Libvirt: support per node overrides

This commit adds support for per-node overrides to the libvirt chart. For example, to enable a relaxed ACS check on one host, but not another, one may have the following in the override values file: conf: overrides: libvirt_libvirt: hosts: - name: host1.fqdn conf: qemu: relaxed_acs_check: 1 - name: host2.fqdn conf: qemu: relaxed_acs_check: 0 Story: 2005283 Task: 30140 Change-Id: Ia3431db6b78692ec0140cce1bab9bae5937318a4 Signed-off-by: Steven Webster <steven.webster@windriver.com>
2019-03-21 09:24:44 -04:00 · 2019-03-21 09:24:44 -04:00 · 96d2c00391
commit 96d2c00391
parent 85c204fee8
2 changed files with 45 additions and 19 deletions
--- a/libvirt/templates/configmap-etc.yaml
+++ b/libvirt/templates/configmap-etc.yaml
@ -14,15 +14,23 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */}}

-{{- if .Values.manifests.configmap_etc }}
+{{- define "libvirt.configmap.etc" }}
+{{- $configMapName := index . 0 }}
+{{- $envAll := index . 1 }}
+{{- with $envAll }}
+
 ---
 apiVersion: v1
-kind: ConfigMap
+kind: Secret
 metadata:
-  name: libvirt-etc
+  name: {{ $configMapName }}
+type: Opaque
 data:
-  libvirtd.conf: |
-{{- include "libvirt.utils.to_libvirt_conf" .Values.conf.libvirt | indent 4 }}
-  qemu.conf: |
-{{- include "libvirt.utils.to_libvirt_conf" .Values.conf.qemu | indent 4 }}
+  libvirtd.conf: {{ include "libvirt.utils.to_libvirt_conf" .Values.conf.libvirt | b64enc }}
+  qemu.conf: {{ include "libvirt.utils.to_libvirt_conf" .Values.conf.qemu | b64enc }}
+{{- end }}
+{{- end }}
+
+{{- if .Values.manifests.configmap_etc }}
+{{- list "libvirt-etc" . | include "libvirt.configmap.etc" }}
 {{- end }}
--- a/libvirt/templates/daemonset-libvirt.yaml
+++ b/libvirt/templates/daemonset-libvirt.yaml
@ -14,16 +14,16 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */}}

-{{- if .Values.manifests.daemonset_libvirt }}
-{{- $envAll := . }}
-{{- $dependencyOpts := dict "envAll" $envAll "dependencyMixinParam" $envAll.Values.network.backend "dependencyKey" "libvirt" -}}
-{{- $_ := include "helm-toolkit.utils.dependency_resolver" $dependencyOpts | toString | fromYaml }}
+{{- define "libvirt.daemonset" }}
+{{- $daemonset := index . 0 }}
+{{- $configMapName := index . 1 }}
+{{- $serviceAccountName := index . 2 }}
+{{- $envAll := index . 3 }}
+{{- with $envAll }}

 {{- $mounts_libvirt := .Values.pod.mounts.libvirt.libvirt }}
 {{- $mounts_libvirt_init := .Values.pod.mounts.libvirt.init_container }}

-{{- $serviceAccountName := "libvirt" }}
-{{ tuple $envAll "pod_dependency" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
 ---
 apiVersion: apps/v1
 kind: DaemonSet
@ -32,16 +32,16 @@ metadata:
  annotations:
    {{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
  labels:
-{{ tuple $envAll "libvirt" "libvirt" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
+{{ tuple $envAll .Chart.Name $daemonset | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
 spec:
  selector:
    matchLabels:
-{{ tuple $envAll "libvirt" "libvirt" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
-{{ tuple $envAll "libvirt" | include "helm-toolkit.snippets.kubernetes_upgrades_daemonset" | indent 2 }}
+{{ tuple $envAll .Chart.Name $daemonset | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
+{{ tuple $envAll $daemonset | include "helm-toolkit.snippets.kubernetes_upgrades_daemonset" | indent 2 }}
  template:
    metadata:
      labels:
-{{ tuple $envAll "libvirt" "libvirt" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
+{{ tuple $envAll .Chart.Name $daemonset | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
      annotations:
 {{- dict "envAll" $envAll "podName" "libvirt" "containerNames" (list "libvirt") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
 {{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
@ -194,8 +194,8 @@ spec:
            name: libvirt-bin
            defaultMode: 0555
        - name: libvirt-etc
-          configMap:
-            name: libvirt-etc
+          secret:
+            secretName: {{ $configMapName }}
            defaultMode: 0444
        {{- if .Values.conf.ceph.enabled }}
        - name: etcceph
@ -241,3 +241,21 @@ spec:
 {{ dict "envAll" $envAll "component" "libvirt" "requireSys" true | include "helm-toolkit.snippets.kubernetes_apparmor_volumes" | indent 8 }}
 {{ if $mounts_libvirt.volumes }}{{ toYaml $mounts_libvirt.volumes | indent 8 }}{{ end }}
 {{- end }}
+{{- end }}
+
+{{- if .Values.manifests.daemonset_libvirt }}
+
+{{- $envAll := . }}
+{{- $daemonset := "libvirt" }}
+{{- $configMapName := "libvirt-etc" }}
+{{- $serviceAccountName := "libvirt" }}
+
+{{- $dependencyOpts := dict "envAll" $envAll "dependencyMixinParam" $envAll.Values.network.backend "dependencyKey" "libvirt" -}}
+{{- $_ := include "helm-toolkit.utils.dependency_resolver" $dependencyOpts | toString | fromYaml }}
+
+{{ tuple $envAll "pod_dependency" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
+{{- $daemonset_yaml := list $daemonset $configMapName $serviceAccountName . | include "libvirt.daemonset" | toString | fromYaml }}
+{{- $configmap_yaml := "libvirt.configmap.etc" }}
+{{- list $daemonset $daemonset_yaml $configmap_yaml $configMapName . | include "helm-toolkit.utils.daemonset_overrides" }}
+
+{{- end }}