From 0df7427dc43a725015354df080dc94f7b8846ad3 Mon Sep 17 00:00:00 2001
From: Pete Birley <pete@port.direct>
Date: Mon, 5 Jun 2017 14:52:06 -0500
Subject: [PATCH] Refactor start scripts, to support graceful termination
This PS add Barbican support, and moves all potentially container
specific logic into the service start script from the api manifests.
Also fixes a permissions issue with the nova-api, which incorrectly
had the NET_ADMIN capability.
Change-Id: I18fc1ea5d7aa70ea7dabb829361a3da57e905100
---
.../templates/bin/_babican.sh.tpl | 15 ++++---
barbican/templates/configmap-bin.yaml | 4 +-
barbican/templates/deployment-api.yaml | 14 ++++--
cinder/templates/bin/_cinder-api.sh.tpl | 16 +++++--
cinder/templates/bin/_cinder-scheduler.sh.tpl | 2 +-
cinder/templates/bin/_cinder-volume.sh.tpl | 2 +-
cinder/templates/bin/_db-sync.sh.tpl | 2 +-
cinder/templates/deployment-api.yaml | 13 +++---
glance/templates/bin/_glance-api.sh.tpl | 16 +++++--
glance/templates/bin/_glance-registry.sh.tpl | 16 +++++--
glance/templates/deployment-api.yaml | 11 ++---
glance/templates/deployment-registry.yaml | 11 ++---
heat/templates/bin/_heat-api.sh.tpl | 16 +++++--
heat/templates/bin/_heat-cfn.sh.tpl | 16 +++++--
heat/templates/bin/_heat-cloudwatch.sh.tpl | 16 +++++--
heat/templates/deployment-api.yaml | 11 ++---
heat/templates/deployment-cfn.yaml | 11 ++---
heat/templates/deployment-cloudwatch.yaml | 11 ++---
horizon/templates/bin/_horizon.sh.tpl | 43 +++++++++++++++++++
horizon/templates/bin/_start.sh.tpl | 33 --------------
horizon/templates/configmap-bin.yaml | 4 +-
horizon/templates/deployment.yaml | 17 ++++----
.../templates/bin/_keystone-api.sh.tpl | 18 +++++++-
keystone/templates/configmap-bin.yaml | 4 +-
keystone/templates/deployment.yaml | 21 ++++-----
magnum/templates/bin/_magnum-api.sh.tpl | 16 +++++--
magnum/templates/bin/_magnum-conductor.sh.tpl | 2 +-
magnum/templates/deployment-api.yaml | 17 ++++----
mistral/templates/bin/_mistral-api.sh.tpl | 18 ++++++--
mistral/templates/deployment-api.yaml | 13 +++---
neutron/templates/bin/_neutron-server.sh.tpl | 18 ++++++--
neutron/templates/deployment-server.yaml | 17 ++++----
nova/templates/bin/_nova-api-metadata.sh.tpl | 16 +++++--
nova/templates/bin/_nova-api.sh.tpl | 16 +++++--
nova/templates/deployment-api-metadata.yaml | 20 +++++----
nova/templates/deployment-api-osapi.yaml | 21 ++++-----
senlin/templates/bin/_senlin-api.sh.tpl | 16 +++++--
senlin/templates/deployment-api.yaml | 21 ++++-----
38 files changed, 361 insertions(+), 193 deletions(-)
rename keystone/templates/bin/_start.sh.tpl => barbican/templates/bin/_babican.sh.tpl (79%)
create mode 100644 horizon/templates/bin/_horizon.sh.tpl
delete mode 100644 horizon/templates/bin/_start.sh.tpl
rename barbican/templates/bin/_start.sh.tpl => keystone/templates/bin/_keystone-api.sh.tpl (69%)
diff --git a/keystone/templates/bin/_start.sh.tpl b/barbican/templates/bin/_babican.sh.tpl
