diff --git a/libvirt/Chart.yaml b/libvirt/Chart.yaml new file mode 100644 index 000000000..8dc577baa --- /dev/null +++ b/libvirt/Chart.yaml @@ -0,0 +1,24 @@ +# Copyright 2017 The Openstack-Helm Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: OpenStack-Helm libvirt +name: libvirt +version: 0.1.0 +home: https://libvirt.org +sources: + - https://libvirt.org/git/?p=libvirt.git;a=summary + - https://git.openstack.org/cgit/openstack/openstack-helm +maintainers: + - name: OpenStack-Helm Authors diff --git a/libvirt/requirements.yaml b/libvirt/requirements.yaml new file mode 100644 index 000000000..53782e69b --- /dev/null +++ b/libvirt/requirements.yaml @@ -0,0 +1,18 @@ +# Copyright 2017 The Openstack-Helm Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: helm-toolkit + repository: http://localhost:8879/charts + version: 0.1.0 diff --git a/libvirt/templates/bin/_ceph-admin-keyring.sh.tpl b/libvirt/templates/bin/_ceph-admin-keyring.sh.tpl new file mode 100644 index 000000000..fa416c05d --- /dev/null +++ b/libvirt/templates/bin/_ceph-admin-keyring.sh.tpl @@ -0,0 +1,31 @@ +#!/bin/bash + +{{/* +Copyright 2017 The Openstack-Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +set -ex +export HOME=/tmp + +cat > /etc/ceph/ceph.client.admin.keyring << EOF +[client.admin] +{{- if .Values.conf.ceph.admin_keyring }} + key = {{ .Values.conf.ceph.admin_keyring }} +{{- else }} + key = $(cat /tmp/client-keyring) +{{- end }} +EOF + +exit 0 diff --git a/libvirt/templates/bin/_ceph-keyring.sh.tpl b/libvirt/templates/bin/_ceph-keyring.sh.tpl new file mode 100644 index 000000000..418a40c27 --- /dev/null +++ b/libvirt/templates/bin/_ceph-keyring.sh.tpl @@ -0,0 +1,39 @@ +#!/bin/bash + +{{/* +Copyright 2017 The Openstack-Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +set -ex +export HOME=/tmp + +KEYRING=/etc/ceph/ceph.client.${CEPH_CINDER_USER}.keyring +{{- if .Values.conf.ceph.cinder.keyring }} +cat > ${KEYRING} </dev/null | grep libvirtd)" ]; then + echo "ERROR: libvirtd daemon already running on host" 1>&2 + exit 1 +fi + +rm -f /var/run/libvirtd.pid + +if [[ -c /dev/kvm ]]; then + chmod 660 /dev/kvm + chown root:kvm /dev/kvm +fi + +# We assume that if hugepage count > 0, then hugepages should be exposed to libvirt/qemu +hp_count="$(cat /proc/meminfo | grep HugePages_Total | tr -cd '[:digit:]')" +if [ 0"$hp_count" -gt 0 ]; then + + echo "INFO: Detected hugepage count of '$hp_count'. Enabling hugepage settings for libvirt/qemu." + + # Enable KVM hugepages for QEMU + if [ -n "$(grep KVM_HUGEPAGES=0 /etc/default/qemu-kvm)" ]; then + sed -i 's/.*KVM_HUGEPAGES=0.*/KVM_HUGEPAGES=1/g' /etc/default/qemu-kvm + else + echo KVM_HUGEPAGES=1 >> /etc/default/qemu-kvm + fi + + # Ensure that the hugepage mount location is available/mapped inside the + # container. This assumes use of the default ubuntu dev-hugepages.mount + # systemd unit which mounts hugepages at this location. + if [ ! -d /dev/hugepages ]; then + echo "ERROR: Hugepages configured in kernel, but libvirtd container cannot access /dev/hugepages" + exit 1 + fi + + # Kubernetes 1.10.x introduced cgroup changes that caused the container's + # hugepage byte limit quota to zero out. This workaround sets that pod limit + # back to the total number of hugepage bytes available to the baremetal host. + if [ -d /sys/fs/cgroup/hugetlb ]; then + # NOTE(portdirect): Kubelet will always create pod specific cgroups for + # hugetables so if the hugetlb cgroup is enabled, when k8s removes the pod + # it will also remove the hugetlb cgroup for the pod, taking any qemu + # processes with it. + echo "WARN: As the hugetlb cgroup is enabled, it will not be possible to restart the libvirt pod via k8s, without killing VMs." + for limit in $(ls /sys/fs/cgroup/hugetlb/kubepods/hugetlb.