[libvirt] Allow to generate dynamic config options

It may be required to use some dynamic options such as IP address from interface where to bind service. This patch adds ability to use dynamic logic in option detection and fill it in the configuration file later. Co-Authored-By: dbiletskiy <dbiletskiy@mirantis.com> Change-Id: I8cc7da4935c11c50165a75b466d41f7d0da3e77c
2024-09-16 14:48:58 +00:00 · 2024-09-16 14:48:58 +00:00 · 96e9104066
commit 96e9104066
parent 8a108e4bcf
6 changed files with 58 additions and 4 deletions
--- a/libvirt/Chart.yaml
+++ b/libvirt/Chart.yaml
@ -15,7 +15,7 @@ apiVersion: v1
 appVersion: v1.0.0
 description: OpenStack-Helm libvirt
 name: libvirt
-version: 0.1.35
+version: 0.1.36
 home: https://libvirt.org
 sources:
  - https://libvirt.org/git/?p=libvirt.git;a=summary
--- a/libvirt/templates/configmap-bin.yaml
+++ b/libvirt/templates/configmap-bin.yaml
@ -37,4 +37,5 @@ data:
 {{ tuple "bin/_ceph-admin-keyring.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
 {{- end }}
 {{- include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" .Values.conf.init_modules.script "key" "libvirt-init-modules.sh") | indent 2 }}
 {{- include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" .Values.conf.dynamic_options.script "key" "init-dynamic-options.sh") | indent 2 }}
 {{- end }}
--- a/libvirt/templates/configmap-etc.yaml
+++ b/libvirt/templates/configmap-etc.yaml
@ -24,7 +24,6 @@ metadata:
  name: {{ $configMapName }}
 type: Opaque
 data:
  libvirtd.conf: {{ include "libvirt.utils.to_libvirt_conf" .Values.conf.libvirt | b64enc }}
  qemu.conf: {{ include "libvirt.utils.to_libvirt_conf" .Values.conf.qemu | b64enc }}
 {{- end }}
 {{- end }}
--- a/libvirt/templates/daemonset-libvirt.yaml
+++ b/libvirt/templates/daemonset-libvirt.yaml
@ -100,6 +100,21 @@ spec:
              subPath: libvirt-init-modules.sh
              readOnly: true
 {{- end }}
        - name: init-dynamic-options
 {{ tuple $envAll "libvirt" | include "helm-toolkit.snippets.image" | indent 10 }}
 {{ dict "envAll" $envAll "application" "libvirt" "container" "init_dynamic_options" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
          terminationMessagePath: /var/log/termination-log
          command:
            - /tmp/init-dynamic-options.sh
          volumeMounts:
            - name: pod-tmp
              mountPath: /tmp
            - name: pod-shared
              mountPath: /tmp/pod-shared
            - name: libvirt-bin
              mountPath: /tmp/init-dynamic-options.sh
              subPath: init-dynamic-options.sh
              readOnly: true
 {{- if eq .Values.conf.qemu.vnc_tls "1" }}
        - name: cert-init-vnc
 {{ tuple $envAll "kubectl" | include "helm-toolkit.snippets.image" | indent 10 }}
@ -233,7 +248,7 @@ spec:
              mountPath: /tmp/libvirt.sh
              subPath: libvirt.sh
              readOnly: true
-            - name: libvirt-etc
+            - name: pod-shared
              mountPath: /etc/libvirt/libvirtd.conf
              subPath: libvirtd.conf
              readOnly: true
@ -381,6 +396,8 @@ spec:
          hostPath:
            path: /
            type: Directory
        - name: pod-shared
          emptyDir: {}
 {{ dict "envAll" $envAll "component" "libvirt" "requireSys" true | include "helm-toolkit.snippets.kubernetes_apparmor_volumes" | indent 8 }}
 {{ if $mounts_libvirt.volumes }}{{ toYaml $mounts_libvirt.volumes | indent 8 }}{{ end }}
 {{- end }}
--- a/libvirt/values.yaml
+++ b/libvirt/values.yaml
@ -112,9 +112,37 @@ conf:
    cert_file: "/etc/pki/libvirt/servercert.pem"
    key_file: "/etc/pki/libvirt/private/serverkey.pem"
    auth_unix_rw: "none"
-    listen_addr: 127.0.0.1
+    listen_addr: "${LISTEN_IP_ADDRESS}"
    log_level: "3"
    log_outputs: "1:file:/var/log/libvirt/libvirtd.log"
  # Modifies the config in which value is specified as the name of a variable
  # that is computed in the script.
  dynamic_options:
    libvirt:
      listen_interface: null
      listen_address: 127.0.0.1
    script: |
      #!/bin/bash
      set -ex
      LIBVIRT_CONF_PATH=/tmp/pod-shared/libvirtd.conf
      {{- if .Values.conf.dynamic_options.libvirt.listen_interface }}
      LISTEN_INTERFACE="{{ .Values.conf.dynamic_options.libvirt.listen_interface }}"
      LISTEN_IP_ADDRESS=$(ip address show $LISTEN_INTERFACE | grep 'inet ' | awk '{print $2}' | awk -F "/" '{print $1}')
      {{- else if .Values.conf.dynamic_options.libvirt.listen_address }}
      LISTEN_IP_ADDRESS={{ .Values.conf.dynamic_options.libvirt.listen_address }}
      {{- end }}
      if [[ -z $LISTEN_IP_ADDRESS ]]; then
          echo "LISTEN_IP_ADDRESS is not set."
          exit 1
      fi
      tee > ${LIBVIRT_CONF_PATH} << EOF
      {{ include "libvirt.utils.to_libvirt_conf" .Values.conf.libvirt }}
      EOF
  qemu:
    vnc_tls: "0"
    vnc_tls_x509_verify: "0"
@ -254,6 +282,14 @@ pod:
          capabilities:
            drop:
              - ALL
        init_dynamic_options:
          runAsUser: 65534
          runAsNonRoot: true
          readOnlyRootFilesystem: true
          allowPrivilegeEscalation: false
          capabilities:
            drop:
              - ALL
  sidecars:
    libvirt_exporter: false
--- a/releasenotes/notes/libvirt.yaml
+++ b/releasenotes/notes/libvirt.yaml
@ -36,4 +36,5 @@ libvirt:
  - 0.1.33 Handle cgroupv2 correctly
  - 0.1.34 Remove hugepages creation test
  - 0.1.35 Allow to initialize virtualization modules
  - 0.1.36 Allow to generate dynamic config options
 ...