similarity index 79%
rename from keystone/templates/bin/_start.sh.tpl
rename to barbican/templates/bin/_babican.sh.tpl
index d044458247..fb6eb55485 100644
--- a/keystone/templates/bin/_start.sh.tpl
+++ b/barbican/templates/bin/_babican.sh.tpl
@@ -15,11 +15,14 @@
# limitations under the License.
set -ex
+COMMAND="${@:-start}"
-if [ -f /etc/apache2/envvars ]; then
- # Loading Apache2 ENV variables
- source /etc/apache2/envvars
-fi
+function start () {
+ exec uwsgi --die-on-term --master --emperor /etc/barbican/vassals
+}
-# Start Apache2
-exec apache2 -DFOREGROUND
+function stop () {
+ kill -TERM 1
+}
+
+$COMMAND
diff --git a/barbican/templates/configmap-bin.yaml b/barbican/templates/configmap-bin.yaml
index ae97b8d274..1772a4d256 100644
--- a/barbican/templates/configmap-bin.yaml
+++ b/barbican/templates/configmap-bin.yaml
@@ -19,8 +19,8 @@ data:
{{- include "helm-toolkit.scripts.db_init" . | indent 4 }}
db-sync.sh: |
{{ tuple "bin/_db-sync.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
- start.sh: |
-{{ tuple "bin/_start.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
+ barbican.sh: |
+{{ tuple "bin/_barbican.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
ks-service.sh: |
{{- include "helm-toolkit.scripts.keystone_service" . | indent 4 }}
ks-endpoints.sh: |
diff --git a/barbican/templates/deployment-api.yaml b/barbican/templates/deployment-api.yaml
index 7ae6b77a97..9d5d3970e8 100644
--- a/barbican/templates/deployment-api.yaml
+++ b/barbican/templates/deployment-api.yaml
@@ -56,7 +56,15 @@ spec:
{{- end }}
command:
- bash
- - /tmp/start.sh
+ - /tmp/barbican.sh
+ - start
+ lifecycle:
+ preStop:
+ exec:
+ command:
+ - bash
+ - /tmp/barbican.sh
+ - stop
ports:
- containerPort: {{ .Values.conf.barbican.barbican_api.barbican.config.bind_port }}
readinessProbe:
@@ -86,8 +94,8 @@ spec:
subPath: policy.json
readOnly: true
- name: barbican-bin
- mountPath: /tmp/start.sh
- subPath: start.sh
+ mountPath: /tmp/barbican.sh
+ subPath: barbican.sh
readOnly: true
{{ if $mounts_barbican_api.volumeMounts }}{{ toYaml $mounts_barbican_api.volumeMounts | indent 12 }}{{ end }}
volumes:
diff --git a/cinder/templates/bin/_cinder-api.sh.tpl b/cinder/templates/bin/_cinder-api.sh.tpl
index f084cee020..ae4f43b7cb 100644
--- a/cinder/templates/bin/_cinder-api.sh.tpl
+++ b/cinder/templates/bin/_cinder-api.sh.tpl
@@ -14,6 +14,16 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-set -x
-exec cinder-api \
- --config-file /etc/cinder/cinder.conf
+set -ex
+COMMAND="${@:-start}"
+
+function start () {
+ exec cinder-api \
+ --config-file /etc/cinder/cinder.conf
+}
+
+function stop () {
+ kill -TERM 1
+}
+
+$COMMAND
diff --git a/cinder/templates/bin/_cinder-scheduler.sh.tpl b/cinder/templates/bin/_cinder-scheduler.sh.tpl
index e0cd32a285..080fd97315 100644
--- a/cinder/templates/bin/_cinder-scheduler.sh.tpl
+++ b/cinder/templates/bin/_cinder-scheduler.sh.tpl
@@ -14,6 +14,6 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-set -x
+set -ex
exec cinder-scheduler \
--config-file /etc/cinder/cinder.conf
diff --git a/cinder/templates/bin/_cinder-volume.sh.tpl b/cinder/templates/bin/_cinder-volume.sh.tpl
index c9734f200e..8f4973ec09 100644
--- a/cinder/templates/bin/_cinder-volume.sh.tpl
+++ b/cinder/templates/bin/_cinder-volume.sh.tpl
@@ -14,6 +14,6 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-set -x
+set -ex
exec cinder-volume \
--config-file /etc/cinder/cinder.conf
diff --git a/cinder/templates/bin/_db-sync.sh.tpl b/cinder/templates/bin/_db-sync.sh.tpl
index 51b2adaeca..acd635ce07 100644
--- a/cinder/templates/bin/_db-sync.sh.tpl
+++ b/cinder/templates/bin/_db-sync.sh.tpl
@@ -16,4 +16,4 @@
set -ex
-cinder-manage db sync
