd_store_user = {{ .Values.ceph.glance_user }} - rbd_store_ceph_conf = /etc/ceph/ceph.conf - rbd_store_chunk_size = 8 - diff --git a/glance/templates/glance-registry.conf.yaml b/glance/templates/glance-registry.conf.yaml deleted file mode 100644 index 81629caa46..0000000000 --- a/glance/templates/glance-registry.conf.yaml +++ /dev/null @@ -1,34 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: glance-glanceregistryconf -data: - glance-registry.conf: |+ - [DEFAULT] - debug = {{ .Values.misc.debug }} - use_syslog = False - use_stderr = True - - bind_port = {{ .Values.network.port.registry }} - - workers = {{ .Values.misc.workers }} - - [database] - connection = mysql+pymysql://{{ .Values.database.glance_user }}:{{ .Values.database.glance_password }}@{{ .Values.database.address }}/{{ .Values.database.glance_database_name }} - max_retries = -1 - - [keystone_authtoken] - auth_uri = {{ .Values.keystone.auth_uri }} - auth_url = {{ .Values.keystone.auth_url }} - auth_type = password - project_domain_id = default - user_domain_id = default - project_name = service - username = {{ .Values.keystone.glance_user }} - password = {{ .Values.keystone.glance_password }} - - [paste_deploy] - flavor = keystone - - [oslo_messaging_notifications] - driver = noop diff --git a/glance/templates/init.sh.yaml b/glance/templates/init.sh.yaml deleted file mode 100644 index 8605f7c544..0000000000 --- a/glance/templates/init.sh.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: glance-initsh -data: - init.sh: |+ - #!/bin/bash - set -ex - export HOME=/tmp - - ansible localhost -vvv -m mysql_db -a "login_host='{{ .Values.database.address }}' login_port='{{ .Values.database.port }}' login_user='{{ .Values.database.root_user }}' login_password='{{ .Values.database.root_password }}' name='{{ .Values.database.glance_database_name }}'" - ansible localhost -vvv -m mysql_user -a "login_host='{{ .Values.database.address }}' login_port='{{ .Values.database.port }}' login_user='{{ .Values.database.root_user }}' login_password='{{ .Values.database.root_password }}' name='{{ .Values.database.glance_user }}' password='{{ .Values.database.glance_password }}' host='%' priv='{{ .Values.database.glance_database_name }}.*:ALL' append_privs='yes'" diff --git a/glance/templates/db-sync.yaml b/glance/templates/job-db-sync.yaml similarity index 84% rename from glance/templates/db-sync.yaml rename to glance/templates/job-db-sync.yaml index fe0c1f56a3..660e183380 100644 --- a/glance/templates/db-sync.yaml +++ b/glance/templates/job-db-sync.yaml @@ -40,19 +40,13 @@ spec: image: {{ .Values.images.db_sync }} imagePullPolicy: {{ .Values.images.pull_policy }} command: - - bash - - /tmp/db-sync.sh + - glance-manage + - db_sync volumeMounts: - name: glanceapiconf mountPath: /etc/glance/glance-api.conf subPath: glance-api.conf - - name: dbsyncsh - mountPath: /tmp/db-sync.sh - subPath: db-sync.sh volumes: - name: glanceapiconf configMap: - name: glance-glanceapiconf - - name: dbsyncsh - configMap: - name: glance-dbsyncsh + name: glance-etc diff --git a/glance/templates/init.yaml b/glance/templates/job-init.yaml similarity index 98% rename from glance/templates/init.yaml rename to glance/templates/job-init.yaml index 48b97a7cbd..49a9d8120b 100644 --- a/glance/templates/init.yaml +++ b/glance/templates/job-init.yaml @@ -52,4 +52,4 @@ spec: volumes: - name: initsh configMap: - name: glance-initsh + name: glance-bin diff --git a/glance/templates/post.yaml b/glance/templates/job-post.yaml similarity index 97% rename from glance/templates/post.yaml rename to glance/templates/job-post.yaml index 4fe1c195bf..152577200e 100644 --- a/glance/templates/post.yaml +++ b/glance/templates/job-post.yaml @@ -52,5 +52,4 @@ spec: volumes: - name: postsh configMap: - name: glance-postsh - + name: glance-bin diff --git a/glance/templates/post.sh.yaml b/glance/templates/post.sh.yaml deleted file mode 100644 index 156b60d605..0000000000 --- a/glance/templates/post.sh.yaml +++ /dev/null @@ -1,48 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: glance-postsh -data: - post.sh: |+ - #!/bin/bash - set -ex - export HOME=/tmp - - ansible localhost -vvv -m kolla_keystone_service -a "service_name=glance \ - service_type=image \ - description='Openstack Image' \ - endpoint_region='{{ .Values.keystone.glance_region_name }}' \ - url='{{ include "endpoint_glance_api_internal" . }}' \ - interface=admin \ - region_name='{{ .Values.keystone.admin_region_name }}' \ - auth='{{ include "keystone_auth" . }}'" \ - -e "{'openstack_glance_auth': {{ include "keystone_auth" . }}}" - - ansible localhost -vvv -m kolla_keystone_service -a "service_name=glance \ - service_type=image \ - description='Openstack Image' \ - endpoint_region='{{ .Values.keystone.glance_region_name }}' \ - url='{{ include "endpoint_glance_api_internal" . }}' \ - interface=internal \ - region_name='{{ .Values.keystone.admin_region_name }}' \ - auth='{{ include "keystone_auth" . }}'" \ - -e "{ 'openstack_glance_auth': {{ include "keystone_auth" . }} }" - - ansible localhost -vvv -m kolla_keystone_service -a "service_name=glance \ - service_type=image \ - description='Openstack Image' \ - endpoint_region='{{ .Values.keystone.glance_region_name }}' \ - url='{{ include "endpoint_glance_api_internal" . }}' \ - interface=public \ - region_name='{{ .Values.keystone.admin_region_name }}' \ - auth='{{ include "keystone_auth" . }}'" \ - -e "{ 'openstack_glance_auth': {{ include "keystone_auth" . }} }" - - ansible localhost -vvv -m kolla_keystone_user -a "project=service \ - user={{ .Values.keystone.glance_user }} \ - password={{ .Values.keystone.glance_password }} \ - role=admin \ - region_name={{ .Values.keystone.admin_region_name }} \ - auth='{{ include "keystone_auth" . }}'" \ - -e "{ 'openstack_glance_auth': {{ include "keystone_auth" . }} }" - diff --git a/glance/templates/start.sh.yaml b/glance/templates/start.sh.yaml deleted file mode 100644 index e9b3d40ec9..0000000000 --- a/glance/templates/start.sh.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: glance-startsh -data: - start.sh: |+ - #!/bin/bash - set -ex - - cp `find / -not -path "/etc/*" -name glance-api-paste.ini` /etc/glance/ - - glance-api diff --git a/glance/values.yaml b/glance/values.yaml index a3c6886a54..cacd0909b4 100644 --- a/glance/values.yaml +++ b/glance/values.yaml @@ -3,7 +3,13 @@ # Declare name/value pairs to be passed into your templates. # name: value -replicas: 1 +replicas: + api: 1 + registry: 1 + +development: + enabled: false + storage_path: /data/openstack-helm/glance/images labels: node_selector_key: openstack-control-plane From 16066adf111b7dfe29d52fc26768dfd317f3c139 Mon Sep 17 00:00:00 2001 From: mattmceuen Date: Sun, 15 Jan 2017 15:25:40 -0600 Subject: [PATCH 10/45] Trued up nodeselector values for nova and neutron The Nova and Neutron charts use more granular node labels; this trues up the their jobs' nodeselectors to use them. Fix for https://github.com/att-comdev/openstack-helm/issues/119 --- neutron/templates/job-db-sync.yaml | 4 ++-- neutron/templates/job-init.yaml | 4 ++-- neutron/templates/job-post.yaml | 4 ++-- nova/templates/job-db-sync.yaml | 2 +- nova/templates/job-init.yaml | 2 +- nova/templates/job-post.yaml | 2 +- 6 files changed, 9 insertions(+), 9 deletions(-) diff --git a/neutron/templates/job-db-sync.yaml b/neutron/templates/job-db-sync.yaml index ff546f790b..e34f36dc3a 100644 --- a/neutron/templates/job-db-sync.yaml +++ b/neutron/templates/job-db-sync.yaml @@ -7,7 +7,7 @@ spec: spec: restartPolicy: OnFailure nodeSelector: - {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} + {{ .Values.labels.server.node_selector_key }}: {{ .Values.labels.server.node_selector_value }} containers: - name: neutron-db-sync image: {{ .Values.images.db_sync }} @@ -42,4 +42,4 @@ spec: name: neutron-etc - name: ml2confini configMap: - name: neutron-etc \ No newline at end of file + name: neutron-etc diff --git a/neutron/templates/job-init.yaml b/neutron/templates/job-init.yaml index ef29d574a6..d7d3401714 100644 --- a/neutron/templates/job-init.yaml +++ b/neutron/templates/job-init.yaml @@ -7,7 +7,7 @@ spec: spec: restartPolicy: OnFailure nodeSelector: - {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} + {{ .Values.labels.server.node_selector_key }}: {{ .Values.labels.server.node_selector_value }} containers: - name: neutron-init image: {{ .Values.images.init }} @@ -36,4 +36,4 @@ spec: volumes: - name: initsh configMap: - name: neutron-bin \ No newline at end of file + name: neutron-bin diff --git a/neutron/templates/job-post.yaml b/neutron/templates/job-post.yaml index 847a19274e..6c3a05d280 100644 --- a/neutron/templates/job-post.yaml +++ b/neutron/templates/job-post.yaml @@ -7,7 +7,7 @@ spec: spec: restartPolicy: OnFailure nodeSelector: - {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} + {{ .Values.labels.server.node_selector_key }}: {{ .Values.labels.server.node_selector_value }} containers: - name: neutron-post image: {{ .Values.images.post }} @@ -38,4 +38,4 @@ spec: volumes: - name: postsh configMap: - name: neutron-bin \ No newline at end of file + name: neutron-bin diff --git a/nova/templates/job-db-sync.yaml b/nova/templates/job-db-sync.yaml index da81fe0e13..7a1404f450 100644 --- a/nova/templates/job-db-sync.yaml +++ b/nova/templates/job-db-sync.yaml @@ -34,7 +34,7 @@ spec: spec: restartPolicy: OnFailure nodeSelector: - {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} + {{ .Values.labels.control_node_selector_key }}: {{ .Values.labels.control_node_selector_value }} containers: - name: nova-db-sync image: {{ .Values.image.db_sync }} diff --git a/nova/templates/job-init.yaml b/nova/templates/job-init.yaml index 2ca373358a..7081a1e44e 100644 --- a/nova/templates/job-init.yaml +++ b/nova/templates/job-init.yaml @@ -34,7 +34,7 @@ spec: spec: restartPolicy: OnFailure nodeSelector: - {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} + {{ .Values.labels.control_node_selector_key }}: {{ .Values.labels.control_node_selector_value }} containers: - name: nova-init image: {{ .Values.image.init }} diff --git a/nova/templates/job-post.yaml b/nova/templates/job-post.yaml index e22373e02f..e75cf0f51f 100644 --- a/nova/templates/job-post.yaml +++ b/nova/templates/job-post.yaml @@ -34,7 +34,7 @@ spec: spec: restartPolicy: OnFailure nodeSelector: - {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} + {{ .Values.labels.control_node_selector_key }}: {{ .Values.labels.control_node_selector_value }} containers: - name: nova-post image: {{ .Values.image.post }} From b4d873e1a1ae8f105db582a4853b79e75a1e6e2c Mon Sep 17 00:00:00 2001 From: Steve Wilkerson Date: Sun, 15 Jan 2017 16:40:52 -0600 Subject: [PATCH 11/45] Fix file name in configmap-etc.yaml Overlooked a file extension in one of the data entries in the etc configmap. --- glance/templates/configmap-etc.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/glance/templates/configmap-etc.yaml b/glance/templates/configmap-etc.yaml index 2ba83442aa..9b622b1785 100644 --- a/glance/templates/configmap-etc.yaml +++ b/glance/templates/configmap-etc.yaml @@ -5,7 +5,7 @@ metadata: data: ceph.conf: |+ {{ tuple "etc/_ceph.conf.tpl" . | include "template" | indent 4 }} - ceph.client.glance.keyring: |+ + ceph.client.glance.keyring.yaml: |+ {{ tuple "etc/_ceph.client.glance.keyring.yaml.tpl" . | include "template" | indent 4 }} glance-api.conf: |+ {{ tuple "etc/_glance-api.conf.tpl" . | include "template" | indent 4 }} From afa0ecd1dfedb87fef916597d52f5dca60c3a865 Mon Sep 17 00:00:00 2001 From: Pete Birley Date: Fri, 13 Jan 2017 00:22:00 +0000 Subject: [PATCH 12/45] Keystone Load Complete Configs This PS loads all the required keystone configuration files into a container for an apache based deployment. It allows OpenStack-Helm to be image agnosic, meaning operators can use any Apache based Keystone image they want. --- keystone/templates/bin/_db-sync.sh.tpl | 27 +-- keystone/templates/bin/_init.sh.tpl | 19 +- keystone/templates/bin/_start.sh.tpl | 16 +- keystone/templates/configmap-etc.yaml | 8 +- keystone/templates/deployment.yaml | 43 +++- .../templates/etc/_keystone-paste.ini.tpl | 97 +++++++++ keystone/templates/etc/_policy.json.tpl | 199 ++++++++++++++++++ .../etc/_sso_callback_template.html.tpl | 22 ++ .../templates/etc/_wsgi-keystone.conf.tpl | 17 +- keystone/templates/job-db-sync.yaml | 8 +- keystone/values.yaml | 1 - 11 files changed, 419 insertions(+), 38 deletions(-) create mode 100644 keystone/templates/etc/_keystone-paste.ini.tpl create mode 100644 keystone/templates/etc/_policy.json.tpl create mode 100644 keystone/templates/etc/_sso_callback_template.html.tpl diff --git a/keystone/templates/bin/_db-sync.sh.tpl b/keystone/templates/bin/_db-sync.sh.tpl index 89c4c5de84..e4f69c7214 100644 --- a/keystone/templates/bin/_db-sync.sh.tpl +++ b/keystone/templates/bin/_db-sync.sh.tpl @@ -1,22 +1,13 @@ #!/bin/bash set -ex -# order of kolla_keystone_bootstrap urls -# for those of looking for a little expanation -# to a mysterious blackbox -# -# these will feed into the keystone endpoints -# so it is important they are correct -# -# keystone_admin_url -# keystone_internal_url -# keystone_public_url - -keystone-manage db_sync -kolla_keystone_bootstrap {{ .Values.keystone.admin_user }} {{ .Values.keystone.admin_password }} \ - {{ .Values.keystone.admin_project_name }} admin \ - {{ include "endpoint_keystone_admin" . }} \ - {{ include "endpoint_keystone_internal" . }} \ - {{ include "endpoint_keystone_internal" . }} \ - {{ .Values.keystone.admin_region_name }} +keystone-manage --config-file=/etc/keystone/keystone.conf db_sync +keystone-manage --config-file=/etc/keystone/keystone.conf bootstrap \ + --bootstrap-username {{ .Values.keystone.admin_user }} \ + --bootstrap-password {{ .Values.keystone.admin_password }} \ + --bootstrap-project-name {{ .Values.keystone.admin_project_name }} \ + --bootstrap-admin-url {{ include "endpoint_keystone_admin" . }} \ + --bootstrap-public-url {{ include "endpoint_keystone_internal" . }} \ + --bootstrap-internal-url {{ include "endpoint_keystone_internal" . }} \ + --bootstrap-region-id {{ .Values.keystone.admin_region_name }} diff --git a/keystone/templates/bin/_init.sh.tpl b/keystone/templates/bin/_init.sh.tpl index 0d47c4ba71..f48157a2ce 100644 --- a/keystone/templates/bin/_init.sh.tpl +++ b/keystone/templates/bin/_init.sh.tpl @@ -2,5 +2,20 @@ set -ex export HOME=/tmp -ansible localhost -vvv -m mysql_db -a "login_host='{{ include "keystone_db_host" . }}' login_port='{{ .Values.database.port }}' login_user='{{ .Values.database.root_user }}' login_password='{{ .Values.database.root_password }}' name='{{ .Values.database.keystone_database_name }}'" -ansible localhost -vvv -m mysql_user -a "login_host='{{ include "keystone_db_host" . }}' login_port='{{ .Values.database.port }}' login_user='{{ .Values.database.root_user }}' login_password='{{ .Values.database.root_password }}' name='{{ .Values.database.keystone_user }}' password='{{ .Values.database.keystone_password }}' host='%' priv='{{ .Values.database.keystone_database_name }}.*:ALL' append_privs='yes'" +ansible localhost -vvv \ + -m mysql_db -a "login_host='{{ include "keystone_db_host" . }}' \ + login_port='{{ .Values.database.port }}' \ + login_user='{{ .Values.database.root_user }}' \ + login_password='{{ .Values.database.root_password }}' \ + name='{{ .Values.database.keystone_database_name }}'" + +ansible localhost -vvv \ + -m mysql_user -a "login_host='{{ include "keystone_db_host" . }}' \ + login_port='{{ .Values.database.port }}' \ + login_user='{{ .Values.database.root_user }}' \ + login_password='{{ .Values.database.root_password }}' \ + name='{{ .Values.database.keystone_user }}' \ + password='{{ .Values.database.keystone_password }}' \ + host='%' \ + priv='{{ .Values.database.keystone_database_name }}.*:ALL' \ + append_privs='yes'" diff --git a/keystone/templates/bin/_start.sh.tpl b/keystone/templates/bin/_start.sh.tpl index 4bafe63ee4..72529c2f32 100644 --- a/keystone/templates/bin/_start.sh.tpl +++ b/keystone/templates/bin/_start.sh.tpl @@ -1,8 +1,10 @@ -#!/bin/bash -set -ex - -# Loading Apache2 ENV variables -source /etc/apache2/envvars +#!/bin/bash +set -ex -# start apache with any container arguments -apache2 -DFOREGROUND $* +if [ -f /etc/apache2/envvars ]; then + # Loading Apache2 ENV variables + source /etc/apache2/envvars +fi + +# Start Apache2 +exec apache2 -DFOREGROUND diff --git a/keystone/templates/configmap-etc.yaml b/keystone/templates/configmap-etc.yaml index b59534ee98..3ad7dc8293 100644 --- a/keystone/templates/configmap-etc.yaml +++ b/keystone/templates/configmap-etc.yaml @@ -6,6 +6,12 @@ data: keystone.conf: |+ {{ tuple "etc/_keystone.conf.tpl" . | include "template" | indent 4 }} mpm_event.conf: |+ -{{ tuple "etc/_mpm_event.conf.tpl" . | include "template" | indent 4 }} +{{ tuple "etc/_mpm_event.conf.tpl" . | include "template" | indent 4 }} wsgi-keystone.conf: |+ {{ tuple "etc/_wsgi-keystone.conf.tpl" . | include "template" | indent 4 }} + policy.json: |+ +{{ tuple "etc/_policy.json.tpl" . | include "template" | indent 4 }} + keystone-paste.ini: |+ +{{ tuple "etc/_keystone-paste.ini.tpl" . | include "template" | indent 4 }} + sso_callback_template.html: |+ +{{ tuple "etc/_sso_callback_template.html.tpl" . | include "template" | indent 4 }} diff --git a/keystone/templates/deployment.yaml b/keystone/templates/deployment.yaml index 49917adaed..49b84d0084 100644 --- a/keystone/templates/deployment.yaml +++ b/keystone/templates/deployment.yaml @@ -11,14 +11,14 @@ spec: rollingUpdate: maxUnavailable: {{ .Values.upgrades.rolling_update.max_unavailable }} maxSurge: {{ .Values.upgrades.rolling_update.max_surge }} - {{ end }} + {{ end }} template: metadata: labels: app: keystone-api annotations: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} - configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} + configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} pod.beta.kubernetes.io/init-containers: '[ { "name": "init", @@ -44,7 +44,7 @@ spec: { "name": "COMMAND", "value": "echo done" - } + } ] } ]' @@ -61,26 +61,62 @@ spec: ports: - containerPort: {{ .Values.network.port.public }} - containerPort: {{ .Values.network.port.admin }} + lifecycle: + preStop: + exec: + command: + - apachectl + - -k + - graceful-stop readinessProbe: tcpSocket: port: {{ .Values.network.port.public }} volumeMounts: + - name: pod-etc-keystone + mountPath: /etc/keystone - name: keystoneconf mountPath: /etc/keystone/keystone.conf subPath: keystone.conf + readOnly: true + - name: keystonepaste + mountPath: /etc/keystone/keystone-paste.ini + subPath: keystone-paste.ini + readOnly: true + - name: keystonepolicy + mountPath: /etc/keystone/policy.json + subPath: policy.json + readOnly: true + - name: keystonessotemplate + mountPath: /etc/keystone/sso_callback_template.html + subPath: sso_callback_template.html + readOnly: true - name: wsgikeystone mountPath: /etc/apache2/conf-enabled/wsgi-keystone.conf subPath: wsgi-keystone.conf + readOnly: true - name: mpmeventconf mountPath: /etc/apache2/mods-available/mpm_event.conf subPath: mpm_event.conf + readOnly: true - name: startsh mountPath: /tmp/start.sh subPath: start.sh + readOnly: true volumes: + - name: pod-etc-keystone + emptyDir: {} - name: keystoneconf configMap: name: keystone-etc + - name: keystonepaste + configMap: + name: keystone-etc + - name: keystonepolicy + configMap: + name: keystone-etc + - name: keystonessotemplate + configMap: + name: keystone-etc - name: wsgikeystone configMap: name: keystone-etc @@ -90,4 +126,3 @@ spec: - name: startsh configMap: name: keystone-bin - diff --git a/keystone/templates/etc/_keystone-paste.ini.tpl b/keystone/templates/etc/_keystone-paste.ini.tpl new file mode 100644 index 0000000000..0d058ac009 --- /dev/null +++ b/keystone/templates/etc/_keystone-paste.ini.tpl @@ -0,0 +1,97 @@ +# Keystone PasteDeploy configuration file. + +[filter:debug] +use = egg:oslo.middleware#debug + +[filter:request_id] +use = egg:oslo.middleware#request_id + +[filter:build_auth_context] +use = egg:keystone#build_auth_context + +[filter:token_auth] +use = egg:keystone#token_auth + +[filter:admin_token_auth] +# This is deprecated in the M release and will be removed in the O release. +# Use `keystone-manage bootstrap` and remove this from the pipelines below. +use = egg:keystone#admin_token_auth + +[filter:json_body] +use = egg:keystone#json_body + +[filter:cors] +use = egg:oslo.middleware#cors +oslo_config_project = keystone + +[filter:http_proxy_to_wsgi] +use = egg:oslo.middleware#http_proxy_to_wsgi + +[filter:healthcheck] +use = egg:oslo.middleware#healthcheck + +[filter:ec2_extension] +use = egg:keystone#ec2_extension + +[filter:ec2_extension_v3] +use = egg:keystone#ec2_extension_v3 + +[filter:s3_extension] +use = egg:keystone#s3_extension + +[filter:url_normalize] +use = egg:keystone#url_normalize + +[filter:sizelimit] +use = egg:oslo.middleware#sizelimit + +[filter:osprofiler] +use = egg:osprofiler#osprofiler + +[app:public_service] +use = egg:keystone#public_service + +[app:service_v3] +use = egg:keystone#service_v3 + +[app:admin_service] +use = egg:keystone#admin_service + +[pipeline:public_api] +# The last item in this pipeline must be public_service or an equivalent +# application. It cannot be a filter. +pipeline = healthcheck cors sizelimit http_proxy_to_wsgi osprofiler url_normalize request_id build_auth_context token_auth json_body ec2_extension public_service + +[pipeline:admin_api] +# The last item in this pipeline must be admin_service or an equivalent +# application. It cannot be a filter. +pipeline = healthcheck cors sizelimit http_proxy_to_wsgi osprofiler url_normalize request_id build_auth_context token_auth json_body ec2_extension s3_extension admin_service + +[pipeline:api_v3] +# The last item in this pipeline must be service_v3 or an equivalent +# application. It cannot be a filter. +pipeline = healthcheck cors sizelimit http_proxy_to_wsgi osprofiler url_normalize request_id build_auth_context token_auth json_body ec2_extension_v3 s3_extension service_v3 + +[app:public_version_service] +use = egg:keystone#public_version_service + +[app:admin_version_service] +use = egg:keystone#admin_version_service + +[pipeline:public_version_api] +pipeline = healthcheck cors sizelimit osprofiler url_normalize public_version_service + +[pipeline:admin_version_api] +pipeline = healthcheck cors sizelimit osprofiler url_normalize admin_version_service + +[composite:main] +use = egg:Paste#urlmap +/v2.0 = public_api +/v3 = api_v3 +/ = public_version_api + +[composite:admin] +use = egg:Paste#urlmap +/v2.0 = admin_api +/v3 = api_v3 +/ = admin_version_api diff --git a/keystone/templates/etc/_policy.json.tpl b/keystone/templates/etc/_policy.json.tpl new file mode 100644 index 0000000000..ddf2396272 --- /dev/null +++ b/keystone/templates/etc/_policy.json.tpl @@ -0,0 +1,199 @@ +{ + "admin_required": "role:admin or is_admin:1", + "service_role": "role:service", + "service_or_admin": "rule:admin_required or rule:service_role", + "owner" : "user_id:%(user_id)s", + "admin_or_owner": "rule:admin_required or rule:owner", + "token_subject": "user_id:%(target.token.user_id)s", + "admin_or_token_subject": "rule:admin_required or rule:token_subject", + "service_admin_or_token_subject": "rule:service_or_admin or rule:token_subject", + + "default": "rule:admin_required", + + "identity:get_region": "", + "identity:list_regions": "", + "identity:create_region": "rule:admin_required", + "identity:update_region": "rule:admin_required", + "identity:delete_region": "rule:admin_required", + + "identity:get_service": "rule:admin_required", + "identity:list_services": "rule:admin_required", + "identity:create_service": "rule:admin_required", + "identity:update_service": "rule:admin_required", + "identity:delete_service": "rule:admin_required", + + "identity:get_endpoint": "rule:admin_required", + "identity:list_endpoints": "rule:admin_required", + "identity:create_endpoint": "rule:admin_required", + "identity:update_endpoint": "rule:admin_required", + "identity:delete_endpoint": "rule:admin_required", + + "identity:get_domain": "rule:admin_required or token.project.domain.id:%(target.domain.id)s", + "identity:list_domains": "rule:admin_required", + "identity:create_domain": "rule:admin_required", + "identity:update_domain": "rule:admin_required", + "identity:delete_domain": "rule:admin_required", + + "identity:get_project": "rule:admin_required or project_id:%(target.project.id)s", + "identity:list_projects": "rule:admin_required", + "identity:list_user_projects": "rule:admin_or_owner", + "identity:create_project": "rule:admin_required", + "identity:update_project": "rule:admin_required", + "identity:delete_project": "rule:admin_required", + + "identity:get_user": "rule:admin_or_owner", + "identity:list_users": "rule:admin_required", + "identity:create_user": "rule:admin_required", + "identity:update_user": "rule:admin_required", + "identity:delete_user": "rule:admin_required", + "identity:change_password": "rule:admin_or_owner", + + "identity:get_group": "rule:admin_required", + "identity:list_groups": "rule:admin_required", + "identity:list_groups_for_user": "rule:admin_or_owner", + "identity:create_group": "rule:admin_required", + "identity:update_group": "rule:admin_required", + "identity:delete_group": "rule:admin_required", + "identity:list_users_in_group": "rule:admin_required", + "identity:remove_user_from_group": "rule:admin_required", + "identity:check_user_in_group": "rule:admin_required", + "identity:add_user_to_group": "rule:admin_required", + + "identity:get_credential": "rule:admin_required", + "identity:list_credentials": "rule:admin_required", + "identity:create_credential": "rule:admin_required", + "identity:update_credential": "rule:admin_required", + "identity:delete_credential": "rule:admin_required", + + "identity:ec2_get_credential": "rule:admin_required or (rule:owner and user_id:%(target.credential.user_id)s)", + "identity:ec2_list_credentials": "rule:admin_or_owner", + "identity:ec2_create_credential": "rule:admin_or_owner", + "identity:ec2_delete_credential": "rule:admin_required or (rule:owner and user_id:%(target.credential.user_id)s)", + + "identity:get_role": "rule:admin_required", + "identity:list_roles": "rule:admin_required", + "identity:create_role": "rule:admin_required", + "identity:update_role": "rule:admin_required", + "identity:delete_role": "rule:admin_required", + "identity:get_domain_role": "rule:admin_required", + "identity:list_domain_roles": "rule:admin_required", + "identity:create_domain_role": "rule:admin_required", + "identity:update_domain_role": "rule:admin_required", + "identity:delete_domain_role": "rule:admin_required", + + "identity:get_implied_role": "rule:admin_required ", + "identity:list_implied_roles": "rule:admin_required", + "identity:create_implied_role": "rule:admin_required", + "identity:delete_implied_role": "rule:admin_required", + "identity:list_role_inference_rules": "rule:admin_required", + "identity:check_implied_role": "rule:admin_required", + + "identity:check_grant": "rule:admin_required", + "identity:list_grants": "rule:admin_required", + "identity:create_grant": "rule:admin_required", + "identity:revoke_grant": "rule:admin_required", + + "identity:list_role_assignments": "rule:admin_required", + "identity:list_role_assignments_for_tree": "rule:admin_required", + + "identity:get_policy": "rule:admin_required", + "identity:list_policies": "rule:admin_required", + "identity:create_policy": "rule:admin_required", + "identity:update_policy": "rule:admin_required", + "identity:delete_policy": "rule:admin_required", + + "identity:check_token": "rule:admin_or_token_subject", + "identity:validate_token": "rule:service_admin_or_token_subject", + "identity:validate_token_head": "rule:service_or_admin", + "identity:revocation_list": "rule:service_or_admin", + "identity:revoke_token": "rule:admin_or_token_subject", + + "identity:create_trust": "user_id:%(trust.trustor_user_id)s", + "identity:list_trusts": "", + "identity:list_roles_for_trust": "", + "identity:get_role_for_trust": "", + "identity:delete_trust": "", + + "identity:create_consumer": "rule:admin_required", + "identity:get_consumer": "rule:admin_required", + "identity:list_consumers": "rule:admin_required", + "identity:delete_consumer": "rule:admin_required", + "identity:update_consumer": "rule:admin_required", + + "identity:authorize_request_token": "rule:admin_required", + "identity:list_access_token_roles": "rule:admin_required", + "identity:get_access_token_role": "rule:admin_required", + "identity:list_access_tokens": "rule:admin_required", + "identity:get_access_token": "rule:admin_required", + "identity:delete_access_token": "rule:admin_required", + + "identity:list_projects_for_endpoint": "rule:admin_required", + "identity:add_endpoint_to_project": "rule:admin_required", + "identity:check_endpoint_in_project": "rule:admin_required", + "identity:list_endpoints_for_project": "rule:admin_required", + "identity:remove_endpoint_from_project": "rule:admin_required", + + "identity:create_endpoint_group": "rule:admin_required", + "identity:list_endpoint_groups": "rule:admin_required", + "identity:get_endpoint_group": "rule:admin_required", + "identity:update_endpoint_group": "rule:admin_required", + "identity:delete_endpoint_group": "rule:admin_required", + "identity:list_projects_associated_with_endpoint_group": "rule:admin_required", + "identity:list_endpoints_associated_with_endpoint_group": "rule:admin_required", + "identity:get_endpoint_group_in_project": "rule:admin_required", + "identity:list_endpoint_groups_for_project": "rule:admin_required", + "identity:add_endpoint_group_to_project": "rule:admin_required", + "identity:remove_endpoint_group_from_project": "rule:admin_required", + + "identity:create_identity_provider": "rule:admin_required", + "identity:list_identity_providers": "rule:admin_required", + "identity:get_identity_providers": "rule:admin_required", + "identity:update_identity_provider": "rule:admin_required", + "identity:delete_identity_provider": "rule:admin_required", + + "identity:create_protocol": "rule:admin_required", + "identity:update_protocol": "rule:admin_required", + "identity:get_protocol": "rule:admin_required", + "identity:list_protocols": "rule:admin_required", + "identity:delete_protocol": "rule:admin_required", + + "identity:create_mapping": "rule:admin_required", + "identity:get_mapping": "rule:admin_required", + "identity:list_mappings": "rule:admin_required", + "identity:delete_mapping": "rule:admin_required", + "identity:update_mapping": "rule:admin_required", + + "identity:create_service_provider": "rule:admin_required", + "identity:list_service_providers": "rule:admin_required", + "identity:get_service_provider": "rule:admin_required", + "identity:update_service_provider": "rule:admin_required", + "identity:delete_service_provider": "rule:admin_required", + + "identity:get_auth_catalog": "", + "identity:get_auth_projects": "", + "identity:get_auth_domains": "", + + "identity:list_projects_for_user": "", + "identity:list_domains_for_user": "", + + "identity:list_revoke_events": "rule:service_or_admin", + + "identity:create_policy_association_for_endpoint": "rule:admin_required", + "identity:check_policy_association_for_endpoint": "rule:admin_required", + "identity:delete_policy_association_for_endpoint": "rule:admin_required", + "identity:create_policy_association_for_service": "rule:admin_required", + "identity:check_policy_association_for_service": "rule:admin_required", + "identity:delete_policy_association_for_service": "rule:admin_required", + "identity:create_policy_association_for_region_and_service": "rule:admin_required", + "identity:check_policy_association_for_region_and_service": "rule:admin_required", + "identity:delete_policy_association_for_region_and_service": "rule:admin_required", + "identity:get_policy_for_endpoint": "rule:admin_required", + "identity:list_endpoints_for_policy": "rule:admin_required", + + "identity:create_domain_config": "rule:admin_required", + "identity:get_domain_config": "rule:admin_required", + "identity:get_security_compliance_domain_config": "", + "identity:update_domain_config": "rule:admin_required", + "identity:delete_domain_config": "rule:admin_required", + "identity:get_domain_config_default": "rule:admin_required" +} diff --git a/keystone/templates/etc/_sso_callback_template.html.tpl b/keystone/templates/etc/_sso_callback_template.html.tpl new file mode 100644 index 0000000000..3364d69e55 --- /dev/null +++ b/keystone/templates/etc/_sso_callback_template.html.tpl @@ -0,0 +1,22 @@ + + + + Keystone WebSSO redirect + + +