*.limit_in_bytes); do + target="/sys/fs/cgroup/hugetlb/$(dirname $(awk -F: '($2~/hugetlb/){print $3}' /proc/self/cgroup))/$(basename $limit)" + # Ensure the write target for the hugepage limit for the pod exists + if [ ! -f "$target" ]; then + echo "ERROR: Could not find write target for hugepage limit: $target" + fi + + # Write hugetable limit for pod + echo "$(cat $limit)" > "$target" + done + fi + + # Determine OS default hugepage size to use for the hugepage write test + default_hp_kb="$(cat /proc/meminfo | grep Hugepagesize | tr -cd '[:digit:]')" + + # Attempt to write to the hugepage mount to ensure it is operational, but only + # if we have at least 1 free page. + num_free_pages="$(cat /sys/kernel/mm/hugepages/hugepages-${default_hp_kb}kB/free_hugepages | tr -cd '[:digit:]')" + echo "INFO: '$num_free_pages' free hugepages of size ${default_hp_kb}kB" + if [ 0"$num_free_pages" -gt 0 ]; then + (fallocate -o0 -l "$default_hp_kb" /dev/hugepages/foo && rm /dev/hugepages/foo) || \ + (echo "ERROR: fallocate failed test at /dev/hugepages with size ${default_hp_kb}kB" + rm /dev/hugepages/foo + exit 1) + fi +fi + +if [ -n "${LIBVIRT_CEPH_CINDER_SECRET_UUID}" ] ; then + libvirtd --listen & + + tmpsecret=$(mktemp --suffix .xml) + function cleanup { + rm -f "${tmpsecret}" + } + trap cleanup EXIT + + # Wait for the libvirtd is up + TIMEOUT=60 + while [[ ! -f /var/run/libvirtd.pid ]]; do + if [[ ${TIMEOUT} -gt 0 ]]; then + let TIMEOUT-=1 + sleep 1 + else + echo "ERROR: libvirt did not start in time (pid file missing)" + exit 1 + fi + done + + # Even though we see the pid file the socket immediately (this is + # needed for virsh) + TIMEOUT=10 + while [[ ! -e /var/run/libvirt/libvirt-sock ]]; do + if [[ ${TIMEOUT} -gt 0 ]]; then + let TIMEOUT-=1 + sleep 1 + else + echo "ERROR: libvirt did not start in time (socket missing)" + exit 1 + fi + done + + if [ -z "${CEPH_CINDER_KEYRING}" ] ; then + CEPH_CINDER_KEYRING=$(sed -n 's/^[[:space:]]*key[[:blank:]]\+=[[:space:]]\(.*\)/\1/p' /etc/ceph/ceph.client.${CEPH_CINDER_USER}.keyring) + fi + + cat > ${tmpsecret} < + ${LIBVIRT_CEPH_CINDER_SECRET_UUID} + + client.${CEPH_CINDER_USER}. secret + + +EOF + + virsh secret-define --file ${tmpsecret} + virsh secret-set-value --secret "${LIBVIRT_CEPH_CINDER_SECRET_UUID}" --base64 "${CEPH_CINDER_KEYRING}" + + # rejoin libvirtd + wait +else + exec libvirtd --listen +fi diff --git a/libvirt/templates/configmap-bin.yaml b/libvirt/templates/configmap-bin.yaml new file mode 100644 index 000000000..ffe7a0d20 --- /dev/null +++ b/libvirt/templates/configmap-bin.yaml @@ -0,0 +1,37 @@ +{{/* +Copyright 2017 The Openstack-Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if .Values.manifests.configmap_bin }} +{{- $envAll := . }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: libvirt-bin +data: +{{- if .Values.images.local_registry.active }} + image-repo-sync.sh: | +{{- include "helm-toolkit.scripts.image_repo_sync" . | indent 4 }} +{{- end }} + libvirt.sh: | +{{ tuple "bin/_libvirt.