Libvirt: Move chart to openstack-helm-infra
This moves the libvirt chart to openstack-helm-infra as part of the effort to move charts to their appropriate repositories Change-Id: I02ce197f8d100da74c086d84e2f9d2b902a69e97 Story: 2002204 Task: 21723
This commit is contained in:
parent
c581bbcbf8
commit
6b944f557b
24
libvirt/Chart.yaml
Normal file
24
libvirt/Chart.yaml
Normal file
@ -0,0 +1,24 @@
|
||||
# Copyright 2017 The Openstack-Helm Authors.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
apiVersion: v1
|
||||
description: OpenStack-Helm libvirt
|
||||
name: libvirt
|
||||
version: 0.1.0
|
||||
home: https://libvirt.org
|
||||
sources:
|
||||
- https://libvirt.org/git/?p=libvirt.git;a=summary
|
||||
- https://git.openstack.org/cgit/openstack/openstack-helm
|
||||
maintainers:
|
||||
- name: OpenStack-Helm Authors
|
18
libvirt/requirements.yaml
Normal file
18
libvirt/requirements.yaml
Normal file
@ -0,0 +1,18 @@
|
||||
# Copyright 2017 The Openstack-Helm Authors.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
dependencies:
|
||||
- name: helm-toolkit
|
||||
repository: http://localhost:8879/charts
|
||||
version: 0.1.0
|
31
libvirt/templates/bin/_ceph-admin-keyring.sh.tpl
Normal file
31
libvirt/templates/bin/_ceph-admin-keyring.sh.tpl
Normal file
@ -0,0 +1,31 @@
|
||||
#!/bin/bash
|
||||
|
||||
{{/*
|
||||
Copyright 2017 The Openstack-Helm Authors.
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
set -ex
|
||||
export HOME=/tmp
|
||||
|
||||
cat > /etc/ceph/ceph.client.admin.keyring << EOF
|
||||
[client.admin]
|
||||
{{- if .Values.conf.ceph.admin_keyring }}
|
||||
key = {{ .Values.conf.ceph.admin_keyring }}
|
||||
{{- else }}
|
||||
key = $(cat /tmp/client-keyring)
|
||||
{{- end }}
|
||||
EOF
|
||||
|
||||
exit 0
|
39
libvirt/templates/bin/_ceph-keyring.sh.tpl
Normal file
39
libvirt/templates/bin/_ceph-keyring.sh.tpl
Normal file
@ -0,0 +1,39 @@
|
||||
#!/bin/bash
|
||||
|
||||
{{/*
|
||||
Copyright 2017 The Openstack-Helm Authors.
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
set -ex
|
||||
export HOME=/tmp
|
||||
|
||||
KEYRING=/etc/ceph/ceph.client.${CEPH_CINDER_USER}.keyring
|
||||
{{- if .Values.conf.ceph.cinder.keyring }}
|
||||
cat > ${KEYRING} <<EOF
|
||||
[client.{{ .Values.conf.ceph.cinder.user }}]
|
||||
key = {{ .Values.conf.ceph.cinder.keyring }}
|
||||
EOF
|
||||
{{- else }}
|
||||
if ! [ "x${CEPH_CINDER_USER}" == "xadmin"]; then
|
||||
#NOTE(Portdirect): Determine proper privs to assign keyring
|
||||
ceph auth get-or-create client.${CEPH_CINDER_USER} \
|
||||
mon "allow *" \
|
||||
osd "allow *" \
|
||||
mgr "allow *" \
|
||||
-o ${KEYRING}
|
||||
|
||||
rm -f /etc/ceph/ceph.client.admin.keyring
|
||||
fi
|
||||
{{- end }}
|
144
libvirt/templates/bin/_libvirt.sh.tpl
Normal file
144
libvirt/templates/bin/_libvirt.sh.tpl
Normal file
@ -0,0 +1,144 @@
|
||||
#!/bin/bash
|
||||
|
||||
{{/*
|
||||
Copyright 2017 The Openstack-Helm Authors.