+ Please wait... +
+ + +
+ + + diff --git a/keystone/templates/etc/_wsgi-keystone.conf.tpl b/keystone/templates/etc/_wsgi-keystone.conf.tpl index e6535eae85..f04bc7e1b6 100644 --- a/keystone/templates/etc/_wsgi-keystone.conf.tpl +++ b/keystone/templates/etc/_wsgi-keystone.conf.tpl @@ -1,6 +1,9 @@ Listen {{ .Values.network.ip_address }}:{{ .Values.network.port.public }} Listen {{ .Values.network.ip_address }}:{{ .Values.network.port.admin }} +LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined +LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" proxy + WSGIDaemonProcess keystone-public processes=16 threads=6 user=keystone group=keystone display-name=%{GROUP} WSGIProcessGroup keystone-public @@ -10,8 +13,11 @@ Listen {{ .Values.network.ip_address }}:{{ .Values.network.port.admin }} = 2.4> ErrorLogFormat "%{cu}t %M" - ErrorLog "|$/bin/cat 1>&2" - CustomLog "|/bin/cat" combined + ErrorLog /dev/stderr + + SetEnvIf X-Forwarded-For "^.*\..*\..*\..*" forwarded + CustomLog /dev/stdout combined env=!forwarded + CustomLog /dev/stdout proxy env=forwarded @@ -23,6 +29,9 @@ Listen {{ .Values.network.ip_address }}:{{ .Values.network.port.admin }} = 2.4> ErrorLogFormat "%{cu}t %M" - ErrorLog "|$/bin/cat 1>&2" - CustomLog "|/bin/cat" combined + ErrorLog /dev/stderr + + SetEnvIf X-Forwarded-For "^.*\..*\..*\..*" forwarded + CustomLog /dev/stdout combined env=!forwarded + CustomLog /dev/stdout proxy env=forwarded diff --git a/keystone/templates/job-db-sync.yaml b/keystone/templates/job-db-sync.yaml index c1f4954279..403f1d60ee 100644 --- a/keystone/templates/job-db-sync.yaml +++ b/keystone/templates/job-db-sync.yaml @@ -15,7 +15,7 @@ spec: { "name": "NAMESPACE", "value": "{{ .Release.Namespace }}" - }, + }, { "name": "DEPENDENCY_SERVICE", "value": "{{ include "joinListWithColon" .Values.dependencies.db_sync.service }}" @@ -43,13 +43,19 @@ spec: - bash - /tmp/db-sync.sh volumeMounts: + - name: pod-etc-keystone + mountPath: /etc/keystone - name: keystoneconf mountPath: /etc/keystone/keystone.conf subPath: keystone.conf + readOnly: true - name: keystone-bin mountPath: /tmp/db-sync.sh subPath: db-sync.sh + readOnly: true volumes: + - name: pod-etc-keystone + emptyDir: {} - name: keystoneconf configMap: name: keystone-etc diff --git a/keystone/values.yaml b/keystone/values.yaml index a4a84a67bf..1088d2d010 100644 --- a/keystone/values.yaml +++ b/keystone/values.yaml @@ -90,4 +90,3 @@ endpoints: port: admin: 35357 public: 5000 - From 71427ce9059c46a0b529543a5df1d8c29d7c8e73 Mon Sep 17 00:00:00 2001 From: DTadrzak Date: Mon, 16 Jan 2017 10:47:43 +0100 Subject: [PATCH 13/45] A few changes according to intlabs's review. Signed-off-by: DTadrzak --- cinder/templates/deployment-api.yaml | 7 ++- cinder/templates/deployment-scheduler.yaml | 7 ++- cinder/templates/deployment-volume.yaml | 7 ++- cinder/templates/job-db-init.yaml | 7 ++- cinder/templates/job-db-sync.yaml | 7 ++- cinder/templates/job-ks-endpoints.yaml.yaml | 6 +- cinder/templates/job-ks-service.yaml | 6 +- cinder/templates/job-ks-user.yaml | 7 ++- common/templates/_funcs.tpl | 63 ++++++++++----------- glance/templates/api.yaml | 7 ++- glance/templates/db-sync.yaml | 7 ++- glance/templates/init.yaml | 7 ++- glance/templates/post.yaml | 7 ++- glance/templates/registry.yaml | 7 ++- heat/templates/deployment-api.yaml | 7 ++- heat/templates/deployment-cfn.yaml | 7 ++- heat/templates/deployment-cloudwatch.yaml | 7 ++- heat/templates/job-db-init.yaml | 7 ++- heat/templates/job-db-sync.yaml | 7 ++- heat/templates/job-ks-endpoints.yaml.yaml | 6 +- heat/templates/job-ks-service.yaml | 6 +- heat/templates/job-ks-user.yaml | 7 ++- heat/templates/statefulset-engine.yaml | 7 ++- horizon/templates/deployment.yaml | 7 ++- keystone/templates/deployment.yaml | 7 ++- keystone/templates/job-db-sync.yaml | 7 ++- keystone/templates/job-init.yaml | 7 ++- mariadb_restart.sh | 9 --- nova/templates/daemonset-compute.yaml | 7 ++- nova/templates/daemonset-libvirt.yaml | 7 ++- nova/templates/deployment-api-metadata.yaml | 7 ++- nova/templates/deployment-api-osapi.yaml | 7 ++- nova/templates/deployment-conductor.yaml | 7 ++- nova/templates/deployment-consoleauth.yaml | 7 ++- nova/templates/deployment-scheduler.yaml | 7 ++- nova/templates/job-db-sync.yaml | 7 ++- nova/templates/job-init.yaml | 7 ++- nova/templates/job-post.yaml | 7 ++- 38 files changed, 206 insertions(+), 114 deletions(-) delete mode 100644 mariadb_restart.sh diff --git a/cinder/templates/deployment-api.yaml b/cinder/templates/deployment-api.yaml index 58f14d61c5..6fe33a6b71 100644 --- a/cinder/templates/deployment-api.yaml +++ b/cinder/templates/deployment-api.yaml @@ -1,3 +1,5 @@ +{{- $envAll := . }} +{{- $dependecies := .Values.dependencies.api }} apiVersion: extensions/v1beta1 kind: Deployment metadata: @@ -19,8 +21,9 @@ spec: annotations: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} -{{ include "dep-check-init-cont-header" . | indent 8 }} -{{ include "dep-check-init-cont-footer" .Values.dependencies.api | indent 8 }} + pod.beta.kubernetes.io/init-containers: '[ +{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} + ]' spec: nodeSelector: {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} diff --git a/cinder/templates/deployment-scheduler.yaml b/cinder/templates/deployment-scheduler.yaml index 38f5e7c90d..77d38b2b1a 100644 --- a/cinder/templates/deployment-scheduler.yaml +++ b/cinder/templates/deployment-scheduler.yaml @@ -1,3 +1,5 @@ +{{- $envAll := . }} +{{- $dependecies := .Values.dependencies.scheduler }} apiVersion: extensions/v1beta1 kind: Deployment metadata: @@ -19,8 +21,9 @@ spec: annotations: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} -{{ include "dep-check-init-cont-header" . | indent 8 }} -{{ include "dep-check-init-cont-footer" .Values.dependencies.scheduler | indent 8 }} + pod.beta.kubernetes.io/init-containers: '[ +{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} + ]' spec: nodeSelector: {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} diff --git a/cinder/templates/deployment-volume.yaml b/cinder/templates/deployment-volume.yaml index 1c3d5c29d6..73333b2c6d 100644 --- a/cinder/templates/deployment-volume.yaml +++ b/cinder/templates/deployment-volume.yaml @@ -1,3 +1,5 @@ +{{- $envAll := . }} +{{- $dependecies := .Values.dependencies.volume }} apiVersion: extensions/v1beta1 kind: Deployment metadata: @@ -19,8 +21,9 @@ spec: annotations: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} -{{ include "dep-check-init-cont-header" . | indent 8 }} -{{ include "dep-check-init-cont-footer" .Values.dependencies.volume | indent 8 }} + pod.beta.kubernetes.io/init-containers: '[ +{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} + ]' spec: nodeSelector: {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} diff --git a/cinder/templates/job-db-init.yaml b/cinder/templates/job-db-init.yaml index d7f9f7dff2..1ea09eeb08 100644 --- a/cinder/templates/job-db-init.yaml +++ b/cinder/templates/job-db-init.yaml @@ -1,3 +1,5 @@ +{{- $envAll := . }} +{{- $dependecies := .Values.dependencies.db_init }} apiVersion: batch/v1 kind: Job metadata: @@ -6,8 +8,9 @@ spec: template: metadata: annotations: -{{ include "dep-check-init-cont-header" . | indent 8 }} -{{ include "dep-check-init-cont-footer" .Values.dependencies.db_init | indent 8 }} + pod.beta.kubernetes.io/init-containers: '[ +{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} + ]' spec: restartPolicy: OnFailure nodeSelector: diff --git a/cinder/templates/job-db-sync.yaml b/cinder/templates/job-db-sync.yaml index 5639264b35..b963b4d498 100644 --- a/cinder/templates/job-db-sync.yaml +++ b/cinder/templates/job-db-sync.yaml @@ -1,3 +1,5 @@ +{{- $envAll := . }} +{{- $dependecies := .Values.dependencies.db_sync }} apiVersion: batch/v1 kind: Job metadata: @@ -6,8 +8,9 @@ spec: template: metadata: annotations: -{{ include "dep-check-init-cont-header" . | indent 8 }} -{{ include "dep-check-init-cont-footer" .Values.dependencies.db_sync | indent 8 }} + pod.beta.kubernetes.io/init-containers: '[ +{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} + ]' spec: restartPolicy: OnFailure nodeSelector: diff --git a/cinder/templates/job-ks-endpoints.yaml.yaml b/cinder/templates/job-ks-endpoints.yaml.yaml index 0f80510006..14655c233d 100644 --- a/cinder/templates/job-ks-endpoints.yaml.yaml +++ b/cinder/templates/job-ks-endpoints.yaml.yaml @@ -1,5 +1,6 @@ {{- $envAll := . }} {{- $ksAdminSecret := $envAll.Values.keystone.admin_secret | default "cinder-env-keystone-admin" }} +{{- $dependecies := .Values.dependencies.ks_endpoints }} apiVersion: batch/v1 kind: Job metadata: @@ -8,8 +9,9 @@ spec: template: metadata: annotations: -{{ include "dep-check-init-cont-header" . | indent 8 }} -{{ include "dep-check-init-cont-footer" .Values.dependencies.ks_endpoints | indent 8 }} + pod.beta.kubernetes.io/init-containers: '[ +{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} + ]' spec: restartPolicy: OnFailure nodeSelector: diff --git a/cinder/templates/job-ks-service.yaml b/cinder/templates/job-ks-service.yaml index ecc181bdd2..fab12aa8c6 100644 --- a/cinder/templates/job-ks-service.yaml +++ b/cinder/templates/job-ks-service.yaml @@ -1,5 +1,6 @@ {{- $envAll := . }} {{- $ksAdminSecret := .Values.keystone.admin_secret | default "cinder-env-keystone-admin" }} +{{- $dependecies := .Values.dependencies.ks_service }} apiVersion: batch/v1 kind: Job metadata: @@ -8,8 +9,9 @@ spec: template: metadata: annotations: -{{ include "dep-check-init-cont-header" . | indent 8 }} -{{ include "dep-check-init-cont-footer" .Values.dependencies.ks_service | indent 8 }} + pod.beta.kubernetes.io/init-containers: '[ +{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} + ]' spec: restartPolicy: OnFailure nodeSelector: diff --git a/cinder/templates/job-ks-user.yaml b/cinder/templates/job-ks-user.yaml index b25cf2f3e8..94737e42ac 100644 --- a/cinder/templates/job-ks-user.yaml +++ b/cinder/templates/job-ks-user.yaml @@ -1,5 +1,7 @@ {{- $ksAdminSecret := .Values.keystone.admin_secret | default "cinder-env-keystone-admin" }} {{- $ksUserSecret := .Values.keystone.user_secret | default "cinder-env-keystone-user" }} +{{- $envAll := . }} +{{- $dependecies := .Values.dependencies.ks_user }} apiVersion: batch/v1 kind: Job metadata: @@ -8,8 +10,9 @@ spec: template: metadata: annotations: -{{ include "dep-check-init-cont-header" . | indent 8 }} -{{ include "dep-check-init-cont-footer" .Values.dependencies.ks_user | indent 8 }} + pod.beta.kubernetes.io/init-containers: '[ +{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} + ]' spec: restartPolicy: OnFailure nodeSelector: diff --git a/common/templates/_funcs.tpl b/common/templates/_funcs.tpl index dff059a994..3f00c606eb 100644 --- a/common/templates/_funcs.tpl +++ b/common/templates/_funcs.tpl @@ -22,37 +22,34 @@ {{- include $wtf $context | sha256sum | quote -}} {{- end -}} -{{- define "dep-check-init-cont-header" -}} -pod.beta.kubernetes.io/init-containers: '[ - { - "name": "init", - "image": {{ .Values.images.dep_check | default "quay.io/stackanetes/kubernetes-entrypoint:v0.1.0" | quote }}, - "imagePullPolicy": {{ .Values.images.pull_policy | default "IfNotPresent" | quote }}, - "env": [ - { - "name": "NAMESPACE", - "value": "{{ .Release.Namespace }}" - }, -{{- end -}} - -{{- define "dep-check-init-cont-footer" }} - { - "name": "INTERFACE_NAME", - "value": "eth0" - }, - { - "name": "DEPENDENCY_SERVICE", - "value": "{{ include "joinListWithColon" .service }}" - }, - { - "name": "DEPENDENCY_JOBS", - "value": "{{ include "joinListWithColon" .jobs }}" - }, - { - "name": "COMMAND", - "value": "echo done" - } - ] - } -]' +{{- define "dep-check-init-cont" -}} +{{- $envALL := index . 0 -}} +{{- $deps := index . 1 -}} +{ + "name": "init", + "image": {{ $envALL.Values.images.dep_check | default "quay.io/stackanetes/kubernetes-entrypoint:v0.1.0" | quote }}, + "imagePullPolicy": {{ $envALL.Values.images.pull_policy | default "IfNotPresent" | quote }}, + "env": [ + { + "name": "NAMESPACE", + "value": "{{ $envALL.Release.Namespace }}" + }, + { + "name": "INTERFACE_NAME", + "value": "eth0" + }, + { + "name": "DEPENDENCY_SERVICE", + "value": "{{ include "joinListWithColon" $deps.service }}" + }, + { + "name": "DEPENDENCY_JOBS", + "value": "{{ include "joinListWithColon" $deps.jobs }}" + }, + { + "name": "COMMAND", + "value": "echo done" + } + ] +} {{- end -}} \ No newline at end of file diff --git a/glance/templates/api.yaml b/glance/templates/api.yaml index 5690a94262..126e91df48 100644 --- a/glance/templates/api.yaml +++ b/glance/templates/api.yaml @@ -1,3 +1,5 @@ +{{- $envAll := . }} +{{- $dependecies := .Values.dependencies.api }} apiVersion: extensions/v1beta1 kind: Deployment metadata: @@ -17,8 +19,9 @@ spec: labels: app: glance-api annotations: -{{- include "dep-check-init-cont-header" . | indent 8 }} -{{- include "dep-check-init-cont-footer" .Values.dependencies.api | indent 8 }} + pod.beta.kubernetes.io/init-containers: '[ +{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} + ]' spec: nodeSelector: {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} diff --git a/glance/templates/db-sync.yaml b/glance/templates/db-sync.yaml index bae3d21222..f482af8898 100644 --- a/glance/templates/db-sync.yaml +++ b/glance/templates/db-sync.yaml @@ -1,3 +1,5 @@ +{{- $envAll := . }} +{{- $dependecies := .Values.dependencies.db_sync }} apiVersion: batch/v1 kind: Job metadata: @@ -6,8 +8,9 @@ spec: template: metadata: annotations: -{{ include "dep-check-init-cont-header" . | indent 8 }} -{{ include "dep-check-init-cont-footer" .Values.dependencies.db_sync | indent 8 }} + pod.beta.kubernetes.io/init-containers: '[ +{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} + ]' spec: restartPolicy: OnFailure nodeSelector: diff --git a/glance/templates/init.yaml b/glance/templates/init.yaml index c3d8c825a4..35a7ad1d79 100644 --- a/glance/templates/init.yaml +++ b/glance/templates/init.yaml @@ -1,3 +1,5 @@ +{{- $envAll := . }} +{{- $dependecies := .Values.dependencies.init }} apiVersion: batch/v1 kind: Job metadata: @@ -6,8 +8,9 @@ spec: template: metadata: annotations: -{{ include "dep-check-init-cont-header" . | indent 8 }} -{{ include "dep-check-init-cont-footer" .Values.dependencies.init | indent 8 }} + pod.beta.kubernetes.io/init-containers: '[ +{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} + ]' spec: restartPolicy: OnFailure nodeSelector: diff --git a/glance/templates/post.yaml b/glance/templates/post.yaml index e9f3174365..ce8eb2de83 100644 --- a/glance/templates/post.yaml +++ b/glance/templates/post.yaml @@ -1,3 +1,5 @@ +{{- $envAll := . }} +{{- $dependecies := .Values.dependencies.post }} apiVersion: batch/v1 kind: Job metadata: @@ -6,8 +8,9 @@ spec: template: metadata: annotations: -{{ include "dep-check-init-cont-header" . | indent 8 }} -{{ include "dep-check-init-cont-footer" .Values.dependencies.post | indent 8 }} + pod.beta.kubernetes.io/init-containers: '[ +{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} + ]' spec: nodeSelector: {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} diff --git a/glance/templates/registry.yaml b/glance/templates/registry.yaml index 59936aca2b..1c3cb6cdb6 100644 --- a/glance/templates/registry.yaml +++ b/glance/templates/registry.yaml @@ -1,3 +1,5 @@ +{{- $envAll := . }} +{{- $dependecies := .Values.dependencies.registry }} apiVersion: extensions/v1beta1 kind: Deployment metadata: @@ -9,8 +11,9 @@ spec: labels: app: glance-registry annotations: -{{ include "dep-check-init-cont-header" . | indent 8 }} -{{ include "dep-check-init-cont-footer" .Values.dependencies.registry | indent 8 }} + pod.beta.kubernetes.io/init-containers: '[ +{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} + ]' spec: nodeSelector: {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} diff --git a/heat/templates/deployment-api.yaml b/heat/templates/deployment-api.yaml index 36c7461907..78ba69a4ca 100755 --- a/heat/templates/deployment-api.yaml +++ b/heat/templates/deployment-api.yaml @@ -1,3 +1,5 @@ +{{- $envAll := . }} +{{- $dependecies := .Values.dependencies.api }} apiVersion: extensions/v1beta1 kind: Deployment metadata: @@ -9,8 +11,9 @@ spec: labels: app: heat-api annotations: -{{ include "dep-check-init-cont-header" . | indent 8 }} -{{ include "dep-check-init-cont-footer" .Values.dependencies.api | indent 8 }} + pod.beta.kubernetes.io/init-containers: '[ +{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} + ]' spec: nodeSelector: {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} diff --git a/heat/templates/deployment-cfn.yaml b/heat/templates/deployment-cfn.yaml index b0b1e53a48..6f5acf23fd 100644 --- a/heat/templates/deployment-cfn.yaml +++ b/heat/templates/deployment-cfn.yaml @@ -1,3 +1,5 @@ +{{- $envAll := . }} +{{- $dependecies := .Values.dependencies.cnf }} apiVersion: extensions/v1beta1 kind: Deployment metadata: @@ -9,8 +11,9 @@ spec: labels: app: heat-cfn annotations: -{{ include "dep-check-init-cont-header" . | indent 8 }} -{{ include "dep-check-init-cont-footer" .Values.dependencies.cnf | indent 8 }} + pod.beta.kubernetes.io/init-containers: '[ +{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} + ]' spec: nodeSelector: {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} diff --git a/heat/templates/deployment-cloudwatch.yaml b/heat/templates/deployment-cloudwatch.yaml index 3ae57ecd14..3d785f5daa 100644 --- a/heat/templates/deployment-cloudwatch.yaml +++ b/heat/templates/deployment-cloudwatch.yaml @@ -1,3 +1,5 @@ +{{- $envAll := . }} +{{- $dependecies := .Values.dependencies.cloudwatch }} apiVersion: extensions/v1beta1 kind: Deployment metadata: @@ -9,8 +11,9 @@ spec: labels: app: heat-cloudwatch annotations: -{{ include "dep-check-init-cont-header" . | indent 8 }} -{{ include "dep-check-init-cont-footer" .Values.dependencies.cloudwatch | indent 8 }} + pod.beta.kubernetes.io/init-containers: '[ +{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} + ]' spec: nodeSelector: {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} diff --git a/heat/templates/job-db-init.yaml b/heat/templates/job-db-init.yaml index 9e32324f3b..de80e91218 100644 --- a/heat/templates/job-db-init.yaml +++ b/heat/templates/job-db-init.yaml @@ -1,3 +1,5 @@ +{{- $envAll := . }} +{{- $dependecies := .Values.dependencies.init }} apiVersion: batch/v1 kind: Job metadata: @@ -6,8 +8,9 @@ spec: template: metadata: annotations: -{{ include "dep-check-init-cont-header" . | indent 8 }} -{{ include "dep-check-init-cont-footer" .Values.dependencies.db_init | indent 8 }} + pod.beta.kubernetes.io/init-containers: '[ +{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} + ]' spec: restartPolicy: OnFailure nodeSelector: diff --git a/heat/templates/job-db-sync.yaml b/heat/templates/job-db-sync.yaml index 50dbc303eb..a74e4ad151 100644 --- a/heat/templates/job-db-sync.yaml +++ b/heat/templates/job-db-sync.yaml @@ -1,3 +1,5 @@ +{{- $envAll := . }} +{{- $dependecies := .Values.dependencies.db_sync }} apiVersion: batch/v1 kind: Job metadata: @@ -6,8 +8,9 @@ spec: template: metadata: annotations: -{{ include "dep-check-init-cont-header" . | indent 8 }} -{{ include "dep-check-init-cont-footer" .Values.dependencies.db_sync | indent 8 }} + pod.beta.kubernetes.io/init-containers: '[ +{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} + ]' spec: restartPolicy: OnFailure nodeSelector: diff --git a/heat/templates/job-ks-endpoints.yaml.yaml b/heat/templates/job-ks-endpoints.yaml.yaml index ffa08abd68..c9a7224e11 100644 --- a/heat/templates/job-ks-endpoints.yaml.yaml +++ b/heat/templates/job-ks-endpoints.yaml.yaml @@ -1,5 +1,6 @@ {{- $envAll := . }} {{- $ksAdminSecret := .Values.keystone_secrets.admin }} +{{- $dependecies := .Values.dependencies.ks_endpoints }} apiVersion: batch/v1 kind: Job metadata: @@ -8,8 +9,9 @@ spec: template: metadata: annotations: -{{ include "dep-check-init-cont-header" . | indent 8 }} -{{ include "dep-check-init-cont-footer" .Values.dependencies.ks_endpoints | indent 8 }} + pod.beta.kubernetes.io/init-containers: '[ +{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} + ]' spec: restartPolicy: OnFailure nodeSelector: diff --git a/heat/templates/job-ks-service.yaml b/heat/templates/job-ks-service.yaml index fdb25e8690..838e5774a9 100644 --- a/heat/templates/job-ks-service.yaml +++ b/heat/templates/job-ks-service.yaml @@ -1,5 +1,6 @@ {{- $envAll := . }} {{- $ksAdminSecret := .Values.keystone_secrets.admin }} +{{- $dependecies := .Values.dependencies.ks_service }} apiVersion: batch/v1 kind: Job metadata: @@ -8,8 +9,9 @@ spec: template: metadata: annotations: -{{ include "dep-check-init-cont-header" . | indent 8 }} -{{ include "dep-check-init-cont-footer" .Values.dependencies.ks_service | indent 8 }} + pod.beta.kubernetes.io/init-containers: '[ +{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} + ]' spec: restartPolicy: OnFailure nodeSelector: diff --git a/heat/templates/job-ks-user.yaml b/heat/templates/job-ks-user.yaml index 8df1fe0309..2372683d5c 100644 --- a/heat/templates/job-ks-user.yaml +++ b/heat/templates/job-ks-user.yaml @@ -1,3 +1,5 @@ +{{- $envAll := . }} +{{- $dependecies := .Values.dependencies.ks_user }} {{- $ksAdminSecret := .Values.keystone_secrets.admin }} {{- $ksUserSecret := .Values.keystone_secrets.user }} # The heat user management job is a bit different from other services as it also needs to create a stack domain and trusts user @@ -11,8 +13,9 @@ spec: template: metadata: annotations: -{{ include "dep-check-init-cont-header" . | indent 8 }} -{{ include "dep-check-init-cont-footer" .Values.dependencies.ks_user | indent 8 }} + pod.beta.kubernetes.io/init-containers: '[ +{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} + ]' spec: restartPolicy: OnFailure nodeSelector: diff --git a/heat/templates/statefulset-engine.yaml b/heat/templates/statefulset-engine.yaml index 5c63da0578..c349acfc89 100644 --- a/heat/templates/statefulset-engine.yaml +++ b/heat/templates/statefulset-engine.yaml @@ -1,3 +1,5 @@ +{{- $envAll := . }} +{{- $dependecies := .Values.dependencies.engine }} apiVersion: apps/v1beta1 kind: StatefulSet metadata: @@ -10,8 +12,9 @@ spec: labels: app: heat-engine annotations: - {{ include "dep-check-init-cont-header" . }} - {{ include "dep-check-init-cont-footer" .Values.dependencies.engine }} + pod.beta.kubernetes.io/init-containers: '[ +{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} + ]' spec: nodeSelector: {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} diff --git a/horizon/templates/deployment.yaml b/horizon/templates/deployment.yaml index ebb98c454d..a21f53dce4 100644 --- a/horizon/templates/deployment.yaml +++ b/horizon/templates/deployment.yaml @@ -1,3 +1,5 @@ +{{- $envAll := . }} +{{- $dependecies := .Values.dependencies.dashboard }} apiVersion: extensions/v1beta1 kind: Deployment metadata: @@ -19,8 +21,9 @@ spec: annotations: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} -{{ include "dep-check-init-cont-header" . | indent 8 }} -{{ include "dep-check-init-cont-footer" .Values.dependencies.dashboard | indent 8 }} + pod.beta.kubernetes.io/init-containers: '[ +{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} + ]' spec: nodeSelector: {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} diff --git a/keystone/templates/deployment.yaml b/keystone/templates/deployment.yaml index 514dace988..2d64e9e607 100644 --- a/keystone/templates/deployment.yaml +++ b/keystone/templates/deployment.yaml @@ -1,3 +1,5 @@ +{{- $envAll := . }} +{{- $dependecies := .Values.dependencies.api }} apiVersion: extensions/v1beta1 kind: Deployment metadata: @@ -19,8 +21,9 @@ spec: annotations: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} -{{ include "dep-check-init-cont-header" . | indent 8 }} -{{ include "dep-check-init-cont-footer" .Values.dependencies.api | indent 8 }} + pod.beta.kubernetes.io/init-containers: '[ +{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} + ]' spec: nodeSelector: {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} diff --git a/keystone/templates/job-db-sync.yaml b/keystone/templates/job-db-sync.yaml index f914435b28..29e2621a46 100644 --- a/keystone/templates/job-db-sync.yaml +++ b/keystone/templates/job-db-sync.yaml @@ -1,3 +1,5 @@ +{{- $envAll := . }} +{{- $dependecies := .Values.dependencies.db_sync }} apiVersion: batch/v1 kind: Job metadata: @@ -6,8 +8,9 @@ spec: template: metadata: annotations: -{{ include "dep-check-init-cont-header" . | indent 8 }} -{{ include "dep-check-init-cont-footer" .Values.dependencies.db_sync | indent 8 }} + pod.beta.kubernetes.io/init-containers: '[ +{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} + ]' spec: restartPolicy: OnFailure nodeSelector: diff --git a/keystone/templates/job-init.yaml b/keystone/templates/job-init.yaml index b0de33d1e9..865b060ac0 100644 --- a/keystone/templates/job-init.yaml +++ b/keystone/templates/job-init.yaml @@ -1,3 +1,5 @@ +{{- $envAll := . }} +{{- $dependecies := .Values.dependencies.init }} apiVersion: batch/v1 kind: Job metadata: @@ -6,8 +8,9 @@ spec: template: metadata: annotations: -{{ include "dep-check-init-cont-header" . | indent 8 }} -{{ include "dep-check-init-cont-footer" .Values.dependencies.init | indent 8 }} + pod.beta.kubernetes.io/init-containers: '[ +{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} + ]' spec: restartPolicy: OnFailure nodeSelector: diff --git a/mariadb_restart.sh b/mariadb_restart.sh deleted file mode 100644 index 4e99ec0f0c..0000000000 --- a/mariadb_restart.sh +++ /dev/null @@ -1,9 +0,0 @@ -helm delete mariadb --purge && rm mariadb-0.1.0.tgz && helm lint mariadb && helm package mariadb && helm install --replace --name mariadb mariadb-0.1.0.tgz -helm delete keystone --purge && rm keystone-0.1.0.tgz && helm lint keystone && helm package keystone && helm install --replace --name keystone keystone-0.1.0.tgz --dry-run -helm delete memcached --purge && rm memcached-0.1.0.tgz && helm lint memcached && helm package memcached && helm install --replace --name memcached memcached-0.1.0.tgz -helm delete common --purge && rm common-0.1.0.tgz && helm lint common && helm package common && helm install --replace --name common common-0.1.0.tgz -helm delete glance --purge && rm glance-0.1.0.tgz && helm lint glance && helm package glance && helm install --replace --name glance glance-0.1.0.tgz -helm delete nova --purge && rm nova-0.1.0.tgz && helm lint nova && helm package nova && helm install --replace --name nova nova-0.1.0.tgz -helm delete rabbitmq --purge && rm rabbitmq-0.1.0.tgz && helm lint rabbitmq && helm package rabbitmq && helm install --replace --name rabbitmq rabbitmq-0.1.0.tgz - - diff --git a/nova/templates/daemonset-compute.yaml b/nova/templates/daemonset-compute.yaml index cba819b4d3..0bbeed0ffe 100644 --- a/nova/templates/daemonset-compute.yaml +++ b/nova/templates/daemonset-compute.yaml @@ -1,3 +1,5 @@ +{{- $envAll := . }} +{{- $dependecies := .Values.dependencies.compute }} apiVersion: extensions/v1beta1 kind: DaemonSet metadata: @@ -10,8 +12,9 @@ spec: annotations: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} -{{ include "dep-check-init-cont-header" . | indent 8 }} -{{ include "dep-check-init-cont-footer" .Values.dependencies.compute | indent 8 }} + pod.beta.kubernetes.io/init-containers: '[ +{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} + ]' spec: nodeSelector: {{ .Values.labels.compute_node_selector_key }}: {{ .Values.labels.compute_node_selector_value }} diff --git a/nova/templates/daemonset-libvirt.yaml b/nova/templates/daemonset-libvirt.yaml index 4e3649fded..01fad2387d 100644 --- a/nova/templates/daemonset-libvirt.yaml +++ b/nova/templates/daemonset-libvirt.yaml @@ -1,3 +1,5 @@ +{{- $envAll := . }} +{{- $dependecies := .Values.dependencies.libvirt }} apiVersion: extensions/v1beta1 kind: DaemonSet metadata: @@ -10,8 +12,9 @@ spec: annotations: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} -{{ include "dep-check-init-cont-header" . | indent 8 }} -{{ include "dep-check-init-cont-footer" .Values.dependencies.libvirt | indent 8 }} + pod.beta.kubernetes.io/init-containers: '[ +{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} + ]' spec: nodeSelector: {{ .Values.labels.compute_node_selector_key }}: {{ .Values.labels.compute_node_selector_value }} diff --git a/nova/templates/deployment-api-metadata.yaml b/nova/templates/deployment-api-metadata.yaml index 10016e7c6f..6d6e5c26c4 100644 --- a/nova/templates/deployment-api-metadata.yaml +++ b/nova/templates/deployment-api-metadata.yaml @@ -1,3 +1,5 @@ +{{- $envAll := . }} +{{- $dependecies := .Values.dependencies.api }} apiVersion: extensions/v1beta1 kind: Deployment metadata: @@ -19,8 +21,9 @@ spec: annotations: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} -{{ include "dep-check-init-cont-header" . | indent 8 }} -{{ include "dep-check-init-cont-footer" .Values.dependencies.api | indent 8 }} + pod.beta.kubernetes.io/init-containers: '[ +{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} + ]' spec: nodeSelector: {{ .Values.labels.control_node_selector_key }}: {{ .Values.labels.control_node_selector_value }} diff --git a/nova/templates/deployment-api-osapi.yaml b/nova/templates/deployment-api-osapi.yaml index 75c2985eac..21b4de6e43 100644 --- a/nova/templates/deployment-api-osapi.yaml +++ b/nova/templates/deployment-api-osapi.yaml @@ -1,3 +1,5 @@ +{{- $envAll := . }} +{{- $dependecies := .Values.dependencies.api }} apiVersion: extensions/v1beta1 kind: Deployment metadata: @@ -19,8 +21,9 @@ spec: annotations: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} -{{ include "dep-check-init-cont-header" . | indent 8 }} -{{ include "dep-check-init-cont-footer" .Values.dependencies.api | indent 8 }} + pod.beta.kubernetes.io/init-containers: '[ +{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} + ]' spec: nodeSelector: {{ .Values.labels.control_node_selector_key }}: {{ .Values.labels.control_node_selector_value }} diff --git a/nova/templates/deployment-conductor.yaml b/nova/templates/deployment-conductor.yaml index 52eb790e6d..92976ce449 100644 --- a/nova/templates/deployment-conductor.yaml +++ b/nova/templates/deployment-conductor.yaml @@ -1,3 +1,5 @@ +{{- $envAll := . }} +{{- $dependecies := .Values.dependencies.conductor }} apiVersion: extensions/v1beta1 kind: Deployment metadata: @@ -19,8 +21,9 @@ spec: annotations: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} -{{ include "dep-check-init-cont-header" . | indent 8 }} -{{ include "dep-check-init-cont-footer" .Values.dependencies.conductor | indent 8 }} + pod.beta.kubernetes.io/init-containers: '[ +{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} + ]' spec: nodeSelector: {{ .Values.labels.control_node_selector_key }}: {{ .Values.labels.control_node_selector_value }} diff --git a/nova/templates/deployment-consoleauth.yaml b/nova/templates/deployment-consoleauth.yaml index 1c85319c5e..93db54fb75 100644 --- a/nova/templates/deployment-consoleauth.yaml +++ b/nova/templates/deployment-consoleauth.yaml @@ -1,3 +1,5 @@ +{{- $envAll := . }} +{{- $dependecies := .Values.dependencies.consoleauth }} apiVersion: extensions/v1beta1 kind: Deployment metadata: @@ -19,8 +21,9 @@ spec: annotations: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} -{{ include "dep-check-init-cont-header" . | indent 8 }} -{{ include "dep-check-init-cont-footer" .Values.dependencies.consoleauth | indent 8 }} + pod.beta.kubernetes.io/init-containers: '[ +{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} + ]' spec: nodeSelector: {{ .Values.labels.control_node_selector_key }}: {{ .Values.labels.control_node_selector_value }} diff --git a/nova/templates/deployment-scheduler.yaml b/nova/templates/deployment-scheduler.yaml index abc86d6826..634e85229d 100644 --- a/nova/templates/deployment-scheduler.yaml +++ b/nova/templates/deployment-scheduler.yaml @@ -1,3 +1,5 @@ +{{- $envAll := . }} +{{- $dependecies := .Values.dependencies.scheduler }} apiVersion: extensions/v1beta1 kind: Deployment metadata: @@ -19,8 +21,9 @@ spec: annotations: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} -{{ include "dep-check-init-cont-header" . | indent 8 }} -{{ include "dep-check-init-cont-footer" .Values.dependencies.scheduler | indent 8 }} + pod.beta.kubernetes.io/init-containers: '[ +{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} + ]' spec: nodeSelector: {{ .Values.labels.control_node_selector_key }}: {{ .Values.labels.control_node_selector_value }} diff --git a/nova/templates/job-db-sync.yaml b/nova/templates/job-db-sync.yaml index dc3be3427b..a67f3d0071 100644 --- a/nova/templates/job-db-sync.yaml +++ b/nova/templates/job-db-sync.yaml @@ -1,3 +1,5 @@ +{{- $envAll := . }} +{{- $dependecies := .Values.dependencies.db_sync }} apiVersion: batch/v1 kind: Job metadata: @@ -6,8 +8,9 @@ spec: template: metadata: annotations: -{{ include "dep-check-init-cont-header" . | indent 8 }} -{{ include "dep-check-init-cont-footer" .Values.dependencies.db_sync | indent 8 }} + pod.beta.kubernetes.io/init-containers: '[ +{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} + ]' spec: restartPolicy: OnFailure nodeSelector: diff --git a/nova/templates/job-init.yaml b/nova/templates/job-init.yaml index 6bd3cfd7d7..bdea656fd5 100644 --- a/nova/templates/job-init.yaml +++ b/nova/templates/job-init.yaml @@ -1,3 +1,5 @@ +{{- $envAll := . }} +{{- $dependecies := .Values.dependencies.init }} apiVersion: batch/v1 kind: Job metadata: @@ -6,8 +8,9 @@ spec: template: metadata: annotations: -{{ include "dep-check-init-cont-header" . | indent 8 }} -{{ include "dep-check-init-cont-footer" .Values.dependencies.init | indent 8 }} + pod.beta.kubernetes.io/init-containers: '[ +{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} + ]' spec: restartPolicy: OnFailure nodeSelector: diff --git a/nova/templates/job-post.yaml b/nova/templates/job-post.yaml index 0aada421e7..e551a6eaef 100644 --- a/nova/templates/job-post.yaml +++ b/nova/templates/job-post.yaml @@ -1,3 +1,5 @@ +{{- $envAll := . }} +{{- $dependecies := .Values.dependencies.post }} apiVersion: batch/v1 kind: Job metadata: @@ -6,8 +8,9 @@ spec: template: metadata: annotations: -{{ include "dep-check-init-cont-header" . | indent 8 }} -{{ include "dep-check-init-cont-footer" .Values.dependencies.post | indent 8 }} + pod.beta.kubernetes.io/init-containers: '[ +{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} + ]' spec: restartPolicy: OnFailure nodeSelector: From 81d9c7fe7e9b468aba6703ca908529e0864e083b Mon Sep 17 00:00:00 2001 From: DTadrzak Date: Mon, 16 Jan 2017 12:16:45 +0100 Subject: [PATCH 14/45] Removing default values from template. Fixing typo. Signed-off-by: DTadrzak --- common/templates/_funcs.tpl | 8 ++++---- heat/templates/deployment-cfn.yaml | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/common/templates/_funcs.tpl b/common/templates/_funcs.tpl index 170b6b2be5..115892b10d 100644 --- a/common/templates/_funcs.tpl +++ b/common/templates/_funcs.tpl @@ -23,16 +23,16 @@ {{- end -}} {{- define "dep-check-init-cont" -}} -{{- $envALL := index . 