+exec cinder-manage db sync
diff --git a/cinder/templates/deployment-api.yaml b/cinder/templates/deployment-api.yaml
index 0c265800d3..b457edb5bd 100644
--- a/cinder/templates/deployment-api.yaml
+++ b/cinder/templates/deployment-api.yaml
@@ -60,16 +60,17 @@ spec:
command:
- bash
- /tmp/cinder-api.sh
- ports:
- - name: c-api
- containerPort: {{ .Values.conf.cinder.default.cinder.osapi_volume_listen_port }}
+ - start
lifecycle:
preStop:
exec:
command:
- - kill
- - -TERM
- - "1"
+ - bash
+ - /tmp/cinder-api.sh
+ - stop
+ ports:
+ - name: c-api
+ containerPort: {{ .Values.conf.cinder.default.cinder.osapi_volume_listen_port }}
readinessProbe:
tcpSocket:
port: {{ .Values.conf.cinder.default.cinder.osapi_volume_listen_port }}
diff --git a/glance/templates/bin/_glance-api.sh.tpl b/glance/templates/bin/_glance-api.sh.tpl
index ace7e45213..4335299942 100644
--- a/glance/templates/bin/_glance-api.sh.tpl
+++ b/glance/templates/bin/_glance-api.sh.tpl
@@ -14,6 +14,16 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-set -x
-exec glance-api \
- --config-file /etc/glance/glance-api.conf
+set -ex
+COMMAND="${@:-start}"
+
+function start () {
+ exec glance-api \
+ --config-file /etc/glance/glance-api.conf
+}
+
+function stop () {
+ kill -TERM 1
+}
+
+$COMMAND
diff --git a/glance/templates/bin/_glance-registry.sh.tpl b/glance/templates/bin/_glance-registry.sh.tpl
index 88f6c56f6b..b811618363 100644
--- a/glance/templates/bin/_glance-registry.sh.tpl
+++ b/glance/templates/bin/_glance-registry.sh.tpl
@@ -14,6 +14,16 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-set -x
-exec glance-registry \
- --config-file /etc/glance/glance-registry.conf
+set -ex
+COMMAND="${@:-start}"
+
+function start () {
+ exec glance-registry \
+ --config-file /etc/glance/glance-registry.conf
+}
+
+function stop () {
+ kill -TERM 1
+}
+
+$COMMAND
diff --git a/glance/templates/deployment-api.yaml b/glance/templates/deployment-api.yaml
index e1c656ebc1..49fd85a4fb 100644
--- a/glance/templates/deployment-api.yaml
+++ b/glance/templates/deployment-api.yaml
@@ -60,15 +60,16 @@ spec:
command:
- bash
- /tmp/glance-api.sh
- ports:
- - containerPort: {{ .Values.conf.glance.default.glance.api.bind_port }}
+ - start
lifecycle:
preStop:
exec:
command:
- - kill
- - -TERM
- - "1"
+ - bash
+ - /tmp/glance-api.sh
+ - stop
+ ports:
+ - containerPort: {{ .Values.conf.glance.default.glance.api.bind_port }}
readinessProbe:
tcpSocket:
port: {{ .Values.conf.glance.default.glance.api.bind_port }}
diff --git a/glance/templates/deployment-registry.yaml b/glance/templates/deployment-registry.yaml
index 2c78b2d39e..9c79023646 100644
--- a/glance/templates/deployment-registry.yaml
+++ b/glance/templates/deployment-registry.yaml
@@ -52,15 +52,16 @@ spec:
command:
- bash
- /tmp/glance-registry.sh
- ports:
- - containerPort: {{ .Values.conf.glance_registry.default.glance.registry.bind_port }}
+ - start
lifecycle:
preStop:
exec:
command:
- - kill
- - -TERM
- - "1"
+ - bash
+ - /tmp/glance-registry.sh
+ - stop
+ ports:
+ - containerPort: {{ .Values.conf.glance_registry.default.glance.registry.bind_port }}
readinessProbe:
tcpSocket:
port: {{ .Values.conf.glance_registry.default.glance.registry.bind_port }}
diff --git a/heat/templates/bin/_heat-api.sh.tpl b/heat/templates/bin/_heat-api.sh.tpl
index d95f8180b5..a3ecdb2712 100644
--- a/heat/templates/bin/_heat-api.sh.tpl
+++ b/heat/templates/bin/_heat-api.sh.tpl
@@ -14,6 +14,16 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-set -x
-exec heat-api \
- --config-file /etc/heat/heat.conf
+set -ex
+COMMAND="${@:-start}"
+
+function start () {
+ exec heat-api \
+ --config-file /etc/heat/heat.conf
+}
+
+function stop () {