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
set -ex
|
||||
|
||||
if [ -n "$(cat /proc/*/comm 2>/dev/null | grep libvirtd)" ]; then
|
||||
echo "ERROR: libvirtd daemon already running on host" 1>&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
rm -f /var/run/libvirtd.pid
|
||||
|
||||
if [[ -c /dev/kvm ]]; then
|
||||
chmod 660 /dev/kvm
|
||||
chown root:kvm /dev/kvm
|
||||
fi
|
||||
|
||||
# We assume that if hugepage count > 0, then hugepages should be exposed to libvirt/qemu
|
||||
hp_count="$(cat /proc/meminfo | grep HugePages_Total | tr -cd '[:digit:]')"
|
||||
if [ 0"$hp_count" -gt 0 ]; then
|
||||
|
||||
echo "INFO: Detected hugepage count of '$hp_count'. Enabling hugepage settings for libvirt/qemu."
|
||||
|
||||
# Enable KVM hugepages for QEMU
|
||||
if [ -n "$(grep KVM_HUGEPAGES=0 /etc/default/qemu-kvm)" ]; then
|
||||
sed -i 's/.*KVM_HUGEPAGES=0.*/KVM_HUGEPAGES=1/g' /etc/default/qemu-kvm
|
||||
else
|
||||
echo KVM_HUGEPAGES=1 >> /etc/default/qemu-kvm
|
||||
fi
|
||||
|
||||
# Ensure that the hugepage mount location is available/mapped inside the
|
||||
# container. This assumes use of the default ubuntu dev-hugepages.mount
|
||||
# systemd unit which mounts hugepages at this location.
|
||||
if [ ! -d /dev/hugepages ]; then
|
||||
echo "ERROR: Hugepages configured in kernel, but libvirtd container cannot access /dev/hugepages"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Kubernetes 1.10.x introduced cgroup changes that caused the container's
|
||||
# hugepage byte limit quota to zero out. This workaround sets that pod limit
|
||||
# back to the total number of hugepage bytes available to the baremetal host.
|
||||
if [ -d /sys/fs/cgroup/hugetlb ]; then
|
||||
# NOTE(portdirect): Kubelet will always create pod specific cgroups for
|
||||
# hugetables so if the hugetlb cgroup is enabled, when k8s removes the pod
|
||||
# it will also remove the hugetlb cgroup for the pod, taking any qemu
|
||||
# processes with it.
|
||||
echo "WARN: As the hugetlb cgroup is enabled, it will not be possible to restart the libvirt pod via k8s, without killing VMs."
|
||||
for limit in $(ls /sys/fs/cgroup/hugetlb/kubepods/hugetlb.*.limit_in_bytes); do
|
||||
target="/sys/fs/cgroup/hugetlb/$(dirname $(awk -F: '($2~/hugetlb/){print $3}' /proc/self/cgroup))/$(basename $limit)"
|
||||
# Ensure the write target for the hugepage limit for the pod exists
|
||||
if [ ! -f "$target" ]; then
|
||||
echo "ERROR: Could not find write target for hugepage limit: $target"
|
||||
fi
|
||||
|
||||
# Write hugetable limit for pod
|
||||
echo "$(cat $limit)" > "$target"
|
||||
done
|
||||
fi
|
||||
|
||||
# Determine OS default hugepage size to use for the hugepage write test
|
||||
default_hp_kb="$(cat /proc/meminfo | grep Hugepagesize | tr -cd '[:digit:]')"
