This PS unifies and normalises Kubernetes resource allocation and
update strategy across all OpenStack-Helm elements.
Change-Id: Ia41fc453cb5191fa447ca6e1aa0f5b431c939dc8
This PS moves keystone credentials to the endpoints section within
the values.yaml, and also adds a 'secrets' key, allowing standardiation
of secrets and credential management across OpenStack-Helm.
Change-Id: I86a21e625afd822379ac11351603b2c606a3769f
This PS adds soft anti-affinity to all pods in OS-H. By doing so
resiliancy is improved by attempting to ensure that pods are created
on seperate nodes.
Change-Id: I0c1092498f7a1e44218ef785ca3f73fa9f49819c
This PS adjusts the MariaDB chart to use the same endpoint values
layout as used in other openstack-helm components. It also removes
credentials and params from the configmaps and moves them to secrets
and env vars as appropriate.
Change-Id: I9116be7c46cdd16c743ca2784878f3de65665f8c
This PS makes the initial Keystone Admin and Service account users
members of the projects that they are in.
Change-Id: I2de081a216b7e7b99d301ab605c84d882cdb5840
The existing entrypoint logic used static names to reolve dependencies.
This prevented the service names, and thus the hostnames of services
being altered. This PS resolves that issue by looking up the service name
from the endpoints specified in the values for a chart.
Partial-Implements: blueprint enhance-entrypoint-dependency-checking
External-Tracking-Id: OSH-21
Change-Id: Ib49490f332f8cd88e98c50d9335dfd314a170936
With 1.6, init containers are officially part of the kubernetes
API. This changes the format of the helm template for the
entrypoint container from json to yaml, and updates the
charts accordingly.
Co-Authored-By: Pete Birley <pete@port.direct>
Change-Id: I569566ce4b031d107af2d38483040a26210bec45
This PS introduces 'helm test' functionaility to keystone and
provides the basic framwork for charts to use.
Change-Id: Ie84a6ca0ed007fb55e10d503d1c3e49788908eec
Partial-Implements: blueprint implement-helm-test-for-charts
This commit is based on how Nova got its configuration overrides
implemented.
An important thing here is support for setting multiple Cinder backends
(e.g. Ceph cluster + NFS) in the values.yaml. This was required as Cinder
accepts backend configurations only in [<backend_id>] sections in the
cinder.conf.
Please note that autogeneration of ceph.conf and
ceph.client.<rbd_user>.keyring works only for a backend named "rbd1".
In case you want to add another RBD backend, you need to mount those
files by yourself. Commit ehancing this is planned to follow shortly.
Change-Id: Ifb58a85300bbfbb9e63d6b3bfc2ad19a99d2c9d4
This PS updates the way helm-toolkit functions are named to
reference the full path they are loacted at. This should make
development and debugging easier. Addtionally unused functions
have been pruned as well.
Change-Id: I03c553f1d01bccc70c86768b416b147c90d9b2f0
This change removes any trailing whitespaces found while
running:
find . -type f -exec egrep -l " +$" {} \;
Change-Id: Ic1dc8765a0971a32da4c3116871e9450a55b357f
Turns out Helm implements go template function ``base`` that will return
last component of a path. Instead of doing that manually in _funcs.tpl,
we can leverage the builtin. This commit replaces that.
Change-Id: I1b0c90e82790de405730b61ee85654a8810d6907
* Initial Commit of Nova Configuration Overrides
This commit is an evolution of the initial keystone configuration
overrides work
It expands upon that work by introducing many of the same concepts
into nova. It differs in that a few concepts were changed. Namely
the helm-toolkit/_oslo.tpl concept was abandoned, as there are too
many unique oslo paths for configuration elements, so dynamic oslo
setting mechanism was moved locally into configmap-etc.yaml, where
it is generally used.
Secondly, in nova the mount override effort was altered to instead
provide mount "append" capability. Keeping the manifest mounts
closer to the actual pod, and keeping values.yaml a tad smaller.
This still allows the original flexibility of operators adding
mounts, but they cannot "undo" any of the charts built in mounts.
There were several manual tweaks that needd to be done to _nova.conf.tpl
after the oslo-config-gen process this time. This is because there is a
bug in the newton version of generating this file. It does not include
the proper service authentication credentials in the [keystone_authtoken]
section. Future releases have a separate service credentials section
so future config generations will likely not need these added lines.
* Remove unused values.yaml parameters
Fix references to removed helm-toolkit oslo macro
* resolve nova feedback
* bugfix nova-etc/nova-bin swap
I am removing my copywrite and transfering it to the OpenStack-Helm Authors
for the DB Managment Script. As although this was primarily written while an
independant OSS Developer, it is not currently present in any other codebase
and will only be merged post commencing work on the project in an official
capacity. This does not affect the copywrite of any other code contibuted to
the project by myself or any other party.
This commit introduces several new paradigms:
* .Values driven mounts in service containers as well as jobs.
These can be overriden at runtime by manipulating .Values.mounts.*
* Authenticated Endpoint Resolution methods in helm-toolkit
to allow the database and rabbit type endpoints to be moved
under the endpoints section. Now endpoint lookup functions exist
for openstack endpoints as well as infrastructure elements such as
the database, rabbitmq, and memcache.
* Importing of upstream "out of the box" policy.json
and keystone-paste.ini files for better or worse.
* A rendering of the keystone.conf oslo generated config
using a new helm based Values generator. This provides "known"
paths to all configuration elements in the form of
"<section>.<oslo_namespace>.<element>" so that any of these can
be targeted for override via --set or values.yaml files loaded at
run time.
* Support for appending arbitrary string data to the policy.json,
keystone-paste.ini, or keystone.conf files via --set conf.keystone.append="#
some comment", or --set conf.policy.append="\"identity:list_projects\":
\"role:fake\""
* Support for complete verbatim overrides of these three
files via --set conf.keystone.override="full file contents",
or --set conf.policy.override="full file contents" for example
* Rename common chart to helm-toolkit
* Update useage of helpers to include reference to chart they come from.
* Update helm-toolkit function naming
Also catches several functions missed in previous PS
* Update remaining requirements.yaml to use helm-toolbox
* Dep Check container fix for common -> helm-toolbox renaming