+ kill -TERM 1
+}
+
+$COMMAND
diff --git a/heat/templates/bin/_heat-cfn.sh.tpl b/heat/templates/bin/_heat-cfn.sh.tpl
index d84d153104..f0121270f7 100644
--- a/heat/templates/bin/_heat-cfn.sh.tpl
+++ b/heat/templates/bin/_heat-cfn.sh.tpl
@@ -14,6 +14,16 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-set -x
-exec heat-api-cfn \
- --config-file /etc/heat/heat.conf
+set -ex
+COMMAND="${@:-start}"
+
+function start () {
+ exec heat-api-cfn \
+ --config-file /etc/heat/heat.conf
+}
+
+function stop () {
+ kill -TERM 1
+}
+
+$COMMAND
diff --git a/heat/templates/bin/_heat-cloudwatch.sh.tpl b/heat/templates/bin/_heat-cloudwatch.sh.tpl
index 0201fa9f03..cb64eca457 100644
--- a/heat/templates/bin/_heat-cloudwatch.sh.tpl
+++ b/heat/templates/bin/_heat-cloudwatch.sh.tpl
@@ -14,6 +14,16 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-set -x
-exec heat-api-cloudwatch \
- --config-file /etc/heat/heat.conf
+set -ex
+COMMAND="${@:-start}"
+
+function start () {
+ exec heat-api-cloudwatch \
+ --config-file /etc/heat/heat.conf
+}
+
+function stop () {
+ kill -TERM 1
+}
+
+$COMMAND
diff --git a/heat/templates/deployment-api.yaml b/heat/templates/deployment-api.yaml
index 7501674b39..234a660513 100644
--- a/heat/templates/deployment-api.yaml
+++ b/heat/templates/deployment-api.yaml
@@ -60,15 +60,16 @@ spec:
command:
- bash
- /tmp/heat-api.sh
- ports:
- - containerPort: {{ .Values.conf.heat.heat_api.heat.common.wsgi.bind_port }}
+ - start
lifecycle:
preStop:
exec:
command:
- - kill
- - -TERM
- - "1"
+ - bash
+ - /tmp/heat-api.sh
+ - stop
+ ports:
+ - containerPort: {{ .Values.conf.heat.heat_api.heat.common.wsgi.bind_port }}
readinessProbe:
tcpSocket:
port: {{ .Values.conf.heat.heat_api.heat.common.wsgi.bind_port }}
diff --git a/heat/templates/deployment-cfn.yaml b/heat/templates/deployment-cfn.yaml
index e2b5a14713..e9e6ece885 100644
--- a/heat/templates/deployment-cfn.yaml
+++ b/heat/templates/deployment-cfn.yaml
@@ -60,15 +60,16 @@ spec:
command:
- bash
- /tmp/heat-cfn.sh
- ports:
- - containerPort: {{ .Values.conf.heat.heat_api_cfn.heat.common.wsgi.bind_port }}
+ - start
lifecycle:
preStop:
exec:
command:
- - kill
- - -TERM
- - "1"
+ - bash
+ - /tmp/heat-cfn.sh
+ - stop
+ ports:
+ - containerPort: {{ .Values.conf.heat.heat_api_cfn.heat.common.wsgi.bind_port }}
readinessProbe:
tcpSocket:
port: {{ .Values.conf.heat.heat_api_cfn.heat.common.wsgi.bind_port }}
diff --git a/heat/templates/deployment-cloudwatch.yaml b/heat/templates/deployment-cloudwatch.yaml
index 2056773aff..749e726d65 100644
--- a/heat/templates/deployment-cloudwatch.yaml
+++ b/heat/templates/deployment-cloudwatch.yaml
@@ -60,15 +60,16 @@ spec:
command:
- bash
- /tmp/heat-cloudwatch.sh
- ports:
- - containerPort: {{ .Values.conf.heat.heat_api_cloudwatch.heat.common.wsgi.bind_port }}
+ - start
lifecycle:
preStop:
exec:
command:
- - kill
- - -TERM
- - "1"
+ - bash
+ - /tmp/heat-cloudwatch.sh
+ - stop
+ ports:
+ - containerPort: {{ .Values.conf.heat.heat_api_cloudwatch.heat.common.wsgi.bind_port }}
readinessProbe:
tcpSocket:
port: {{ .Values.conf.heat.heat_api_cloudwatch.heat.common.wsgi.bind_port }}
diff --git a/horizon/templates/bin/_horizon.sh.tpl b/horizon/templates/bin/_horizon.sh.tpl
new file mode 100644
index 0000000000..2102d0b42d
--- /dev/null
+++ b/horizon/templates/bin/_horizon.sh.tpl
@@ -0,0 +1,43 @@
+#!/bin/bash
+
+# Copyright 2017 The Openstack-Helm Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+set -ex
+COMMAND="${@:-start}"
+
+function start () {
+ if [ -f /etc/apache2/envvars ]; then
+ # Loading Apache2 ENV variables
+ source /etc/apache2/envvars
+ fi
+ rm -rf /var/run/apache2/*
+ APACHE_DIR="apache2"
+
+ # Compress Horizon's assets.