|
||||
|
||||
# Attempt to write to the hugepage mount to ensure it is operational, but only
|
||||
# if we have at least 1 free page.
|
||||
num_free_pages="$(cat /sys/kernel/mm/hugepages/hugepages-${default_hp_kb}kB/free_hugepages | tr -cd '[:digit:]')"
|
||||
echo "INFO: '$num_free_pages' free hugepages of size ${default_hp_kb}kB"
|
||||
if [ 0"$num_free_pages" -gt 0 ]; then
|
||||
(fallocate -o0 -l "$default_hp_kb" /dev/hugepages/foo && rm /dev/hugepages/foo) || \
|
||||
(echo "ERROR: fallocate failed test at /dev/hugepages with size ${default_hp_kb}kB"
|
||||
rm /dev/hugepages/foo
|
||||
exit 1)
|
||||
fi
|
||||
fi
|
||||
|
||||
if [ -n "${LIBVIRT_CEPH_CINDER_SECRET_UUID}" ] ; then
|
||||
libvirtd --listen &
|
||||
|
||||
tmpsecret=$(mktemp --suffix .xml)
|
||||
function cleanup {
|
||||
rm -f "${tmpsecret}"
|
||||
}
|
||||
trap cleanup EXIT
|
||||
|
||||
# Wait for the libvirtd is up
|
||||
TIMEOUT=60
|
||||
while [[ ! -f /var/run/libvirtd.pid ]]; do
|
||||
if [[ ${TIMEOUT} -gt 0 ]]; then
|
||||
let TIMEOUT-=1
|
||||
sleep 1
|
||||
else
|
||||
echo "ERROR: libvirt did not start in time (pid file missing)"
|
||||
exit 1
|
||||
fi
|
||||
done
|
||||
|
||||
# Even though we see the pid file the socket immediately (this is
|
||||
# needed for virsh)
|
||||
TIMEOUT=10
|
||||
while [[ ! -e /var/run/libvirt/libvirt-sock ]]; do
|
||||
if [[ ${TIMEOUT} -gt 0 ]]; then
|
||||
let TIMEOUT-=1
|
||||
sleep 1
|
||||
else
|
||||
echo "ERROR: libvirt did not start in time (socket missing)"
|
||||
exit 1
|
||||
fi
|
||||
done
|
||||
|
||||
if [ -z "${CEPH_CINDER_KEYRING}" ] ; then
|
||||
CEPH_CINDER_KEYRING=$(sed -n 's/^[[:space:]]*key[[:blank:]]\+=[[:space:]]\(.*\)/\1/p' /etc/ceph/ceph.client.${CEPH_CINDER_USER}.keyring)
|
||||
fi
|
||||
|
||||
cat > ${tmpsecret} <<EOF
|
||||
<secret ephemeral='no' private='no'>
|
||||
<uuid>${LIBVIRT_CEPH_CINDER_SECRET_UUID}</uuid>
|
||||
<usage type='ceph'>
|
||||
<name>client.${CEPH_CINDER_USER}. secret</name>
|
||||
</usage>
|
||||
</secret>
|
||||
EOF
|
||||
|
||||
virsh secret-define --file ${tmpsecret}
|
||||
virsh secret-set-value --secret "${LIBVIRT_CEPH_CINDER_SECRET_UUID}" --base64 "${CEPH_CINDER_KEYRING}"
|
||||
|
||||
# rejoin libvirtd
|
||||
wait
|
||||
else
|
||||
exec libvirtd --listen
|
||||
fi
|
37
libvirt/templates/configmap-bin.yaml
Normal file
37
libvirt/templates/configmap-bin.yaml
Normal file
@ -0,0 +1,37 @@
|
||||
{{/*
|
||||
Copyright 2017 The Openstack-Helm Authors.
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if .Values.manifests.configmap_bin }}
|
||||
{{- $envAll := . }}
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: libvirt-bin
|
||||
data:
|
||||
{{- if .Values.images.local_registry.active }}
|
||||
image-repo-sync.sh: |
|
||||
{{- include "helm-toolkit.scripts.image_repo_sync" . | indent 4 }}
|
||||
{{- end }}
|
||||
libvirt.sh: |
|
||||
{{ tuple "bin/_libvirt.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
|
||||
{{- if .Values.conf.ceph.enabled }}
|
||||
ceph-keyring.sh: |
|
||||
{{ tuple "bin/_ceph-keyring.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
|
||||
ceph-admin-keyring.sh: |
|
||||
{{ tuple "bin/_ceph-admin-keyring.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
28
libvirt/templates/configmap-etc.yaml
Normal file
28
libvirt/templates/configmap-etc.yaml
Normal file
@ -0,0 +1,28 @@
|
||||
{{/*
|
||||
Copyright 2017 The Openstack-Helm Authors.
