Rename mariadb backup identities
Challenge: Now remote_ks_admin and remote_rgw_user are using for user labels of backup target openstack cloud. When the backup user doesn't exist and we can enable job_ks_user manifest. But job_ks_user uses .Vaules.secrets.identity.admin and mariadb, while secret-rgw and cron-job-backup-mariadb use .Values.secrets. identity.remote_ks_admin and remote_rgw_user. It requires to use same values for admin and remote_ks_admin, and for mariadb and remote_rgw_user. Seems it isbreaking values consistency. Suggestion: Now providing 2 kinds of backup - pvc and swift. "remote_" means the swift backup. In fact, mariadb chart has no case to access to keystone except swift backup. So we can remove remote_xx_* prefix and there is no confusion. Change-Id: Ib82120611659bd36bae35f2e90054642fb8ee31f
This commit is contained in:
parent
618c064d25
commit
5db88a5fb4
@ -15,7 +15,7 @@ apiVersion: v1
|
|||||||
appVersion: v10.2.31
|
appVersion: v10.2.31
|
||||||
description: OpenStack-Helm MariaDB
|
description: OpenStack-Helm MariaDB
|
||||||
name: mariadb
|
name: mariadb
|
||||||
version: 0.1.9
|
version: 0.1.10
|
||||||
home: https://mariadb.com/kb/en/
|
home: https://mariadb.com/kb/en/
|
||||||
icon: http://badges.mariadb.org/mariadb-badge-180x60.png
|
icon: http://badges.mariadb.org/mariadb-badge-180x60.png
|
||||||
sources:
|
sources:
|
||||||
|
@ -97,7 +97,7 @@ spec:
|
|||||||
value: {{ .Values.conf.backup.remote_backup.container_name | quote }}
|
value: {{ .Values.conf.backup.remote_backup.container_name | quote }}
|
||||||
- name: STORAGE_POLICY
|
- name: STORAGE_POLICY
|
||||||
value: "{{ .Values.conf.backup.remote_backup.storage_policy }}"
|
value: "{{ .Values.conf.backup.remote_backup.storage_policy }}"
|
||||||
{{- with $env := dict "ksUserSecret" $envAll.Values.secrets.identity.remote_rgw_user }}
|
{{- with $env := dict "ksUserSecret" $envAll.Values.secrets.identity.mariadb }}
|
||||||
{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 16 }}
|
{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 16 }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
@ -13,11 +13,11 @@ limitations under the License.
|
|||||||
|
|
||||||
|
|
||||||
This manifest results in two secrets being created:
|
This manifest results in two secrets being created:
|
||||||
1) Keystone "remote_rgw_user" secret, which is needed to access the cluster
|
1) Keystone "mariadb" secret, which is needed to access the cluster
|
||||||
(remote or same cluster) for storing mariadb backups. If the
|
(remote or same cluster) for storing mariadb backups. If the
|
||||||
cluster is remote, the auth_url would be non-null.
|
cluster is remote, the auth_url would be non-null.
|
||||||
2) Keystone "remote_ks_admin" secret, which is needed to create the
|
2) Keystone "admin" secret, which is needed to create the
|
||||||
"remote_rgw_user" keystone account mentioned above. This may not
|
"mariadb" keystone account mentioned above. This may not
|
||||||
be needed if the account is in a remote cluster (auth_url is non-null
|
be needed if the account is in a remote cluster (auth_url is non-null
|
||||||
in that case).
|
in that case).
|
||||||
*/}}
|
*/}}
|
||||||
@ -25,7 +25,7 @@ This manifest results in two secrets being created:
|
|||||||
{{- if .Values.conf.backup.remote_backup.enabled }}
|
{{- if .Values.conf.backup.remote_backup.enabled }}
|
||||||
|
|
||||||
{{- $envAll := . }}
|
{{- $envAll := . }}
|
||||||
{{- $userClass := "remote_rgw_user" }}
|
{{- $userClass := "mariadb" }}
|
||||||
{{- $secretName := index $envAll.Values.secrets.identity $userClass }}
|
{{- $secretName := index $envAll.Values.secrets.identity $userClass }}
|
||||||
---
|
---
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
@ -50,7 +50,7 @@ data:
|
|||||||
OS_DEFAULT_DOMAIN: {{ $identityClass.default_domain_id | default "default" | b64enc }}
|
OS_DEFAULT_DOMAIN: {{ $identityClass.default_domain_id | default "default" | b64enc }}
|
||||||
...
|
...
|
||||||
{{- if .Values.manifests.job_ks_user }}
|
{{- if .Values.manifests.job_ks_user }}
|
||||||
{{- $userClass := "remote_ks_admin" }}
|
{{- $userClass := "admin" }}
|
||||||
{{- $secretName := index $envAll.Values.secrets.identity $userClass }}
|
{{- $secretName := index $envAll.Values.secrets.identity $userClass }}
|
||||||
---
|
---
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
|
@ -466,8 +466,8 @@ monitoring:
|
|||||||
|
|
||||||
secrets:
|
secrets:
|
||||||
identity:
|
identity:
|
||||||
remote_ks_admin: keystone-admin-user
|
admin: keystone-admin-user
|
||||||
remote_rgw_user: mariadb-backup-user
|
mariadb: mariadb-backup-user
|
||||||
mariadb:
|
mariadb:
|
||||||
backup_restore: mariadb-backup-restore
|
backup_restore: mariadb-backup-restore
|
||||||
tls:
|
tls:
|
||||||
@ -571,7 +571,7 @@ endpoints:
|
|||||||
name: backup-storage-auth
|
name: backup-storage-auth
|
||||||
namespace: openstack
|
namespace: openstack
|
||||||
auth:
|
auth:
|
||||||
remote_ks_admin:
|
admin:
|
||||||
# Auth URL of null indicates local authentication
|
# Auth URL of null indicates local authentication
|
||||||
# HTK will form the URL unless specified here
|
# HTK will form the URL unless specified here
|
||||||
auth_url: null
|
auth_url: null
|
||||||
@ -581,7 +581,7 @@ endpoints:
|
|||||||
project_name: admin
|
project_name: admin
|
||||||
user_domain_name: default
|
user_domain_name: default
|
||||||
project_domain_name: default
|
project_domain_name: default
|
||||||
remote_rgw_user:
|
mariadb:
|
||||||
# Auth URL of null indicates local authentication
|
# Auth URL of null indicates local authentication
|
||||||
# HTK will form the URL unless specified here
|
# HTK will form the URL unless specified here
|
||||||
auth_url: null
|
auth_url: null
|
||||||
|
@ -10,4 +10,5 @@ mariadb:
|
|||||||
- 0.1.7 Revert - Change Issuer to ClusterIssuer
|
- 0.1.7 Revert - Change Issuer to ClusterIssuer
|
||||||
- 0.1.8 Change Issuer to ClusterIssuer with logic in place to support cert-manager versioning
|
- 0.1.8 Change Issuer to ClusterIssuer with logic in place to support cert-manager versioning
|
||||||
- 0.1.9 Uplift Mariadb-ingress to 0.42.0
|
- 0.1.9 Uplift Mariadb-ingress to 0.42.0
|
||||||
|
- 0.1.10 Rename mariadb backup identities
|
||||||
...
|
...
|
||||||
|
Loading…
Reference in New Issue
Block a user