+ /var/lib/kolla/venv/bin/manage.py collectstatic --noinput
+ /var/lib/kolla/venv/bin/manage.py compress --force
+ rm -rf /tmp/_tmp_.secret_key_store.lock /tmp/.secret_key_store
+
+ # wsgi/horizon-http needs open files here, including secret_key_store
+ chown -R horizon /var/lib/kolla/venv/lib/python2.7/site-packages/openstack_dashboard/local/
+
+ exec apache2 -DFOREGROUND
+}
+
+function stop () {
+ apachectl -k graceful-stop
+}
+
+$COMMAND
diff --git a/horizon/templates/bin/_start.sh.tpl b/horizon/templates/bin/_start.sh.tpl
deleted file mode 100644
index 9cebe1a648..0000000000
--- a/horizon/templates/bin/_start.sh.tpl
+++ /dev/null
@@ -1,33 +0,0 @@
-#!/bin/bash
-
-# Copyright 2017 The Openstack-Helm Authors.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-set -ex
-
-# Loading Apache2 ENV variables
-source /etc/apache2/envvars
-rm -rf /var/run/apache2/*
-APACHE_DIR="apache2"
-
-# Compress Horizon's assets.
-/var/lib/kolla/venv/bin/manage.py collectstatic --noinput
-/var/lib/kolla/venv/bin/manage.py compress --force
-rm -rf /tmp/_tmp_.secret_key_store.lock /tmp/.secret_key_store
-
-# wsgi/horizon-http needs open files here, including secret_key_store
-chown -R horizon /var/lib/kolla/venv/lib/python2.7/site-packages/openstack_dashboard/local/
-
-apache2 -DFOREGROUND
-
diff --git a/horizon/templates/configmap-bin.yaml b/horizon/templates/configmap-bin.yaml
index ab768ec1bf..3d6bf285ed 100644
--- a/horizon/templates/configmap-bin.yaml
+++ b/horizon/templates/configmap-bin.yaml
@@ -17,5 +17,5 @@ kind: ConfigMap
metadata:
name: horizon-bin
data:
- start.sh: |
-{{ tuple "bin/_start.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
+ horizon.sh: |
+{{ tuple "bin/_horizon.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
diff --git a/horizon/templates/deployment.yaml b/horizon/templates/deployment.yaml
index 391439e951..4971dfe244 100644
--- a/horizon/templates/deployment.yaml
+++ b/horizon/templates/deployment.yaml
@@ -59,23 +59,24 @@ spec:
{{- end }}
command:
- bash
- - /tmp/start.sh
- ports:
- - containerPort: {{ .Values.network.port }}
+ - /tmp/horizon.sh
+ - start
lifecycle:
preStop:
exec:
command:
- - apachectl
- - -k
- - graceful-stop
+ - bash
+ - /tmp/horizon.sh
+ - stop
+ ports:
+ - containerPort: {{ .Values.network.port }}
readinessProbe:
tcpSocket:
port: {{ .Values.network.port }}
volumeMounts:
- name: startsh
- mountPath: /tmp/start.sh
- subPath: start.sh
+ mountPath: /tmp/horizon.sh
+ subPath: horizon.sh
readOnly: true
- name: horizon-etc
mountPath: /etc/apache2/sites-enabled/000-default.conf
diff --git a/barbican/templates/bin/_start.sh.tpl b/keystone/templates/bin/_keystone-api.sh.tpl
similarity index 69%
rename from barbican/templates/bin/_start.sh.tpl
rename to keystone/templates/bin/_keystone-api.sh.tpl
index bb1e6a34e7..e47df9a839 100644
--- a/barbican/templates/bin/_start.sh.tpl
+++ b/keystone/templates/bin/_keystone-api.sh.tpl
@@ -16,4 +16,20 @@
set -ex
-exec uwsgi --master --emperor /etc/barbican/vassals
+COMMAND="${@:-start}"
+
+function start () {
+ if [ -f /etc/apache2/envvars ]; then
+ # Loading Apache2 ENV variables
+ source /etc/apache2/envvars
+ fi
+
+ # Start Apache2
+ exec apache2 -DFOREGROUND
+}
+
+function stop () {
+ apachectl -k graceful-stop
+}
+
+$COMMAND
diff --git a/keystone/templates/configmap-bin.yaml b/keystone/templates/configmap-bin.yaml
index 443986c5d8..e773dea900 100644
--- a/keystone/templates/configmap-bin.yaml
+++ b/keystone/templates/configmap-bin.yaml
@@ -21,5 +21,5 @@ data:
{{- include "helm-toolkit.scripts.db_init" . | indent 4 }}
db-sync.sh: |
{{ tuple "bin/_db-sync.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
- start.sh: |
-{{ tuple "bin/_start.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
+ keystone-api.sh: |