0 -}} +{{- $envAll := index . 0 -}} {{- $deps := index . 1 -}} { "name": "init", - "image": {{ $envALL.Values.images.dep_check | default "quay.io/stackanetes/kubernetes-entrypoint:v0.1.0" | quote }}, - "imagePullPolicy": {{ $envALL.Values.images.pull_policy | default "IfNotPresent" | quote }}, + "image": {{ $envAll.Values.images.dep_check | quote }}, + "imagePullPolicy": {{ $envAll.Values.images.pull_policy | quote }}, "env": [ { "name": "NAMESPACE", - "value": "{{ $envALL.Release.Namespace }}" + "value": "{{ $envAll.Release.Namespace }}" }, { "name": "INTERFACE_NAME", diff --git a/heat/templates/deployment-cfn.yaml b/heat/templates/deployment-cfn.yaml index 6f5acf23fd..0706a405ab 100644 --- a/heat/templates/deployment-cfn.yaml +++ b/heat/templates/deployment-cfn.yaml @@ -1,5 +1,5 @@ {{- $envAll := . }} -{{- $dependecies := .Values.dependencies.cnf }} +{{- $dependecies := .Values.dependencies.cfn }} apiVersion: extensions/v1beta1 kind: Deployment metadata: From e9ae4bb3cac480540ac4d983532d38372d282cdf Mon Sep 17 00:00:00 2001 From: Pete Birley Date: Thu, 19 Jan 2017 23:15:52 +0000 Subject: [PATCH 15/45] pull-policy-fix --- nova/templates/daemonset-compute.yaml | 10 +++++----- nova/templates/daemonset-libvirt.yaml | 8 ++++---- nova/templates/deployment-api-osapi.yaml | 6 +++--- nova/templates/deployment-conductor.yaml | 6 +++--- nova/templates/deployment-consoleauth.yaml | 6 +++--- nova/templates/deployment-scheduler.yaml | 6 +++--- 6 files changed, 21 insertions(+), 21 deletions(-) diff --git a/nova/templates/daemonset-compute.yaml b/nova/templates/daemonset-compute.yaml index 0bbeed0ffe..2c2645760f 100644 --- a/nova/templates/daemonset-compute.yaml +++ b/nova/templates/daemonset-compute.yaml @@ -11,7 +11,7 @@ spec: app: nova-compute annotations: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} - configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} + configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} pod.beta.kubernetes.io/init-containers: '[ {{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} ]' @@ -26,7 +26,7 @@ spec: containers: - name: nova-compute image: {{ .Values.images.compute }} - imagePullPolicy: Always + imagePullPolicy: {{ .Values.images.pull_policy }} securityContext: privileged: true command: @@ -87,7 +87,7 @@ spec: - name: cgroup hostPath: path: /sys/fs/cgroup - {{- if .Values.ceph.enabled }} + {{- if .Values.ceph.enabled }} - name: cephconf configMap: name: nova-etc @@ -99,5 +99,5 @@ spec: name: nova-etc items: - key: ceph.client.cinder.keyring.yaml - path: ceph.client.cinder.keyring.yaml - {{- end }} + path: ceph.client.cinder.keyring.yaml + {{- end }} diff --git a/nova/templates/daemonset-libvirt.yaml b/nova/templates/daemonset-libvirt.yaml index 01fad2387d..dd36e59d61 100644 --- a/nova/templates/daemonset-libvirt.yaml +++ b/nova/templates/daemonset-libvirt.yaml @@ -11,7 +11,7 @@ spec: app: nova-libvirt annotations: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} - configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} + configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} pod.beta.kubernetes.io/init-containers: '[ {{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} ]' @@ -25,7 +25,7 @@ spec: containers: - name: nova-libvirt image: {{ .Values.images.libvirt }} - imagePullPolicy: Always + imagePullPolicy: {{ .Values.images.pull_policy }} securityContext: privileged: true command: @@ -58,7 +58,7 @@ spec: subPath: ceph.conf - name: cephclientcinderkeyring mountPath: /etc/ceph/ceph.client.{{ .Values.ceph.cinder_user }}.keyring - subPath: ceph.client.{{ .Values.ceph.cinder_user }}.keyring + subPath: ceph.client.{{ .Values.ceph.cinder_user }}.keyring {{- end }} volumes: - name: libvirtdconf @@ -107,4 +107,4 @@ spec: items: - key: ceph.client.cinder.keyring.yaml path: ceph.client.cinder.keyring.yaml - {{- end }} + {{- end }} diff --git a/nova/templates/deployment-api-osapi.yaml b/nova/templates/deployment-api-osapi.yaml index 21b4de6e43..1394b646b8 100644 --- a/nova/templates/deployment-api-osapi.yaml +++ b/nova/templates/deployment-api-osapi.yaml @@ -13,14 +13,14 @@ spec: rollingUpdate: maxUnavailable: {{ .Values.upgrades.rolling_update.max_unavailable }} maxSurge: {{ .Values.upgrades.rolling_update.max_surge }} - {{ end }} + {{ end }} template: metadata: labels: app: nova-osapi annotations: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} - configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} + configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} pod.beta.kubernetes.io/init-containers: '[ {{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} ]' @@ -30,7 +30,7 @@ spec: containers: - name: nova-osapi image: {{ .Values.images.api }} - imagePullPolicy: {{ .Values.image.pull_policy }} + imagePullPolicy: {{ .Values.images.pull_policy }} securityContext: capabilities: add: diff --git a/nova/templates/deployment-conductor.yaml b/nova/templates/deployment-conductor.yaml index 92976ce449..b38b9de81a 100644 --- a/nova/templates/deployment-conductor.yaml +++ b/nova/templates/deployment-conductor.yaml @@ -13,14 +13,14 @@ spec: rollingUpdate: maxUnavailable: {{ .Values.upgrades.rolling_update.max_unavailable }} maxSurge: {{ .Values.upgrades.rolling_update.max_surge }} - {{ end }} + {{ end }} template: metadata: labels: app: nova-conductor annotations: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} - configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} + configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} pod.beta.kubernetes.io/init-containers: '[ {{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} ]' @@ -30,7 +30,7 @@ spec: containers: - name: nova-conductor image: {{ .Values.images.conductor }} - imagePullPolicy: {{ .Values.image.pull_policy }} + imagePullPolicy: {{ .Values.images.pull_policy }} command: - nova-conductor - --config-file diff --git a/nova/templates/deployment-consoleauth.yaml b/nova/templates/deployment-consoleauth.yaml index 93db54fb75..0b49784224 100644 --- a/nova/templates/deployment-consoleauth.yaml +++ b/nova/templates/deployment-consoleauth.yaml @@ -13,14 +13,14 @@ spec: rollingUpdate: maxUnavailable: {{ .Values.upgrades.rolling_update.max_unavailable }} maxSurge: {{ .Values.upgrades.rolling_update.max_surge }} - {{ end }} + {{ end }} template: metadata: labels: app: nova-consoleauth annotations: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} - configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} + configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} pod.beta.kubernetes.io/init-containers: '[ {{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} ]' @@ -30,7 +30,7 @@ spec: containers: - name: nova-consoleauth image: {{ .Values.images.consoleauth }} - imagePullPolicy: {{ .Values.image.pull_policy }} + imagePullPolicy: {{ .Values.images.pull_policy }} command: - nova-consoleauth - --config-file diff --git a/nova/templates/deployment-scheduler.yaml b/nova/templates/deployment-scheduler.yaml index 634e85229d..20e75428d7 100644 --- a/nova/templates/deployment-scheduler.yaml +++ b/nova/templates/deployment-scheduler.yaml @@ -13,14 +13,14 @@ spec: rollingUpdate: maxUnavailable: {{ .Values.upgrades.rolling_update.max_unavailable }} maxSurge: {{ .Values.upgrades.rolling_update.max_surge }} - {{ end }} + {{ end }} template: metadata: labels: app: nova-scheduler annotations: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} - configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} + configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} pod.beta.kubernetes.io/init-containers: '[ {{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} ]' @@ -30,7 +30,7 @@ spec: containers: - name: nova-scheduler image: {{ .Values.images.scheduler }} - imagePullPolicy: {{ .Values.image.pull_policy }} + imagePullPolicy: {{ .Values.images.pull_policy }} command: - nova-scheduler - --config-file From 61a9562bce39f5b193d3a555060faa06fc8107f3 Mon Sep 17 00:00:00 2001 From: Pete Birley Date: Thu, 19 Jan 2017 23:20:23 +0000 Subject: [PATCH 16/45] Pin Memcached to 1.4 --- memcached/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/memcached/values.yaml b/memcached/values.yaml index 62ed983c01..8b993d9cc9 100644 --- a/memcached/values.yaml +++ b/memcached/values.yaml @@ -4,7 +4,7 @@ # name: value images: - memcached: docker.io/memcached:latest + memcached: docker.io/memcached:1.4 pull_policy: "IfNotPresent" upgrades: From 182a27ea7f6910a98500a325ba4bcc9c1cefb56b Mon Sep 17 00:00:00 2001 From: Steve Wilkerson Date: Thu, 19 Jan 2017 17:32:58 -0600 Subject: [PATCH 17/45] Add glance config-dir Added --config-dir flag to the glance-api command --- glance/templates/deployment-api.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/glance/templates/deployment-api.yaml b/glance/templates/deployment-api.yaml index a9a575f101..6ca2c49733 100644 --- a/glance/templates/deployment-api.yaml +++ b/glance/templates/deployment-api.yaml @@ -34,7 +34,7 @@ spec: image: {{ .Values.images.api }} imagePullPolicy: {{ .Values.images.pull_policy }} command: - - glance-api + - glance-api --config-dir /etc/glance ports: - containerPort: {{ .Values.network.port.api }} readinessProbe: From f498fcb6dd6684a29525960e19d44db0dccde7d4 Mon Sep 17 00:00:00 2001 From: Pete Birley Date: Thu, 19 Jan 2017 23:49:22 +0000 Subject: [PATCH 18/45] fix typos in init-container merge --- cinder/templates/deployment-api.yaml | 4 ++-- cinder/templates/deployment-scheduler.yaml | 4 ++-- cinder/templates/deployment-volume.yaml | 4 ++-- cinder/templates/job-db-init.yaml | 4 ++-- cinder/templates/job-db-sync.yaml | 4 ++-- cinder/templates/job-ks-endpoints.yaml.yaml | 4 ++-- cinder/templates/job-ks-service.yaml | 4 ++-- cinder/templates/job-ks-user.yaml | 4 ++-- glance/templates/deployment-api.yaml | 4 ++-- glance/templates/deployment-registry.yaml | 4 ++-- glance/templates/job-db-sync.yaml | 4 ++-- glance/templates/job-init.yaml | 4 ++-- glance/templates/job-post.yaml | 4 ++-- heat/templates/deployment-api.yaml | 4 ++-- heat/templates/deployment-cfn.yaml | 4 ++-- heat/templates/deployment-cloudwatch.yaml | 4 ++-- heat/templates/job-db-init.yaml | 4 ++-- heat/templates/job-db-sync.yaml | 4 ++-- heat/templates/job-ks-endpoints.yaml.yaml | 4 ++-- heat/templates/job-ks-service.yaml | 4 ++-- heat/templates/job-ks-user.yaml | 4 ++-- heat/templates/statefulset-engine.yaml | 4 ++-- horizon/templates/deployment.yaml | 4 ++-- keystone/templates/job-init.yaml | 4 ++-- nova/templates/daemonset-compute.yaml | 4 ++-- nova/templates/daemonset-libvirt.yaml | 4 ++-- nova/templates/deployment-api-metadata.yaml | 4 ++-- nova/templates/deployment-api-osapi.yaml | 4 ++-- nova/templates/deployment-conductor.yaml | 4 ++-- nova/templates/deployment-consoleauth.yaml | 4 ++-- nova/templates/deployment-scheduler.yaml | 4 ++-- nova/templates/job-db-sync.yaml | 4 ++-- nova/templates/job-init.yaml | 4 ++-- nova/templates/job-post.yaml | 4 ++-- 34 files changed, 68 insertions(+), 68 deletions(-) diff --git a/cinder/templates/deployment-api.yaml b/cinder/templates/deployment-api.yaml index 6fe33a6b71..b5a05f8f77 100644 --- a/cinder/templates/deployment-api.yaml +++ b/cinder/templates/deployment-api.yaml @@ -1,5 +1,5 @@ {{- $envAll := . }} -{{- $dependecies := .Values.dependencies.api }} +{{- $dependencies := .Values.dependencies.api }} apiVersion: extensions/v1beta1 kind: Deployment metadata: @@ -22,7 +22,7 @@ spec: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} ]' spec: nodeSelector: diff --git a/cinder/templates/deployment-scheduler.yaml b/cinder/templates/deployment-scheduler.yaml index 77d38b2b1a..e18425e2b1 100644 --- a/cinder/templates/deployment-scheduler.yaml +++ b/cinder/templates/deployment-scheduler.yaml @@ -1,5 +1,5 @@ {{- $envAll := . }} -{{- $dependecies := .Values.dependencies.scheduler }} +{{- $dependencies := .Values.dependencies.scheduler }} apiVersion: extensions/v1beta1 kind: Deployment metadata: @@ -22,7 +22,7 @@ spec: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} ]' spec: nodeSelector: diff --git a/cinder/templates/deployment-volume.yaml b/cinder/templates/deployment-volume.yaml index 73333b2c6d..1545b37279 100644 --- a/cinder/templates/deployment-volume.yaml +++ b/cinder/templates/deployment-volume.yaml @@ -1,5 +1,5 @@ {{- $envAll := . }} -{{- $dependecies := .Values.dependencies.volume }} +{{- $dependencies := .Values.dependencies.volume }} apiVersion: extensions/v1beta1 kind: Deployment metadata: @@ -22,7 +22,7 @@ spec: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} ]' spec: nodeSelector: diff --git a/cinder/templates/job-db-init.yaml b/cinder/templates/job-db-init.yaml index 1ea09eeb08..f731d4fcec 100644 --- a/cinder/templates/job-db-init.yaml +++ b/cinder/templates/job-db-init.yaml @@ -1,5 +1,5 @@ {{- $envAll := . }} -{{- $dependecies := .Values.dependencies.db_init }} +{{- $dependencies := .Values.dependencies.db_init }} apiVersion: batch/v1 kind: Job metadata: @@ -9,7 +9,7 @@ spec: metadata: annotations: pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} ]' spec: restartPolicy: OnFailure diff --git a/cinder/templates/job-db-sync.yaml b/cinder/templates/job-db-sync.yaml index b963b4d498..f38c18cfa9 100644 --- a/cinder/templates/job-db-sync.yaml +++ b/cinder/templates/job-db-sync.yaml @@ -1,5 +1,5 @@ {{- $envAll := . }} -{{- $dependecies := .Values.dependencies.db_sync }} +{{- $dependencies := .Values.dependencies.db_sync }} apiVersion: batch/v1 kind: Job metadata: @@ -9,7 +9,7 @@ spec: metadata: annotations: pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} ]' spec: restartPolicy: OnFailure diff --git a/cinder/templates/job-ks-endpoints.yaml.yaml b/cinder/templates/job-ks-endpoints.yaml.yaml index 14655c233d..0d91fccf6a 100644 --- a/cinder/templates/job-ks-endpoints.yaml.yaml +++ b/cinder/templates/job-ks-endpoints.yaml.yaml @@ -1,6 +1,6 @@ {{- $envAll := . }} {{- $ksAdminSecret := $envAll.Values.keystone.admin_secret | default "cinder-env-keystone-admin" }} -{{- $dependecies := .Values.dependencies.ks_endpoints }} +{{- $dependencies := .Values.dependencies.ks_endpoints }} apiVersion: batch/v1 kind: Job metadata: @@ -10,7 +10,7 @@ spec: metadata: annotations: pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} ]' spec: restartPolicy: OnFailure diff --git a/cinder/templates/job-ks-service.yaml b/cinder/templates/job-ks-service.yaml index fab12aa8c6..52585cf0f5 100644 --- a/cinder/templates/job-ks-service.yaml +++ b/cinder/templates/job-ks-service.yaml @@ -1,6 +1,6 @@ {{- $envAll := . }} {{- $ksAdminSecret := .Values.keystone.admin_secret | default "cinder-env-keystone-admin" }} -{{- $dependecies := .Values.dependencies.ks_service }} +{{- $dependencies := .Values.dependencies.ks_service }} apiVersion: batch/v1 kind: Job metadata: @@ -10,7 +10,7 @@ spec: metadata: annotations: pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} ]' spec: restartPolicy: OnFailure diff --git a/cinder/templates/job-ks-user.yaml b/cinder/templates/job-ks-user.yaml index 94737e42ac..9937ca2642 100644 --- a/cinder/templates/job-ks-user.yaml +++ b/cinder/templates/job-ks-user.yaml @@ -1,7 +1,7 @@ {{- $ksAdminSecret := .Values.keystone.admin_secret | default "cinder-env-keystone-admin" }} {{- $ksUserSecret := .Values.keystone.user_secret | default "cinder-env-keystone-user" }} {{- $envAll := . }} -{{- $dependecies := .Values.dependencies.ks_user }} +{{- $dependencies := .Values.dependencies.ks_user }} apiVersion: batch/v1 kind: Job metadata: @@ -11,7 +11,7 @@ spec: metadata: annotations: pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} ]' spec: restartPolicy: OnFailure diff --git a/glance/templates/deployment-api.yaml b/glance/templates/deployment-api.yaml index 6ca2c49733..e150aa5a94 100644 --- a/glance/templates/deployment-api.yaml +++ b/glance/templates/deployment-api.yaml @@ -1,5 +1,5 @@ {{- $envAll := . }} -{{- $dependecies := .Values.dependencies.api }} +{{- $dependencies := .Values.dependencies.api }} apiVersion: extensions/v1beta1 kind: Deployment metadata: @@ -24,7 +24,7 @@ spec: app: glance-api annotations: pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} ]' spec: nodeSelector: diff --git a/glance/templates/deployment-registry.yaml b/glance/templates/deployment-registry.yaml index 7807873cf9..f8f6c6327e 100644 --- a/glance/templates/deployment-registry.yaml +++ b/glance/templates/deployment-registry.yaml @@ -1,5 +1,5 @@ {{- $envAll := . }} -{{- $dependecies := .Values.dependencies.registry }} +{{- $dependencies := .Values.dependencies.registry }} apiVersion: extensions/v1beta1 kind: Deployment metadata: @@ -16,7 +16,7 @@ spec: app: glance-registry annotations: pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} ]' spec: nodeSelector: diff --git a/glance/templates/job-db-sync.yaml b/glance/templates/job-db-sync.yaml index a1f21e6c2a..6cd0dd9b6c 100644 --- a/glance/templates/job-db-sync.yaml +++ b/glance/templates/job-db-sync.yaml @@ -1,5 +1,5 @@ {{- $envAll := . }} -{{- $dependecies := .Values.dependencies.db_sync }} +{{- $dependencies := .Values.dependencies.db_sync }} apiVersion: batch/v1 kind: Job metadata: @@ -9,7 +9,7 @@ spec: metadata: annotations: pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} ]' spec: restartPolicy: OnFailure diff --git a/glance/templates/job-init.yaml b/glance/templates/job-init.yaml index ba8ea32929..2fd28805eb 100644 --- a/glance/templates/job-init.yaml +++ b/glance/templates/job-init.yaml @@ -1,5 +1,5 @@ {{- $envAll := . }} -{{- $dependecies := .Values.dependencies.init }} +{{- $dependencies := .Values.dependencies.init }} apiVersion: batch/v1 kind: Job metadata: @@ -9,7 +9,7 @@ spec: metadata: annotations: pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} ]' spec: restartPolicy: OnFailure diff --git a/glance/templates/job-post.yaml b/glance/templates/job-post.yaml index 6fef5e29ec..da362afe25 100644 --- a/glance/templates/job-post.yaml +++ b/glance/templates/job-post.yaml @@ -1,5 +1,5 @@ {{- $envAll := . }} -{{- $dependecies := .Values.dependencies.post }} +{{- $dependencies := .Values.dependencies.post }} apiVersion: batch/v1 kind: Job metadata: @@ -9,7 +9,7 @@ spec: metadata: annotations: pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} ]' spec: nodeSelector: diff --git a/heat/templates/deployment-api.yaml b/heat/templates/deployment-api.yaml index 78ba69a4ca..2b2d4d5b18 100755 --- a/heat/templates/deployment-api.yaml +++ b/heat/templates/deployment-api.yaml @@ -1,5 +1,5 @@ {{- $envAll := . }} -{{- $dependecies := .Values.dependencies.api }} +{{- $dependencies := .Values.dependencies.api }} apiVersion: extensions/v1beta1 kind: Deployment metadata: @@ -12,7 +12,7 @@ spec: app: heat-api annotations: pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} ]' spec: nodeSelector: diff --git a/heat/templates/deployment-cfn.yaml b/heat/templates/deployment-cfn.yaml index 0706a405ab..d90355513d 100644 --- a/heat/templates/deployment-cfn.yaml +++ b/heat/templates/deployment-cfn.yaml @@ -1,5 +1,5 @@ {{- $envAll := . }} -{{- $dependecies := .Values.dependencies.cfn }} +{{- $dependencies := .Values.dependencies.cfn }} apiVersion: extensions/v1beta1 kind: Deployment metadata: @@ -12,7 +12,7 @@ spec: app: heat-cfn annotations: pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} ]' spec: nodeSelector: diff --git a/heat/templates/deployment-cloudwatch.yaml b/heat/templates/deployment-cloudwatch.yaml index 3d785f5daa..ccb6647980 100644 --- a/heat/templates/deployment-cloudwatch.yaml +++ b/heat/templates/deployment-cloudwatch.yaml @@ -1,5 +1,5 @@ {{- $envAll := . }} -{{- $dependecies := .Values.dependencies.cloudwatch }} +{{- $dependencies := .Values.dependencies.cloudwatch }} apiVersion: extensions/v1beta1 kind: Deployment metadata: @@ -12,7 +12,7 @@ spec: app: heat-cloudwatch annotations: pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} ]' spec: nodeSelector: diff --git a/heat/templates/job-db-init.yaml b/heat/templates/job-db-init.yaml index de80e91218..6a7e343cae 100644 --- a/heat/templates/job-db-init.yaml +++ b/heat/templates/job-db-init.yaml @@ -1,5 +1,5 @@ {{- $envAll := . }} -{{- $dependecies := .Values.dependencies.init }} +{{- $dependencies := .Values.dependencies.init }} apiVersion: batch/v1 kind: Job metadata: @@ -9,7 +9,7 @@ spec: metadata: annotations: pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} ]' spec: restartPolicy: OnFailure diff --git a/heat/templates/job-db-sync.yaml b/heat/templates/job-db-sync.yaml index a74e4ad151..4a9b004db2 100644 --- a/heat/templates/job-db-sync.yaml +++ b/heat/templates/job-db-sync.yaml @@ -1,5 +1,5 @@ {{- $envAll := . }} -{{- $dependecies := .Values.dependencies.db_sync }} +{{- $dependencies := .Values.dependencies.db_sync }} apiVersion: batch/v1 kind: Job metadata: @@ -9,7 +9,7 @@ spec: metadata: annotations: pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} ]' spec: restartPolicy: OnFailure diff --git a/heat/templates/job-ks-endpoints.yaml.yaml b/heat/templates/job-ks-endpoints.yaml.yaml index c9a7224e11..e0a90d6a28 100644 --- a/heat/templates/job-ks-endpoints.yaml.yaml +++ b/heat/templates/job-ks-endpoints.yaml.yaml @@ -1,6 +1,6 @@ {{- $envAll := . }} {{- $ksAdminSecret := .Values.keystone_secrets.admin }} -{{- $dependecies := .Values.dependencies.ks_endpoints }} +{{- $dependencies := .Values.dependencies.ks_endpoints }} apiVersion: batch/v1 kind: Job metadata: @@ -10,7 +10,7 @@ spec: metadata: annotations: pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} ]' spec: restartPolicy: OnFailure diff --git a/heat/templates/job-ks-service.yaml b/heat/templates/job-ks-service.yaml index 838e5774a9..06738e162c 100644 --- a/heat/templates/job-ks-service.yaml +++ b/heat/templates/job-ks-service.yaml @@ -1,6 +1,6 @@ {{- $envAll := . }} {{- $ksAdminSecret := .Values.keystone_secrets.admin }} -{{- $dependecies := .Values.dependencies.ks_service }} +{{- $dependencies := .Values.dependencies.ks_service }} apiVersion: batch/v1 kind: Job metadata: @@ -10,7 +10,7 @@ spec: metadata: annotations: pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} ]' spec: restartPolicy: OnFailure diff --git a/heat/templates/job-ks-user.yaml b/heat/templates/job-ks-user.yaml index 2372683d5c..270154045b 100644 --- a/heat/templates/job-ks-user.yaml +++ b/heat/templates/job-ks-user.yaml @@ -1,5 +1,5 @@ {{- $envAll := . }} -{{- $dependecies := .Values.dependencies.ks_user }} +{{- $dependencies := .Values.dependencies.ks_user }} {{- $ksAdminSecret := .Values.keystone_secrets.admin }} {{- $ksUserSecret := .Values.keystone_secrets.user }} # The heat user management job is a bit different from other services as it also needs to create a stack domain and trusts user @@ -14,7 +14,7 @@ spec: metadata: annotations: pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} ]' spec: restartPolicy: OnFailure diff --git a/heat/templates/statefulset-engine.yaml b/heat/templates/statefulset-engine.yaml index 3f46413ccf..e494378ce0 100644 --- a/heat/templates/statefulset-engine.yaml +++ b/heat/templates/statefulset-engine.yaml @@ -1,5 +1,5 @@ {{- $envAll := . }} -{{- $dependecies := .Values.dependencies.engine }} +{{- $dependencies := .Values.dependencies.engine }} apiVersion: apps/v1beta1 kind: StatefulSet metadata: @@ -13,7 +13,7 @@ spec: app: heat-engine annotations: pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} ]' spec: nodeSelector: diff --git a/horizon/templates/deployment.yaml b/horizon/templates/deployment.yaml index a21f53dce4..12fe799116 100644 --- a/horizon/templates/deployment.yaml +++ b/horizon/templates/deployment.yaml @@ -1,5 +1,5 @@ {{- $envAll := . }} -{{- $dependecies := .Values.dependencies.dashboard }} +{{- $dependencies := .Values.dependencies.dashboard }} apiVersion: extensions/v1beta1 kind: Deployment metadata: @@ -22,7 +22,7 @@ spec: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} ]' spec: nodeSelector: diff --git a/keystone/templates/job-init.yaml b/keystone/templates/job-init.yaml index 865b060ac0..be64047d69 100644 --- a/keystone/templates/job-init.yaml +++ b/keystone/templates/job-init.yaml @@ -1,5 +1,5 @@ {{- $envAll := . }} -{{- $dependecies := .Values.dependencies.init }} +{{- $dependencies := .Values.dependencies.init }} apiVersion: batch/v1 kind: Job metadata: @@ -9,7 +9,7 @@ spec: metadata: annotations: pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} ]' spec: restartPolicy: OnFailure diff --git a/nova/templates/daemonset-compute.yaml b/nova/templates/daemonset-compute.yaml index 2c2645760f..c40c3c5aaa 100644 --- a/nova/templates/daemonset-compute.yaml +++ b/nova/templates/daemonset-compute.yaml @@ -1,5 +1,5 @@ {{- $envAll := . }} -{{- $dependecies := .Values.dependencies.compute }} +{{- $dependencies := .Values.dependencies.compute }} apiVersion: extensions/v1beta1 kind: DaemonSet metadata: @@ -13,7 +13,7 @@ spec: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} ]' spec: nodeSelector: diff --git a/nova/templates/daemonset-libvirt.yaml b/nova/templates/daemonset-libvirt.yaml index dd36e59d61..692728fa1a 100644 --- a/nova/templates/daemonset-libvirt.yaml +++ b/nova/templates/daemonset-libvirt.yaml @@ -1,5 +1,5 @@ {{- $envAll := . }} -{{- $dependecies := .Values.dependencies.libvirt }} +{{- $dependencies := .Values.dependencies.libvirt }} apiVersion: extensions/v1beta1 kind: DaemonSet metadata: @@ -13,7 +13,7 @@ spec: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} ]' spec: nodeSelector: diff --git a/nova/templates/deployment-api-metadata.yaml b/nova/templates/deployment-api-metadata.yaml index 6d6e5c26c4..8543f46910 100644 --- a/nova/templates/deployment-api-metadata.yaml +++ b/nova/templates/deployment-api-metadata.yaml @@ -1,5 +1,5 @@ {{- $envAll := . }} -{{- $dependecies := .Values.dependencies.api }} +{{- $dependencies := .Values.dependencies.api }} apiVersion: extensions/v1beta1 kind: Deployment metadata: @@ -22,7 +22,7 @@ spec: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} ]' spec: nodeSelector: diff --git a/nova/templates/deployment-api-osapi.yaml b/nova/templates/deployment-api-osapi.yaml index 1394b646b8..a60c4d6985 100644 --- a/nova/templates/deployment-api-osapi.yaml +++ b/nova/templates/deployment-api-osapi.yaml @@ -1,5 +1,5 @@ {{- $envAll := . }} -{{- $dependecies := .Values.dependencies.api }} +{{- $dependencies := .Values.dependencies.api }} apiVersion: extensions/v1beta1 kind: Deployment metadata: @@ -22,7 +22,7 @@ spec: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} ]' spec: nodeSelector: diff --git a/nova/templates/deployment-conductor.yaml b/nova/templates/deployment-conductor.yaml index b38b9de81a..b52408cea8 100644 --- a/nova/templates/deployment-conductor.yaml +++ b/nova/templates/deployment-conductor.yaml @@ -1,5 +1,5 @@ {{- $envAll := . }} -{{- $dependecies := .Values.dependencies.conductor }} +{{- $dependencies := .Values.dependencies.conductor }} apiVersion: extensions/v1beta1 kind: Deployment metadata: @@ -22,7 +22,7 @@ spec: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} ]' spec: nodeSelector: diff --git a/nova/templates/deployment-consoleauth.yaml b/nova/templates/deployment-consoleauth.yaml index 0b49784224..6234e5368e 100644 --- a/nova/templates/deployment-consoleauth.yaml +++ b/nova/templates/deployment-consoleauth.yaml @@ -1,5 +1,5 @@ {{- $envAll := . }} -{{- $dependecies := .Values.dependencies.consoleauth }} +{{- $dependencies := .Values.dependencies.consoleauth }} apiVersion: extensions/v1beta1 kind: Deployment metadata: @@ -22,7 +22,7 @@ spec: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} ]' spec: nodeSelector: diff --git a/nova/templates/deployment-scheduler.yaml b/nova/templates/deployment-scheduler.yaml index 20e75428d7..4db74f7798 100644 --- a/nova/templates/deployment-scheduler.yaml +++ b/nova/templates/deployment-scheduler.yaml @@ -1,5 +1,5 @@ {{- $envAll := . }} -{{- $dependecies := .Values.dependencies.scheduler }} +{{- $dependencies := .Values.dependencies.scheduler }} apiVersion: extensions/v1beta1 kind: Deployment metadata: @@ -22,7 +22,7 @@ spec: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} ]' spec: nodeSelector: diff --git a/nova/templates/job-db-sync.yaml b/nova/templates/job-db-sync.yaml index 04010c12d6..b8df59b65d 100644 --- a/nova/templates/job-db-sync.yaml +++ b/nova/templates/job-db-sync.yaml @@ -1,5 +1,5 @@ {{- $envAll := . }} -{{- $dependecies := .Values.dependencies.db_sync }} +{{- $dependencies := .Values.dependencies.db_sync }} apiVersion: batch/v1 kind: Job metadata: @@ -9,7 +9,7 @@ spec: metadata: annotations: pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} ]' spec: restartPolicy: OnFailure diff --git a/nova/templates/job-init.yaml b/nova/templates/job-init.yaml index cbc38fbdfc..addc34d2b5 100644 --- a/nova/templates/job-init.yaml +++ b/nova/templates/job-init.yaml @@ -1,5 +1,5 @@ {{- $envAll := . }} -{{- $dependecies := .Values.dependencies.init }} +{{- $dependencies := .Values.dependencies.init }} apiVersion: batch/v1 kind: Job metadata: @@ -9,7 +9,7 @@ spec: metadata: annotations: pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} ]' spec: restartPolicy: OnFailure diff --git a/nova/templates/job-post.yaml b/nova/templates/job-post.yaml index 76944f77ee..4df83ae874 100644 --- a/nova/templates/job-post.yaml +++ b/nova/templates/job-post.yaml @@ -1,5 +1,5 @@ {{- $envAll := . }} -{{- $dependecies := .Values.dependencies.post }} +{{- $dependencies := .Values.dependencies.post }} apiVersion: batch/v1 kind: Job metadata: @@ -9,7 +9,7 @@ spec: metadata: annotations: pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} ]' spec: restartPolicy: OnFailure From b31a365aea34440c371a3e3446f0b698b9804113 Mon Sep 17 00:00:00 2001 From: Pete Birley Date: Fri, 20 Jan 2017 01:03:19 +0000 Subject: [PATCH 19/45] Fix glance containers entrypoints Also improves glance containers volume specification yaml. --- glance/templates/deployment-api.yaml | 13 ++++++++++--- glance/templates/deployment-registry.yaml | 7 +++++++ 2 files changed, 17 insertions(+), 3 deletions(-) diff --git a/glance/templates/deployment-api.yaml b/glance/templates/deployment-api.yaml index e150aa5a94..34a510eaf8 100644 --- a/glance/templates/deployment-api.yaml +++ b/glance/templates/deployment-api.yaml @@ -34,24 +34,29 @@ spec: image: {{ .Values.images.api }} imagePullPolicy: {{ .Values.images.pull_policy }} command: - - glance-api --config-dir /etc/glance + - glance-api + - --config-file + - /etc/glance/glance-registry.conf ports: - containerPort: {{ .Values.network.port.api }} readinessProbe: tcpSocket: port: {{ .Values.network.port.api }} volumeMounts: + - name: etcglance + mountPath: /etc/glance - name: glanceapiconf mountPath: /etc/glance/glance-api.conf subPath: glance-api.conf + readOnly: true - name: glanceapipaste mountPath: /etc/glance/glance-api-paste.ini subPath: glance-api-paste.ini - - name: etcglance - mountPath: /etc/glance + readOnly: true - name: glancepolicy mountPath: /etc/glance/policy.json subPath: policy.json + readOnly: true {{- if .Values.development.enabled }} - name: glance-data mountPath: /var/lib/glance/images @@ -59,9 +64,11 @@ spec: - name: cephconf mountPath: /etc/ceph/ceph.conf subPath: ceph.conf + readOnly: true - name: cephclientglancekeyring mountPath: /etc/ceph/ceph.client.