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if .Values.manifests.configmap_etc }}
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: libvirt-etc
|
||||
data:
|
||||
libvirtd.conf: |
|
||||
{{- include "libvirt.utils.to_libvirt_conf" .Values.conf.libvirt | indent 4 }}
|
||||
qemu.conf: |
|
||||
{{- include "libvirt.utils.to_libvirt_conf" .Values.conf.qemu | indent 4 }}
|
||||
{{- end }}
|
231
libvirt/templates/daemonset-libvirt.yaml
Normal file
231
libvirt/templates/daemonset-libvirt.yaml
Normal file
@ -0,0 +1,231 @@
|
||||
{{/*
|
||||
Copyright 2017 The Openstack-Helm Authors.
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if .Values.manifests.daemonset_libvirt }}
|
||||
{{- $envAll := . }}
|
||||
{{- $dependencyOpts := dict "envAll" $envAll "dependencyMixinParam" $envAll.Values.network.backend "dependencyKey" "libvirt" -}}
|
||||
{{- $_ := include "helm-toolkit.utils.dependency_resolver" $dependencyOpts | toString | fromYaml }}
|
||||
|
||||
{{- $mounts_libvirt := .Values.pod.mounts.libvirt.libvirt }}
|
||||
{{- $mounts_libvirt_init := .Values.pod.mounts.libvirt.init_container }}
|
||||
|
||||
{{- $serviceAccountName := "libvirt" }}
|
||||
{{ tuple $envAll "pod_dependency" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: DaemonSet
|
||||
metadata:
|
||||
name: libvirt
|
||||
labels:
|
||||
{{ tuple $envAll "libvirt" "libvirt" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
{{ tuple $envAll "libvirt" "libvirt" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
|
||||
{{ tuple $envAll "libvirt" | include "helm-toolkit.snippets.kubernetes_upgrades_daemonset" | indent 2 }}
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
{{ tuple $envAll "libvirt" "libvirt" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
|
||||
annotations:
|
||||
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
|
||||
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
|
||||
spec:
|
||||
serviceAccountName: {{ $serviceAccountName }}
|
||||
nodeSelector:
|
||||
{{ .Values.labels.agent.libvirt.node_selector_key }}: {{ .Values.labels.agent.libvirt.node_selector_value }}
|
||||
hostNetwork: true
|
||||
hostPID: true
|
||||
dnsPolicy: ClusterFirstWithHostNet
|
||||
initContainers:
|
||||
{{ tuple $envAll "pod_dependency" $mounts_libvirt_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
||||
{{- if .Values.conf.ceph.enabled }}
|
||||
{{- if empty .Values.conf.ceph.cinder.keyring }}
|
||||
- name: ceph-admin-keyring-placement
|
||||
{{ tuple $envAll "libvirt" | include "helm-toolkit.snippets.image" | indent 10 }}
|
||||
securityContext:
|
||||
runAsUser: 0
|
||||
command:
|
||||
- /tmp/ceph-admin-keyring.sh
|
||||
volumeMounts:
|
||||
- name: etcceph
|
||||
mountPath: /etc/ceph
|
||||
- name: libvirt-bin
|
||||
mountPath: /tmp/ceph-admin-keyring.sh
|
||||
subPath: ceph-admin-keyring.sh
|
||||