+{{ tuple "bin/_keystone-api.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
diff --git a/keystone/templates/deployment.yaml b/keystone/templates/deployment.yaml
index 31e9d9c877..e0c8474a48 100644
--- a/keystone/templates/deployment.yaml
+++ b/keystone/templates/deployment.yaml
@@ -59,19 +59,20 @@ spec:
{{- end }}
command:
- bash
- - /tmp/start.sh
+ - /tmp/keystone-api.sh
+ - start
+ lifecycle:
+ preStop:
+ exec:
+ command:
+ - bash
+ - /tmp/keystone-api.sh
+ - stop
ports:
- name: api-public
containerPort: {{ .Values.network.api.port }}
- name: api-admin
containerPort: {{ .Values.network.admin.port }}
- lifecycle:
- preStop:
- exec:
- command:
- - apachectl
- - -k
- - graceful-stop
readinessProbe:
tcpSocket:
port: {{ .Values.network.api.port }}
@@ -103,8 +104,8 @@ spec:
subPath: mpm_event.conf
readOnly: true
- name: keystone-bin
- mountPath: /tmp/start.sh
- subPath: start.sh
+ mountPath: /tmp/keystone-api.sh
+ subPath: keystone-api.sh
readOnly: true
{{ if $mounts_keystone_api.volumeMounts }}{{ toYaml $mounts_keystone_api.volumeMounts | indent 10 }}{{ end }}
volumes:
diff --git a/magnum/templates/bin/_magnum-api.sh.tpl b/magnum/templates/bin/_magnum-api.sh.tpl
index a6d66a820a..791a5829f5 100644
--- a/magnum/templates/bin/_magnum-api.sh.tpl
+++ b/magnum/templates/bin/_magnum-api.sh.tpl
@@ -14,6 +14,16 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-set -x
-exec magnum-api \
- --config-file /etc/magnum/magnum.conf
+set -ex
+COMMAND="${@:-start}"
+
+function start () {
+ exec magnum-api \
+ --config-file /etc/magnum/magnum.conf
+}
+
+function stop () {
+ kill -TERM 1
+}
+
+$COMMAND
diff --git a/magnum/templates/bin/_magnum-conductor.sh.tpl b/magnum/templates/bin/_magnum-conductor.sh.tpl
index 7631930c5d..19e0734c73 100644
--- a/magnum/templates/bin/_magnum-conductor.sh.tpl
+++ b/magnum/templates/bin/_magnum-conductor.sh.tpl
@@ -14,6 +14,6 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-set -x
+set -ex
exec magnum-conductor \
--config-file /etc/magnum/magnum.conf
diff --git a/magnum/templates/deployment-api.yaml b/magnum/templates/deployment-api.yaml
index aebef2ed7d..78815956ec 100644
--- a/magnum/templates/deployment-api.yaml
+++ b/magnum/templates/deployment-api.yaml
@@ -57,21 +57,22 @@ spec:
memory: {{ .Values.resources.magnum_api.limits.memory | quote }}
cpu: {{ .Values.resources.magnum_api.limits.cpu | quote }}
{{- end }}
- ports:
- - containerPort: {{ .Values.conf.magnum.api.magnum.port }}
+ command:
+ - bash
+ - /tmp/magnum-api.sh
+ - start
lifecycle:
preStop:
exec:
command:
- - kill
- - -TERM
- - "1"
+ - bash
+ - /tmp/magnum-api.sh
+ - stop
+ ports:
+ - containerPort: {{ .Values.conf.magnum.api.magnum.port }}
readinessProbe:
tcpSocket:
port: {{ .Values.conf.magnum.api.magnum.port }}
- command:
- - bash
- - /tmp/magnum-api.sh
volumeMounts:
- name: magnum-bin
mountPath: /tmp/magnum-api.sh
diff --git a/mistral/templates/bin/_mistral-api.sh.tpl b/mistral/templates/bin/_mistral-api.sh.tpl
index 8c2e4bbcf0..0b49cf7a11 100644
--- a/mistral/templates/bin/_mistral-api.sh.tpl
+++ b/mistral/templates/bin/_mistral-api.sh.tpl
@@ -14,7 +14,17 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-set -x
-exec mistral-server \
- --server api \
- --config-file /etc/mistral/mistral.conf
+set -ex
+COMMAND="${@:-start}"
+
+function start () {
+ exec mistral-server \
+ --server api \
+ --config-file /etc/mistral/mistral.conf
+}
+
+function stop () {
+ kill -TERM 1
+}
+
+$COMMAND
diff --git a/mistral/templates/deployment-api.yaml b/mistral/templates/deployment-api.yaml
index 29787bdf1f..5d061bd409 100644
--- a/mistral/templates/deployment-api.yaml
+++ b/mistral/templates/deployment-api.yaml
@@ -60,16 +60,17 @@ spec:
command:
- bash
- /tmp/mistral-api.sh
- ports:
- - name: {{ .Values.network.api.name }}