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} +{{- if .Values.conf.ceph.enabled }} + ceph-keyring.sh: | +{{ tuple "bin/_ceph-keyring.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} + ceph-admin-keyring.sh: | +{{ tuple "bin/_ceph-admin-keyring.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} +{{- end }} +{{- end }} diff --git a/libvirt/templates/configmap-etc.yaml b/libvirt/templates/configmap-etc.yaml new file mode 100644 index 000000000..cab19942f --- /dev/null +++ b/libvirt/templates/configmap-etc.yaml @@ -0,0 +1,28 @@ +{{/* +Copyright 2017 The Openstack-Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if .Values.manifests.configmap_etc }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: libvirt-etc +data: + libvirtd.conf: | +{{- include "libvirt.utils.to_libvirt_conf" .Values.conf.libvirt | indent 4 }} + qemu.conf: | +{{- include "libvirt.utils.to_libvirt_conf" .Values.conf.qemu | indent 4 }} +{{- end }} diff --git a/libvirt/templates/daemonset-libvirt.yaml b/libvirt/templates/daemonset-libvirt.yaml new file mode 100644 index 000000000..5bfdd5329 --- /dev/null +++ b/libvirt/templates/daemonset-libvirt.yaml @@ -0,0 +1,231 @@ +{{/* +Copyright 2017 The Openstack-Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if .Values.manifests.daemonset_libvirt }} +{{- $envAll := . }} +{{- $dependencyOpts := dict "envAll" $envAll "dependencyMixinParam" $envAll.Values.network.backend "dependencyKey" "libvirt" -}} +{{- $_ := include "helm-toolkit.utils.dependency_resolver" $dependencyOpts | toString | fromYaml }} + +{{- $mounts_libvirt := .Values.pod.mounts.libvirt.libvirt }} +{{- $mounts_libvirt_init := .Values.pod.mounts.libvirt.init_container }} + +{{- $serviceAccountName := "libvirt" }} +{{ tuple $envAll "pod_dependency" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +--- +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: libvirt + labels: +{{ tuple $envAll "libvirt" "libvirt" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }} +spec: + selector: + matchLabels: +{{ tuple $envAll "libvirt" "libvirt" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }} +{{ tuple $envAll "libvirt" | include "helm-toolkit.snippets.kubernetes_upgrades_daemonset" | indent 2 }} + template: + metadata: + labels: +{{ tuple $envAll "libvirt" "libvirt" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }} + annotations: + configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }} + configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }} + spec: + serviceAccountName: {{ $serviceAccountName }} + nodeSelector: + {{ .Values.labels.agent.libvirt.node_selector_key }}: {{ .Values.labels.agent.libvirt.node_selector_value }} + hostNetwork: true + hostPID: true + dnsPolicy: ClusterFirstWithHostNet + initContainers: +{{ tuple $envAll "pod_dependency" $mounts_libvirt_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{- if .Values.conf.ceph.enabled }} + {{- if empty .Values.conf.ceph.cinder.keyring }} + - name: ceph-admin-keyring-placement +{{ tuple $envAll "libvirt" | include "helm-toolkit.snippets.image" | indent 10 }} + securityContext: + runAsUser: 0 + command: + - /tmp/ceph-admin-keyring.sh + volumeMounts: + - name: etcceph + mountPath: /etc/ceph + - name: libvirt-bin + mountPath: /tmp/ceph-admin-keyring.sh + subPath: ceph-admin-keyring.sh + readOnly: true + {{- if empty .Values.conf.ceph.admin_keyring }} + - name: ceph-keyring + mountPath: /tmp/client-keyring + subPath: key + readOnly: true + {{ end }} + {{ end }} + - name: ceph-keyring-placement +{{ tuple $envAll "libvirt" | include "helm-toolkit.snippets.image" | indent 10 }} + securityContext: + runAsUser: 0 + env: + - name: CEPH_CINDER_USER + value: "{{ .Values.conf.ceph.cinder.user }}" + {{- if .Values.conf.ceph.cinder.keyring }} + - name: CEPH_CINDER_KEYRING + value: "{{ .Values.conf.ceph.cinder.keyring }}" + {{ end }} + - name: LIBVIRT_CEPH_CINDER_SECRET_UUID + value: "{{ .Values.conf.ceph.cinder.secret_uuid }}" + command: + - /tmp/ceph-keyring.sh + volumeMounts: + - name: etcceph + mountPath: /etc/ceph + - name: libvirt-bin + mountPath: /tmp/ceph-keyring.sh + subPath: ceph-keyring.sh + readOnly: true + - name: ceph-etc + mountPath: /etc/ceph/ceph.conf + subPath: ceph.conf + readOnly: true +{{- end }} + containers: + - name: libvirt +{{ tuple $envAll "libvirt" | include "helm-toolkit.snippets.image" | indent 10 }} +{{ tuple $envAll $envAll.Values.pod.resources.libvirt | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }} + securityContext: + privileged: true + runAsUser: 0 + {{- if .Values.conf.ceph.enabled }} + env: + - name: CEPH_CINDER_USER + value: "{{ .Values.conf.ceph.cinder.user }}" + {{- if .Values.conf.ceph.cinder.keyring }} + - name: CEPH_CINDER_KEYRING + value: "{{ .Values.conf.ceph.cinder.keyring }}" + {{ end }} + - name: LIBVIRT_CEPH_CINDER_SECRET_UUID + value: "{{ .Values.conf.ceph.cinder.secret_uuid }}" + {{ end }} + command: + - /tmp/libvirt.sh + lifecycle: + preStop: + exec: + command: + - bash + - -c + - |- + kill $(cat /var/run/libvirtd.pid) + volumeMounts: + - name: libvirt-bin + mountPath: /tmp/libvirt.sh + subPath: libvirt.sh + readOnly: true + - name: libvirt-etc + mountPath: /etc/libvirt/libvirtd.conf + subPath: libvirtd.conf + readOnly: true + - name: libvirt-etc + mountPath: /etc/libvirt/qemu.conf + subPath: qemu.conf + readOnly: true + - name: etc-libvirt-qemu + mountPath: /etc/libvirt/qemu + - mountPath: /lib/modules + name: libmodules + readOnly: true + - name: var-lib-libvirt + mountPath: /var/lib/libvirt + {{- if or ( gt .Capabilities.KubeVersion.Major "1" ) ( ge .Capabilities.KubeVersion.Minor "10" ) }} + mountPropagation: Bidirectional + {{- end }} + - name: var-lib-nova + mountPath: /var/lib/nova + {{- if or ( gt .Capabilities.KubeVersion.Major "1" ) ( ge .Capabilities.KubeVersion.Minor "10" ) }} + mountPropagation: Bidirectional + {{- end }} + - name: run + mountPath: /run + - name: dev + mountPath: /dev + - name: cgroup + mountPath: /sys/fs/cgroup + - name: machine-id + mountPath: /etc/machine-id + readOnly: true + {{- if .Values.conf.ceph.enabled }} + - name: etcceph + mountPath: /etc/ceph + - name: ceph-etc + mountPath: /etc/ceph/ceph.conf + subPath: ceph.conf + readOnly: true + {{- if empty .Values.conf.ceph.cinder.keyring }} + - name: ceph-keyring + mountPath: /tmp/client-keyring + subPath: key + readOnly: true + {{- end }} + {{- end }} +{{ if $mounts_libvirt.volumeMounts }}{{ toYaml $mounts_libvirt.volumeMounts | indent 12 }}{{ end }} + volumes: + - name: libvirt-bin + configMap: + name: libvirt-bin + defaultMode: 0555 + - name: libvirt-etc + configMap: + name: libvirt-etc + defaultMode: 0444 + {{- if .Values.conf.ceph.enabled }} + - name: etcceph + emptyDir: {} + - name: ceph-etc + configMap: + name: {{ .Values.ceph_client.configmap }} + defaultMode: 0444 + {{- if empty .Values.conf.ceph.cinder.keyring }} + - name: ceph-keyring + secret: + secretName: {{ .Values.ceph_client.user_secret_name }} + {{ end }} + {{ end }} + - name: libmodules + hostPath: + path: /lib/modules + - name: var-lib-libvirt + hostPath: + path: /var/lib/libvirt + - name: var-lib-nova + hostPath: + path: /var/lib/nova + - name: run + hostPath: + path: /run + - name: dev + hostPath: + path: /dev + - name: cgroup + hostPath: + path: /sys/fs/cgroup + - name: machine-id + hostPath: + path: /etc/machine-id + - name: etc-libvirt-qemu + hostPath: + path: /etc/libvirt/qemu +{{ if $mounts_libvirt.volumes }}{{ toYaml $mounts_libvirt.volumes | indent 8 }}{{ end }} +{{- end }} diff --git a/libvirt/templates/job-image-repo-sync.yaml b/libvirt/templates/job-image-repo-sync.yaml new file mode 100644 index 000000000..c24dd75cc --- /dev/null +++ b/libvirt/templates/job-image-repo-sync.yaml @@ -0,0 +1,20 @@ +{{/* +Copyright 2017 The Openstack-Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if and .Values.manifests.job_image_repo_sync .Values.images.local_registry.active }} +{{- $imageRepoSyncJob := dict "envAll" . "serviceName" "libvirt" -}} +{{ $imageRepoSyncJob | include "helm-toolkit.manifests.job_image_repo_sync" }} +{{- end }} diff --git a/libvirt/templates/utils/_to_libvirt_conf.tpl b/libvirt/templates/utils/_to_libvirt_conf.tpl new file mode 100644 index 000000000..8d7c712a4 --- /dev/null +++ b/libvirt/templates/utils/_to_libvirt_conf.tpl @@ -0,0 +1,53 @@ +{{/* +Copyright 2017 The Openstack-Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{/* +abstract: | + Builds a libvirt compatible config file. +values: | + conf: + libvirt: + log_level: 3 + cgroup_controllers: + - cpu + - cpuacct +usage: | + {{ include "libvirt.utils.to_libvirt_conf" .Values.conf.libvirt }} +return: | + cgroup_controllers = [ "cpu", "cpuacct" ] + log_level = 3 +*/}} + +{{- define "libvirt.utils._to_libvirt_conf.list_to_string" -}} +{{- $local := dict "first" true -}} +{{- range $k, $v := . -}}{{- if not $local.first -}}, {{ end -}}{{- $v | quote -}}{{- $_ := set $local "first" false -}}{{- end -}} +{{- end -}} + +{{- define "libvirt.utils.to_libvirt_conf" -}} +{{- range $key, $value := . -}} +{{- if kindIs "slice" $value }} +{{ $key }} = [ {{ include "libvirt.utils._to_libvirt_conf.list_to_string" $value }} ] +{{- else if kindIs "string" $value }} +{{- if regexMatch "^[0-9]+$" $value }} +{{ $key }} = {{ $value }} +{{- else }} +{{ $key }} = {{ $value | quote }} +{{- end }} +{{- else }} +{{ $key }} = {{ $value }} +{{- end }} +{{- end -}} +{{- end -}} diff --git a/libvirt/values.yaml b/libvirt/values.yaml new file mode 100644 index 000000000..6ab6b7282 --- /dev/null +++ b/libvirt/values.yaml @@ -0,0 +1,165 @@ +# Copyright 2017 The Openstack-Helm Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Default values for libvirt. +# This is a YAML-formatted file. +# Declare name/value pairs to be passed into your templates. +# name: value + +release_group: null + +labels: + agent: + libvirt: + node_selector_key: openstack-compute-node + node_selector_value: enabled + +images: + tags: + libvirt: docker.io/openstackhelm/libvirt:ubuntu-xenial-1.3.1 + dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 + image_repo_sync: docker.io/docker:17.07.0 + pull_policy: "IfNotPresent" + local_registry: + active: false + exclude: + - dep_check + - image_repo_sync + +network: + # provide what type of network wiring will be used + # possible options: openvswitch, linuxbridge, sriov + backend: + - openvswitch + +endpoints: + cluster_domain_suffix: cluster.local + local_image_registry: + name: docker-registry + namespace: docker-registry + hosts: + default: localhost + internal: docker-registry + node: localhost + host_fqdn_override: + default: null + port: + registry: + node: 5000 + +ceph_client: + configmap: ceph-etc + user_secret_name: pvc-ceph-client-key + +conf: + ceph: + enabled: true + admin_keyring: null + cinder: + user: "cinder" + keyring: null + secret_uuid: 457eb676-33da-42ec-9a8c-9293d545c337 + libvirt: + listen_tcp: "1" + listen_tls: "0" + auth_tcp: "none" + ca_file: "" + listen_addr: 127.0.0.1 + log_level: "3" + qemu: + stdio_handler: "file" + user: "nova" + group: "kvm" + +pod: + affinity: + anti: + type: + default: preferredDuringSchedulingIgnoredDuringExecution + topologyKey: + default: kubernetes.io/hostname + mounts: + libvirt: + init_container: null + libvirt: + lifecycle: + upgrades: + daemonsets: + pod_replacement_strategy: RollingUpdate + libvirt: + enabled: true + min_ready_seconds: 0 + max_unavailable: 1 + resources: + enabled: false + libvirt: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" + jobs: + image_repo_sync: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" + +dependencies: + dynamic: + common: + local_image_registry: + jobs: + - libvirt-image-repo-sync + services: + - endpoint: node + service: local_image_registry + targeted: + openvswitch: + libvirt: + pod: + - requireSameNode: true + labels: + application: neutron + component: neutron-ovs-agent + linuxbridge: + libvirt: + pod: + - requireSameNode: true + labels: + application: neutron + component: neutron-lb-agent + sriov: + libvirt: + pod: + - requireSameNode: true + labels: + application: neutron + component: neutron-sriov-agent + static: + libvirt: + services: null + image_repo_sync: + services: + - endpoint: internal + service: local_image_registry + +manifests: + configmap_bin: true + configmap_etc: true + daemonset_libvirt: true + job_image_repo_sync: true diff --git a/playbooks/osh-infra-openstack-support.yaml b/playbooks/osh-infra-openstack-support.yaml index ee1cfaafc..26da181cd 100644 --- a/playbooks/osh-infra-openstack-support.yaml +++ b/playbooks/osh-infra-openstack-support.yaml @@ -66,6 +66,12 @@ ./tools/deployment/openstack-support/035-mariadb.sh args: chdir: "{{ zuul.project.src_dir }}" + - name: Deploy Libvirt + shell: | + set -xe; + ./tools/deployment/openstack-support/040-libvirt.sh + args: + chdir: "{{ zuul.project.src_dir }}" - name: Deploy Openvswitch shell: | set -xe; diff --git a/tools/deployment/openstack-support/040-libvirt.sh b/tools/deployment/openstack-support/040-libvirt.sh new file mode 100755 index 000000000..a214a4fb0 --- /dev/null +++ b/tools/deployment/openstack-support/040-libvirt.sh @@ -0,0 +1,28 @@ +#!/bin/bash + +# Copyright 2017 The Openstack-Helm Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +set -xe + +#NOTE: Lint and package chart +make libvirt + +#NOTE: Deploy command +helm upgrade --install libvirt ./libvirt \ + --namespace=openstack \ + --set conf.ceph.enabled=false \ + --set network.backend="null" + +#NOTE: Validate Deployment info +helm status libvirt