{{ .Values.ceph.glance_user }}.keyring subPath: ceph.client.{{ .Values.ceph.glance_user }}.keyring + readOnly: true {{- end }} volumes: - name: glanceapiconf diff --git a/glance/templates/deployment-registry.yaml b/glance/templates/deployment-registry.yaml index f8f6c6327e..05615548df 100644 --- a/glance/templates/deployment-registry.yaml +++ b/glance/templates/deployment-registry.yaml @@ -27,16 +27,23 @@ spec: imagePullPolicy: {{ .Values.images.pull_policy }} command: - glance-registry + - --config-file + - /etc/glance/glance-registry.conf ports: - containerPort: {{ .Values.network.port.registry }} readinessProbe: tcpSocket: port: {{ .Values.network.port.registry }} volumeMounts: + - name: etcglance + mountPath: /etc/glance - name: glanceregistryconf mountPath: /etc/glance/glance-registry.conf subPath: glance-registry.conf + readOnly: true volumes: + - name: etcglance + emptyDir: {} - name: glanceregistryconf configMap: name: glance-etc From b1ce9b093b9875a15d5da4978002048671a3711b Mon Sep 17 00:00:00 2001 From: Pete Birley Date: Fri, 20 Jan 2017 01:19:37 +0000 Subject: [PATCH 20/45] Add glance registry config --- glance/templates/configmap-etc.yaml | 2 ++ glance/templates/deployment-api.yaml | 2 +- glance/templates/deployment-registry.yaml | 8 +++++ .../etc/_glance-registry-paste.ini.tpl | 35 +++++++++++++++++++ 4 files changed, 46 insertions(+), 1 deletion(-) create mode 100644 glance/templates/etc/_glance-registry-paste.ini.tpl diff --git a/glance/templates/configmap-etc.yaml b/glance/templates/configmap-etc.yaml index 9b622b1785..ba8b86c42e 100644 --- a/glance/templates/configmap-etc.yaml +++ b/glance/templates/configmap-etc.yaml @@ -13,5 +13,7 @@ data: {{ tuple "etc/_glance-api-paste.ini.tpl" . | include "template" | indent 4 }} glance-registry.conf: |+ {{ tuple "etc/_glance-registry.conf.tpl" . | include "template" | indent 4 }} + glance-registry-paste.ini: |+ +{{ tuple "etc/_glance-registry-paste.ini.tpl" . | include "template" | indent 4 }} policy.json: |+ {{ tuple "etc/_policy.json.tpl" . | include "template" | indent 4 }} diff --git a/glance/templates/deployment-api.yaml b/glance/templates/deployment-api.yaml index 34a510eaf8..46086de678 100644 --- a/glance/templates/deployment-api.yaml +++ b/glance/templates/deployment-api.yaml @@ -36,7 +36,7 @@ spec: command: - glance-api - --config-file - - /etc/glance/glance-registry.conf + - /etc/glance/glance-api.conf ports: - containerPort: {{ .Values.network.port.api }} readinessProbe: diff --git a/glance/templates/deployment-registry.yaml b/glance/templates/deployment-registry.yaml index 05615548df..51aa3269e9 100644 --- a/glance/templates/deployment-registry.yaml +++ b/glance/templates/deployment-registry.yaml @@ -41,6 +41,14 @@ spec: mountPath: /etc/glance/glance-registry.conf subPath: glance-registry.conf readOnly: true + - name: glanceregistrypaste + mountPath: /etc/glance/glance-registry-paste.ini + subPath: glance-registry-paste.ini + readOnly: true + - name: glancepolicy + mountPath: /etc/glance/policy.json + subPath: policy.json + readOnly: true volumes: - name: etcglance emptyDir: {} diff --git a/glance/templates/etc/_glance-registry-paste.ini.tpl b/glance/templates/etc/_glance-registry-paste.ini.tpl new file mode 100644 index 0000000000..492dbc6f53 --- /dev/null +++ b/glance/templates/etc/_glance-registry-paste.ini.tpl @@ -0,0 +1,35 @@ +# Use this pipeline for no auth - DEFAULT +[pipeline:glance-registry] +pipeline = healthcheck osprofiler unauthenticated-context registryapp + +# Use this pipeline for keystone auth +[pipeline:glance-registry-keystone] +pipeline = healthcheck osprofiler authtoken context registryapp + +# Use this pipeline for authZ only. This means that the registry will treat a +# user as authenticated without making requests to keystone to reauthenticate +# the user. +[pipeline:glance-registry-trusted-auth] +pipeline = healthcheck osprofiler context registryapp + +[app:registryapp] +paste.app_factory = glance.registry.api:API.factory + +[filter:healthcheck] +paste.filter_factory = oslo_middleware:Healthcheck.factory +backends = disable_by_file +disable_by_file_path = /etc/glance/healthcheck_disable + +[filter:context] +paste.filter_factory = glance.api.middleware.context:ContextMiddleware.factory + +[filter:unauthenticated-context] +paste.filter_factory = glance.api.middleware.context:UnauthenticatedContextMiddleware.factory + +[filter:authtoken] +paste.filter_factory = keystonemiddleware.auth_token:filter_factory + +[filter:osprofiler] +paste.filter_factory = osprofiler.web:WsgiMiddleware.factory +hmac_keys = SECRET_KEY #DEPRECATED +enabled = yes #DEPRECATED From 09efab76ca0028494bcbadc77b3f39beaf23d743 Mon Sep 17 00:00:00 2001 From: Pete Birley Date: Fri, 20 Jan 2017 01:21:48 +0000 Subject: [PATCH 21/45] Add glance registry config mounts --- glance/templates/deployment-registry.yaml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/glance/templates/deployment-registry.yaml b/glance/templates/deployment-registry.yaml index 51aa3269e9..e6ab5cd79e 100644 --- a/glance/templates/deployment-registry.yaml +++ b/glance/templates/deployment-registry.yaml @@ -55,3 +55,9 @@ spec: - name: glanceregistryconf configMap: name: glance-etc + - name: glanceregistrypaste + configMap: + name: glance-etc + - name: glancepolicy + configMap: + name: glance-etc From 2edf1bcc99666e99656a0a84e2af0e2c88c106ef Mon Sep 17 00:00:00 2001 From: Alan Meadows Date: Fri, 20 Jan 2017 09:30:08 -0600 Subject: [PATCH 22/45] Bugfixes for functional release tagging * Allow glance to support using default secrets if none are provided * Resolve configmap mounting issue with glance ceph secrets * Ensure keystone wsgi workers/threads are set to reasonable numbers for a container implementation --- glance/templates/configmap-etc.yaml | 4 ++-- glance/templates/deployment-api.yaml | 2 ++ glance/templates/deployment-registry.yaml | 2 ++ glance/templates/etc/_ceph.client.glance.keyring.tpl | 6 ++++++ glance/templates/etc/_ceph.client.glance.keyring.yaml.tpl | 2 -- keystone/templates/etc/_wsgi-keystone.conf.tpl | 4 ++-- 6 files changed, 14 insertions(+), 6 deletions(-) create mode 100644 glance/templates/etc/_ceph.client.glance.keyring.tpl delete mode 100644 glance/templates/etc/_ceph.client.glance.keyring.yaml.tpl diff --git a/glance/templates/configmap-etc.yaml b/glance/templates/configmap-etc.yaml index ba8b86c42e..ae34308b9a 100644 --- a/glance/templates/configmap-etc.yaml +++ b/glance/templates/configmap-etc.yaml @@ -5,8 +5,8 @@ metadata: data: ceph.conf: |+ {{ tuple "etc/_ceph.conf.tpl" . | include "template" | indent 4 }} - ceph.client.glance.keyring.yaml: |+ -{{ tuple "etc/_ceph.client.glance.keyring.yaml.tpl" . | include "template" | indent 4 }} + ceph.client.{{ .Values.ceph.glance_user }}.keyring: |+ +{{ tuple "etc/_ceph.client.glance.keyring.tpl" . | include "template" | indent 4 }} glance-api.conf: |+ {{ tuple "etc/_glance-api.conf.tpl" . | include "template" | indent 4 }} glance-api-paste.ini: |+ diff --git a/glance/templates/deployment-api.yaml b/glance/templates/deployment-api.yaml index 46086de678..e4431c0460 100644 --- a/glance/templates/deployment-api.yaml +++ b/glance/templates/deployment-api.yaml @@ -23,6 +23,8 @@ spec: labels: app: glance-api annotations: + configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} + configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} pod.beta.kubernetes.io/init-containers: '[ {{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} ]' diff --git a/glance/templates/deployment-registry.yaml b/glance/templates/deployment-registry.yaml index e6ab5cd79e..3df9090a0e 100644 --- a/glance/templates/deployment-registry.yaml +++ b/glance/templates/deployment-registry.yaml @@ -15,6 +15,8 @@ spec: labels: app: glance-registry annotations: + configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} + configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} pod.beta.kubernetes.io/init-containers: '[ {{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} ]' diff --git a/glance/templates/etc/_ceph.client.glance.keyring.tpl b/glance/templates/etc/_ceph.client.glance.keyring.tpl new file mode 100644 index 0000000000..4f625b2ba6 --- /dev/null +++ b/glance/templates/etc/_ceph.client.glance.keyring.tpl @@ -0,0 +1,6 @@ +[client.{{ .Values.ceph.glance_user }}] +{{- if .Values.ceph.glance_keyring }} + key = {{ .Values.ceph.glance_keyring }} +{{- else }} + key = {{- include "secrets/ceph-client-key" . -}} +{{- end }} diff --git a/glance/templates/etc/_ceph.client.glance.keyring.yaml.tpl b/glance/templates/etc/_ceph.client.glance.keyring.yaml.tpl deleted file mode 100644 index f780dada8f..0000000000 --- a/glance/templates/etc/_ceph.client.glance.keyring.yaml.tpl +++ /dev/null @@ -1,2 +0,0 @@ -[client.{{ .Values.ceph.glance_user }}] - key = {{ .Values.ceph.glance_keyring }} diff --git a/keystone/templates/etc/_wsgi-keystone.conf.tpl b/keystone/templates/etc/_wsgi-keystone.conf.tpl index f04bc7e1b6..54e393a223 100644 --- a/keystone/templates/etc/_wsgi-keystone.conf.tpl +++ b/keystone/templates/etc/_wsgi-keystone.conf.tpl @@ -5,7 +5,7 @@ LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combine LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" proxy - WSGIDaemonProcess keystone-public processes=16 threads=6 user=keystone group=keystone display-name=%{GROUP} + WSGIDaemonProcess keystone-public processes=1 threads=4 user=keystone group=keystone display-name=%{GROUP} WSGIProcessGroup keystone-public WSGIScriptAlias / /var/www/cgi-bin/keystone/main WSGIApplicationGroup %{GLOBAL} @@ -21,7 +21,7 @@ LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-A - WSGIDaemonProcess keystone-admin processes=16 threads=5 user=keystone group=keystone display-name=%{GROUP} + WSGIDaemonProcess keystone-admin processes=1 threads=4 user=keystone group=keystone display-name=%{GROUP} WSGIProcessGroup keystone-admin WSGIScriptAlias / /var/www/cgi-bin/keystone/admin WSGIApplicationGroup %{GLOBAL} From 1a13f9ba837739a1ac93fb64c8e51992aef057d4 Mon Sep 17 00:00:00 2001 From: Pete Birley Date: Sun, 22 Jan 2017 05:35:31 +0000 Subject: [PATCH 23/45] Add support for daemonsets to the Kubernetes-Entrypoint init-container. It also makes two other changes: * Moves the entrypoint container manifest snippet to its own file to reduce loading on the _funcs.tpl file * Changes dep-check-init-cont to dep_check_init_cont to match the formatting of other defines used in OpenStack Helm --- cinder/templates/deployment-api.yaml | 2 +- cinder/templates/deployment-scheduler.yaml | 2 +- cinder/templates/deployment-volume.yaml | 2 +- cinder/templates/job-db-init.yaml | 2 +- cinder/templates/job-db-sync.yaml | 2 +- cinder/templates/job-ks-endpoints.yaml.yaml | 2 +- cinder/templates/job-ks-service.yaml | 2 +- cinder/templates/job-ks-user.yaml | 2 +- common/templates/_funcs.tpl | 32 ------------ .../snippets/_k8s_init_dep_check.tpl | 49 +++++++++++++++++++ glance/templates/deployment-api.yaml | 2 +- glance/templates/deployment-registry.yaml | 2 +- glance/templates/job-db-sync.yaml | 2 +- glance/templates/job-init.yaml | 2 +- glance/templates/job-post.yaml | 2 +- heat/templates/deployment-api.yaml | 2 +- heat/templates/deployment-cfn.yaml | 2 +- heat/templates/deployment-cloudwatch.yaml | 2 +- heat/templates/job-db-init.yaml | 2 +- heat/templates/job-db-sync.yaml | 2 +- heat/templates/job-ks-endpoints.yaml.yaml | 2 +- heat/templates/job-ks-service.yaml | 2 +- heat/templates/job-ks-user.yaml | 2 +- heat/templates/statefulset-engine.yaml | 2 +- horizon/templates/deployment.yaml | 2 +- keystone/templates/deployment.yaml | 2 +- keystone/templates/job-db-sync.yaml | 2 +- keystone/templates/job-init.yaml | 2 +- nova/templates/daemonset-compute.yaml | 2 +- nova/templates/daemonset-libvirt.yaml | 2 +- nova/templates/deployment-api-metadata.yaml | 2 +- nova/templates/deployment-api-osapi.yaml | 2 +- nova/templates/deployment-conductor.yaml | 2 +- nova/templates/deployment-consoleauth.yaml | 2 +- nova/templates/deployment-scheduler.yaml | 2 +- nova/templates/job-db-sync.yaml | 2 +- nova/templates/job-init.yaml | 2 +- nova/templates/job-post.yaml | 2 +- 38 files changed, 85 insertions(+), 68 deletions(-) create mode 100644 common/templates/snippets/_k8s_init_dep_check.tpl diff --git a/cinder/templates/deployment-api.yaml b/cinder/templates/deployment-api.yaml index b5a05f8f77..cc3c3f6b19 100644 --- a/cinder/templates/deployment-api.yaml +++ b/cinder/templates/deployment-api.yaml @@ -22,7 +22,7 @@ spec: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep_check_init_cont" | indent 10 }} ]' spec: nodeSelector: diff --git a/cinder/templates/deployment-scheduler.yaml b/cinder/templates/deployment-scheduler.yaml index e18425e2b1..39663097ef 100644 --- a/cinder/templates/deployment-scheduler.yaml +++ b/cinder/templates/deployment-scheduler.yaml @@ -22,7 +22,7 @@ spec: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep_check_init_cont" | indent 10 }} ]' spec: nodeSelector: diff --git a/cinder/templates/deployment-volume.yaml b/cinder/templates/deployment-volume.yaml index 1545b37279..cb6c958ccc 100644 --- a/cinder/templates/deployment-volume.yaml +++ b/cinder/templates/deployment-volume.yaml @@ -22,7 +22,7 @@ spec: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep_check_init_cont" | indent 10 }} ]' spec: nodeSelector: diff --git a/cinder/templates/job-db-init.yaml b/cinder/templates/job-db-init.yaml index f731d4fcec..8c8338b0cf 100644 --- a/cinder/templates/job-db-init.yaml +++ b/cinder/templates/job-db-init.yaml @@ -9,7 +9,7 @@ spec: metadata: annotations: pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep_check_init_cont" | indent 10 }} ]' spec: restartPolicy: OnFailure diff --git a/cinder/templates/job-db-sync.yaml b/cinder/templates/job-db-sync.yaml index f38c18cfa9..045f46227f 100644 --- a/cinder/templates/job-db-sync.yaml +++ b/cinder/templates/job-db-sync.yaml @@ -9,7 +9,7 @@ spec: metadata: annotations: pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep_check_init_cont" | indent 10 }} ]' spec: restartPolicy: OnFailure diff --git a/cinder/templates/job-ks-endpoints.yaml.yaml b/cinder/templates/job-ks-endpoints.yaml.yaml index 0d91fccf6a..455c0f3439 100644 --- a/cinder/templates/job-ks-endpoints.yaml.yaml +++ b/cinder/templates/job-ks-endpoints.yaml.yaml @@ -10,7 +10,7 @@ spec: metadata: annotations: pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep_check_init_cont" | indent 10 }} ]' spec: restartPolicy: OnFailure diff --git a/cinder/templates/job-ks-service.yaml b/cinder/templates/job-ks-service.yaml index 52585cf0f5..73934938f2 100644 --- a/cinder/templates/job-ks-service.yaml +++ b/cinder/templates/job-ks-service.yaml @@ -10,7 +10,7 @@ spec: metadata: annotations: pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep_check_init_cont" | indent 10 }} ]' spec: restartPolicy: OnFailure diff --git a/cinder/templates/job-ks-user.yaml b/cinder/templates/job-ks-user.yaml index 9937ca2642..49bc179a89 100644 --- a/cinder/templates/job-ks-user.yaml +++ b/cinder/templates/job-ks-user.yaml @@ -11,7 +11,7 @@ spec: metadata: annotations: pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep_check_init_cont" | indent 10 }} ]' spec: restartPolicy: OnFailure diff --git a/common/templates/_funcs.tpl b/common/templates/_funcs.tpl index 115892b10d..fe6c9a675e 100644 --- a/common/templates/_funcs.tpl +++ b/common/templates/_funcs.tpl @@ -21,35 +21,3 @@ {{- $wtf := $context.Template.Name | replace $last $name -}} {{- include $wtf $context | sha256sum | quote -}} {{- end -}} - -{{- define "dep-check-init-cont" -}} -{{- $envAll := index . 0 -}} -{{- $deps := index . 1 -}} -{ - "name": "init", - "image": {{ $envAll.Values.images.dep_check | quote }}, - "imagePullPolicy": {{ $envAll.Values.images.pull_policy | quote }}, - "env": [ - { - "name": "NAMESPACE", - "value": "{{ $envAll.Release.Namespace }}" - }, - { - "name": "INTERFACE_NAME", - "value": "eth0" - }, - { - "name": "DEPENDENCY_SERVICE", - "value": "{{ include "joinListWithColon" $deps.service }}" - }, - { - "name": "DEPENDENCY_JOBS", - "value": "{{ include "joinListWithColon" $deps.jobs }}" - }, - { - "name": "COMMAND", - "value": "echo done" - } - ] -} -{{- end -}} diff --git a/common/templates/snippets/_k8s_init_dep_check.tpl b/common/templates/snippets/_k8s_init_dep_check.tpl new file mode 100644 index 0000000000..d55e0bc654 --- /dev/null +++ b/common/templates/snippets/_k8s_init_dep_check.tpl @@ -0,0 +1,49 @@ +{{- define "dep_check_init_cont" -}} +{{- $envAll := index . 0 -}} +{{- $deps := index . 1 -}} +{ + "name": "init", + "image": {{ $envAll.Values.images.dep_check | quote }}, + "imagePullPolicy": {{ $envAll.Values.images.pull_policy | quote }}, + "env": [ + { + "name": "POD_NAME", + "valueFrom": { + "fieldRef": { + "APIVersion": "v1", + "fieldPath": "metadata.name" + } + } + }, + { + "name": "NAMESPACE", + "valueFrom": { + "fieldRef": { + "APIVersion": "v1", + "fieldPath": "metadata.namespace" + } + } + }, + { + "name": "INTERFACE_NAME", + "value": "eth0" + }, + { + "name": "DEPENDENCY_SERVICE", + "value": "{{ include "joinListWithColon" $deps.service }}" + }, + { + "name": "DEPENDENCY_JOBS", + "value": "{{ include "joinListWithColon" $deps.jobs }}" + }, + { + "name": "DEPENDENCY_DAEMONSET", + "value": "{{ include "joinListWithColon" $deps.daemonset }}" + }, + { + "name": "COMMAND", + "value": "echo done" + } + ] +} +{{- end -}} diff --git a/glance/templates/deployment-api.yaml b/glance/templates/deployment-api.yaml index e4431c0460..d998fb5ded 100644 --- a/glance/templates/deployment-api.yaml +++ b/glance/templates/deployment-api.yaml @@ -26,7 +26,7 @@ spec: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep_check_init_cont" | indent 10 }} ]' spec: nodeSelector: diff --git a/glance/templates/deployment-registry.yaml b/glance/templates/deployment-registry.yaml index 3df9090a0e..2d1f023b35 100644 --- a/glance/templates/deployment-registry.yaml +++ b/glance/templates/deployment-registry.yaml @@ -18,7 +18,7 @@ spec: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep_check_init_cont" | indent 10 }} ]' spec: nodeSelector: diff --git a/glance/templates/job-db-sync.yaml b/glance/templates/job-db-sync.yaml index 6cd0dd9b6c..3ecfb6af7b 100644 --- a/glance/templates/job-db-sync.yaml +++ b/glance/templates/job-db-sync.yaml @@ -9,7 +9,7 @@ spec: metadata: annotations: pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep_check_init_cont" | indent 10 }} ]' spec: restartPolicy: OnFailure diff --git a/glance/templates/job-init.yaml b/glance/templates/job-init.yaml index 2fd28805eb..5bf5f0635c 100644 --- a/glance/templates/job-init.yaml +++ b/glance/templates/job-init.yaml @@ -9,7 +9,7 @@ spec: metadata: annotations: pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep_check_init_cont" | indent 10 }} ]' spec: restartPolicy: OnFailure diff --git a/glance/templates/job-post.yaml b/glance/templates/job-post.yaml index da362afe25..bbb53d760a 100644 --- a/glance/templates/job-post.yaml +++ b/glance/templates/job-post.yaml @@ -9,7 +9,7 @@ spec: metadata: annotations: pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep_check_init_cont" | indent 10 }} ]' spec: nodeSelector: diff --git a/heat/templates/deployment-api.yaml b/heat/templates/deployment-api.yaml index 2b2d4d5b18..25197f76ef 100755 --- a/heat/templates/deployment-api.yaml +++ b/heat/templates/deployment-api.yaml @@ -12,7 +12,7 @@ spec: app: heat-api annotations: pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep_check_init_cont" | indent 10 }} ]' spec: nodeSelector: diff --git a/heat/templates/deployment-cfn.yaml b/heat/templates/deployment-cfn.yaml index d90355513d..0cce31b80e 100644 --- a/heat/templates/deployment-cfn.yaml +++ b/heat/templates/deployment-cfn.yaml @@ -12,7 +12,7 @@ spec: app: heat-cfn annotations: pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep_check_init_cont" | indent 10 }} ]' spec: nodeSelector: diff --git a/heat/templates/deployment-cloudwatch.yaml b/heat/templates/deployment-cloudwatch.yaml index ccb6647980..6f624a65f4 100644 --- a/heat/templates/deployment-cloudwatch.yaml +++ b/heat/templates/deployment-cloudwatch.yaml @@ -12,7 +12,7 @@ spec: app: heat-cloudwatch annotations: pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep_check_init_cont" | indent 10 }} ]' spec: nodeSelector: diff --git a/heat/templates/job-db-init.yaml b/heat/templates/job-db-init.yaml index 6a7e343cae..a98c571d95 100644 --- a/heat/templates/job-db-init.yaml +++ b/heat/templates/job-db-init.yaml @@ -9,7 +9,7 @@ spec: metadata: annotations: pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep_check_init_cont" | indent 10 }} ]' spec: restartPolicy: OnFailure diff --git a/heat/templates/job-db-sync.yaml b/heat/templates/job-db-sync.yaml index 4a9b004db2..5f962a9d3e 100644 --- a/heat/templates/job-db-sync.yaml +++ b/heat/templates/job-db-sync.yaml @@ -9,7 +9,7 @@ spec: metadata: annotations: pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep_check_init_cont" | indent 10 }} ]' spec: restartPolicy: OnFailure diff --git a/heat/templates/job-ks-endpoints.yaml.yaml b/heat/templates/job-ks-endpoints.yaml.yaml index e0a90d6a28..6bfcfb7018 100644 --- a/heat/templates/job-ks-endpoints.yaml.yaml +++ b/heat/templates/job-ks-endpoints.yaml.yaml @@ -10,7 +10,7 @@ spec: metadata: annotations: pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep_check_init_cont" | indent 10 }} ]' spec: restartPolicy: OnFailure diff --git a/heat/templates/job-ks-service.yaml b/heat/templates/job-ks-service.yaml index 06738e162c..8dba89f883 100644 --- a/heat/templates/job-ks-service.yaml +++ b/heat/templates/job-ks-service.yaml @@ -10,7 +10,7 @@ spec: metadata: annotations: pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep_check_init_cont" | indent 10 }} ]' spec: restartPolicy: OnFailure diff --git a/heat/templates/job-ks-user.yaml b/heat/templates/job-ks-user.yaml index 270154045b..7fd8f6d2f2 100644 --- a/heat/templates/job-ks-user.yaml +++ b/heat/templates/job-ks-user.yaml @@ -14,7 +14,7 @@ spec: metadata: annotations: pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep_check_init_cont" | indent 10 }} ]' spec: restartPolicy: OnFailure diff --git a/heat/templates/statefulset-engine.yaml b/heat/templates/statefulset-engine.yaml index e494378ce0..0c5c8f007b 100644 --- a/heat/templates/statefulset-engine.yaml +++ b/heat/templates/statefulset-engine.yaml @@ -13,7 +13,7 @@ spec: app: heat-engine annotations: pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep_check_init_cont" | indent 10 }} ]' spec: nodeSelector: diff --git a/horizon/templates/deployment.yaml b/horizon/templates/deployment.yaml index 12fe799116..9d97e9cdfe 100644 --- a/horizon/templates/deployment.yaml +++ b/horizon/templates/deployment.yaml @@ -22,7 +22,7 @@ spec: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep_check_init_cont" | indent 10 }} ]' spec: nodeSelector: diff --git a/keystone/templates/deployment.yaml b/keystone/templates/deployment.yaml index 54cff70871..21321c994b 100644 --- a/keystone/templates/deployment.yaml +++ b/keystone/templates/deployment.yaml @@ -22,7 +22,7 @@ spec: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependecies | include "dep_check_init_cont" | indent 10 }} ]' spec: nodeSelector: diff --git a/keystone/templates/job-db-sync.yaml b/keystone/templates/job-db-sync.yaml index e38bce91a0..d38bbc9e66 100644 --- a/keystone/templates/job-db-sync.yaml +++ b/keystone/templates/job-db-sync.yaml @@ -9,7 +9,7 @@ spec: metadata: annotations: pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependecies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependecies | include "dep_check_init_cont" | indent 10 }} ]' spec: restartPolicy: OnFailure diff --git a/keystone/templates/job-init.yaml b/keystone/templates/job-init.yaml index be64047d69..4e41f4ff86 100644 --- a/keystone/templates/job-init.yaml +++ b/keystone/templates/job-init.yaml @@ -9,7 +9,7 @@ spec: metadata: annotations: pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep_check_init_cont" | indent 10 }} ]' spec: restartPolicy: OnFailure diff --git a/nova/templates/daemonset-compute.yaml b/nova/templates/daemonset-compute.yaml index c40c3c5aaa..896739cfba 100644 --- a/nova/templates/daemonset-compute.yaml +++ b/nova/templates/daemonset-compute.yaml @@ -13,7 +13,7 @@ spec: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep_check_init_cont" | indent 10 }} ]' spec: nodeSelector: diff --git a/nova/templates/daemonset-libvirt.yaml b/nova/templates/daemonset-libvirt.yaml index 692728fa1a..bb461bc4da 100644 --- a/nova/templates/daemonset-libvirt.yaml +++ b/nova/templates/daemonset-libvirt.yaml @@ -13,7 +13,7 @@ spec: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep_check_init_cont" | indent 10 }} ]' spec: nodeSelector: diff --git a/nova/templates/deployment-api-metadata.yaml b/nova/templates/deployment-api-metadata.yaml index 8543f46910..5ca429e8ca 100644 --- a/nova/templates/deployment-api-metadata.yaml +++ b/nova/templates/deployment-api-metadata.yaml @@ -22,7 +22,7 @@ spec: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep_check_init_cont" | indent 10 }} ]' spec: nodeSelector: diff --git a/nova/templates/deployment-api-osapi.yaml b/nova/templates/deployment-api-osapi.yaml index a60c4d6985..f0940a524c 100644 --- a/nova/templates/deployment-api-osapi.yaml +++ b/nova/templates/deployment-api-osapi.yaml @@ -22,7 +22,7 @@ spec: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep_check_init_cont" | indent 10 }} ]' spec: nodeSelector: diff --git a/nova/templates/deployment-conductor.yaml b/nova/templates/deployment-conductor.yaml index b52408cea8..8879851371 100644 --- a/nova/templates/deployment-conductor.yaml +++ b/nova/templates/deployment-conductor.yaml @@ -22,7 +22,7 @@ spec: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep_check_init_cont" | indent 10 }} ]' spec: nodeSelector: diff --git a/nova/templates/deployment-consoleauth.yaml b/nova/templates/deployment-consoleauth.yaml index 6234e5368e..c62de2559d 100644 --- a/nova/templates/deployment-consoleauth.yaml +++ b/nova/templates/deployment-consoleauth.yaml @@ -22,7 +22,7 @@ spec: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep_check_init_cont" | indent 10 }} ]' spec: nodeSelector: diff --git a/nova/templates/deployment-scheduler.yaml b/nova/templates/deployment-scheduler.yaml index 4db74f7798..14f12e2c29 100644 --- a/nova/templates/deployment-scheduler.yaml +++ b/nova/templates/deployment-scheduler.yaml @@ -22,7 +22,7 @@ spec: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep_check_init_cont" | indent 10 }} ]' spec: nodeSelector: diff --git a/nova/templates/job-db-sync.yaml b/nova/templates/job-db-sync.yaml index b8df59b65d..94befb39e2 100644 --- a/nova/templates/job-db-sync.yaml +++ b/nova/templates/job-db-sync.yaml @@ -9,7 +9,7 @@ spec: metadata: annotations: pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep_check_init_cont" | indent 10 }} ]' spec: restartPolicy: OnFailure diff --git a/nova/templates/job-init.yaml b/nova/templates/job-init.yaml index addc34d2b5..8db6c2b664 100644 --- a/nova/templates/job-init.yaml +++ b/nova/templates/job-init.yaml @@ -9,7 +9,7 @@ spec: metadata: annotations: pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep_check_init_cont" | indent 10 }} ]' spec: restartPolicy: OnFailure diff --git a/nova/templates/job-post.yaml b/nova/templates/job-post.yaml index 4df83ae874..c91e752117 100644 --- a/nova/templates/job-post.yaml +++ b/nova/templates/job-post.yaml @@ -9,7 +9,7 @@ spec: metadata: annotations: pod.beta.kubernetes.io/init-containers: '[ -{{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }} +{{ tuple $envAll $dependencies | include "dep_check_init_cont" | indent 10 }} ]' spec: restartPolicy: OnFailure From 2d5fd2da73cddac53355c3013cd2b4bbda5d3d23 Mon Sep 17 00:00:00 2001 From: Pete Birley Date: Sun, 22 Jan 2017 05:39:25 +0000 Subject: [PATCH 24/45] Neutron: Move to use init-containers for dependency checking Brings Neutron inline with other services, by moving the dependency checks to an init-container. --- neutron/templates/daemonset-dhcp-agent.yaml | 34 ++++++---------- neutron/templates/daemonset-l3-agent.yaml | 36 +++++++---------- .../templates/daemonset-metadata-agent.yaml | 40 ++++++++----------- neutron/templates/daemonset-ovs-agent.yaml | 31 +++++--------- neutron/templates/daemonset-ovs-db.yaml | 21 +++------- neutron/templates/daemonset-ovs-vswitchd.yaml | 20 +++------- neutron/templates/deployment-server.yaml | 32 ++++++--------- neutron/templates/job-db-sync.yaml | 36 +++++++++-------- neutron/templates/job-init.yaml | 27 +++++-------- neutron/templates/job-post.yaml | 26 +++++------- neutron/values.yaml | 20 +++++----- 11 files changed, 127 insertions(+), 196 deletions(-) diff --git a/neutron/templates/daemonset-dhcp-agent.yaml b/neutron/templates/daemonset-dhcp-agent.yaml index 11ef4e05c9..4a56ee6ed1 100644 --- a/neutron/templates/daemonset-dhcp-agent.yaml +++ b/neutron/templates/daemonset-dhcp-agent.yaml @@ -1,3 +1,5 @@ +{{- $envAll := . }} +{{- $dependencies := .Values.dependencies.dhcp }} apiVersion: extensions/v1beta1 kind: DaemonSet metadata: @@ -9,7 +11,10 @@ spec: app: neutron-dhcp-agent annotations: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} - configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} + configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} + pod.beta.kubernetes.io/init-containers: '[ +{{ tuple $envAll $dependencies | include "dep_check_init_cont" | indent 10 }} + ]' spec: nodeSelector: {{ .Values.labels.agent.dhcp.node_selector_key }}: {{ .Values.labels.agent.dhcp.node_selector_value }} @@ -23,25 +28,12 @@ spec: imagePullPolicy: {{ .Values.images.pull_policy }} securityContext: privileged: true - env: - - name: INTERFACE_NAME - value: {{ .Values.network.interface.dhcp | default .Values.network.interface.default }} - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: COMMAND - value: "neutron-dhcp-agent --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/dhcp-agent.ini" - - name: DEPENDENCY_JOBS - value: "{{ include "joinListWithColon" .Values.dependencies.dhcp.jobs }}" - - name: DEPENDENCY_SERVICE - value: "{{ include "joinListWithColon" .Values.dependencies.dhcp.service }}" - - name: DEPENDENCY_DAEMONSET - value: "{{ include "joinListWithColon" .Values.dependencies.dhcp.daemonset }}" + command: + - neutron-dhcp-agent + - --config-file + - /etc/neutron/neutron.conf + - --config-file + - /etc/neutron/dhcp-agent.ini volumeMounts: - name: neutronconf mountPath: /etc/neutron/neutron.conf @@ -61,7 +53,7 @@ spec: mountPath: /var/lib/neutron/openstack-helm - name: resolvconf mountPath: /etc/resolv.conf - subPath: resolv.conf + subPath: resolv.conf volumes: - name: neutronconf configMap: diff --git a/neutron/templates/daemonset-l3-agent.yaml b/neutron/templates/daemonset-l3-agent.yaml index 7428f94419..c73ba0da3c 100644 --- a/neutron/templates/daemonset-l3-agent.yaml +++ b/neutron/templates/daemonset-l3-agent.yaml @@ -1,3 +1,5 @@ +{{- $envAll := . }} +{{- $dependencies := .Values.dependencies.l3 }} apiVersion: extensions/v1beta1 kind: DaemonSet metadata: @@ -9,7 +11,10 @@ spec: app: neutron-l3-agent annotations: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} - configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} + configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} + pod.beta.kubernetes.io/init-containers: '[ +{{ tuple $envAll $dependencies | include "dep_check_init_cont" | indent 10 }} + ]' spec: nodeSelector: {{ .Values.labels.agent.l3.node_selector_key }}: {{ .Values.labels.agent.l3.node_selector_value }} @@ -23,25 +28,14 @@ spec: imagePullPolicy: {{ .Values.images.pull_policy }} securityContext: privileged: true - env: - - name: INTERFACE_NAME - value: {{ .Values.network.interface.l3 | default .Values.network.interface.default }} - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: COMMAND - value: "neutron-l3-agent --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/l3-agent.ini --config-file /etc/neutron/plugins/ml2/ml2-conf.ini" - - name: DEPENDENCY_JOBS - value: "{{ include "joinListWithColon" .Values.dependencies.l3.jobs }}" - - name: DEPENDENCY_SERVICE - value: "{{ include "joinListWithColon" .Values.dependencies.l3.service }}" - - name: DEPENDENCY_DAEMONSET - value: "{{ include "joinListWithColon" .Values.dependencies.l3.daemonset }}" + command: + - neutron-l3-agent + - --config-file + - /etc/neutron/neutron.conf + - --config-file + - /etc/neutron/l3-agent.ini + - --config-file + - /etc/neutron/plugins/ml2/ml2-conf.ini volumeMounts: - name: neutronconf mountPath: /etc/neutron/neutron.conf @@ -54,7 +48,7 @@ spec: subPath: l3-agent.ini - name: resolvconf mountPath: /etc/resolv.conf - subPath: resolv.conf + subPath: resolv.conf - name: runopenvswitch mountPath: /run/openvswitch - name: socket diff --git a/neutron/templates/daemonset-metadata-agent.yaml b/neutron/templates/daemonset-metadata-agent.yaml index 2ffc16df5c..6d1804aec8 100644 --- a/neutron/templates/daemonset-metadata-agent.yaml +++ b/neutron/templates/daemonset-metadata-agent.yaml @@ -1,3 +1,5 @@ +{{- $envAll := . }} +{{- $dependencies := .Values.dependencies.metadata }} apiVersion: extensions/v1beta1 kind: DaemonSet metadata: @@ -9,7 +11,10 @@ spec: app: neutron-metadata-agent annotations: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} - configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} + configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} + pod.beta.kubernetes.io/init-containers: '[ +{{ tuple $envAll $dependencies | include "dep_check_init_cont" | indent 10 }} + ]' spec: nodeSelector: {{ .Values.labels.agent.metadata.node_selector_key }}: {{ .Values.labels.agent.metadata.node_selector_value }} @@ -23,27 +28,14 @@ spec: imagePullPolicy: {{ .Values.images.pull_policy }} securityContext: privileged: true - env: - - name: INTERFACE_NAME - value: {{ .Values.network.interface.metadata | default .Values.network.interface.default }} - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: COMMAND - value: "neutron-metadata-agent --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/metadata-agent.ini" - - name: DEPENDENCY_JOBS - value: "{{ include "joinListWithColon" .Values.dependencies.metadata.jobs }}" - - name: DEPENDENCY_SERVICE - value: "{{ include "joinListWithColon" .Values.dependencies.metadata.service }}" - - name: DEPENDENCY_DAEMONSET - value: "{{ include "joinListWithColon" .Values.dependencies.metadata.daemonset }}" + command: + - neutron-metadata-agent + - --config-file + - /etc/neutron/neutron.conf + - --config-file + - /etc/neutron/metadata-agent.ini ports: - - containerPort: {{ .Values.network.port.metadata }} + - containerPort: {{ .Values.network.port.metadata }} volumeMounts: - name: neutronconf mountPath: /etc/neutron/neutron.conf @@ -56,7 +48,7 @@ spec: subPath: metadata-agent.ini - name: resolvconf mountPath: /etc/resolv.conf - subPath: resolv.conf + subPath: resolv.conf - name: runopenvswitch mountPath: /run/openvswitch - name: socket @@ -73,10 +65,10 @@ spec: name: neutron-etc - name: resolvconf configMap: - name: neutron-etc + name: neutron-etc - name: runopenvswitch hostPath: path: /run/openvswitch - name: socket hostPath: - path: /var/lib/neutron/openstack-helm \ No newline at end of file + path: /var/lib/neutron/openstack-helm diff --git a/neutron/templates/daemonset-ovs-agent.yaml b/neutron/templates/daemonset-ovs-agent.yaml index f1518ab3aa..a0e173c7ce 100644 --- a/neutron/templates/daemonset-ovs-agent.yaml +++ b/neutron/templates/daemonset-ovs-agent.yaml @@ -1,3 +1,5 @@ +{{- $envAll := . }} +{{- $dependencies := .Values.dependencies.ovs_agent }} apiVersion: extensions/v1beta1 kind: DaemonSet metadata: @@ -9,10 +11,13 @@ spec: app: ovs-agent annotations: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} - configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} + configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} + pod.beta.kubernetes.io/init-containers: '[ +{{ tuple $envAll $dependencies | include "dep_check_init_cont" | indent 10 }} + ]' spec: nodeSelector: - {{ .Values.labels.ovs.node_selector_key }}: {{ .Values.labels.ovs.node_selector_value }} + {{ .Values.labels.ovs.node_selector_key }}: {{ .Values.labels.ovs.node_selector_value }} securityContext: runAsUser: 0 dnsPolicy: ClusterFirst @@ -23,6 +28,9 @@ spec: imagePullPolicy: {{ .Values.images.pull_policy }} securityContext: privileged: true + command: + - bash + - /tmp/neutron-openvswitch-agent.sh # ensures this container can can see a br-int # bridge before its marked as ready readinessProbe: @@ -31,23 +39,6 @@ spec: - bash - -c - 'ovs-vsctl list-br | grep -q br-int' - env: - - name: INTERFACE_NAME - value: {{ .Values.network.interface.openvswitch | default .Values.network.interface.default }} - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: COMMAND - value: "bash /tmp/neutron-openvswitch-agent.sh" - - name: DEPENDENCY_JOBS - value: "{{ include "joinListWithColon" .Values.dependencies.ovs_agent.jobs }}" - - name: DEPENDENCY_SERVICE - value: "{{ include "joinListWithColon" .Values.dependencies.ovs_agent.service }}" volumeMounts: - name: neutronopenvswitchagentsh mountPath: /tmp/neutron-openvswitch-agent.sh @@ -86,4 +77,4 @@ spec: path: /lib/modules - name: run hostPath: - path: /run + path: /run diff --git a/neutron/templates/daemonset-ovs-db.yaml b/neutron/templates/daemonset-ovs-db.yaml index 6b877abff9..f503231c71 100644 --- a/neutron/templates/daemonset-ovs-db.yaml +++ b/neutron/templates/daemonset-ovs-db.yaml @@ -9,10 +9,10 @@ spec: app: ovs-db annotations: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} - configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} + configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} spec: nodeSelector: - {{ .Values.labels.ovs.node_selector_key }}: {{ .Values.labels.ovs.node_selector_value }} + {{ .Values.labels.ovs.node_selector_key }}: {{ .Values.labels.ovs.node_selector_value }} securityContext: runAsUser: 0 dnsPolicy: ClusterFirst @@ -23,19 +23,9 @@ spec: imagePullPolicy: {{ .Values.images.pull_policy }} securityContext: privileged: true - env: - - name: INTERFACE_NAME - value: {{ .Values.network.interface.openvswitch | default .Values.network.interface.default }} - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: COMMAND - value: "bash /tmp/openvswitch-db-server.sh" + command: + - bash + - /tmp/openvswitch-db-server.sh volumeMounts: - name: openvswitchdbserversh mountPath: /tmp/openvswitch-db-server.sh @@ -62,4 +52,3 @@ spec: - name: run hostPath: path: /run - diff --git a/neutron/templates/daemonset-ovs-vswitchd.yaml b/neutron/templates/daemonset-ovs-vswitchd.yaml index b07047e376..da33099bd8 100644 --- a/neutron/templates/daemonset-ovs-vswitchd.yaml +++ b/neutron/templates/daemonset-ovs-vswitchd.yaml @@ -9,10 +9,10 @@ spec: app: ovs-vswitchd annotations: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} - configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} + configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} spec: nodeSelector: - {{ .Values.labels.ovs.node_selector_key }}: {{ .Values.labels.ovs.node_selector_value }} + {{ .Values.labels.ovs.node_selector_key }}: {{ .Values.labels.ovs.node_selector_value }} securityContext: runAsUser: 0 dnsPolicy: ClusterFirst @@ -30,19 +30,9 @@ spec: command: - /usr/bin/ovs-vsctl - show - env: - - name: INTERFACE_NAME - value: {{ .Values.network.interface.openvswitch | default .Values.network.interface.default }} - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: COMMAND - value: "bash /tmp/openvswitch-vswitchd.sh" + command: + - bash + - /tmp/openvswitch-vswitchd.sh volumeMounts: - name: openvswitchvswitchdsh mountPath: /tmp/openvswitch-vswitchd.sh diff --git a/neutron/templates/deployment-server.yaml b/neutron/templates/deployment-server.yaml index 66aa7412d7..95abe45084 100644 --- a/neutron/templates/deployment-server.yaml +++ b/neutron/templates/deployment-server.yaml @@ -1,3 +1,5 @@ +{{- $envAll := . }} +{{- $dependencies := .Values.dependencies.server }} apiVersion: extensions/v1beta1 kind: Deployment metadata: @@ -11,14 +13,17 @@ spec: rollingUpdate: maxUnavailable: {{ .Values.upgrades.rolling_update.max_unavailable }} maxSurge: {{ .Values.upgrades.rolling_update.max_surge }} - {{ end }} + {{ end }} template: metadata: labels: app: neutron-server annotations: configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }} - configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} + configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }} + pod.beta.kubernetes.io/init-containers: '[ +{{ tuple $envAll $dependencies | include "dep_check_init_cont" | indent 10 }} + ]' spec: nodeSelector: {{ .Values.labels.server.node_selector_key }}: {{ .Values.labels.server.node_selector_value }} @@ -26,23 +31,12 @@ spec: - name: neutron-server image: {{ .Values.images.server }} imagePullPolicy: {{ .Values.images.pull_policy }} - env: - - name: INTERFACE_NAME - value: "eth0" - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: COMMAND - value: "neutron-server --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2-conf.ini" - - name: DEPENDENCY_JOBS - value: "{{ include "joinListWithColon" .Values.dependencies.server.jobs }}" - - name: DEPENDENCY_SERVICE - value: "{{ include "joinListWithColon" .Values.dependencies.server.service }}" + command: + - neutron-server + - --config-file + - /etc/neutron/neutron.conf + - --config-file + - /etc/neutron/plugins/ml2/ml2-conf.ini ports: - containerPort: {{ .Values.network.port.server }} readinessProbe: diff --git a/neutron/templates/job-db-sync.yaml b/neutron/templates/job-db-sync.yaml index e34f36dc3a..1070a2da58 100644 --- a/neutron/templates/job-db-sync.yaml +++ b/neutron/templates/job-db-sync.yaml @@ -1,9 +1,16 @@ +{{- $envAll := . }} +{{- $dependencies := .Values.dependencies.db_sync }} apiVersion: batch/v1 kind: Job metadata: name: neutron-db-sync spec: template: + metadata: + annotations: + pod.beta.kubernetes.io/init-containers: '[ +{{ tuple $envAll $dependencies | include "dep_check_init_cont" | indent 10 }} + ]' spec: restartPolicy: OnFailure nodeSelector: @@ -12,24 +19,17 @@ spec: - name: neutron-db-sync image: {{ .Values.images.db_sync }} imagePullPolicy: {{ .Values.images.pull_policy }} - env: - - name: INTERFACE_NAME - value: "eth0" - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: COMMAND - value: "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2-conf.ini upgrade head" - - name: DEPENDENCY_JOBS - value: "{{ include "joinListWithColon" .Values.dependencies.db_sync.jobs }}" - - name: DEPENDENCY_SERVICE - value: "{{ include "joinListWithColon" .Values.dependencies.db_sync.service }}" + command: + - neutron-db-manage + - --config-file + - /etc/neutron/neutron.conf + - --config-file + - /etc/neutron/plugins/ml2/ml2-conf.ini + - upgrade + - head volumeMounts: + - name: pod-etc-neutron + mountPath: /etc/neutron - name: neutronconf mountPath: /etc/neutron/neutron.conf subPath: neutron.conf @@ -37,6 +37,8 @@ spec: mountPath: /etc/neutron/plugins/ml2/ml2-conf.ini subPath: ml2-conf.ini volumes: + - name: pod-etc-neutron + emptyDir: {} - name: neutronconf configMap: name: neutron-etc diff --git a/neutron/templates/job-init.yaml b/neutron/templates/job-init.yaml index d7d3401714..430601b35d 100644 --- a/neutron/templates/job-init.yaml +++ b/neutron/templates/job-init.yaml @@ -1,9 +1,16 @@ +{{- $envAll := . }} +{{- $dependencies := .Values.dependencies.db_init }} apiVersion: batch/v1 kind: Job metadata: name: neutron-init spec: template: + metadata: + annotations: + pod.beta.kubernetes.io/init-containers: '[ +{{ tuple $envAll $dependencies | include "dep_check_init_cont" | indent 10 }} + ]' spec: restartPolicy: OnFailure nodeSelector: @@ -12,23 +19,9 @@ spec: - name: neutron-init image: {{ .Values.images.init }} imagePullPolicy: {{ .Values.images.pull_policy }} - env: - - name: INTERFACE_NAME - value: "eth0" - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: COMMAND - value: "bash /tmp/init.sh" - - name: DEPENDENCY_JOBS - value: "{{ include "joinListWithColon" .Values.dependencies.init.jobs }}" - - name: DEPENDENCY_SERVICE - value: "{{ include "joinListWithColon" .Values.dependencies.init.service }}" + command: + - bash + - /tmp/init.sh volumeMounts: - name: initsh mountPath: /tmp/init.sh diff --git a/neutron/templates/job-post.yaml b/neutron/templates/job-post.yaml index 6c3a05d280..80dc94f2b8 100644 --- a/neutron/templates/job-post.yaml +++ b/neutron/templates/job-post.yaml @@ -1,9 +1,16 @@ +{{- $envAll := . }} +{{- $dependencies := .Values.dependencies.db_sync }} apiVersion: batch/v1 kind: Job metadata: name: neutron-post spec: template: + metadata: + annotations: + pod.beta.kubernetes.io/init-containers: '[ +{{ tuple $envAll $dependencies | include "dep_check_init_cont" | indent 10 }} + ]' spec: restartPolicy: OnFailure nodeSelector: @@ -12,23 +19,10 @@ spec: - name: neutron-post image: {{ .Values.images.post }} imagePullPolicy: {{ .Values.images.pull_policy }} + command: + - bash + - /tmp/post.sh env: - - name: INTERFACE_NAME - value: "eth0" - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: COMMAND - value: "bash /tmp/post.sh" - - name: DEPENDENCY_JOBS - value: "{{ include "joinListWithColon" .Values.dependencies.post.jobs }}" - - name: DEPENDENCY_SERVICE - value: "{{ include "joinListWithColon" .Values.dependencies.post.service }}" - name: ANSIBLE_LIBRARY value: /usr/share/ansible/ volumeMounts: diff --git a/neutron/values.yaml b/neutron/values.yaml index 434ea41fd7..7f965b51b4 100644 --- a/neutron/values.yaml +++ b/neutron/values.yaml @@ -17,7 +17,7 @@ images: openvswitch_db_server: quay.io/attcomdev/openvswitch-vswitchd:latest openvswitch_vswitchd: quay.io/attcomdev/openvswitch-vswitchd:latest post: quay.io/stackanetes/stackanetes-kolla-toolbox:newton - entrypoint: quay.io/stackanetes/kubernetes-entrypoint:v0.1.0 + dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.1.0 pull_policy: "IfNotPresent" upgrades: @@ -39,7 +39,7 @@ labels: dhcp: node_selector_key: openstack-control-plane node_selector_value: enabled - l3: + l3: node_selector_key: openstack-control-plane node_selector_value: enabled metadata: @@ -54,7 +54,7 @@ network: kubernetes_domain: cluster.local # this must list the skydns server first, and in calico # this is consistently 10.96.0.10 - servers: + servers: - 10.96.0.10 - 8.8.8.8 external_bridge: br-ex @@ -62,14 +62,14 @@ network: interface: external: enp12s0f0 default: enp11s0f0 - port: + port: server: 9696 metadata: 8775 -memcached: +memcached: address: "memcached:11211" -rabbitmq: +rabbitmq: address: rabbitmq admin_user: rabbitmq admin_password: password @@ -136,7 +136,7 @@ ml2: bridge_mappings: - "physnet1:br-physnet1" -dependencies: +dependencies: server: jobs: - neutron-db-sync @@ -185,10 +185,10 @@ dependencies: - ovs-agent db_sync: jobs: - - neutron-init + - neutron-db-init service: - mariadb - init: + db_init: jobs: - mariadb-seed service: @@ -199,7 +199,7 @@ dependencies: jobs: - neutron-db-sync -# typically overriden by environmental +# typically overriden by environmental # values, but should include all endpoints # required by this chart endpoints: From 8317202e3d8fd3df3e98007a77d3da9e71b32949 Mon Sep 17 00:00:00 2001 From: Pete Birley Date: Sun, 22 Jan 2017 05:45:30 +0000 Subject: [PATCH 25/45] Standardise DB Job names Standardise the DB creation job name to service-db-init for all services. --- .../{job-init.yaml => job-db-init.yaml} | 6 ++--- glance/values.yaml | 17 +++++++------ .../{job-init.yaml => job-db-init.yaml} | 6 ++--- keystone/values.yaml | 4 ++-- .../{job-init.yaml => job-db-init.yaml} | 6 ++--- neutron/values.yaml | 10 ++++---- .../{job-init.yaml => job-db-init.yaml} | 6 ++--- nova/values.yaml | 24 +++++++++---------- 8 files changed, 39 insertions(+), 40 deletions(-) rename glance/templates/{job-init.yaml => job-db-init.yaml} (89%) rename keystone/templates/{job-init.yaml => job-db-init.yaml} (88%) rename neutron/templates/{job-init.yaml => job-db-init.yaml} (88%) rename nova/templates/{job-init.yaml => job-db-init.yaml} (89%) diff --git a/glance/templates/job-init.yaml b/glance/templates/job-db-init.yaml similarity index 89% rename from glance/templates/job-init.yaml rename to glance/templates/job-db-init.yaml index 5bf5f0635c..c66375c96e 100644 --- a/glance/templates/job-init.yaml +++ b/glance/templates/job-db-init.yaml @@ -3,7 +3,7 @@ apiVersion: batch/v1 kind: Job metadata: - name: glance-init + name: glance-db-init spec: template: metadata: @@ -16,8 +16,8 @@ spec: nodeSelector: {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} containers: - - name: glance-init - image: {{ .Values.images.init }} + - name: glance-db-init + image: {{ .Values.images.db_init }} imagePullPolicy: {{ .Values.images.pull_policy }} env: - name: ANSIBLE_LIBRARY diff --git a/glance/values.yaml b/glance/values.yaml index d10670fea6..e8ab2f70a2 100644 --- a/glance/values.yaml +++ b/glance/values.yaml @@ -16,9 +16,9 @@ labels: node_selector_value: enabled images: + db_init: quay.io/stackanetes/stackanetes-kolla-toolbox:newton db_sync: quay.io/stackanetes/stackanetes-glance-api:newton api: quay.io/stackanetes/stackanetes-glance-api:newton - init: quay.io/stackanetes/stackanetes-kolla-toolbox:newton registry: quay.io/stackanetes/stackanetes-glance-registry:newton post: quay.io/stackanetes/stackanetes-kolla-toolbox:newton dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.1.0 @@ -75,7 +75,7 @@ misc: dependencies: api: jobs: - - glance-init + - glance-db-init - glance-db-sync - keystone-db-sync service: @@ -83,7 +83,7 @@ dependencies: - mariadb registry: jobs: - - glance-init + - glance-db-init - glance-db-sync - keystone-db-sync service: @@ -92,9 +92,9 @@ dependencies: - glance-api db_sync: jobs: - - keystone-init + - keystone-db-init - keystone-db-sync - - glance-init + - glance-db-init - mariadb-seed service: - mariadb @@ -105,10 +105,10 @@ dependencies: - mariadb post: jobs: - - glance-init + - glance-db-init - glance-db-sync - keystone-db-sync - - keystone-init + - keystone-db-init - mariadb-seed service: - mariadb @@ -116,7 +116,7 @@ dependencies: - glance-api - glance-registry -# typically overriden by environmental +# typically overriden by environmental # values, but should include all endpoints # required by this chart endpoints: @@ -138,4 +138,3 @@ endpoints: port: admin: 35357 public: 5000 - diff --git a/keystone/templates/job-init.yaml b/keystone/templates/job-db-init.yaml similarity index 88% rename from keystone/templates/job-init.yaml rename to keystone/templates/job-db-init.yaml index 4e41f4ff86..b0443a5931 100644 --- a/keystone/templates/job-init.yaml +++ b/keystone/templates/job-db-init.yaml @@ -3,7 +3,7 @@ apiVersion: batch/v1 kind: Job metadata: - name: keystone-init + name: keystone-db-init spec: template: metadata: @@ -16,8 +16,8 @@ spec: nodeSelector: {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} containers: - - name: keystone-init - image: {{ .Values.images.init }} + - name: keystone-db-init + image: {{ .Values.images.db_init }} imagePullPolicy: {{ .Values.images.pull_policy }} command: - bash diff --git a/keystone/values.yaml b/keystone/values.yaml index 6e7fd06dce..1aa064a1d0 100644 --- a/keystone/values.yaml +++ b/keystone/values.yaml @@ -10,9 +10,9 @@ labels: node_selector_value: enabled images: + db_init: quay.io/stackanetes/stackanetes-kolla-toolbox:newton db_sync: quay.io/stackanetes/stackanetes-keystone-api:newton api: quay.io/stackanetes/stackanetes-keystone-api:newton - init: quay.io/stackanetes/stackanetes-kolla-toolbox:newton dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.1.0 pull_policy: "IfNotPresent" @@ -67,7 +67,7 @@ dependencies: - mariadb db_sync: jobs: - - keystone-init + - keystone-db-init - mariadb-seed service: - mariadb diff --git a/neutron/templates/job-init.yaml b/neutron/templates/job-db-init.yaml similarity index 88% rename from neutron/templates/job-init.yaml rename to neutron/templates/job-db-init.yaml index 430601b35d..b04d7c6338 100644 --- a/neutron/templates/job-init.yaml +++ b/neutron/templates/job-db-init.yaml @@ -3,7 +3,7 @@ apiVersion: batch/v1 kind: Job metadata: - name: neutron-init + name: neutron-db-init spec: template: metadata: @@ -16,8 +16,8 @@ spec: nodeSelector: {{ .Values.labels.server.node_selector_key }}: {{ .Values.labels.server.node_selector_value }} containers: - - name: neutron-init - image: {{ .Values.images.init }} + - name: neutron-db-init + image: {{ .Values.images.db_init }} imagePullPolicy: {{ .Values.images.pull_policy }} command: - bash diff --git a/neutron/values.yaml b/neutron/values.yaml index 7f965b51b4..4502fe0d8c 100644 --- a/neutron/values.yaml +++ b/neutron/values.yaml @@ -7,7 +7,7 @@ replicas: server: 1 images: - init: quay.io/stackanetes/stackanetes-kolla-toolbox:newton + db_init: quay.io/stackanetes/stackanetes-kolla-toolbox:newton db_sync: quay.io/stackanetes/stackanetes-neutron-server:newton server: quay.io/stackanetes/stackanetes-neutron-server:newton dhcp: quay.io/stackanetes/stackanetes-neutron-dhcp-agent:newton @@ -151,7 +151,7 @@ dependencies: - rabbitmq - nova-api jobs: - - neutron-init + - neutron-db-init - nova-post daemonset: - ovs-agent @@ -160,7 +160,7 @@ dependencies: - rabbitmq - nova-api jobs: - - neutron-init + - neutron-db-init - nova-post daemonset: - ovs-agent @@ -178,8 +178,8 @@ dependencies: - rabbitmq - nova-api jobs: - - nova-init - - neutron-init + - nova-db-init + - neutron-db-init - nova-post daemonset: - ovs-agent diff --git a/nova/templates/job-init.yaml b/nova/templates/job-db-init.yaml similarity index 89% rename from nova/templates/job-init.yaml rename to nova/templates/job-db-init.yaml index 8db6c2b664..dce9a652a7 100644 --- a/nova/templates/job-init.yaml +++ b/nova/templates/job-db-init.yaml @@ -3,7 +3,7 @@ apiVersion: batch/v1 kind: Job metadata: - name: nova-init + name: nova-db-init spec: template: metadata: @@ -16,8 +16,8 @@ spec: nodeSelector: {{ .Values.labels.control_node_selector_key }}: {{ .Values.labels.control_node_selector_value }} containers: - - name: nova-init - image: {{ .Values.images.init }} + - name: nova-db-init + image: {{ .Values.images.db_init }} imagePullPolicy: {{ .Values.images.pull_policy }} command: - bash diff --git a/nova/values.yaml b/nova/values.yaml index 1888add52b..6cc3baa28f 100644 --- a/nova/values.yaml +++ b/nova/values.yaml @@ -13,7 +13,7 @@ control_replicas: 1 compute_replicas: 1 images: - init: quay.io/stackanetes/stackanetes-kolla-toolbox:newton + db_init: quay.io/stackanetes/stackanetes-kolla-toolbox:newton db_sync: quay.io/stackanetes/stackanetes-nova-api:newton api: quay.io/stackanetes/stackanetes-nova-api:newton conductor: quay.io/stackanetes/stackanetes-nova-conductor:newton @@ -108,31 +108,31 @@ memcached: dependencies: api: - jobs: + jobs: - keystone-db-sync - - nova-init + - nova-db-init - nova-db-sync service: - mariadb db_sync: jobs: - - nova-init - - keystone-init + - nova-db-init + - keystone-db-init - mariadb-seed service: - mariadb db_sync: jobs: - - nova-init - - keystone-init + - nova-db-init + - keystone-db-init - mariadb-seed - keystone-db-sync service: - mariadb post: jobs: - - nova-init - - keystone-init + - nova-db-init + - keystone-db-init - mariadb-seed service: - mariadb @@ -152,7 +152,7 @@ dependencies: - ovs-agent libvirt: jobs: - - nova-init + - nova-db-init - nova-post - nova-db-sync service: @@ -162,7 +162,7 @@ dependencies: jobs: - mariadb-seed - keystone-db-sync - - nova-init + - nova-db-init - nova-db-sync service: - mariadb @@ -177,7 +177,7 @@ dependencies: service: - mariadb -# typically overriden by environmental +# typically overriden by environmental # values, but should include all endpoints # required by this chart endpoints: From 0325a7f26fc81b88e1213430c2881156196b40e5 Mon Sep 17 00:00:00 2001 From: "Brandon B. Jozsa" Date: Sun, 22 Jan 2017 15:52:59 -0500 Subject: [PATCH 26/45] adding freenode channel to readme.md --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index a84bc05f45..8c8bcae04b 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,7 @@ # Openstack-Helm +Join us on [freenode](https://freenode.net/): `#openstack-helm` + Openstack-Helm is a fully self-contained Helm-based OpenStack deployment on Kubernetes. It will provide baremetal provisioning, persistent storage, full-stack resiliency, full-stack scalability, performance monitoring and tracing, and an optional development pipeline (using Jenkins). This project, along with the tools used within are community-based and open sourced. # Mission From 7e8681c76f5b4537d90264dad3ee8998e046d0b1 Mon Sep 17 00:00:00 2001 From: Steve Wilkerson Date: Tue, 24 Jan 2017 15:37:52 -0600 Subject: [PATCH 27/45] Add templates for pull requests and issues To establish standards for working on the project going forward, this pull request adds basic templates for both pull requests and reported issues for openstack-helm. These templates will enable automatic labelling and reporting at a later time --- .github/ISSUE_TEMPLATE.md | 33 ++++++++++++++++++++++++++++++++ .github/PULL_REQUEST_TEMPLATE.md | 14 ++++++++++++++ 2 files changed, 47 insertions(+) create mode 100644 .github/ISSUE_TEMPLATE.md create mode 100644 .github/PULL_REQUEST_TEMPLATE.md diff --git a/.github/ISSUE_TEMPLATE.md b/.github/ISSUE_TEMPLATE.md new file mode 100644 index 0000000000..86ccad97dc --- /dev/null +++ b/.github/ISSUE_TEMPLATE.md @@ -0,0 +1,33 @@ + + +**Is this a bug report or feature request?** (choose one): + + + +**Kubernetes Version** (output of `kubectl version`): + +**Helm Client and Tiller Versions** (output of `helm version`): + +**Development or Deployment Environment?**: + +**Release Tag or Master**: + +**Expected Behavior**: + +**What Actually Happened**: + +**How to Reproduce the Issue** (as minimally as possible): + +**Any Additional Comments**: diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md new file mode 100644 index 0000000000..b1395ce0c5 --- /dev/null +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -0,0 +1,14 @@ + + +**What is the purpose of this pull request?**: + +**What issue does this pull request address?