- containerPort: {{ .Values.conf.mistral.api.mistral.config.port }}
+ - start
lifecycle:
preStop:
exec:
command:
- - kill
- - -TERM
- - "1"
+ - bash
+ - /tmp/mistral-api.sh
+ - stop
+ ports:
+ - name: {{ .Values.network.api.name }}
+ containerPort: {{ .Values.conf.mistral.api.mistral.config.port }}
readinessProbe:
tcpSocket:
port: {{ .Values.conf.mistral.api.mistral.config.port }}
diff --git a/neutron/templates/bin/_neutron-server.sh.tpl b/neutron/templates/bin/_neutron-server.sh.tpl
index 0ab1ef5de3..21442be8b9 100644
--- a/neutron/templates/bin/_neutron-server.sh.tpl
+++ b/neutron/templates/bin/_neutron-server.sh.tpl
@@ -14,7 +14,17 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-set -x
-exec neutron-server \
- --config-file /etc/neutron/neutron.conf \
- --config-file /etc/neutron/plugins/ml2/ml2_conf.ini
+set -ex
+COMMAND="${@:-start}"
+
+function start () {
+ exec neutron-server \
+ --config-file /etc/neutron/neutron.conf \
+ --config-file /etc/neutron/plugins/ml2/ml2_conf.ini
+}
+
+function stop () {
+ kill -TERM 1
+}
+
+$COMMAND
diff --git a/neutron/templates/deployment-server.yaml b/neutron/templates/deployment-server.yaml
index 95320a109c..d91e652f64 100644
--- a/neutron/templates/deployment-server.yaml
+++ b/neutron/templates/deployment-server.yaml
@@ -57,21 +57,22 @@ spec:
cpu: {{ .Values.resources.server.requests.cpu | quote }}
memory: {{ .Values.resources.server.requests.memory | quote }}
{{- end }}
- ports:
- - containerPort: {{ .Values.network.server.port }}
+ command:
+ - bash
+ - /tmp/neutron-server.sh
+ - start
lifecycle:
preStop:
exec:
command:
- - kill
- - -TERM
- - "1"
+ - bash
+ - /tmp/neutron-server.sh
+ - stop
+ ports:
+ - containerPort: {{ .Values.network.server.port }}
readinessProbe:
tcpSocket:
port: {{ .Values.network.server.port }}
- command:
- - bash
- - /tmp/neutron-server.sh
volumeMounts:
- name: neutron-bin
mountPath: /tmp/neutron-server.sh
diff --git a/nova/templates/bin/_nova-api-metadata.sh.tpl b/nova/templates/bin/_nova-api-metadata.sh.tpl
index 0a2ce4cce5..fa3c3863bd 100644
--- a/nova/templates/bin/_nova-api-metadata.sh.tpl
+++ b/nova/templates/bin/_nova-api-metadata.sh.tpl
@@ -14,6 +14,16 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-set -x
-exec nova-api-metadata \
- --config-file /etc/nova/nova.conf
+set -ex
+COMMAND="${@:-start}"
+
+function start () {
+ exec nova-api-metadata \
+ --config-file /etc/nova/nova.conf
+}
+
+function stop () {
+ kill -TERM 1
+}
+
+$COMMAND
diff --git a/nova/templates/bin/_nova-api.sh.tpl b/nova/templates/bin/_nova-api.sh.tpl
index 2170d1e426..4c334f7c5b 100644
--- a/nova/templates/bin/_nova-api.sh.tpl
+++ b/nova/templates/bin/_nova-api.sh.tpl
@@ -14,6 +14,16 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-set -x
-exec nova-api \
- --config-file /etc/nova/nova.conf
+set -ex
+COMMAND="${@:-start}"
+
+function start () {
+ exec nova-api-os-compute \
+ --config-file /etc/nova/nova.conf
+}
+
+function stop () {
+ kill -TERM 1
+}
+
+$COMMAND
diff --git a/nova/templates/deployment-api-metadata.yaml b/nova/templates/deployment-api-metadata.yaml
index 13a0a9f7b2..1a73c96919 100644
--- a/nova/templates/deployment-api-metadata.yaml
+++ b/nova/templates/deployment-api-metadata.yaml
@@ -48,7 +48,6 @@ spec:
- name: nova-api
image: {{ .Values.images.api }}
imagePullPolicy: {{ .Values.images.pull_policy }}
- # https://bugs.launchpad.net/kolla-mesos/+bug/1546007
{{- if .Values.resources.enabled }}
resources:
requests:
@@ -58,25 +57,28 @@ spec:
memory: {{ .Values.resources.nova_api_metadata.limits.memory | quote }}
cpu: {{ .Values.resources.nova_api_metadata.limits.cpu | quote }}
{{- end }}
+ # NOTE(portdirect): NET_ADMIN is needed as the api-metadata service
+ # expects to run some iptables commands, even when neutron is used.