readOnly: true
|
||||
{{- if empty .Values.conf.ceph.admin_keyring }}
|
||||
- name: ceph-keyring
|
||||
mountPath: /tmp/client-keyring
|
||||
subPath: key
|
||||
readOnly: true
|
||||
{{ end }}
|
||||
{{ end }}
|
||||
- name: ceph-keyring-placement
|
||||
{{ tuple $envAll "libvirt" | include "helm-toolkit.snippets.image" | indent 10 }}
|
||||
securityContext:
|
||||
runAsUser: 0
|
||||
env:
|
||||
- name: CEPH_CINDER_USER
|
||||
value: "{{ .Values.conf.ceph.cinder.user }}"
|
||||
{{- if .Values.conf.ceph.cinder.keyring }}
|
||||
- name: CEPH_CINDER_KEYRING
|
||||
value: "{{ .Values.conf.ceph.cinder.keyring }}"
|
||||
{{ end }}
|
||||
- name: LIBVIRT_CEPH_CINDER_SECRET_UUID
|
||||
value: "{{ .Values.conf.ceph.cinder.secret_uuid }}"
|
||||
command:
|
||||
- /tmp/ceph-keyring.sh
|
||||
volumeMounts:
|
||||
- name: etcceph
|
||||
mountPath: /etc/ceph
|
||||
- name: libvirt-bin
|
||||
mountPath: /tmp/ceph-keyring.sh
|
||||
subPath: ceph-keyring.sh
|
||||
readOnly: true
|
||||
- name: ceph-etc
|
||||
mountPath: /etc/ceph/ceph.conf
|
||||
subPath: ceph.conf
|
||||
readOnly: true
|
||||
{{- end }}
|
||||
containers:
|
||||
- name: libvirt
|
||||
{{ tuple $envAll "libvirt" | include "helm-toolkit.snippets.image" | indent 10 }}
|
||||
{{ tuple $envAll $envAll.Values.pod.resources.libvirt | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
||||
securityContext:
|
||||
privileged: true
|
||||
runAsUser: 0
|
||||
{{- if .Values.conf.ceph.enabled }}
|
||||
env:
|
||||
- name: CEPH_CINDER_USER
|
||||
value: "{{ .Values.conf.ceph.cinder.user }}"
|
||||
{{- if .Values.conf.ceph.cinder.keyring }}
|
||||
- name: CEPH_CINDER_KEYRING
|
||||
value: "{{ .Values.conf.ceph.cinder.keyring }}"
|
||||
{{ end }}
|
||||
- name: LIBVIRT_CEPH_CINDER_SECRET_UUID
|
||||
value: "{{ .Values.conf.ceph.cinder.secret_uuid }}"
|
||||
{{ end }}
|
||||
command:
|
||||
- /tmp/libvirt.sh
|
||||
lifecycle:
|
||||
preStop:
|
||||
exec:
|
||||
command:
|
||||
- bash
|
||||
- -c
|
||||
- |-
|
||||
kill $(cat /var/run/libvirtd.pid)
|
||||
volumeMounts:
|
||||
- name: libvirt-bin
|
||||
mountPath: /tmp/libvirt.sh
|
||||
subPath: libvirt.sh
|
||||
readOnly: true
|
||||
- name: libvirt-etc
|
||||
mountPath: /etc/libvirt/libvirtd.conf
|
||||
subPath: libvirtd.conf
|
||||
readOnly: true
|
||||
- name: libvirt-etc
|
||||
mountPath: /etc/libvirt/qemu.conf
|
||||
subPath: qemu.conf
|
||||
readOnly: true
|
||||
- name: etc-libvirt-qemu
|
||||
mountPath: /etc/libvirt/qemu
|
||||
- mountPath: /lib/modules
|
||||
name: libmodules
|
||||
readOnly: true
|
||||
- name: var-lib-libvirt
|
||||
mountPath: /var/lib/libvirt
|
||||
{{- if or ( gt .Capabilities.KubeVersion.Major "1" ) ( ge .Capabilities.KubeVersion.Minor "10" ) }}
|
||||
mountPropagation: Bidirectional
|
||||
{{- end }}
|
||||
- name: var-lib-nova
|
||||
mountPath: /var/lib/nova
|
||||