**: Fixes # + +**Notes for reviewers to consider**: + +**Specific reviewers for pull request**: From 73ca6d8fee563fff8796ec4c7a66bf57bc2f8ff2 Mon Sep 17 00:00:00 2001 From: "Brandon B. Jozsa" Date: Wed, 25 Jan 2017 14:39:06 -0600 Subject: [PATCH 28/45] Initial Commit for Community Readme Docs (#146) * initial readme.md for docs * initial readme.md for docs * initial readme.md for docs * formatting, updates, and additions to minikube docs --- docs/README.md | 51 ++++++++++++++++++++++++++++++++++ docs/developer/minikube.md | 56 +++++++++++++++++++++++++++++++++++++- 2 files changed, 106 insertions(+), 1 deletion(-) create mode 100644 docs/README.md diff --git a/docs/README.md b/docs/README.md new file mode 100644 index 0000000000..3d83f9708d --- /dev/null +++ b/docs/README.md @@ -0,0 +1,51 @@ +# Openstack-Helm Documentation + + +## Table of Contents + +##  1. [Openstack-Helm Design Principals]() +###    1.1 [Mission]() +#####      1.1.1 [Resiliency]() +#####      1.1.2 [Scaling]() +###    1.2 [Helm Overrides]() +#####      1.2.1 [Resource Limits]() +#####      1.2.2 [Conditionals]() +###    1.3 [Init-Containers]() +#####      1.3.1 [Dependency Checking]() +###    1.4 [Kubernetes Jobs]() +#####      1.4.1 [Service Registration]() +#####      1.4.2 [User Registration]() +#####      1.4.3 [Database Creation]() +#####      1.4.4 [Database Migration]() +###    1.5 [Complimentary Efforts]() +####      1.5.1 [Image-Based Project Considerations]() +###    1.6 [Kubernetes State]() +####      1.6.1 [Third Party Resources]() +####      1.6.2 [Add-Ons]() +##  2. [Repository Structure]() +###    2.1 [Infrastructure Components]() +###    2.2 [Openstack-Helm Core Services]() +###    2.3 [Openstack-Helm Add-Ons]() +##  3. [Operator Resources]() +###     3.1 [Installation](https://github.com/att-comdev/openstack-helm/blob/master/docs/installation/getting-started.md) +###     3.2 [Openstack-Helm Chart Definition Overrides]() +###     3.2 [Openstacak-Helm Upgrades]() +##  4. [Openstack-Helm Networking]() +###    4.1 [Kubernetes Control Plane]() +####     4.1.1 [CNI SDN Considerations]() +####     4.1.2 [Calico Networking]() +###    4.2 [Ingress Philosophy]() +###    4.3 [Openstack Networking]() +####     4.3.1 [Flat Networking]() +####     4.3.1 [L2 Networking]() +##  5. [Security Guidelines]() +###    5.1 [Network Policies]() +###    5.2 [Advanced Network Policies]() +###    5.3 [Role-Based Access Controls]() +###    5.4 [Security Contexts]() +###    5.5 [Security Add-Ons]() +##  6. [Developer Resources](https://github.com/att-comdev/openstack-helm/tree/master/docs/developer) +###    6.1 [Contributions and Guidelines]() +###    6.2 [Development Tools]() +####     6.2.1 [Minikube Development](https://github.com/att-comdev/openstack-helm/blob/master/docs/developer/minikube.md) +###    6.3 [Tips and Considerations]() diff --git a/docs/developer/minikube.md b/docs/developer/minikube.md index 1058a984ed..0e6ece1851 100644 --- a/docs/developer/minikube.md +++ b/docs/developer/minikube.md @@ -3,7 +3,9 @@ Community development is extremely important to us. As an open source development team, we want the development of Openstack-Helm to be an easy experience. Please evaluate, and make recommendations. We want developers to feel welcome to contribute to this project. Below are some instructions and suggestions to help you get started. # Requirements -We've tried to minimize the number of prerequisites required in order to get started. The main prerequisite is to install the most recent versions of Minikube and Helm. +We've tried to minimize the number of prerequisites required in order to get started. For most users, the main prerequisites are to install the most recent versions of Minikube and Helm. For fresh installations, you may also need to install a Hypervisor that works for your system (that is supported by [Minikube](https://kubernetes.io/docs/getting-started-guides/minikube/#requirements)). + +**Kubectl:** Download and install the version of [`kubectl`](https://kubernetes.io/docs/getting-started-guides/kubectl/) that matches your Kubernetes deployment. **Kubernetes Minikube:** Ensure that you have installed a recent version of [Kubernetes/Minikube](http://kubernetes.io/docs/getting-started-guides/minikube/). @@ -19,6 +21,58 @@ $ chmod 700 get_helm.sh $ ./get_helm.sh ``` +# TLDR; + +If your environment meets all of the prerequisites above, you can simply use the following commands: + +``` +# Clone the project: +$ git clone https://github.com/att-comdev/openstack-helm.git && cd openstack-helm + +# Get a list of the current tags: +$ git tag -l +0.1.0 + +# Checkout the tag you want to work with (if desired, or use master for development): +$ git checkout 0.1.0 + +# Start a local Helm Server: +$ helm serve & + +# You may need to change these params for your environment. Look up use of --iso-url if needed: +$ minikube start \ + --network-plugin=cni \ + --kubernetes-version v1.5.1 \ + --disk-size 40g \ + --memory 16384 \ + --cpus 4 \ + --vm-driver kvm \ + --iso-url=https://storage.googleapis.com/minikube/iso/minikube-v1.0.4.iso + +# Deploy a CNI/SDN: +kubectl create -f http://docs.projectcalico.org/v2.0/getting-started/kubernetes/installation/hosted/calico.yaml + +# Initialize Helm/Deploy Tiller: +$ helm init + +# Package the Openstack-Helm Charts, and push them to your local Helm repository: +$ make + +# Label the Minikube as an Openstack Control Plane node: +$ kubectl label nodes openstack-control-plane=enabled --all --namespace=openstack + +# Deploy each chart: +$ helm install --name mariadb --set development.enabled=true local/mariadb --namespace=openstack +$ helm install --name=memcached local/memcached --namespace=openstack +$ helm install --name=rabbitmq local/rabbitmq --namespace=openstack +$ helm install --name=keystone local/keystone --namespace=openstack +$ helm install --name=cinder local/cinder --namespace=openstack +$ helm install --name=glance local/glance --namespace=openstack +$ helm install --name=heat local/heat --namespace=openstack +$ helm install --name=nova local/nova --namespace=openstack +$ helm install --name=neutron local/neutron --namespace=openstack +$ helm install --name=horizon local/horizon --namespace=openstack +``` # Getting Started From 0eeb1fbf9cd8893fea294c7ffbaec1be7aba6f1e Mon Sep 17 00:00:00 2001 From: root Date: Mon, 23 Jan 2017 21:33:56 +0000 Subject: [PATCH 29/45] Change the ceph images from the custom ATT to the ceph-docker upstream. It seems work. --- ceph/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ceph/values.yaml b/ceph/values.yaml index b88644a641..6dc5f18acb 100644 --- a/ceph/values.yaml +++ b/ceph/values.yaml @@ -17,7 +17,7 @@ service: name: ceph-mon images: - daemon: quay.io/attcomdev/ceph-daemon:latest + daemon: ceph/daemon:latest pull_policy: IfNotPresent labels: From f4e3d82888f4eb31ec87190b04fda99804123477 Mon Sep 17 00:00:00 2001 From: "Brandon B. Jozsa" Date: Sun, 29 Jan 2017 13:43:10 -0500 Subject: [PATCH 30/45] make minikube tldr section easier to copy/paste (#151) * make minikube tldr section easier to copy/paste * adding additional label for ovs * small mods to dev and gs guides in docs --- docs/developer/minikube.md | 37 ++++++++++++++-------------- docs/installation/getting-started.md | 8 +++++- 2 files changed, 25 insertions(+), 20 deletions(-) diff --git a/docs/developer/minikube.md b/docs/developer/minikube.md index 0e6ece1851..7833ceb7a0 100644 --- a/docs/developer/minikube.md +++ b/docs/developer/minikube.md @@ -27,20 +27,19 @@ If your environment meets all of the prerequisites above, you can simply use the ``` # Clone the project: -$ git clone https://github.com/att-comdev/openstack-helm.git && cd openstack-helm +git clone https://github.com/att-comdev/openstack-helm.git && cd openstack-helm # Get a list of the current tags: -$ git tag -l -0.1.0 +git tag -l # Checkout the tag you want to work with (if desired, or use master for development): -$ git checkout 0.1.0 +git checkout 0.1.0 # Start a local Helm Server: -$ helm serve & +helm serve & # You may need to change these params for your environment. Look up use of --iso-url if needed: -$ minikube start \ +minikube start \ --network-plugin=cni \ --kubernetes-version v1.5.1 \ --disk-size 40g \ @@ -53,25 +52,25 @@ $ minikube start \ kubectl create -f http://docs.projectcalico.org/v2.0/getting-started/kubernetes/installation/hosted/calico.yaml # Initialize Helm/Deploy Tiller: -$ helm init +helm init # Package the Openstack-Helm Charts, and push them to your local Helm repository: -$ make +make # Label the Minikube as an Openstack Control Plane node: -$ kubectl label nodes openstack-control-plane=enabled --all --namespace=openstack +kubectl label nodes openstack-control-plane=enabled --all --namespace=openstack # Deploy each chart: -$ helm install --name mariadb --set development.enabled=true local/mariadb --namespace=openstack -$ helm install --name=memcached local/memcached --namespace=openstack -$ helm install --name=rabbitmq local/rabbitmq --namespace=openstack -$ helm install --name=keystone local/keystone --namespace=openstack -$ helm install --name=cinder local/cinder --namespace=openstack -$ helm install --name=glance local/glance --namespace=openstack -$ helm install --name=heat local/heat --namespace=openstack -$ helm install --name=nova local/nova --namespace=openstack -$ helm install --name=neutron local/neutron --namespace=openstack -$ helm install --name=horizon local/horizon --namespace=openstack +helm install --name mariadb --set development.enabled=true local/mariadb --namespace=openstack +helm install --name=memcached local/memcached --namespace=openstack +helm install --name=rabbitmq local/rabbitmq --namespace=openstack +helm install --name=keystone local/keystone --namespace=openstack +helm install --name=cinder local/cinder --namespace=openstack +helm install --name=glance local/glance --namespace=openstack +helm install --name=heat local/heat --namespace=openstack +helm install --name=nova local/nova --namespace=openstack +helm install --name=neutron local/neutron --namespace=openstack +helm install --name=horizon local/horizon --namespace=openstack ``` # Getting Started diff --git a/docs/installation/getting-started.md b/docs/installation/getting-started.md index 230fad3e3c..7ee83f80f5 100644 --- a/docs/installation/getting-started.md +++ b/docs/installation/getting-started.md @@ -190,11 +190,17 @@ Please ensure that you have verified and completed the steps above to prevent is Although Ceph is mentioned throughout this guide, our deployment is flexible to allow you the option of bringing any type of persistent storage. Although most of these verification steps are the same, if not very similar, we will use Ceph as our example throughout this guide. ## Node Labels -First, we must label our nodes according to their role. Although we are labeling `all` nodes, you are free to label only the nodes you wish. You must have at least one, although a minimum of three are recommended. +First, we must label our nodes according to their role. Although we are labeling `all` nodes, you are free to label only the nodes you wish. You must have at least one, although a minimum of three are recommended. Nodes are labeled according to their Openstack roles: + +**Storage Nodes:** `ceph-storage` +**Control Plane:** `openstack-control-plane` +**Compute Nodes:** `openvswitch`, `openstack-compute-node` ``` admin@kubenode01:~$ kubectl label nodes openstack-control-plane=enabled --all admin@kubenode01:~$ kubectl label nodes ceph-storage=enabled --all +admin@kubenode01:~$ kubectl label nodes openvswitch=enabled --all +admin@kubenode01:~$ kubectl label nodes openstack-compute-node=enabled --all ``` ## Obtaining the Project From 0cf9463c8a31486d2b4a9cc447fcbff6a8b42747 Mon Sep 17 00:00:00 2001 From: Greg Althaus Date: Sun, 29 Jan 2017 12:46:52 -0600 Subject: [PATCH 31/45] Update ceph ansible with some changes for the upstream. (#155) 1. fix a container name 2. Fix mds networking parameters. 3. Make rgw not a host network container. --- ceph/templates/deployment-mds.yaml | 2 +- ceph/templates/deployment-moncheck.yaml | 6 +++--- ceph/templates/deployment-rgw.yaml | 1 - 3 files changed, 4 insertions(+), 5 deletions(-) diff --git a/ceph/templates/deployment-mds.yaml b/ceph/templates/deployment-mds.yaml index 0485c5e719..e2f7181193 100644 --- a/ceph/templates/deployment-mds.yaml +++ b/ceph/templates/deployment-mds.yaml @@ -32,7 +32,7 @@ spec: secret: secretName: ceph-bootstrap-rgw-keyring containers: - - name: ceph-mon + - name: ceph-mds image: {{ .Values.images.daemon }} imagePullPolicy: {{ .Values.images.pull_policy }} ports: diff --git a/ceph/templates/deployment-moncheck.yaml b/ceph/templates/deployment-moncheck.yaml index 459074f067..d2d93333b5 100644 --- a/ceph/templates/deployment-moncheck.yaml +++ b/ceph/templates/deployment-moncheck.yaml @@ -42,8 +42,8 @@ spec: value: MON_HEALTH - name: KV_TYPE value: k8s - - name: NETWORK_AUTO_DETECT - value: "4" + - name: MON_IP_AUTO_DETECT + value: "1" - name: CLUSTER value: ceph volumeMounts: @@ -61,4 +61,4 @@ spec: cpu: {{ .Values.resources.mon_check.requests.cpu | quote }} limits: memory: {{ .Values.resources.mon_check.limits.memory | quote }} - cpu: {{ .Values.resources.mon_check.limits.cpu | quote }} \ No newline at end of file + cpu: {{ .Values.resources.mon_check.limits.cpu | quote }} diff --git a/ceph/templates/deployment-rgw.yaml b/ceph/templates/deployment-rgw.yaml index 57ba1c9538..72069d43d5 100644 --- a/ceph/templates/deployment-rgw.yaml +++ b/ceph/templates/deployment-rgw.yaml @@ -16,7 +16,6 @@ spec: app: ceph daemon: rgw spec: - hostNetwork: true nodeSelector: {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} serviceAccount: default From d18f333bbf6da5862c98a446e7e8f84a67a206c8 Mon Sep 17 00:00:00 2001 From: Darla Date: Sun, 29 Jan 2017 13:27:36 -0600 Subject: [PATCH 32/45] Rename JoinListWithColon to JoinListWithComma --- cinder/templates/etc/_cinder.conf.tpl | 2 +- common/templates/_funcs.tpl | 2 +- common/templates/snippets/_k8s_init_dep_check.tpl | 6 +++--- neutron/templates/etc/_ml2-conf.ini.tpl | 8 ++++---- 4 files changed, 9 insertions(+), 9 deletions(-) diff --git a/cinder/templates/etc/_cinder.conf.tpl b/cinder/templates/etc/_cinder.conf.tpl index a576fe1fa0..1c8c1052da 100644 --- a/cinder/templates/etc/_cinder.conf.tpl +++ b/cinder/templates/etc/_cinder.conf.tpl @@ -15,7 +15,7 @@ api_paste_config = /etc/cinder/api-paste.ini glance_api_servers = "{{ .Values.glance.proto }}://{{ .Values.glance.host }}:{{ .Values.glance.port }}" glance_api_version = {{ .Values.glance.version }} -enabled_backends = {{ include "joinListWithColon" .Values.backends.enabled }} +enabled_backends = {{ include "joinListWithComma" .Values.backends.enabled }} auth_strategy = keystone os_region_name = {{ .Values.keystone.cinder_region_name }} diff --git a/common/templates/_funcs.tpl b/common/templates/_funcs.tpl index fe6c9a675e..d3a25177ce 100644 --- a/common/templates/_funcs.tpl +++ b/common/templates/_funcs.tpl @@ -1,4 +1,4 @@ -{{- define "joinListWithColon" -}} +{{- define "joinListWithComma" -}} {{ range $k, $v := . }}{{ if $k }},{{ end }}{{ $v }}{{ end }} {{- end -}} diff --git a/common/templates/snippets/_k8s_init_dep_check.tpl b/common/templates/snippets/_k8s_init_dep_check.tpl index d55e0bc654..4deb1b762c 100644 --- a/common/templates/snippets/_k8s_init_dep_check.tpl +++ b/common/templates/snippets/_k8s_init_dep_check.tpl @@ -30,15 +30,15 @@ }, { "name": "DEPENDENCY_SERVICE", - "value": "{{ include "joinListWithColon" $deps.service }}" + "value": "{{ include "joinListWithComma" $deps.service }}" }, { "name": "DEPENDENCY_JOBS", - "value": "{{ include "joinListWithColon" $deps.jobs }}" + "value": "{{ include "joinListWithComma" $deps.jobs }}" }, { "name": "DEPENDENCY_DAEMONSET", - "value": "{{ include "joinListWithColon" $deps.daemonset }}" + "value": "{{ include "joinListWithComma" $deps.daemonset }}" }, { "name": "COMMAND", diff --git a/neutron/templates/etc/_ml2-conf.ini.tpl b/neutron/templates/etc/_ml2-conf.ini.tpl index 8a903a1715..7219aa7f29 100644 --- a/neutron/templates/etc/_ml2-conf.ini.tpl +++ b/neutron/templates/etc/_ml2-conf.ini.tpl @@ -1,11 +1,11 @@ [ml2] # Changing type_drivers after bootstrap can lead to database inconsistencies -type_drivers = {{ include "joinListWithColon" .Values.ml2.type_drivers }} +type_drivers = {{ include "joinListWithComma" .Values.ml2.type_drivers }} tenant_network_types = {{ .Values.ml2.tenant_network_types }} -mechanism_drivers = {{ include "joinListWithColon" .Values.ml2.mechanism_drivers }} +mechanism_drivers = {{ include "joinListWithComma" .Values.ml2.mechanism_drivers }} [ml2_type_flat] -flat_networks = {{ include "joinListWithColon" .Values.ml2.ml2_type_flat.flat_networks }} +flat_networks = {{ include "joinListWithComma" .Values.ml2.ml2_type_flat.flat_networks }} [ml2_type_gre] # (ListOpt) Comma-separated list of : tuples enumerating ranges @@ -35,7 +35,7 @@ arp_responder = false {{- end }} [ovs] -bridge_mappings = {{ include "joinListWithColon" .Values.ml2.ovs.bridge_mappings }} +bridge_mappings = {{ include "joinListWithComma" .Values.ml2.ovs.bridge_mappings }} tenant_network_type = {{ .Values.ml2.agent.tunnel_types }} [vxlan] From c0203624654d69731d97eaff44005777f2a39a8c Mon Sep 17 00:00:00 2001 From: Greg Althaus Date: Mon, 30 Jan 2017 10:14:09 -0600 Subject: [PATCH 33/45] Lock version down to a tagged version. --- ceph/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ceph/values.yaml b/ceph/values.yaml index 6dc5f18acb..2b9a94ab1f 100644 --- a/ceph/values.yaml +++ b/ceph/values.yaml @@ -17,7 +17,7 @@ service: name: ceph-mon images: - daemon: ceph/daemon:latest + daemon: docker.io/library/ceph/daemon:tag-build-master-jewel-ubuntu-16.04 pull_policy: IfNotPresent labels: From 566953bce0e30c5c63f256bc4c3851a89eb1dd9e Mon Sep 17 00:00:00 2001 From: Alan Meadows Date: Mon, 30 Jan 2017 11:56:55 -0800 Subject: [PATCH 34/45] Documentation 1.1: add mission document --- docs/README.md | 6 +++--- docs/mission.md | 23 +++++++++++++++++++++++ 2 files changed, 26 insertions(+), 3 deletions(-) create mode 100644 docs/mission.md diff --git a/docs/README.md b/docs/README.md index 3d83f9708d..00c6b4b0a0 100644 --- a/docs/README.md +++ b/docs/README.md @@ -4,9 +4,9 @@ ## Table of Contents ##  1. [Openstack-Helm Design Principals]() -###    1.1 [Mission]() -#####      1.1.1 [Resiliency]() -#####      1.1.2 [Scaling]() +###    1.1 [Mission](mission.md) +#####      1.1.1 [Resiliency](mission.md#resiliency) +#####      1.1.2 [Scaling](mission.md#scaling) ###    1.2 [Helm Overrides]() #####      1.2.1 [Resource Limits]() #####      1.2.2 [Conditionals]() diff --git a/docs/mission.md b/docs/mission.md new file mode 100644 index 0000000000..63b88e67a6 --- /dev/null +++ b/docs/mission.md @@ -0,0 +1,23 @@ +# Mission + +The goal for openstack-helm is to provide an incredibly customizable *framework* for operators and developers alike. This framework will enable end-users to deploy, maintain, and upgrade a fully functioning Openstack environment for both simple and complex environments. Administrators or developers can either deploy all or individual Openstack components along with their required dependancies. It heavily borrows concepts from [Stackanetes](https://github.com/stackanetes/stackanetes) and [other complex Helm application deployments](https://github.com/sapcc/openstack-helm). This project is meant to be a collaborative project that brings Openstack applications into a [Cloud-Native](https://www.cncf.io/about/charter) model. + +## Resiliency + +One of the goals of this project is to produce a set of charts that can be used in a production setting to deploy and upgrade OpenStack. To meet achieve this goal, all components must be resilient. This includes both OpenStack and Infrastructure components leveraged by this project. In addition, this also includes Kubernetes itself. It is part of our mission to ensure that all infrastructure components are highly available and that a deployment can withstand a physical host failure out of the box. This means that: + +- OpenStack components will need to support, and deploy with multiple replicas out of the box (unless development mode is enabled) to make sure this leveraging this chart for production deployments is a first class citizen at all times. +- Infrastructure elements such as Ceph, RabbitMQ, Galera (MariaDB), Memcache, and all others need to support resiliency and leverage multiple replicas for resiliency. These components also need to be validated that their application level configurations (for instance the underlying galera cluster) can tolerate host crashes and withstand physical host failures. +- Scheduling annotations need to be employed to ensure maximum resiliency for multi-host environments. They also need to be flexible to allow all-in-one deployments. To this end, we promote the usage of `podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution` for most infrastructure elements. +- We should be able to depend on a reliable implementation of centralized storage to create PVCs within Kubernetes to support resiliency and application design. Today, this is cheph as there is much work to do making even a single backend production ready and we need to focus. In the future, we would like to support more choice for hardened backends. + +## Scaling + +Scaling is another first class citizen in openstack-helm. We will be working to ensure we support various deployment models that can support hyperscale, such as: + +- Ensure that out of the box, unless development mode is enabled, clusters receive multiple replicas to ensure scaling issues are identified early and often. +- Ensure that every chart can support more then one replica and allowing operators to override those replica counts. For some applications, means ensuring they can support clustering. +- Ensure clustering style applications are not limited to fixed replica counts. For instance, we want to ensure we can support N galera members and have those scale linearly within reason as opposed to only supporting a fixed count. +- Duplicate charts of the same type within the same namespace. For example, deploying rabbitmq twice, to the openstack namespace resulting in two fully functioning clusters. +- Allowing charts to be deployed to a diverse set of namespaces. Allowing infrastructure to be deployed in one namespace, and OpenStack in another, for example or each chart in its own namespace. +- Supporting hyperscale by ensuring we can support configurations that call for per-component infrastructure, such as dedicated database and rabbitmq solely for ceilometer or even dedicated infrastructure for every component you deploy. It is unique large scale deployment designs such as this that only become practical under a Kubernetes/Container framework and we want to ensure that we can support them. \ No newline at end of file From 12001f52eb1c269aadecdb9e089708f370d71389 Mon Sep 17 00:00:00 2001 From: "Brandon B. Jozsa" Date: Mon, 30 Jan 2017 17:26:33 -0500 Subject: [PATCH 35/45] Update README.md --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index 8c8bcae04b..43ed53a6fc 100644 --- a/README.md +++ b/README.md @@ -2,6 +2,8 @@ Join us on [freenode](https://freenode.net/): `#openstack-helm` +Community Meetings: [Every other Tuesday @ 3PM UTC](https://calendar.google.com/calendar/embed?src=rnd4tpeoncig91pvs05il4p29o%40group.calendar.google.com&ctz=America/New_York) (Provided by [Zoom](https://zoom.us/j/562328746)) + Openstack-Helm is a fully self-contained Helm-based OpenStack deployment on Kubernetes. It will provide baremetal provisioning, persistent storage, full-stack resiliency, full-stack scalability, performance monitoring and tracing, and an optional development pipeline (using Jenkins). This project, along with the tools used within are community-based and open sourced. # Mission From 5b67145c3d575b8ee2be1e9b2900270e2488adc1 Mon Sep 17 00:00:00 2001 From: "Brandon B. Jozsa" Date: Mon, 30 Jan 2017 17:57:36 -0500 Subject: [PATCH 36/45] Update README.md --- README.md | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 43ed53a6fc..c239a5a580 100644 --- a/README.md +++ b/README.md @@ -1,8 +1,9 @@ # Openstack-Helm -Join us on [freenode](https://freenode.net/): `#openstack-helm` - -Community Meetings: [Every other Tuesday @ 3PM UTC](https://calendar.google.com/calendar/embed?src=rnd4tpeoncig91pvs05il4p29o%40group.calendar.google.com&ctz=America/New_York) (Provided by [Zoom](https://zoom.us/j/562328746)) +Join us on [Slack](http://slack.k8s.io/): `#openstack-helm`
+Join us on [freenode](https://freenode.net/): `#openstack-helm`
+Community Meetings: [Every other Tuesday @ 3PM UTC](https://calendar.google.com/calendar/embed?src=rnd4tpeoncig91pvs05il4p29o%40group.calendar.google.com&ctz=America/New_York) (Provided by [Zoom](https://zoom.us/j/562328746))
+Community Agenda Items: [Google Docs](https://docs.google.com/document/d/1Vm2OnMzjSru3cuvxh4Oa7R_z7staU-7ivGy8foOzDCs/edit#heading=h.bfc0dkav9gk2) Openstack-Helm is a fully self-contained Helm-based OpenStack deployment on Kubernetes. It will provide baremetal provisioning, persistent storage, full-stack resiliency, full-stack scalability, performance monitoring and tracing, and an optional development pipeline (using Jenkins). This project, along with the tools used within are community-based and open sourced. From fc5a3a7c3909fe7a219619cca34f844e79c37905 Mon Sep 17 00:00:00 2001 From: "Brandon B. Jozsa" Date: Mon, 30 Jan 2017 17:59:08 -0500 Subject: [PATCH 37/45] Update README.md --- README.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index c239a5a580..d6ec1e1bb4 100644 --- a/README.md +++ b/README.md @@ -1,9 +1,9 @@ # Openstack-Helm -Join us on [Slack](http://slack.k8s.io/): `#openstack-helm`
-Join us on [freenode](https://freenode.net/): `#openstack-helm`
-Community Meetings: [Every other Tuesday @ 3PM UTC](https://calendar.google.com/calendar/embed?src=rnd4tpeoncig91pvs05il4p29o%40group.calendar.google.com&ctz=America/New_York) (Provided by [Zoom](https://zoom.us/j/562328746))
-Community Agenda Items: [Google Docs](https://docs.google.com/document/d/1Vm2OnMzjSru3cuvxh4Oa7R_z7staU-7ivGy8foOzDCs/edit#heading=h.bfc0dkav9gk2) +*Join us on [Slack](http://slack.k8s.io/):* `#openstack-helm`
+*Join us on [Freenode](https://freenode.net/):* `#openstack-helm`
+*Community Meetings:* [Every other Tuesday @ 3PM UTC](https://calendar.google.com/calendar/embed?src=rnd4tpeoncig91pvs05il4p29o%40group.calendar.google.com&ctz=America/New_York) (Provided by [Zoom](https://zoom.us/j/562328746))
+*Community Agenda Items:* [Google Docs](https://docs.google.com/document/d/1Vm2OnMzjSru3cuvxh4Oa7R_z7staU-7ivGy8foOzDCs/edit#heading=h.bfc0dkav9gk2) Openstack-Helm is a fully self-contained Helm-based OpenStack deployment on Kubernetes. It will provide baremetal provisioning, persistent storage, full-stack resiliency, full-stack scalability, performance monitoring and tracing, and an optional development pipeline (using Jenkins). This project, along with the tools used within are community-based and open sourced. From 1e2967cfe12f14232cf105e84cdc415c5b511f53 Mon Sep 17 00:00:00 2001 From: "Brandon B. Jozsa" Date: Mon, 30 Jan 2017 17:59:58 -0500 Subject: [PATCH 38/45] Update README.md --- README.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index d6ec1e1bb4..6014cf596d 100644 --- a/README.md +++ b/README.md @@ -1,9 +1,9 @@ # Openstack-Helm -*Join us on [Slack](http://slack.k8s.io/):* `#openstack-helm`
-*Join us on [Freenode](https://freenode.net/):* `#openstack-helm`
-*Community Meetings:* [Every other Tuesday @ 3PM UTC](https://calendar.google.com/calendar/embed?src=rnd4tpeoncig91pvs05il4p29o%40group.calendar.google.com&ctz=America/New_York) (Provided by [Zoom](https://zoom.us/j/562328746))
-*Community Agenda Items:* [Google Docs](https://docs.google.com/document/d/1Vm2OnMzjSru3cuvxh4Oa7R_z7staU-7ivGy8foOzDCs/edit#heading=h.bfc0dkav9gk2) +**Join us on [Slack](http://slack.k8s.io/):** `#openstack-helm`
+**Join us on [Freenode](https://freenode.net/):** `#openstack-helm`
+**Community Meetings:** [Every other Tuesday @ 3PM UTC](https://calendar.google.com/calendar/embed?src=rnd4tpeoncig91pvs05il4p29o%40group.calendar.google.com&ctz=America/New_York) (Provided by [Zoom](https://zoom.us/j/562328746))
+**Community Agenda Items:** [Google Docs](https://docs.google.com/document/d/1Vm2OnMzjSru3cuvxh4Oa7R_z7staU-7ivGy8foOzDCs/edit#heading=h.bfc0dkav9gk2) Openstack-Helm is a fully self-contained Helm-based OpenStack deployment on Kubernetes. It will provide baremetal provisioning, persistent storage, full-stack resiliency, full-stack scalability, performance monitoring and tracing, and an optional development pipeline (using Jenkins). This project, along with the tools used within are community-based and open sourced. From 43fee7bfed9db55d04c34e306378e6f2c7f8518d Mon Sep 17 00:00:00 2001 From: Greg Althaus Date: Mon, 30 Jan 2017 17:16:36 -0600 Subject: [PATCH 39/45] CEPH Mons autodetection doesn't work reliably across all (#156) We should use known parameters for the custer POD ips and the MON_IP to make MON IP discovery more consistent. --- ceph/templates/statefulset-mon.yaml | 10 ++++++++-- ceph/values.yaml | 1 + docs/installation/getting-started.md | 2 +- 3 files changed, 10 insertions(+), 3 deletions(-) diff --git a/ceph/templates/statefulset-mon.yaml b/ceph/templates/statefulset-mon.yaml index d7971a72a2..265dafbaaa 100644 --- a/ceph/templates/statefulset-mon.yaml +++ b/ceph/templates/statefulset-mon.yaml @@ -72,10 +72,16 @@ spec: value: MON - name: KV_TYPE value: k8s - - name: NETWORK_AUTO_DETECT - value: "4" - name: CLUSTER value: ceph + - name: NETWORK_AUTO_DETECT + value: "0" + - name: CEPH_PUBLIC_NETWORK + value: {{ .Values.network.public | quote }} + - name: MON_IP + valueFrom: + fieldRef: + fieldPath: status.podIP volumeMounts: - name: ceph-conf mountPath: /etc/ceph diff --git a/ceph/values.yaml b/ceph/values.yaml index 2b9a94ab1f..aa55e6444a 100644 --- a/ceph/values.yaml +++ b/ceph/values.yaml @@ -25,6 +25,7 @@ labels: node_selector_value: enabled network: + public: "10.25.0.0/16" port: mon: 6789 rgw_ingress: 80 diff --git a/docs/installation/getting-started.md b/docs/installation/getting-started.md index 7ee83f80f5..a0d261720e 100644 --- a/docs/installation/getting-started.md +++ b/docs/installation/getting-started.md @@ -268,7 +268,7 @@ Please ensure that you use ``--purge`` whenever deleting a project. ## Ceph Installation and Verification Install the first service, which is Ceph. If all instructions have been followed as mentioned above, this installation should go smoothly. Use the following command to install Ceph: ``` -admin@kubenode01:~$ helm install --name=ceph local/ceph --namespace=ceph +admin@kubenode01:~$ helm install --set network.public=$osd_public_network --name=ceph local/ceph --namespace=ceph ``` ## Bootstrap Installation From 54557ec90790d1ab8119b1f0c5cdbd1074a38278 Mon Sep 17 00:00:00 2001 From: Alan Meadows Date: Mon, 30 Jan 2017 16:19:08 -0800 Subject: [PATCH 40/45] Update mission document --- docs/mission.md | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/docs/mission.md b/docs/mission.md index 63b88e67a6..ca7bb9be29 100644 --- a/docs/mission.md +++ b/docs/mission.md @@ -7,17 +7,18 @@ The goal for openstack-helm is to provide an incredibly customizable *framework* One of the goals of this project is to produce a set of charts that can be used in a production setting to deploy and upgrade OpenStack. To meet achieve this goal, all components must be resilient. This includes both OpenStack and Infrastructure components leveraged by this project. In addition, this also includes Kubernetes itself. It is part of our mission to ensure that all infrastructure components are highly available and that a deployment can withstand a physical host failure out of the box. This means that: - OpenStack components will need to support, and deploy with multiple replicas out of the box (unless development mode is enabled) to make sure this leveraging this chart for production deployments is a first class citizen at all times. -- Infrastructure elements such as Ceph, RabbitMQ, Galera (MariaDB), Memcache, and all others need to support resiliency and leverage multiple replicas for resiliency. These components also need to be validated that their application level configurations (for instance the underlying galera cluster) can tolerate host crashes and withstand physical host failures. +- Infrastructure elements such as Ceph, RabbitMQ, Galera (MariaDB), Memcache, and all others need to support resiliency and leverage multiple replicas for resiliency where applicable. These components also need to be validated that their application level configurations (for instance the underlying galera cluster) can tolerate host crashes and withstand physical host failures. - Scheduling annotations need to be employed to ensure maximum resiliency for multi-host environments. They also need to be flexible to allow all-in-one deployments. To this end, we promote the usage of `podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution` for most infrastructure elements. -- We should be able to depend on a reliable implementation of centralized storage to create PVCs within Kubernetes to support resiliency and application design. Today, this is cheph as there is much work to do making even a single backend production ready and we need to focus. In the future, we would like to support more choice for hardened backends. +- We make the assumption that we can depend on a reliable implementation of centralized storage to create PVCs within Kubernetes to support resiliency and complex application design. Today, this is powered by our own cheph chart as there is much work to do making even a single backend production ready and we need to focus bringing that to a production ready state, which includes handling real world deployment scenarios, resiliency, and pool configuration. In the future, we would like to support more choice for hardened backends. +- We will document the best practices for running a resilient Kubernetes cluster in production. This includes the steps necessary to make all components