securityContext:
capabilities:
add:
- NET_ADMIN
- ports:
- - containerPort: {{ .Values.network.metadata.port }}
+ command:
+ - bash
+ - /tmp/nova-api-metadata.sh
+ - start
lifecycle:
preStop:
exec:
command:
- - kill
- - -TERM
- - "1"
+ - bash
+ - /tmp/nova-api-metadata.sh
+ - stop
+ ports:
+ - containerPort: {{ .Values.network.metadata.port }}
readinessProbe:
tcpSocket:
port: {{ .Values.network.metadata.port }}
- command:
- - bash
- - /tmp/nova-api-metadata.sh
volumeMounts:
- name: nova-bin
mountPath: /tmp/nova-api-metadata.sh
diff --git a/nova/templates/deployment-api-osapi.yaml b/nova/templates/deployment-api-osapi.yaml
index d53c4568e3..0320ab9930 100644
--- a/nova/templates/deployment-api-osapi.yaml
+++ b/nova/templates/deployment-api-osapi.yaml
@@ -48,10 +48,6 @@ spec:
- name: nova-osapi
image: {{ .Values.images.api }}
imagePullPolicy: {{ .Values.images.pull_policy }}
- securityContext:
- capabilities:
- add:
- - NET_ADMIN
{{- if .Values.resources.enabled }}
resources:
requests:
@@ -61,21 +57,22 @@ spec:
memory: {{ .Values.resources.nova_osapi.limits.memory | quote }}
cpu: {{ .Values.resources.nova_osapi.limits.cpu | quote }}
{{- end }}
- ports:
- - containerPort: {{ .Values.network.osapi.port }}
+ command:
+ - bash
+ - /tmp/nova-api.sh
+ - start
lifecycle:
preStop:
exec:
command:
- - kill
- - -TERM
- - "1"
+ - bash
+ - /tmp/nova-api.sh
+ - stop
+ ports:
+ - containerPort: {{ .Values.network.osapi.port }}
readinessProbe:
tcpSocket:
port: {{ .Values.network.osapi.port }}
- command:
- - bash
- - /tmp/nova-api.sh
volumeMounts:
- name: nova-bin
mountPath: /tmp/nova-api.sh
diff --git a/senlin/templates/bin/_senlin-api.sh.tpl b/senlin/templates/bin/_senlin-api.sh.tpl
index cd61cc0148..859108c999 100644
--- a/senlin/templates/bin/_senlin-api.sh.tpl
+++ b/senlin/templates/bin/_senlin-api.sh.tpl
@@ -14,6 +14,16 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-set -x
-exec senlin-api \
- --config-file /etc/senlin/senlin.conf
+set -ex
+COMMAND="${@:-start}"
+
+function start () {
+ exec senlin-api \
+ --config-file /etc/senlin/senlin.conf
+}
+
+function stop () {
+ kill -TERM 1
+}
+
+$COMMAND
diff --git a/senlin/templates/deployment-api.yaml b/senlin/templates/deployment-api.yaml
index b6e51ecbba..a81d79bb00 100644
--- a/senlin/templates/deployment-api.yaml
+++ b/senlin/templates/deployment-api.yaml
@@ -57,21 +57,22 @@ spec:
memory: {{ .Values.resources.senlin_api.limits.memory | quote }}
cpu: {{ .Values.resources.senlin_api.limits.cpu | quote }}
{{- end }}
+ command:
+ - bash
+ - /tmp/senlin-api.sh
+ - start
+ lifecycle:
+ preStop:
+ exec:
+ command:
+ - bash
+ - /tmp/senlin-api.sh
+ - stop
ports:
- containerPort: {{ .Values.conf.senlin.senlin_api.senlin.config.bind_port }}
readinessProbe:
tcpSocket:
port: {{ .Values.conf.senlin.senlin_api.senlin.config.bind_port }}
- command:
- - bash
- - /tmp/senlin-api.sh
- lifecycle:
- preStop:
- exec:
- command:
- - kill
- - -TERM
- - "1"
volumeMounts:
- name: senlin-bin
mountPath: /tmp/senlin-api.sh