{{- if or ( gt .Capabilities.KubeVersion.Major "1" ) ( ge .Capabilities.KubeVersion.Minor "10" ) }}
|
||||
mountPropagation: Bidirectional
|
||||
{{- end }}
|
||||
- name: run
|
||||
mountPath: /run
|
||||
- name: dev
|
||||
mountPath: /dev
|
||||
- name: cgroup
|
||||
mountPath: /sys/fs/cgroup
|
||||
- name: machine-id
|
||||
mountPath: /etc/machine-id
|
||||
readOnly: true
|
||||
{{- if .Values.conf.ceph.enabled }}
|
||||
- name: etcceph
|
||||
mountPath: /etc/ceph
|
||||
- name: ceph-etc
|
||||
mountPath: /etc/ceph/ceph.conf
|
||||
subPath: ceph.conf
|
||||
readOnly: true
|
||||
{{- if empty .Values.conf.ceph.cinder.keyring }}
|
||||
- name: ceph-keyring
|
||||
mountPath: /tmp/client-keyring
|
||||
subPath: key
|
||||
readOnly: true
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{ if $mounts_libvirt.volumeMounts }}{{ toYaml $mounts_libvirt.volumeMounts | indent 12 }}{{ end }}
|
||||
volumes:
|
||||
- name: libvirt-bin
|
||||
configMap:
|
||||
name: libvirt-bin
|
||||
defaultMode: 0555
|
||||
- name: libvirt-etc
|
||||
configMap:
|
||||
name: libvirt-etc
|
||||
defaultMode: 0444
|
||||
{{- if .Values.conf.ceph.enabled }}
|
||||
- name: etcceph
|
||||
emptyDir: {}
|
||||
- name: ceph-etc
|
||||
configMap:
|
||||
name: {{ .Values.ceph_client.configmap }}
|
||||
defaultMode: 0444
|
||||
{{- if empty .Values.conf.ceph.cinder.keyring }}
|
||||
- name: ceph-keyring
|
||||
secret:
|
||||
secretName: {{ .Values.ceph_client.user_secret_name }}
|
||||
{{ end }}
|
||||
{{ end }}
|
||||
- name: libmodules
|
||||
hostPath:
|
||||
path: /lib/modules
|
||||
- name: var-lib-libvirt
|
||||
hostPath:
|
||||
path: /var/lib/libvirt
|
||||
- name: var-lib-nova
|
||||
hostPath:
|
||||
path: /var/lib/nova
|
||||
- name: run
|
||||
hostPath:
|
||||
path: /run
|
||||
- name: dev
|
||||
hostPath:
|
||||
path: /dev
|
||||
- name: cgroup
|
||||
hostPath:
|
||||
path: /sys/fs/cgroup
|
||||
- name: machine-id
|
||||
hostPath:
|
||||
path: /etc/machine-id
|
||||
- name: etc-libvirt-qemu
|
||||
hostPath:
|
||||
path: /etc/libvirt/qemu
|
||||
{{ if $mounts_libvirt.volumes }}{{ toYaml $mounts_libvirt.volumes | indent 8 }}{{ end }}
|
||||
{{- end }}
|
20
libvirt/templates/job-image-repo-sync.yaml
Normal file
20
libvirt/templates/job-image-repo-sync.yaml
Normal file
@ -0,0 +1,20 @@
|
||||
{{/*
|
||||
Copyright 2017 The Openstack-Helm Authors.
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if and .Values.manifests.job_image_repo_sync .Values.images.local_registry.active }}
|
||||
{{- $imageRepoSyncJob := dict "envAll" . "serviceName" "libvirt" -}}
|
||||
{{ $imageRepoSyncJob | include "helm-toolkit.manifests.job_image_repo_sync" }}
|
||||
{{- end }}
|
53
libvirt/templates/utils/_to_libvirt_conf.tpl
Normal file
53
libvirt/templates/utils/_to_libvirt_conf.tpl
Normal file
@ -0,0 +1,53 @@
|
||||
{{/*
|
||||
Copyright 2017 The Openstack-Helm Authors.