resilient, such as etcd, and skydns where possible, and point out gaps due to missing features. ## Scaling Scaling is another first class citizen in openstack-helm. We will be working to ensure we support various deployment models that can support hyperscale, such as: -- Ensure that out of the box, unless development mode is enabled, clusters receive multiple replicas to ensure scaling issues are identified early and often. -- Ensure that every chart can support more then one replica and allowing operators to override those replica counts. For some applications, means ensuring they can support clustering. -- Ensure clustering style applications are not limited to fixed replica counts. For instance, we want to ensure we can support N galera members and have those scale linearly within reason as opposed to only supporting a fixed count. +- Ensuring that out of the box, unless development mode is enabled, clusters receive multiple replicas to ensure scaling issues are identified early and often. +- Ensuring that every chart can support more then one replica and allowing operators to override those replica counts. For some applications, means ensuring they can support clustering. +- Ensuring clustering style applications are not limited to fixed replica counts. For instance, we want to ensure we can support N galera members and have those scale linearly within reason as opposed to only supporting a fixed count. - Duplicate charts of the same type within the same namespace. For example, deploying rabbitmq twice, to the openstack namespace resulting in two fully functioning clusters. - Allowing charts to be deployed to a diverse set of namespaces. Allowing infrastructure to be deployed in one namespace, and OpenStack in another, for example or each chart in its own namespace. - Supporting hyperscale by ensuring we can support configurations that call for per-component infrastructure, such as dedicated database and rabbitmq solely for ceilometer or even dedicated infrastructure for every component you deploy. It is unique large scale deployment designs such as this that only become practical under a Kubernetes/Container framework and we want to ensure that we can support them. \ No newline at end of file From 1e7203a523541c8a48a45d0f84cad9b2c1af96c4 Mon Sep 17 00:00:00 2001 From: maris-accenture Date: Tue, 31 Jan 2017 02:22:51 +0200 Subject: [PATCH 41/45] #106 CPU and memory resources (#106) * resource requests and limits for cinder, heat, nova --- cinder/templates/deployment-api.yaml | 9 +++ cinder/templates/deployment-scheduler.yaml | 9 +++ cinder/templates/deployment-volume.yaml | 9 +++ cinder/templates/job-db-init.yaml | 9 +++ cinder/templates/job-db-sync.yaml | 9 +++ cinder/templates/job-ks-endpoints.yaml.yaml | 9 +++ cinder/templates/job-ks-service.yaml | 9 +++ cinder/templates/job-ks-user.yaml | 9 +++ cinder/values.yaml | 60 +++++++++++++++ heat/templates/deployment-api.yaml | 9 +++ heat/templates/deployment-cfn.yaml | 9 +++ heat/templates/deployment-cloudwatch.yaml | 9 +++ heat/templates/job-db-init.yaml | 9 +++ heat/templates/job-db-sync.yaml | 9 +++ heat/templates/job-ks-endpoints.yaml.yaml | 9 +++ heat/templates/job-ks-service.yaml | 10 +++ heat/templates/job-ks-user.yaml | 9 +++ heat/templates/statefulset-engine.yaml | 9 +++ heat/values.yaml | 84 ++++++++++++++++++--- nova/templates/daemonset-compute.yaml | 9 +++ nova/templates/daemonset-libvirt.yaml | 9 +++ nova/templates/deployment-api-metadata.yaml | 9 +++ nova/templates/deployment-api-osapi.yaml | 9 +++ nova/templates/deployment-conductor.yaml | 9 +++ nova/templates/deployment-consoleauth.yaml | 9 +++ nova/templates/deployment-scheduler.yaml | 9 +++ nova/templates/job-db-init.yaml | 9 +++ nova/templates/job-db-sync.yaml | 9 +++ nova/templates/job-post.yaml | 9 +++ nova/values.yaml | 73 ++++++++++++++++++ 30 files changed, 451 insertions(+), 10 deletions(-) diff --git a/cinder/templates/deployment-api.yaml b/cinder/templates/deployment-api.yaml index cc3c3f6b19..74b0c59b7a 100644 --- a/cinder/templates/deployment-api.yaml +++ b/cinder/templates/deployment-api.yaml @@ -31,6 +31,15 @@ spec: - name: cinder-api image: {{ .Values.images.api }} imagePullPolicy: {{ .Values.images.pull_policy }} + {{- if .Values.resources.enabled }} + resources: + requests: + memory: {{ .Values.resources.cinder_api.requests.memory | quote }} + cpu: {{ .Values.resources.cinder_api.requests.cpu | quote }} + limits: + memory: {{ .Values.resources.cinder_api.limits.memory | quote }} + cpu: {{ .Values.resources.cinder_api.limits.cpu | quote }} + {{- end }} command: - cinder-api - --config-dir diff --git a/cinder/templates/deployment-scheduler.yaml b/cinder/templates/deployment-scheduler.yaml index 39663097ef..443cd7f9b2 100644 --- a/cinder/templates/deployment-scheduler.yaml +++ b/cinder/templates/deployment-scheduler.yaml @@ -31,6 +31,15 @@ spec: - name: cinder-scheduler image: {{ .Values.images.scheduler }} imagePullPolicy: {{ .Values.images.pull_policy }} + {{- if .Values.resources.enabled }} + resources: + requests: + memory: {{ .Values.resources.cinder_scheduler.requests.memory | quote }} + cpu: {{ .Values.resources.cinder_scheduler.requests.cpu | quote }} + limits: + memory: {{ .Values.resources.cinder_scheduler.limits.memory | quote }} + cpu: {{ .Values.resources.cinder_scheduler.limits.cpu | quote }} + {{- end }} command: - cinder-scheduler - --config-dir diff --git a/cinder/templates/deployment-volume.yaml b/cinder/templates/deployment-volume.yaml index cb6c958ccc..4c064029ab 100644 --- a/cinder/templates/deployment-volume.yaml +++ b/cinder/templates/deployment-volume.yaml @@ -31,6 +31,15 @@ spec: - name: cinder-volume image: {{ .Values.images.volume }} imagePullPolicy: {{ .Values.images.pull_policy }} + {{- if .Values.resources.enabled }} + resources: + requests: + memory: {{ .Values.resources.cinder_volume.requests.memory | quote }} + cpu: {{ .Values.resources.cinder_volume.requests.cpu | quote }} + limits: + memory: {{ .Values.resources.cinder_volume.limits.memory | quote }} + cpu: {{ .Values.resources.cinder_volume.limits.cpu | quote }} + {{- end }} command: - cinder-volume - --config-dir diff --git a/cinder/templates/job-db-init.yaml b/cinder/templates/job-db-init.yaml index 8c8338b0cf..eb057e9af4 100644 --- a/cinder/templates/job-db-init.yaml +++ b/cinder/templates/job-db-init.yaml @@ -19,6 +19,15 @@ spec: - name: cinder-db-init image: {{ .Values.images.db_init | quote }} imagePullPolicy: {{ .Values.images.pull_policy | quote }} + {{- if .Values.resources.enabled }} + resources: + requests: + memory: {{ .Values.resources.cinder_db_init.requests.memory | quote }} + cpu: {{ .Values.resources.cinder_db_init.requests.cpu | quote }} + limits: + memory: {{ .Values.resources.cinder_db_init.limits.memory | quote }} + cpu: {{ .Values.resources.cinder_db_init.limits.cpu | quote }} + {{- end }} env: - name: ANSIBLE_LIBRARY value: /usr/share/ansible/ diff --git a/cinder/templates/job-db-sync.yaml b/cinder/templates/job-db-sync.yaml index 045f46227f..97da3bc262 100644 --- a/cinder/templates/job-db-sync.yaml +++ b/cinder/templates/job-db-sync.yaml @@ -19,6 +19,15 @@ spec: - name: cinder-db-sync image: {{ .Values.images.db_sync }} imagePullPolicy: {{ .Values.images.pull_policy }} + {{- if .Values.resources.enabled }} + resources: + requests: + memory: {{ .Values.resources.cinder_db_sync.requests.memory | quote }} + cpu: {{ .Values.resources.cinder_db_sync.requests.cpu | quote }} + limits: + memory: {{ .Values.resources.cinder_db_sync.limits.memory | quote }} + cpu: {{ .Values.resources.cinder_db_sync.limits.cpu | quote }} + {{- end }} command: - cinder-manage args: diff --git a/cinder/templates/job-ks-endpoints.yaml.yaml b/cinder/templates/job-ks-endpoints.yaml.yaml index 455c0f3439..242ba42b4b 100644 --- a/cinder/templates/job-ks-endpoints.yaml.yaml +++ b/cinder/templates/job-ks-endpoints.yaml.yaml @@ -22,6 +22,15 @@ spec: - name: {{ $osServiceType }}-ks-endpoints-{{ $osServiceEndPoint }} image: {{ $envAll.Values.images.ks_endpoints }} imagePullPolicy: {{ $envAll.Values.images.pull_policy }} + {{- if $envAll.Values.resources.enabled }} + resources: + requests: + memory: {{ $envAll.Values.resources.cinder_ks_endpoints.requests.memory | quote }} + cpu: {{ $envAll.Values.resources.cinder_ks_endpoints.requests.cpu | quote }} + limits: + memory: {{ $envAll.Values.resources.cinder_ks_endpoints.limits.memory | quote }} + cpu: {{ $envAll.Values.resources.cinder_ks_endpoints.limits.cpu | quote }} + {{- end }} command: - bash - /tmp/ks-endpoints.sh diff --git a/cinder/templates/job-ks-service.yaml b/cinder/templates/job-ks-service.yaml index 73934938f2..c63c6103b9 100644 --- a/cinder/templates/job-ks-service.yaml +++ b/cinder/templates/job-ks-service.yaml @@ -21,6 +21,15 @@ spec: - name: {{ $osServiceType }}-ks-service-registration image: {{ $envAll.Values.images.ks_service }} imagePullPolicy: {{ $envAll.Values.images.pull_policy }} + {{- if $envAll.Values.resources.enabled }} + resources: + requests: + memory: {{ $envAll.Values.resources.cinder_ks_service.requests.memory | quote }} + cpu: {{ $envAll.Values.resources.cinder_ks_service.requests.cpu | quote }} + limits: + memory: {{ $envAll.Values.resources.cinder_ks_service.limits.memory | quote }} + cpu: {{ $envAll.Values.resources.cinder_ks_service.limits.cpu | quote }} + {{- end }} command: - bash - /tmp/ks-service.sh diff --git a/cinder/templates/job-ks-user.yaml b/cinder/templates/job-ks-user.yaml index 49bc179a89..cc383e6f0c 100644 --- a/cinder/templates/job-ks-user.yaml +++ b/cinder/templates/job-ks-user.yaml @@ -21,6 +21,15 @@ spec: - name: cinder-ks-user image: {{ .Values.images.ks_user }} imagePullPolicy: {{ .Values.images.pull_policy }} + {{- if .Values.resources.enabled }} + resources: + requests: + memory: {{ .Values.resources.cinder_ks_user.requests.memory | quote }} + cpu: {{ .Values.resources.cinder_ks_user.requests.cpu | quote }} + limits: + memory: {{ .Values.resources.cinder_ks_user.limits.memory | quote }} + cpu: {{ .Values.resources.cinder_ks_user.limits.cpu | quote }} + {{- end }} command: - bash - /tmp/ks-user.sh diff --git a/cinder/values.yaml b/cinder/values.yaml index 120d4d484f..4f6ebeb5b2 100644 --- a/cinder/values.yaml +++ b/cinder/values.yaml @@ -183,3 +183,63 @@ endpoints: scheme: 'http' port: api: 8776 + +resources: + enabled: false + cinder_api: + requests: + memory: "124Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" + cinder_scheduler: + requests: + memory: "124Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" + cinder_volume: + requests: + memory: "124Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" + cinder_db_init: + requests: + memory: "124Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" + cinder_db_sync: + requests: + memory: "124Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" + cinder_ks_endpoints: + requests: + memory: "124Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" + cinder_ks_service: + requests: + memory: "124Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" + cinder_ks_user: + requests: + memory: "124Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" + diff --git a/heat/templates/deployment-api.yaml b/heat/templates/deployment-api.yaml index 25197f76ef..dafbba9cda 100755 --- a/heat/templates/deployment-api.yaml +++ b/heat/templates/deployment-api.yaml @@ -21,6 +21,15 @@ spec: - name: heat-api image: {{ .Values.images.api }} imagePullPolicy: {{ .Values.images.pull_policy }} + {{- if .Values.resources.enabled }} + resources: + requests: + memory: {{ .Values.resources.heat_api.requests.memory | quote }} + cpu: {{ .Values.resources.heat_api.requests.cpu | quote }} + limits: + memory: {{ .Values.resources.heat_api.limits.memory | quote }} + cpu: {{ .Values.resources.heat_api.limits.cpu | quote }} + {{- end }} command: - heat-api - --config-dir diff --git a/heat/templates/deployment-cfn.yaml b/heat/templates/deployment-cfn.yaml index 0cce31b80e..11d25b745a 100644 --- a/heat/templates/deployment-cfn.yaml +++ b/heat/templates/deployment-cfn.yaml @@ -21,6 +21,15 @@ spec: - name: heat-cfn image: {{ .Values.images.cfn }} imagePullPolicy: {{ .Values.images.pull_policy }} + {{- if .Values.resources.enabled }} + resources: + requests: + memory: {{ .Values.resources.heat_cfn.requests.memory | quote }} + cpu: {{ .Values.resources.heat_cfn.requests.cpu | quote }} + limits: + memory: {{ .Values.resources.heat_cfn.limits.memory | quote }} + cpu: {{ .Values.resources.heat_cfn.limits.cpu | quote }} + {{- end }} command: - heat-api-cfn - --config-dir diff --git a/heat/templates/deployment-cloudwatch.yaml b/heat/templates/deployment-cloudwatch.yaml index 6f624a65f4..17b17fecd0 100644 --- a/heat/templates/deployment-cloudwatch.yaml +++ b/heat/templates/deployment-cloudwatch.yaml @@ -21,6 +21,15 @@ spec: - name: heat-cloudwatch image: {{ .Values.images.cloudwatch }} imagePullPolicy: {{ .Values.images.pull_policy }} + {{- if .Values.resources.enabled }} + resources: + requests: + memory: {{ .Values.resources.heat_cloudwatch.requests.memory | quote }} + cpu: {{ .Values.resources.heat_cloudwatch.requests.cpu | quote }} + limits: + memory: {{ .Values.resources.heat_cloudwatch.limits.memory | quote }} + cpu: {{ .Values.resources.heat_cloudwatch.limits.cpu | quote }} + {{- end }} command: - heat-api-cloudwatch - --config-dir diff --git a/heat/templates/job-db-init.yaml b/heat/templates/job-db-init.yaml index a98c571d95..4633c7af9c 100644 --- a/heat/templates/job-db-init.yaml +++ b/heat/templates/job-db-init.yaml @@ -19,6 +19,15 @@ spec: - name: heat-db-init image: {{ .Values.images.db_init | quote }} imagePullPolicy: {{ .Values.images.pull_policy | quote }} + {{- if .Values.resources.enabled }} + resources: + requests: + memory: {{ .Values.resources.heat_db_init.requests.memory | quote }} + cpu: {{ .Values.resources.heat_db_init.requests.cpu | quote }} + limits: + memory: {{ .Values.resources.heat_db_init.limits.memory | quote }} + cpu: {{ .Values.resources.heat_db_init.limits.cpu | quote }} + {{- end }} env: - name: ANSIBLE_LIBRARY value: /usr/share/ansible/ diff --git a/heat/templates/job-db-sync.yaml b/heat/templates/job-db-sync.yaml index 5f962a9d3e..0ee761c201 100644 --- a/heat/templates/job-db-sync.yaml +++ b/heat/templates/job-db-sync.yaml @@ -19,6 +19,15 @@ spec: - name: heat-db-sync image: {{ .Values.images.db_sync }} imagePullPolicy: {{ .Values.images.pull_policy }} + {{- if .Values.resources.enabled }} + resources: + requests: + memory: {{ .Values.resources.heat_db_sync.requests.memory | quote }} + cpu: {{ .Values.resources.heat_db_sync.requests.cpu | quote }} + limits: + memory: {{ .Values.resources.heat_db_sync.limits.memory | quote }} + cpu: {{ .Values.resources.heat_db_sync.limits.cpu | quote }} + {{- end }} command: - heat-manage args: diff --git a/heat/templates/job-ks-endpoints.yaml.yaml b/heat/templates/job-ks-endpoints.yaml.yaml index 6bfcfb7018..c5dfd3aaa1 100644 --- a/heat/templates/job-ks-endpoints.yaml.yaml +++ b/heat/templates/job-ks-endpoints.yaml.yaml @@ -22,6 +22,15 @@ spec: - name: {{ $osServiceName }}-ks-endpoints-{{ $osServiceEndPoint }} image: {{ $envAll.Values.images.ks_endpoints }} imagePullPolicy: {{ $envAll.Values.images.pull_policy }} + {{- if $envAll.Values.resources.enabled }} + resources: + requests: + memory: {{ $envAll.Values.resources.heat_ks_endpoints.requests.memory | quote }} + cpu: {{ $envAll.Values.resources.heat_ks_endpoints.requests.cpu | quote }} + limits: + memory: {{ $envAll.Values.resources.heat_ks_endpoints.limits.memory | quote }} + cpu: {{ $envAll.Values.resources.heat_ks_endpoints.limits.cpu | quote }} + {{- end }} command: - bash - /tmp/ks-endpoints.sh diff --git a/heat/templates/job-ks-service.yaml b/heat/templates/job-ks-service.yaml index 8dba89f883..dd3295a5ec 100644 --- a/heat/templates/job-ks-service.yaml +++ b/heat/templates/job-ks-service.yaml @@ -21,6 +21,15 @@ spec: - name: {{ $osServiceName }}-ks-service-registration image: {{ $envAll.Values.images.ks_service }} imagePullPolicy: {{ $envAll.Values.images.pull_policy }} + {{- if $envAll.Values.resources.enabled }} + resources: + requests: + memory: {{ $envAll.Values.resources.heat_ks_service.requests.memory | quote }} + cpu: {{ $envAll.Values.resources.heat_ks_service.requests.cpu | quote }} + limits: + memory: {{ $envAll.Values.resources.heat_ks_service.limits.memory | quote }} + cpu: {{ $envAll.Values.resources.heat_ks_service.limits.cpu | quote }} + {{- end }} command: - bash - /tmp/ks-service.sh @@ -38,6 +47,7 @@ spec: - name: OS_SERVICE_TYPE value: {{ tuple $osServiceName $envAll | include "endpoint_type_lookup" }} {{- end }} + volumes: - name: ks-service-sh configMap: diff --git a/heat/templates/job-ks-user.yaml b/heat/templates/job-ks-user.yaml index 7fd8f6d2f2..a55743ef02 100644 --- a/heat/templates/job-ks-user.yaml +++ b/heat/templates/job-ks-user.yaml @@ -24,6 +24,15 @@ spec: - name: heat-ks-user image: {{ .Values.images.ks_user }} imagePullPolicy: {{ .Values.images.pull_policy }} + {{- if .Values.resources.enabled }} + resources: + requests: + memory: {{ .Values.resources.heat_ks_user.requests.memory | quote }} + cpu: {{ .Values.resources.heat_ks_user.requests.cpu | quote }} + limits: + memory: {{ .Values.resources.heat_ks_user.limits.memory | quote }} + cpu: {{ .Values.resources.heat_ks_user.limits.cpu | quote }} + {{- end }} command: - bash - /tmp/ks-user.sh diff --git a/heat/templates/statefulset-engine.yaml b/heat/templates/statefulset-engine.yaml index 0c5c8f007b..d27bf99665 100644 --- a/heat/templates/statefulset-engine.yaml +++ b/heat/templates/statefulset-engine.yaml @@ -22,6 +22,15 @@ spec: - name: heat-engine image: {{ .Values.images.engine }} imagePullPolicy: {{ .Values.images.pull_policy }} + {{- if .Values.resources.enabled }} + resources: + requests: + memory: {{ .Values.resources.heat_engine.requests.memory | quote }} + cpu: {{ .Values.resources.heat_engine.requests.cpu | quote }} + limits: + memory: {{ .Values.resources.heat_engine.limits.memory | quote }} + cpu: {{ .Values.resources.heat_engine.limits.cpu | quote }} + {{- end }} command: - heat-engine - --config-dir diff --git a/heat/values.yaml b/heat/values.yaml index ecd9c02ccf..9da0dc95f6 100644 --- a/heat/values.yaml +++ b/heat/values.yaml @@ -97,16 +97,6 @@ memcached: host: memcached port: 11211 -resources: - api: - workers: 8 - cfn: - workers: 8 - cloudwatch: - workers: 8 - engine: - workers: 8 - misc: debug: true @@ -206,3 +196,77 @@ endpoints: scheme: 'http' port: api: 8003 + +resources: + enabled: false + heat_api: + requests: + memory: "124Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" + heat_cfn: + requests: + memory: "124Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" + heat_cloudwatch: + requests: + memory: "124Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" + heat_db_init: + requests: + memory: "124Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" + heat_db_sync: + requests: + memory: "124Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" + heat_ks_endpoints: + requests: + memory: "124Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" + heat_ks_service: + requests: + memory: "124Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" + heat_ks_user: + requests: + memory: "124Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" + heat_engine: + requests: + memory: "124Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" + api: + workers: 8 + cfn: + workers: 8 + cloudwatch: + workers: 8 + engine: + workers: 8 diff --git a/nova/templates/daemonset-compute.yaml b/nova/templates/daemonset-compute.yaml index 896739cfba..2553c79406 100644 --- a/nova/templates/daemonset-compute.yaml +++ b/nova/templates/daemonset-compute.yaml @@ -27,6 +27,15 @@ spec: - name: nova-compute image: {{ .Values.images.compute }} imagePullPolicy: {{ .Values.images.pull_policy }} + {{- if .Values.resources.enabled }} + resources: + requests: + memory: {{ .Values.resources.nova_compute.requests.memory | quote }} + cpu: {{ .Values.resources.nova_compute.requests.cpu | quote }} + limits: + memory: {{ .Values.resources.nova_compute.limits.memory | quote }} + cpu: {{ .Values.resources.nova_compute.limits.cpu | quote }} + {{- end }} securityContext: privileged: true command: diff --git a/nova/templates/daemonset-libvirt.yaml b/nova/templates/daemonset-libvirt.yaml index bb461bc4da..bc104e7144 100644 --- a/nova/templates/daemonset-libvirt.yaml +++ b/nova/templates/daemonset-libvirt.yaml @@ -26,6 +26,15 @@ spec: - name: nova-libvirt image: {{ .Values.images.libvirt }} imagePullPolicy: {{ .Values.images.pull_policy }} + {{- if .Values.resources.enabled }} + resources: + requests: + memory: {{ .Values.resources.nova_libvirt.requests.memory | quote }} + cpu: {{ .Values.resources.nova_libvirt.requests.cpu | quote }} + limits: + memory: {{ .Values.resources.nova_libvirt.limits.memory | quote }} + cpu: {{ .Values.resources.nova_libvirt.limits.cpu | quote }} + {{- end }} securityContext: privileged: true command: diff --git a/nova/templates/deployment-api-metadata.yaml b/nova/templates/deployment-api-metadata.yaml index 5ca429e8ca..1b93605837 100644 --- a/nova/templates/deployment-api-metadata.yaml +++ b/nova/templates/deployment-api-metadata.yaml @@ -32,6 +32,15 @@ spec: image: {{ .Values.images.api }} imagePullPolicy: {{ .Values.images.pull_policy }} # https://bugs.launchpad.net/kolla-mesos/+bug/1546007 + {{- if .Values.resources.enabled }} + resources: + requests: + memory: {{ .Values.resources.nova_api_metadata.requests.memory | quote }} + cpu: {{ .Values.resources.nova_api_metadata.requests.cpu | quote }} + limits: + memory: {{ .Values.resources.nova_api_metadata.limits.memory | quote }} + cpu: {{ .Values.resources.nova_api_metadata.limits.cpu | quote }} + {{- end }} securityContext: capabilities: add: diff --git a/nova/templates/deployment-api-osapi.yaml b/nova/templates/deployment-api-osapi.yaml index f0940a524c..52b6a13ec2 100644 --- a/nova/templates/deployment-api-osapi.yaml +++ b/nova/templates/deployment-api-osapi.yaml @@ -35,6 +35,15 @@ spec: capabilities: add: - NET_ADMIN + {{- if .Values.resources.enabled }} + resources: + requests: + memory: {{ .Values.resources.nova_osapi.requests.memory | quote }} + cpu: {{ .Values.resources.nova_osapi.requests.cpu | quote }} + limits: + memory: {{ .Values.resources.nova_osapi.limits.memory | quote }} + cpu: {{ .Values.resources.nova_osapi.limits.cpu | quote }} + {{- end }} command: - nova-api - --config-file=/etc/nova/nova.conf diff --git a/nova/templates/deployment-conductor.yaml b/nova/templates/deployment-conductor.yaml index 8879851371..7e9fe02b6e 100644 --- a/nova/templates/deployment-conductor.yaml +++ b/nova/templates/deployment-conductor.yaml @@ -31,6 +31,15 @@ spec: - name: nova-conductor image: {{ .Values.images.conductor }} imagePullPolicy: {{ .Values.images.pull_policy }} + {{- if .Values.resources.enabled }} + resources: + requests: + memory: {{ .Values.resources.nova_conductor.requests.memory | quote }} + cpu: {{ .Values.resources.nova_conductor.requests.cpu | quote }} + limits: + memory: {{ .Values.resources.nova_conductor.limits.memory | quote }} + cpu: {{ .Values.resources.nova_conductor.limits.cpu | quote }} + {{- end }} command: - nova-conductor - --config-file diff --git a/nova/templates/deployment-consoleauth.yaml b/nova/templates/deployment-consoleauth.yaml index c62de2559d..fa96113129 100644 --- a/nova/templates/deployment-consoleauth.yaml +++ b/nova/templates/deployment-consoleauth.yaml @@ -31,6 +31,15 @@ spec: - name: nova-consoleauth image: {{ .Values.images.consoleauth }} imagePullPolicy: {{ .Values.images.pull_policy }} + {{- if .Values.resources.enabled }} + resources: + requests: + memory: {{ .Values.resources.nova_consoleauth.requests.memory | quote }} + cpu: {{ .Values.resources.nova_consoleauth.requests.cpu | quote }} + limits: + memory: {{ .Values.resources.nova_consoleauth.limits.memory | quote }} + cpu: {{ .Values.resources.nova_consoleauth.limits.cpu | quote }} + {{- end }} command: - nova-consoleauth - --config-file diff --git a/nova/templates/deployment-scheduler.yaml b/nova/templates/deployment-scheduler.yaml index 14f12e2c29..9ace4262bf 100644 --- a/nova/templates/deployment-scheduler.yaml +++ b/nova/templates/deployment-scheduler.yaml @@ -31,6 +31,15 @@ spec: - name: nova-scheduler image: {{ .Values.images.scheduler }} imagePullPolicy: {{ .Values.images.pull_policy }} + {{- if .Values.resources.enabled }} + resources: + requests: + memory: {{ .Values.resources.nova_scheduler.requests.memory | quote }} + cpu: {{ .Values.resources.nova_scheduler.requests.cpu | quote }} + limits: + memory: {{ .Values.resources.nova_scheduler.limits.memory | quote }} + cpu: {{ .Values.resources.nova_scheduler.limits.cpu | quote }} + {{- end }} command: - nova-scheduler - --config-file diff --git a/nova/templates/job-db-init.yaml b/nova/templates/job-db-init.yaml index dce9a652a7..e43982359a 100644 --- a/nova/templates/job-db-init.yaml +++ b/nova/templates/job-db-init.yaml @@ -19,6 +19,15 @@ spec: - name: nova-db-init image: {{ .Values.images.db_init }} imagePullPolicy: {{ .Values.images.pull_policy }} + {{- if .Values.resources.enabled }} + resources: + requests: + memory: {{ .Values.resources.nova_init.requests.memory | quote }} + cpu: {{ .Values.resources.nova_init.requests.cpu | quote }} + limits: + memory: {{ .Values.resources.nova_init.limits.memory | quote }} + cpu: {{ .Values.resources.nova_init.limits.cpu | quote }} + {{- end }} command: - bash - /tmp/init.sh diff --git a/nova/templates/job-db-sync.yaml b/nova/templates/job-db-sync.yaml index 94befb39e2..81bff35b94 100644 --- a/nova/templates/job-db-sync.yaml +++ b/nova/templates/job-db-sync.yaml @@ -19,6 +19,15 @@ spec: - name: nova-db-sync image: {{ .Values.images.db_sync }} imagePullPolicy: {{ .Values.images.pull_policy }} + {{- if .Values.resources.enabled }} + resources: + requests: + memory: {{ .Values.resources.nova_db_sync.requests.memory | quote }} + cpu: {{ .Values.resources.nova_db_sync.requests.cpu | quote }} + limits: + memory: {{ .Values.resources.nova_db_sync.limits.memory | quote }} + cpu: {{ .Values.resources.nova_db_sync.limits.cpu | quote }} + {{- end }} command: - bash - /tmp/db-sync.sh diff --git a/nova/templates/job-post.yaml b/nova/templates/job-post.yaml index c91e752117..7fddbaf6a7 100644 --- a/nova/templates/job-post.yaml +++ b/nova/templates/job-post.yaml @@ -19,6 +19,15 @@ spec: - name: nova-post image: {{ .Values.images.post }} imagePullPolicy: {{ .Values.images.pull_policy }} + {{- if .Values.resources.enabled }} + resources: + requests: + memory: {{ .Values.resources.nova_post.requests.memory | quote }} + cpu: {{ .Values.resources.nova_post.requests.cpu | quote }} + limits: + memory: {{ .Values.resources.nova_post.limits.memory | quote }} + cpu: {{ .Values.resources.nova_post.limits.cpu | quote }} + {{- end }} command: - bash - /tmp/post.sh diff --git a/nova/values.yaml b/nova/values.yaml index 6cc3baa28f..7edba952ba 100644 --- a/nova/values.yaml +++ b/nova/values.yaml @@ -217,3 +217,76 @@ endpoints: scheme: 'http' port: api: 9696 + +resources: + enabled: false + nova_compute: + requests: + memory: "124Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" + nova_libvirt: + requests: + memory: "124Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" + nova_api_metadata: + requests: + memory: "124Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" + nova_osapi: + requests: + memory: "124Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" + nova_conductor: + requests: + memory: "124Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" + nova_consoleauth: + requests: + memory: "124Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" + nova_scheduler: + requests: + memory: "124Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" + nova_db_sync: + requests: + memory: "124Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" + nova_init: + requests: + memory: "124Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" + nova_post: + requests: + memory: "124Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" From b8d74f724158b4a92ef314d6bd156f23d7c41f18 Mon Sep 17 00:00:00 2001 From: Steve Wilkerson Date: Tue, 31 Jan 2017 14:35:06 -0600 Subject: [PATCH 42/45] Add OWNERS file to openstack-helm Add the OWNERS file to openstack-helm to match other similar repos --- OWNERS | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 OWNERS diff --git a/OWNERS b/OWNERS new file mode 100644 index 0000000000..5881adfb1d --- /dev/null +++ b/OWNERS @@ -0,0 +1,10 @@ +reviewers: + - alanmeadows + - v1k0d3n + - intlabs + - wilkers-steve + - DTadrzak + - larryrensing +approvers: + - alanmeadows + - v1k0d3n From 27453ccc4d9c94621375ddbfb589e4dfd80d4ce9 Mon Sep 17 00:00:00 2001 From: Alan Meadows Date: Tue, 31 Jan 2017 16:14:17 -0800 Subject: [PATCH 43/45] Update mission document with feedback --- docs/mission.md | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/docs/mission.md b/docs/mission.md index ca7bb9be29..b39a809f90 100644 --- a/docs/mission.md +++ b/docs/mission.md @@ -1,24 +1,24 @@ # Mission -The goal for openstack-helm is to provide an incredibly customizable *framework* for operators and developers alike. This framework will enable end-users to deploy, maintain, and upgrade a fully functioning Openstack environment for both simple and complex environments. Administrators or developers can either deploy all or individual Openstack components along with their required dependancies. It heavily borrows concepts from [Stackanetes](https://github.com/stackanetes/stackanetes) and [other complex Helm application deployments](https://github.com/sapcc/openstack-helm). This project is meant to be a collaborative project that brings Openstack applications into a [Cloud-Native](https://www.cncf.io/about/charter) model. +The goal for openstack-helm is to provide an incredibly customizable *framework* for operators and developers alike. This framework will enable end-users to deploy, maintain, and upgrade a fully functioning OpenStack environment for both simple and complex environments. Administrators or developers can either deploy all or individual OpenStack components along with their required dependencies. It heavily borrows concepts from [Stackanetes](https://github.com/stackanetes/stackanetes) and [other complex Helm application deployments](https://github.com/sapcc/openstack-helm). This project is meant to be a collaborative project that brings Openstack applications into a [Cloud-Native](https://www.cncf.io/about/charter) model. ## Resiliency -One of the goals of this project is to produce a set of charts that can be used in a production setting to deploy and upgrade OpenStack. To meet achieve this goal, all components must be resilient. This includes both OpenStack and Infrastructure components leveraged by this project. In addition, this also includes Kubernetes itself. It is part of our mission to ensure that all infrastructure components are highly available and that a deployment can withstand a physical host failure out of the box. This means that: +One of the goals of this project is to produce a set of charts that can be used in a production setting to deploy and upgrade OpenStack. To achieve this goal, all components must be resilient, including both OpenStack and Infrastructure components leveraged by this project. In addition, this also includes Kubernetes itself. It is part of our mission to ensure that all infrastructure components are highly available and that a deployment can withstand a physical host failure out of the box. This means that: -- OpenStack components will need to support, and deploy with multiple replicas out of the box (unless development mode is enabled) to make sure this leveraging this chart for production deployments is a first class citizen at all times. -- Infrastructure elements such as Ceph, RabbitMQ, Galera (MariaDB), Memcache, and all others need to support resiliency and leverage multiple replicas for resiliency where applicable. These components also need to be validated that their application level configurations (for instance the underlying galera cluster) can tolerate host crashes and withstand physical host failures. +- OpenStack components need to support and deploy with multiple replicas out of the box to ensure that each chart is deployed as a single-unit production ready first class citizen (unless development mode is enabled). +- Infrastructure elements such as Ceph, RabbitMQ, Galera (MariaDB), Memcached, and all others need to support resiliency and leverage multiple replicas for resiliency where applicable. These components also need to validate that their application level configurations (for instance the underlying Galera cluster) can tolerate host crashes and withstand physical host failures. - Scheduling annotations need to be employed to ensure maximum resiliency for multi-host environments. They also need to be flexible to allow all-in-one deployments. To this end, we promote the usage of `podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution` for most infrastructure elements. -- We make the assumption that we can depend on a reliable implementation of centralized storage to create PVCs within Kubernetes to support resiliency and complex application design. Today, this is powered by our own cheph chart as there is much work to do making even a single backend production ready and we need to focus bringing that to a production ready state, which includes handling real world deployment scenarios, resiliency, and pool configuration. In the future, we would like to support more choice for hardened backends. -- We will document the best practices for running a resilient Kubernetes cluster in production. This includes the steps necessary to make all components resilient, such as etcd, and skydns where possible, and point out gaps due to missing features. +- We make the assumption that we can depend on a reliable implementation of centralized storage to create PVCs within Kubernetes to support resiliency and complex application design. Today, this is provided by the included Ceph chart. There is much work to do when making even a single backend production ready. We have chosen to focus on bringing Ceph into a production ready state, which includes handling real world deployment scenarios, resiliency, and pool configurations. In the future we would like to support more options for hardened backend PVC's. In the future, we would like to offer flexibility in choosing a hardened backend. +- We will document the best practices for running a resilient Kubernetes cluster in production. This includes documenting the steps necessary to make all components resilient, such as Etcd and SkyDNS where possible, and point out gaps due to missing features. ## Scaling -Scaling is another first class citizen in openstack-helm. We will be working to ensure we support various deployment models that can support hyperscale, such as: +Scaling is another first class citizen in openstack-helm. We will be working to ensure that we support various deployment models that can support hyperscale, such as: -- Ensuring that out of the box, unless development mode is enabled, clusters receive multiple replicas to ensure scaling issues are identified early and often. -- Ensuring that every chart can support more then one replica and allowing operators to override those replica counts. For some applications, means ensuring they can support clustering. -- Ensuring clustering style applications are not limited to fixed replica counts. For instance, we want to ensure we can support N galera members and have those scale linearly within reason as opposed to only supporting a fixed count. +- Ensuring that by default, clusters include multiple replicas to verify that scaling issues are identified early and often (unless development mode is enabled). +- Ensuring that every chart can support more then one replica and allowing operators to override those replica counts. For some applications, this means that they support clustering. +- Ensuring clustering style applications are not limited to fixed replica counts. For instance, we want to ensure that we can support n=Galera members and have those scale linearly, within reason, as opposed to only supporting a fixed count. - Duplicate charts of the same type within the same namespace. For example, deploying rabbitmq twice, to the openstack namespace resulting in two fully functioning clusters. -- Allowing charts to be deployed to a diverse set of namespaces. Allowing infrastructure to be deployed in one namespace, and OpenStack in another, for example or each chart in its own namespace. -- Supporting hyperscale by ensuring we can support configurations that call for per-component infrastructure, such as dedicated database and rabbitmq solely for ceilometer or even dedicated infrastructure for every component you deploy. It is unique large scale deployment designs such as this that only become practical under a Kubernetes/Container framework and we want to ensure that we can support them. \ No newline at end of file +- Allowing charts to be deployed to a diverse set of namespaces. For example, allowing infrastructure to be deployed in one namespace and OpenStack in another, or deploying each chart in its own namespace. +- Supporting hyperscale configurations that call for per-component infrastructure, such as a dedicated database and RabbitMQ solely for Ceilometer, or even dedicated infrastructure(s) for every component you deploy. It is unique, large scale deployment designs such as this that only become practical under a Kubernetes/Container framework and we want to ensure that we can support them. From aa400cca7403bf5fb463a363985fc7bd48530aa7 Mon Sep 17 00:00:00 2001 From: "Eiden, Elise (ee550x)" Date: Wed, 1 Feb 2017 08:44:18 -0600 Subject: [PATCH 44/45] Resolves issue #165 --- docs/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/README.md b/docs/README.md index 00c6b4b0a0..fe214b6d85 100644 --- a/docs/README.md +++ b/docs/README.md @@ -3,7 +3,7 @@ ## Table of Contents -##  1. [Openstack-Helm Design Principals]() +##  1. [Openstack-Helm Design Principles]() ###    1.1 [Mission](mission.md) #####      1.1.1 [Resiliency](mission.md#resiliency) #####      1.1.2 [Scaling](mission.md#scaling) From fc21a2e92411f167bcc8ad22f11a08ce030ee87a Mon Sep 17 00:00:00 2001 From: Marcellin Tchassem Date: Wed, 1 Feb 2017 21:47:59 -0600 Subject: [PATCH 45/45] Add resources limits and requests for some charts (#163) * Add resources limits and requests for each chart * Refactor the resources limits and requests to follow a patern * Fix some coding issues * fix issues resulting from feedback on the resources PR * Reset some variables to a static value in the neutron chart. * Substituting variable entrypoint by dependency_check in the concerned files * Few adjustments * Update deploy-region.yaml * Update deployment.yaml * Add resources limits and requests for each chart Squah all commits in one. * Add resources limits and requests for some charts * cleaning * Fix indendation issue * Update deployment.yaml * Update daemonset-ovs-vswitchd.yaml --- glance/templates/deployment-api.yaml | 9 +++ glance/templates/deployment-registry.yaml | 9 +++ glance/templates/job-db-init.yaml | 9 +++ glance/templates/job-db-sync.yaml | 9 +++ glance/templates/job-post.yaml | 9 +++ glance/values.yaml | 41 +++++++++- horizon/templates/deployment.yaml | 9 +++ horizon/values.yaml | 14 +++- keystone/templates/deployment.yaml | 9 +++ keystone/templates/job-db-init.yaml | 9 +++ keystone/templates/job-db-sync.yaml | 9 +++ keystone/values.yaml | 25 ++++++ maas/templates/deploy-rack.yaml | 11 ++- maas/templates/deploy-region.yaml | 11 ++- maas/values.yaml | 20 ++++- mariadb/templates/deployment.yaml | 9 +++ mariadb/templates/job-seed.yaml | 9 +++ mariadb/values.yaml | 18 +++++ memcached/templates/deployment.yaml | 9 +++ memcached/values.yaml | 8 ++ neutron/templates/daemonset-dhcp-agent.yaml | 9 +++ neutron/templates/daemonset-l3-agent.yaml | 9 +++ .../templates/daemonset-metadata-agent.yaml | 9 +++ neutron/templates/daemonset-ovs-agent.yaml | 9 +++ neutron/templates/daemonset-ovs-db.yaml | 9 +++ neutron/templates/daemonset-ovs-vswitchd.yaml | 9 +++ neutron/templates/deployment-server.yaml | 9 +++ neutron/templates/job-db-sync.yaml | 9 +++ neutron/templates/job-post.yaml | 9 +++ neutron/values.yaml | 78 ++++++++++++++++++- rabbitmq/templates/deployment.yaml | 9 +++ rabbitmq/values.yaml | 10 +++ 32 files changed, 427 insertions(+), 7 deletions(-) diff --git a/glance/templates/deployment-api.yaml b/glance/templates/deployment-api.yaml index d998fb5ded..aea5b40841 100644 --- a/glance/templates/deployment-api.yaml +++ b/glance/templates/deployment-api.yaml @@ -35,6 +35,15 @@ spec: - name: glance-api image: {{ .Values.images.api }} imagePullPolicy: {{ .Values.images.pull_policy }} + {{- if .Values.resources.enabled }} + resources: + limits: + cpu: {{ .Values.resources.api.limits.cpu | quote }} + memory: {{ .Values.resources.api.limits.memory | quote }} + requests: + cpu: {{ .Values.resources.api.requests.cpu | quote }} + memory: {{ .Values.resources.api.requests.memory | quote }} + {{- end }} command: - glance-api - --config-file diff --git a/glance/templates/deployment-registry.yaml b/glance/templates/deployment-registry.yaml index 2d1f023b35..f83530a1bf 100644 --- a/glance/templates/deployment-registry.yaml +++ b/glance/templates/deployment-registry.yaml @@ -27,6 +27,15 @@ spec: - name: glance-registry image: {{ .Values.images.registry }} imagePullPolicy: {{ .Values.images.pull_policy }} + {{- if .Values.resources.enabled }} + resources: + limits: + cpu: {{ .Values.resources.registry.limits.cpu | quote }} + memory: {{ .Values.resources.registry.limits.memory | quote }} + requests: + cpu: {{ .Values.resources.registry.requests.cpu | quote }} + memory: {{ .Values.resources.registry.requests.memory | quote }} + {{- end }} command: - glance-registry - --config-file diff --git a/glance/templates/job-db-init.yaml b/glance/templates/job-db-init.yaml index c66375c96e..20bff8ce26 100644 --- a/glance/templates/job-db-init.yaml +++ b/glance/templates/job-db-init.yaml @@ -19,6 +19,15 @@ spec: - name: glance-db-init image: {{ .Values.images.db_init }} imagePullPolicy: {{ .Values.images.pull_policy }} + {{- if .Values.resources.enabled }} + resources: + limits: + cpu: {{ .Values.resources.jobs.init.limits.cpu | quote }} + memory: {{ .Values.resources.jobs.init.limits.memory | quote }} + requests: + cpu: {{ .Values.resources.jobs.init.requests.cpu | quote }} + memory: {{ .Values.resources.jobs.init.requests.memory | quote }} + {{- end }} env: - name: ANSIBLE_LIBRARY value: /usr/share/ansible/ diff --git a/glance/templates/job-db-sync.yaml b/glance/templates/job-db-sync.yaml index 3ecfb6af7b..23914b2dbe 100644 --- a/glance/templates/job-db-sync.yaml +++ b/glance/templates/job-db-sync.yaml @@ -19,6 +19,15 @@ spec: - name: glance-db-sync image: {{ .Values.images.db_sync }} imagePullPolicy: {{ .Values.images.pull_policy }} + {{- if .Values.resources.enabled }} + resources: + limits: + cpu: {{ .Values.resources.jobs.db.limits.cpu | quote }} + memory: {{ .Values.resources.jobs.db.limits.memory | quote }} + requests: + cpu: {{ .Values.resources.jobs.db.requests.cpu | quote }} + memory: {{ .Values.resources.jobs.db.requests.memory | quote }} + {{- end }} command: - glance-manage - db_sync diff --git a/glance/templates/job-post.yaml b/glance/templates/job-post.yaml index bbb53d760a..fbb011ae55 100644 --- a/glance/templates/job-post.yaml +++ b/glance/templates/job-post.yaml @@ -19,6 +19,15 @@ spec: - name: glance-post image: {{ .Values.images.post }} imagePullPolicy: {{ .Values.images.pull_policy }} + {{- if .Values.resources.enabled }} + resources: + limits: + cpu: {{ .Values.resources.jobs.post.limits.cpu | quote }} + memory: {{ .Values.resources.jobs.post.limits.memory | quote }} + requests: + cpu: {{ .Values.resources.jobs.post.requests.cpu | quote }} + memory: {{ .Values.resources.jobs.post.requests.memory | quote }} + {{- end }} command: - bash - /tmp/post.sh diff --git a/glance/values.yaml b/glance/values.yaml index e8ab2f70a2..75678b5439 100644 --- a/glance/values.yaml +++ b/glance/values.yaml @@ -1,4 +1,4 @@ -# Default values for keystone. +# Default values for glance. # This is a YAML-formatted file. # Declare name/value pairs to be passed into your templates. # name: value @@ -72,6 +72,45 @@ misc: workers: 8 debug: false +resources: + enabled: false + api: + limits: + memory: "128Mi" + cpu: "500m" + requests: + memory: "128Mi" + cpu: "500m" + registry: + limits: + memory: "128Mi" + cpu: "500m" + requests: + memory: "128Mi" + cpu: "500m" + jobs: + db: + limits: + memory: "128Mi" + cpu: "500m" + requests: + memory: "128Mi" + cpu: "500m" + init: + limits: + memory: "128Mi" + cpu: "500m" + requests: + memory: "128Mi" + cpu: "500m" + post: + limits: + memory: "128Mi" + cpu: "500m" + requests: + memory: "128Mi" + cpu: "500m" + dependencies: api: jobs: diff --git a/horizon/templates/deployment.yaml b/horizon/templates/deployment.yaml index 9d97e9cdfe..25b90efb0c 100644 --- a/horizon/templates/deployment.yaml +++ b/horizon/templates/deployment.yaml @@ -31,6 +31,15 @@ spec: - name: horizon image: {{ .Values.images.horizon }} imagePullPolicy: {{ .Values.images.pull_policy }} + {{- if .Values.resources.enabled }} + resources: + limits: + cpu: {{ .Values.resources.dashboard.limits.cpu | quote }} + memory: {{ .Values.resources.dashboard.limits.memory | quote }} + requests: + cpu: {{ .Values.resources.dashboard.requests.cpu | quote }} + memory: {{ .Values.resources.dashboard.requests.memory | quote }} + {{- end }} command: - bash - /tmp/start.sh diff --git a/horizon/values.yaml b/horizon/values.yaml index 84caa6d950..500c727d72 100644 --- a/horizon/values.yaml +++ b/horizon/values.yaml @@ -1,4 +1,4 @@ -# Default values for memcached. +# Default values for horizon. # This is a YAML-formatted file. # Declare name/value pairs to be passed into your templates. # name: value @@ -36,7 +36,17 @@ dependencies: - memcached - keystone-api -# typically overriden by environmental +resources: + enabled: false + dashboard: + limits: + memory: "128Mi" + cpu: "500m" + requests: + memory: "128Mi" + cpu: "500m" + +# mits:typically overriden by environmental # values, but should include all endpoints # required by this chart endpoints: diff --git a/keystone/templates/deployment.yaml b/keystone/templates/deployment.yaml index 21321c994b..9b1c58b2f5 100644 --- a/keystone/templates/deployment.yaml +++ b/keystone/templates/deployment.yaml @@ -31,6 +31,15 @@ spec: - name: keystone-api image: {{ .Values.images.api }} imagePullPolicy: {{ .Values.images.pull_policy }} + {{- if .Values.resources.enabled }} + resources: + limits: + cpu: {{ .Values.resources.api.limits.cpu | quote }} + memory: {{ .Values.resources.api.limits.memory | quote }} + requests: + cpu: {{ .Values.resources.api.requests.cpu | quote }} + memory: {{ .Values.resources.api.requests.memory | quote }} + {{- end }} command: - bash - /tmp/start.sh diff --git a/keystone/templates/job-db-init.yaml b/keystone/templates/job-db-init.yaml index b0443a5931..332ed2e1b6 100644 --- a/keystone/templates/job-db-init.yaml +++ b/keystone/templates/job-db-init.yaml @@ -19,6 +19,15 @@ spec: - name: keystone-db-init image: {{ .Values.images.db_init }} imagePullPolicy: {{ .Values.images.pull_policy }} + {{- if .Values.resources.enabled }} + resources: + limits: + cpu: {{ .Values.resources.jobs.init.limits.cpu | quote }} + memory: {{ .Values.resources.jobs.init.limits.memory | quote }} + requests: + cpu: {{ .Values.resources.jobs.init.requests.cpu | quote }} + memory: {{ .Values.resources.jobs.init.requests.memory | quote }} + {{- end }} command: - bash - /tmp/init.sh diff --git a/keystone/templates/job-db-sync.yaml b/keystone/templates/job-db-sync.yaml index d38bbc9e66..0b98976172 100644 --- a/keystone/templates/job-db-sync.yaml +++ b/keystone/templates/job-db-sync.yaml @@ -19,6 +19,15 @@ spec: - name: keystone-db-sync image: {{ .Values.images.db_sync }} imagePullPolicy: {{ .Values.images.pull_policy }} + {{- if .Values.resources.enabled }} + resources: + limits: + cpu: {{ .Values.resources.jobs.db_sync.limits.cpu | quote }} + memory: {{ .Values.resources.jobs.db_sync.limits.memory | quote }} + requests: + cpu: {{ .Values.resources.jobs.db_sync.requests.cpu | quote }} + memory: {{ .Values.resources.jobs.db_sync.requests.memory | quote }} + {{- end }} command: - bash - /tmp/db-sync.sh diff --git a/keystone/values.yaml b/keystone/values.yaml index 1aa064a1d0..48683a96f5 100644 --- a/keystone/values.yaml +++ b/keystone/values.yaml @@ -77,6 +77,31 @@ dependencies: service: - mariadb +resources: + enabled: false + api: + limits: + memory: "128Mi" + cpu: "500m" + requests: + memory: "128Mi" + cpu: "500m" + jobs: + db_sync: + limits: + memory: "128Mi" + cpu: "500m" + requests: + memory: "128Mi" + cpu: "500m" + init: + limits: + memory: "128Mi" + cpu: "500m" + requests: + memory: "128Mi" + cpu: "500m" + # typically overriden by environmental # values, but should include all endpoints # required by this chart diff --git a/maas/templates/deploy-rack.yaml b/maas/templates/deploy-rack.yaml index bd89d6b935..e2c6af2478 100644 --- a/maas/templates/deploy-rack.yaml +++ b/maas/templates/deploy-rack.yaml @@ -14,6 +14,15 @@ spec: containers: - name: maas-rack image: {{ .Values.images.maas_rack }} - imagePullPolicy: Always + imagePullPolicy: {{ .Values.images.pull_policy }} + {{- if .Values.resources.enabled }} + resources: + limits: + cpu: {{ .Values.resources.maas_rack_controller.limits.cpu | quote }} + memory: {{ .Values.resources.maas_rack_controller.limits.memory | quote }} + requests: + cpu: {{ .Values.resources.maas_rack_controller.requests.cpu | quote }} + memory: {{ .Values.resources.maas_rack_controller.requests.memory | quote }} + {{- end }} securityContext: privileged: true diff --git a/maas/templates/deploy-region.yaml b/maas/templates/deploy-region.yaml index 31567170f2..18cf77578a 100644 --- a/maas/templates/deploy-region.yaml +++ b/maas/templates/deploy-region.yaml @@ -51,7 +51,16 @@ spec: containers: - name: maas-region image: {{ .Values.images.maas_region }} - imagePullPolicy: Always + imagePullPolicy: {{ .Values.images.pull_policy }} + {{- if .Values.resources.enabled }} + resources: + limits: + cpu: {{ .Values.resources.maas_region.limits.cpu | quote }} + memory: {{ .Values.resources.maas_region.limits.memory | quote }} + requests: + cpu: {{ .Values.resources.maas_region.requests.cpu | quote }} + memory: {{ .Values.resources.maas_region.requests.memory | quote}} + {{- end }} ports: - containerPort: {{ .Values.network.port.region_container }} readinessProbe: diff --git a/maas/values.yaml b/maas/values.yaml index 8a7862ec89..421e66ca6d 100644 --- a/maas/values.yaml +++ b/maas/values.yaml @@ -5,6 +5,7 @@ images: maas_region: quay.io/attcomdev/maas-region:2.1.2-1 maas_rack: quay.io/attcomdev/maas-rack:2.1.2-1 + pull_policy: Always labels: node_selector_key: openstack-control-plane @@ -18,4 +19,21 @@ network: service_proxy: 8000 service_proxy_target: 8000 -service_name: maas-region-ui +service_name: maas-region-ui + +resources: + enabled: false + maas_rack_controller: + limits: + memory: "128Mi" + cpu: "500m" + requests: + memory: "128Mi" + cpu: "500m" + maas_region: + limits: + memory: "128Mi" + cpu: "500m" + requests: + memory: "128Mi" + cpu: "500m" diff --git a/mariadb/templates/deployment.yaml b/mariadb/templates/deployment.yaml index 8a456ee3ba..341e3f238e 100644 --- a/mariadb/templates/deployment.yaml +++ b/mariadb/templates/deployment.yaml @@ -43,6 +43,15 @@ spec: - name: {{ .Values.service_name }} image: {{ .Values.images.mariadb }} imagePullPolicy: {{ .Values.images.pull_policy }} + {{- if .Values.resources.enabled }} + resources: + limits: + cpu: {{ .Values.resources.api.limits.cpu | quote }} + memory: {{ .Values.resources.api.limits.memory | quote }} + requests: + cpu: {{ .Values.resources.api.requests.cpu | quote }} + memory: {{ .Values.resources.api.requests.memory | quote }} + {{- end }} env: - name: INTERFACE_NAME value: "eth0" diff --git a/mariadb/templates/job-seed.yaml b/mariadb/templates/job-seed.yaml index c8930621a0..762801e19d 100644 --- a/mariadb/templates/job-seed.yaml +++ b/mariadb/templates/job-seed.yaml @@ -16,6 +16,15 @@ spec: - name: mariadb-init image: {{ .Values.images.mariadb }} imagePullPolicy: {{ .Values.images.pull_policy }} + {{- if .Values.resources.enabled }} + resources: + limits: + cpu: {{ .Values.resources.job.seed.limits.cpu | quote }} + memory: {{ .Values.resources.job.seed.limits.memory | quote }} + requests: + cpu: {{ .Values.resources.job.seed.requests.cpu | quote }} + memory: {{ .Values.resources.job.seed.requests.memory | quote }} + {{- end }} env: - name: INTERFACE_NAME value: "eth0" diff --git a/mariadb/values.yaml b/mariadb/values.yaml index 0a13e96581..df015f6569 100644 --- a/mariadb/values.yaml +++ b/mariadb/values.yaml @@ -21,6 +21,24 @@ development: enabled: false storage_path: /data/openstack-helm/mariadb +resources: + enabled: false + api: + limits: + memory: "128Mi" + cpu: "500m" + requests: + memory: "128Mi" + cpu: "500m" + job: + seed: + limits: + memory: "128Mi" + cpu: "500m" + requests: + memory: "128Mi" + cpu: "500m" + # this drives the service name, and statefulset name service_name: mariadb diff --git a/memcached/templates/deployment.yaml b/memcached/templates/deployment.yaml index 020265758e..4bbe9cb4a0 100644 --- a/memcached/templates/deployment.yaml +++ b/memcached/templates/deployment.yaml @@ -23,6 +23,15 @@ spec: - name: memcached image: {{ .Values.images.memcached }} imagePullPolicy: {{ .Values.images.pull_policy }} + {{- if .Values.resources.enabled }} + resources: + limits: + cpu: {{ .Values.resources.api.limits.cpu | quote }} + memory: {{ .Values.resources.api.limits.memory | quote }} + requests: + cpu: {{ .Values.resources.api.requests.cpu | quote }} + memory: {{ .Values.resources.api.requests.memory | quote }} + {{- end }} command: ["sh", "-xec"] args: - | diff --git a/memcached/values.yaml b/memcached/values.yaml index 8b993d9cc9..ea03a7cae4 100644 --- a/memcached/values.yaml +++ b/memcached/values.yaml @@ -26,5 +26,13 @@ memcached: max_connections: 8192 resources: + enabled: false memcached: replicas: 1 + api: + limits: + memory: "128Mi" + cpu: "500m" + requests: + memory: "128Mi" + cpu: "500m" diff --git a/neutron/templates/daemonset-dhcp-agent.yaml b/neutron/templates/daemonset-dhcp-agent.yaml index 4a56ee6ed1..452d7ab76d 100644 --- a/neutron/templates/daemonset-dhcp-agent.yaml +++ b/neutron/templates/daemonset-dhcp-agent.yaml @@ -26,6 +26,15 @@ spec: - name: neutron-dhcp-agent image: {{ .Values.images.dhcp }} imagePullPolicy: {{ .Values.images.pull_policy }} + {{- if .Values.resources.enabled }} + resources: + limits: + cpu: {{ .Values.resources.agent.dhcp.limits.cpu | quote }} + memory: {{ .Values.resources.agent.dhcp.limits.memory | quote }} + requests: + cpu: {{ .Values.resources.agent.dhcp.requests.cpu | quote }} + memory: {{ .Values.resources.agent.dhcp.requests.memory | quote }} + {{- end }} securityContext: privileged: true command: diff --git a/neutron/templates/daemonset-l3-agent.yaml b/neutron/templates/daemonset-l3-agent.yaml index c73ba0da3c..32779333b0 100644 --- a/neutron/templates/daemonset-l3-agent.yaml +++ b/neutron/templates/daemonset-l3-agent.yaml @@ -26,6 +26,15 @@ spec: - name: neutron-l3-agent image: {{ .Values.images.l3 }} imagePullPolicy: {{ .Values.images.pull_policy }} + {{- if .Values.resources.enabled }} + resources: + limits: + cpu: {{ .Values.resources.agent.l3.limits.cpu | quote }} + memory: {{ .Values.resources.agent.l3.limits.memory | quote }} + requests: + cpu: {{ .Values.resources.agent.l3.requests.cpu | quote }} + memory: {{ .Values.resources.agent.l3.requests.memory | quote }} + {{- end }} securityContext: privileged: true command: diff --git a/neutron/templates/daemonset-metadata-agent.yaml b/neutron/templates/daemonset-metadata-agent.yaml index 6d1804aec8..3a0474a9ee 100644 --- a/neutron/templates/daemonset-metadata-agent.yaml +++ b/neutron/templates/daemonset-metadata-agent.yaml @@ -26,6 +26,15 @@ spec: - name: neutron-metadata-agent image: {{ .Values.images.metadata }} imagePullPolicy: {{ .Values.images.pull_policy }} + {{- if .Values.resources.enabled }} + resources: + limits: + cpu: {{ .Values.resources.agent.metadata.limits.cpu | quote }} + memory: {{ .Values.resources.agent.metadata.limits.memory | quote }} + requests: + cpu: {{ .Values.resources.agent.metadata.requests.cpu | quote }} + memory: {{ .Values.resources.agent.metadata.requests.memory | quote }} + {{- end }} securityContext: privileged: true command: diff --git a/neutron/templates/daemonset-ovs-agent.yaml b/neutron/templates/daemonset-ovs-agent.yaml index a0e173c7ce..0d21319504 100644 --- a/neutron/templates/daemonset-ovs-agent.yaml +++ b/neutron/templates/daemonset-ovs-agent.yaml @@ -26,6 +26,15 @@ spec: - name: ovs-agent image: {{ .Values.images.neutron_openvswitch_agent }} imagePullPolicy: {{ .Values.images.pull_policy }} + {{- if .Values.resources.enabled }} + resources: + limits: + cpu: {{ .Values.resources.ovs.agent.limits.cpu | quote }} + memory: {{ .Values.resources.ovs.agent.limits.memory | quote }} + requests: + cpu: {{ .Values.resources.ovs.agent.requests.cpu | quote }} + memory: {{ .Values.resources.ovs.agent.requests.memory | quote }} + {{- end }} securityContext: privileged: true command: diff --git a/neutron/templates/daemonset-ovs-db.yaml b/neutron/templates/daemonset-ovs-db.yaml index f503231c71..a65af8813b 100644 --- a/neutron/templates/daemonset-ovs-db.yaml +++ b/neutron/templates/daemonset-ovs-db.yaml @@ -21,6 +21,15 @@ spec: - name: ovs-db image: {{ .Values.images.openvswitch_db_server }} imagePullPolicy: {{ .Values.images.pull_policy }} + {{- if .Values.resources.enabled }} + resources: + limits: + cpu: {{ .Values.resources.ovs.db.limits.cpu | quote }} + memory: {{ .Values.resources.ovs.db.limits.memory | quote }} + requests: + cpu: {{ .Values.resources.ovs.db.requests.cpu | quote }} + memory: {{ .Values.resources.ovs.db.requests.memory | quote }} + {{- end }} securityContext: privileged: true command: diff --git a/neutron/templates/daemonset-ovs-vswitchd.yaml b/neutron/templates/daemonset-ovs-vswitchd.yaml index da33099bd8..3ab6f550f1 100644 --- a/neutron/templates/daemonset-ovs-vswitchd.yaml +++ b/neutron/templates/daemonset-ovs-vswitchd.yaml @@ -21,6 +21,15 @@ spec: - name: ovs-vswitchd image: {{ .Values.images.openvswitch_vswitchd }} imagePullPolicy: {{ .Values.images.pull_policy }} + {{- if .Values.resources.enabled }} + resources: + limits: + cpu: {{ .Values.resources.ovs.vswitchd.limits.cpu | quote }} + memory: {{ .Values.resources.ovs.vswitchd.limits.memory | quote }} + requests: + cpu: {{ .Values.resources.ovs.vswitchd.requests.cpu | quote }} + memory: {{ .Values.resources.ovs.vswitchd.requests.memory | quote }} + {{- end }} securityContext: privileged: true # ensures this container can speak to the ovs database diff --git a/neutron/templates/deployment-server.yaml b/neutron/templates/deployment-server.yaml index 95abe45084..81ae81313c 100644 --- a/neutron/templates/deployment-server.yaml +++ b/neutron/templates/deployment-server.yaml @@ -37,6 +37,15 @@ spec: - /etc/neutron/neutron.conf - --config-file - /etc/neutron/plugins/ml2/ml2-conf.ini + {{- if .Values.resources.enabled }} + resources: + limits: + cpu: {{ .Values.resources.server.limits.cpu | quote }} + memory: {{ .Values.resources.server.limits.memory | quote }} + requests: + cpu: {{ .Values.resources.server.requests.cpu | quote }} + memory: {{ .Values.resources.server.requests.memory | quote }} + {{- end }} ports: - containerPort: {{ .Values.network.port.server }} readinessProbe: diff --git a/neutron/templates/job-db-sync.yaml b/neutron/templates/job-db-sync.yaml index 1070a2da58..ea9d30bc99 100644 --- a/neutron/templates/job-db-sync.yaml +++ b/neutron/templates/job-db-sync.yaml @@ -27,6 +27,15 @@ spec: - /etc/neutron/plugins/ml2/ml2-conf.ini - upgrade - head + {{- if .Values.resources.enabled }} + resources: + limits: + cpu: {{ .Values.resources.jobs.db_sync.limits.cpu | quote }} + memory: {{ .Values.resources.jobs.db_sync.limits.memory | quote }} + requests: + cpu: {{ .Values.resources.jobs.db_sync.requests.cpu | quote }} + memory: {{ .Values.resources.jobs.db_sync.requests.memory | quote }} + {{- end }} volumeMounts: - name: pod-etc-neutron mountPath: /etc/neutron diff --git a/neutron/templates/job-post.yaml b/neutron/templates/job-post.yaml index 80dc94f2b8..9901e57e42 100644 --- a/neutron/templates/job-post.yaml +++ b/neutron/templates/job-post.yaml @@ -22,6 +22,15 @@ spec: command: - bash - /tmp/post.sh + {{- if .Values.resources.enabled }} + resources: + limits: + cpu: {{ .Values.resources.jobs.post.limits.cpu | quote }} + memory: {{ .Values.resources.jobs.post.limits.memory | quote }} + requests: + cpu: {{ .Values.resources.jobs.post.requests.cpu | quote }} + memory: {{ .Values.resources.jobs.post.requests.memory | quote }} + {{- end }} env: - name: ANSIBLE_LIBRARY value: /usr/share/ansible/ diff --git a/neutron/values.yaml b/neutron/values.yaml index 4502fe0d8c..4b55dcbfb1 100644 --- a/neutron/values.yaml +++ b/neutron/values.yaml @@ -1,4 +1,4 @@ -# Default values for memcached. +# Default values for neutron. # This is a YAML-formatted file. # Declare name/value pairs to be passed into your templates. # name: value @@ -199,6 +199,82 @@ dependencies: jobs: - neutron-db-sync +resources: + enabled: false + agent: + dhcp: + limits: + memory: "128Mi" + cpu: "500m" + requests: + memory: "128Mi" + cpu: "500m" + l3: + limits: + memory: "128Mi" + cpu: "500m" + requests: + memory: "128Mi" + cpu: "500m" + metadata: + limits: + memory: "128Mi" + cpu: "500m" + requests: + memory: "128Mi" + cpu: "500m" + ovs: + agent: + limits: + memory: "128Mi" + cpu: "500m" + requests: + memory: "128Mi" + cpu: "500m" + db: + limits: + memory: "128Mi" + cpu: "500m" + requests: + memory: "128Mi" + cpu: "500m" + vswitchd: + limits: + memory: "128Mi" + cpu: "500m" + requests: + memory: "128Mi" + cpu: "500m" + server: + limits: + memory: "128Mi" + cpu: "500m" + requests: + memory: "128Mi" + cpu: "500m" + jobs: + db_sync: + limits: + memory: "128Mi" + cpu: "500m" + requests: + memory: "128Mi" + cpu: "500m" + init: + limits: + memory: "128Mi" + cpu: "500m" + requests: + memory: "128Mi" + cpu: "500m" + post: + limits: + memory: "128Mi" + cpu: "500m" + requests: + memory: "128Mi" + cpu: "500m" + # typically overriden by environmental # values, but should include all endpoints # required by this chart diff --git a/rabbitmq/templates/deployment.yaml b/rabbitmq/templates/deployment.yaml index d622f8c56e..bd8815fda3 100644 --- a/rabbitmq/templates/deployment.yaml +++ b/rabbitmq/templates/deployment.yaml @@ -30,6 +30,15 @@ spec: containers: - name: rabbitmq image: {{ .Values.images.rabbitmq }} + {{- if .Values.resources.enabled }} + resources: + limits: + cpu: {{ .Values.resources.api.limits.cpu | quote }} + memory: {{ .Values.resources.api.limits.memory | quote }} + requests: + cpu: {{ .Values.resources.api.requests.cpu | quote }} + memory: {{ .Values.resources.api.requests.memory | quote }} + {{- end }} command: - bash - /tmp/start_rabbitmq.sh diff --git a/rabbitmq/values.yaml b/rabbitmq/values.yaml index 8d44741b0b..6cf4699908 100644 --- a/rabbitmq/values.yaml +++ b/rabbitmq/values.yaml @@ -5,6 +5,16 @@ replicas: "1" # this must be quoted to deal with atoi +resources: + enabled: false + api: + limits: + memory: "128Mi" + cpu: "500m" + requests: + memory: "128Mi" + cpu: "500m" + labels: node_selector_key: openstack-control-plane node_selector_value: enabled