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{/*
|
||||
abstract: |
|
||||
Builds a libvirt compatible config file.
|
||||
values: |
|
||||
conf:
|
||||
libvirt:
|
||||
log_level: 3
|
||||
cgroup_controllers:
|
||||
- cpu
|
||||
- cpuacct
|
||||
usage: |
|
||||
{{ include "libvirt.utils.to_libvirt_conf" .Values.conf.libvirt }}
|
||||
return: |
|
||||
cgroup_controllers = [ "cpu", "cpuacct" ]
|
||||
log_level = 3
|
||||
*/}}
|
||||
|
||||
{{- define "libvirt.utils._to_libvirt_conf.list_to_string" -}}
|
||||
{{- $local := dict "first" true -}}
|
||||
{{- range $k, $v := . -}}{{- if not $local.first -}}, {{ end -}}{{- $v | quote -}}{{- $_ := set $local "first" false -}}{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- define "libvirt.utils.to_libvirt_conf" -}}
|
||||
{{- range $key, $value := . -}}
|
||||
{{- if kindIs "slice" $value }}
|
||||
{{ $key }} = [ {{ include "libvirt.utils._to_libvirt_conf.list_to_string" $value }} ]
|
||||
{{- else if kindIs "string" $value }}
|
||||
{{- if regexMatch "^[0-9]+$" $value }}
|
||||
{{ $key }} = {{ $value }}
|
||||
{{- else }}
|
||||
{{ $key }} = {{ $value | quote }}
|
||||
{{- end }}
|
||||
{{- else }}
|
||||
{{ $key }} = {{ $value }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
165
libvirt/values.yaml
Normal file
165
libvirt/values.yaml
Normal file
@ -0,0 +1,165 @@
|
||||
# Copyright 2017 The Openstack-Helm Authors.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
# Default values for libvirt.
|
||||
# This is a YAML-formatted file.
|
||||
# Declare name/value pairs to be passed into your templates.
|
||||
# name: value
|
||||
|
||||
release_group: null
|
||||
|
||||
labels:
|
||||
agent:
|
||||
libvirt:
|
||||
node_selector_key: openstack-compute-node
|
||||
node_selector_value: enabled
|
||||
|
||||
images:
|
||||
tags:
|
||||
libvirt: docker.io/openstackhelm/libvirt:ubuntu-xenial-1.3.1
|
||||
dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1
|
||||
image_repo_sync: docker.io/docker:17.07.0
|
||||
pull_policy: "IfNotPresent"
|
||||
local_registry:
|
||||
active: false
|
||||
exclude:
|
||||
- dep_check
|
||||
- image_repo_sync
|
||||
|
||||
network:
|
||||
# provide what type of network wiring will be used
|
||||
# possible options: openvswitch, linuxbridge, sriov
|
||||
backend:
|
||||
- openvswitch
|
||||
|
||||
endpoints:
|
||||
cluster_domain_suffix: cluster.local
|
||||
local_image_registry:
|
||||
name: docker-registry
|
||||
namespace: docker-registry
|
||||
hosts:
|
||||
default: localhost
|
||||
internal: docker-registry
|
||||
node: localhost
|
||||
host_fqdn_override:
|
||||
default: null
|
||||
port:
|
||||
registry:
|
||||
node: 5000
|
||||
|
||||
ceph_client:
|
||||
configmap: ceph-etc
|
||||
user_secret_name: pvc-ceph-client-key
|
||||
|
||||
conf:
|
||||
ceph:
|
||||
enabled: true
|
||||
admin_keyring: null
|
||||
cinder:
|
||||
user: "cinder"
|
||||
keyring: null
|
||||
secret_uuid: 457eb676-33da-42ec-9a8c-9293d545c337
|
||||
libvirt:
|
||||
listen_tcp: "1"
|
||||
listen_tls: "0"
|
||||
auth_tcp: "none"
|
||||
ca_file: ""
|
||||
listen_addr: 127.0.0.1
|
||||
log_level: "3"
|
||||
qemu:
|
||||
stdio_handler: "file"
|
||||
user: "nova"
|
||||
group: "kvm"
|
||||
|
||||
pod:
|
||||
affinity:
|
||||
anti:
|
||||
type:
|
||||
default: preferredDuringSchedulingIgnoredDuringExecution
|
||||
topologyKey:
|
||||
default: kubernetes.io/hostname
|
||||
mounts:
|
||||
libvirt:
|
||||
init_container: null
|
||||
libvirt:
|
||||
lifecycle:
|
||||
upgrades:
|
||||
daemonsets:
|
||||
pod_replacement_strategy: RollingUpdate
|
||||
libvirt:
|
||||
enabled: true
|
||||
min_ready_seconds: 0
|
||||
max_unavailable: 1
|
||||
resources:
|
||||
enabled: false
|
||||
libvirt:
|
||||
requests:
|
||||
memory: "128Mi"
|
||||
cpu: "100m"
|
||||
limits:
|
||||
memory: "1024Mi"
|
||||
cpu: "2000m"
|
||||
jobs:
|
||||
image_repo_sync:
|
||||
requests:
|
||||
memory: "128Mi"
|
||||
cpu: "100m"
|
||||
limits:
|
||||
memory: "1024Mi"
|
||||
cpu: "2000m"
|
||||
|
||||
dependencies:
|
||||
dynamic:
|
||||
common:
|
||||
local_image_registry:
|
||||
jobs:
|
||||
- libvirt-image-repo-sync
|
||||
services:
|
||||
- endpoint: node
|
||||
service: local_image_registry
|
||||
targeted:
|
||||
openvswitch:
|
||||
libvirt:
|
||||
pod:
|
||||
- requireSameNode: true
|
||||
labels:
|
||||
application: neutron
|
||||
component: neutron-ovs-agent
|
||||
linuxbridge:
|
||||
libvirt:
|
||||
pod:
|
||||
- requireSameNode: true
|
||||
labels:
|
||||
application: neutron
|
||||
component: neutron-lb-agent
|
||||
sriov:
|
||||
libvirt:
|
||||
pod:
|
||||
- requireSameNode: true
|
||||
labels:
|
||||
application: neutron
|
||||
component: neutron-sriov-agent
|
||||
static:
|
||||
libvirt:
|
||||
services: null
|
||||
image_repo_sync:
|
||||
services:
|
||||
- endpoint: internal
|
||||
service: local_image_registry
|
||||
|
||||
manifests:
|
||||
configmap_bin: true
|
||||
configmap_etc: true
|
||||
daemonset_libvirt: true
|
||||
job_image_repo_sync: true
|
@ -66,6 +66,12 @@
|
||||
./tools/deployment/openstack-support/035-mariadb.sh
|
||||
args:
|
||||
chdir: "{{ zuul.project.src_dir }}"
|
||||
- name: Deploy Libvirt
|
||||
shell: |
|
||||
set -xe;
|
||||
./tools/deployment/openstack-support/040-libvirt.sh
|
||||
args:
|
||||
chdir: "{{ zuul.project.src_dir }}"
|
||||
- name: Deploy Openvswitch
|
||||
shell: |
|
||||
set -xe;
|
||||
|
28
tools/deployment/openstack-support/040-libvirt.sh
Executable file
28
tools/deployment/openstack-support/040-libvirt.sh
Executable file
@ -0,0 +1,28 @@
|
||||
#!/bin/bash
|
||||
|
||||
# Copyright 2017 The Openstack-Helm Authors.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
set -xe
|
||||
|
||||
#NOTE: Lint and package chart
|
||||
make libvirt
|
||||
|
||||
#NOTE: Deploy command
|
||||
helm upgrade --install libvirt ./libvirt \
|
||||
--namespace=openstack \
|
||||
--set conf.ceph.enabled=false \
|
||||
--set network.backend="null"
|
||||
|
||||
#NOTE: Validate Deployment info
|
||||
helm status libvirt
|
Loading…
Reference in New Issue
Block a user