diff --git a/prometheus-openstack-exporter/templates/bin/_openstack-exporter.sh.tpl b/prometheus-openstack-exporter/templates/bin/_prometheus-openstack-exporter.sh.tpl similarity index 100% rename from prometheus-openstack-exporter/templates/bin/_openstack-exporter.sh.tpl rename to prometheus-openstack-exporter/templates/bin/_prometheus-openstack-exporter.sh.tpl diff --git a/prometheus-openstack-exporter/templates/configmap-bin.yaml b/prometheus-openstack-exporter/templates/configmap-bin.yaml index 7674d116c..1df9ef260 100644 --- a/prometheus-openstack-exporter/templates/configmap-bin.yaml +++ b/prometheus-openstack-exporter/templates/configmap-bin.yaml @@ -20,10 +20,12 @@ limitations under the License. apiVersion: v1 kind: ConfigMap metadata: - name: openstack-exporter-bin + name: prometheus-openstack-exporter-bin data: image-repo-sync.sh: |+ {{- include "helm-toolkit.scripts.image_repo_sync" . | indent 4 }} - openstack-exporter.sh: | -{{ tuple "bin/_openstack-exporter.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} + ks-user.sh: |+ +{{- include "helm-toolkit.scripts.keystone_user" . | indent 4 }} + prometheus-openstack-exporter.sh: | +{{ tuple "bin/_prometheus-openstack-exporter.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} {{- end }} diff --git a/prometheus-openstack-exporter/templates/deployment.yaml b/prometheus-openstack-exporter/templates/deployment.yaml index b90ed0d39..f7bc60978 100644 --- a/prometheus-openstack-exporter/templates/deployment.yaml +++ b/prometheus-openstack-exporter/templates/deployment.yaml @@ -18,9 +18,9 @@ limitations under the License. {{- $envAll := . }} {{- $ksUserSecret := .Values.secrets.identity.user }} {{- if .Values.images.local_registry.active -}} -{{- $_ := set .Values "pod_dependency" (merge .Values.dependencies.openstack_metrics_exporter .Values.conditional_dependencies.local_image_registry) -}} +{{- $_ := set .Values "pod_dependency" (merge .Values.dependencies.prometheus_openstack_exporter .Values.conditional_dependencies.local_image_registry) -}} {{- else -}} -{{- $_ := set .Values "pod_dependency" .Values.dependencies.openstack_metrics_exporter -}} +{{- $_ := set .Values "pod_dependency" .Values.dependencies.prometheus_openstack_exporter -}} {{- end -}} {{- $serviceAccountName := "prometheus-openstack-exporter" }} @@ -29,51 +29,52 @@ limitations under the License. apiVersion: extensions/v1beta1 kind: Deployment metadata: - name: openstack-exporter + name: prometheus-openstack-exporter spec: - replicas: {{ .Values.pod.replicas.openstack_metrics_exporter }} + replicas: {{ .Values.pod.replicas.prometheus_openstack_exporter }} {{ tuple $envAll | include "helm-toolkit.snippets.kubernetes_upgrades_deployment" | indent 2 }} template: metadata: labels: -{{ tuple $envAll "openstack-exporter" "exporter" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }} +{{ tuple $envAll "prometheus-openstack-exporter" "exporter" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }} spec: serviceAccountName: {{ $serviceAccountName }} nodeSelector: {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} - terminationGracePeriodSeconds: {{ .Values.pod.lifecycle.termination_grace_period.openstack_metrics_exporter.timeout | default "30" }} + terminationGracePeriodSeconds: {{ .Values.pod.lifecycle.termination_grace_period.prometheus_openstack_exporter.timeout | default "30" }} initContainers: {{ tuple $envAll .Values.pod_dependency list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: openstack-metrics-exporter -{{ tuple $envAll "openstack_metrics_exporter" | include "helm-toolkit.snippets.image" | indent 10 }} -{{ tuple $envAll $envAll.Values.pod.resources.openstack_metrics_exporter | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }} +{{ tuple $envAll "prometheus_openstack_exporter" | include "helm-toolkit.snippets.image" | indent 10 }} +{{ tuple $envAll $envAll.Values.pod.resources.prometheus_openstack_exporter | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }} command: - - /tmp/openstack-exporter.sh + - /tmp/prometheus-openstack-exporter.sh - start + lifecycle: + preStop: + exec: + command: + - /tmp/prometheus-openstack-exporter.sh + - stop ports: - name: metrics - containerPort: {{ .Values.network.openstack_metrics_exporter.port }} + containerPort: {{ tuple "prometheus_openstack_exporter" "internal" "exporter" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }} env: - - name: TIMEOUT_SECONDS - value: "{{ .Values.conf.openstack_metrics_exporter.timeout_seconds }}" - - name: OS_POLLING_INTERVAL - value: "{{ .Values.conf.openstack_metrics_exporter.polling_interval_seconds }}" - - name: OS_RETRIES - value: "{{ .Values.conf.openstack_metrics_exporter.retries }}" - name: LISTEN_PORT - value: "{{ .Values.network.openstack_metrics_exporter.port }}" + value: {{ tuple "prometheus_openstack_exporter" "internal" "exporter" . | include "helm-toolkit.endpoints.endpoint_port_lookup" | quote }} +{{ include "helm-toolkit.utils.to_k8s_env_vars" .Values.conf.prometheus_openstack_exporter | indent 12 }} {{- with $env := dict "ksUserSecret" $ksUserSecret }} {{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }} {{- end }} volumeMounts: - - name: openstack-exporter-bin - mountPath: /tmp/openstack-exporter.sh - subPath: openstack-exporter.sh + - name: prometheus-openstack-exporter-bin + mountPath: /tmp/prometheus-openstack-exporter.sh + subPath: prometheus-openstack-exporter.sh readOnly: true volumes: - - name: openstack-exporter-bin + - name: prometheus-openstack-exporter-bin configMap: - name: openstack-exporter-bin + name: prometheus-openstack-exporter-bin defaultMode: 0555 {{- end }} diff --git a/prometheus-openstack-exporter/templates/job-image-repo-sync.yaml b/prometheus-openstack-exporter/templates/job-image-repo-sync.yaml index 5cdc4185b..589ebb877 100644 --- a/prometheus-openstack-exporter/templates/job-image-repo-sync.yaml +++ b/prometheus-openstack-exporter/templates/job-image-repo-sync.yaml @@ -19,14 +19,14 @@ limitations under the License. {{- if .Values.images.local_registry.active -}} {{- $_ := set .Values "pod_dependency" .Values.dependencies.image_repo_sync -}} -{{- $serviceAccountName := "openstack-exporter-image-repo-sync"}} +{{- $serviceAccountName := "prometheus-openstack-exporter-image-repo-sync"}} {{ tuple $envAll $envAll.Values.pod_dependency $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: batch/v1 kind: Job metadata: - name: openstack-metrics-exporter-image-repo-sync + name: prometheus-openstack-exporter-image-repo-sync spec: template: metadata: @@ -51,16 +51,16 @@ spec: command: - /tmp/image-repo-sync.sh volumeMounts: - - name: openstack-exporter-bin + - name: prometheus-openstack-exporter-bin mountPath: /tmp/image-repo-sync.sh subPath: image-repo-sync.sh readOnly: true - name: docker-socket mountPath: /var/run/docker.sock volumes: - - name: openstack-exporter-bin + - name: prometheus-openstack-exporter-bin configMap: - name: openstack-exporter-bin + name: prometheus-openstack-exporter-bin defaultMode: 0555 - name: docker-socket hostPath: diff --git a/prometheus-openstack-exporter/templates/job-ks-user.yaml b/prometheus-openstack-exporter/templates/job-ks-user.yaml new file mode 100644 index 000000000..d559b02d9 --- /dev/null +++ b/prometheus-openstack-exporter/templates/job-ks-user.yaml @@ -0,0 +1,67 @@ +{{/* +Copyright 2017 The Openstack-Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if .Values.manifests.job_ks_user }} +{{- $envAll := . }} +{{- $dependencies := .Values.dependencies.ks_user }} + +{{- $serviceAccountName := "prometheus-openstack-exporter-ks-user" }} +{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +--- +apiVersion: batch/v1 +kind: Job +metadata: + name: prometheus-openstack-exporter-ks-user +spec: + template: + metadata: + labels: +{{ tuple $envAll "prometheus-openstack-exporter" "ks-user" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }} + spec: + serviceAccountName: {{ $serviceAccountName }} + restartPolicy: OnFailure + nodeSelector: + {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} + initContainers: +{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} + containers: + - name: prometheus-openstack-exporter-ks-user +{{ tuple $envAll "ks_user" | include "helm-toolkit.snippets.image" | indent 10 }} +{{ tuple $envAll $envAll.Values.pod.resources.jobs.ks_user | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }} + command: + - /tmp/ks-user.sh + volumeMounts: + - name: ks-user-sh + mountPath: /tmp/ks-user.sh + subPath: ks-user.sh + readOnly: true + env: +{{- with $env := dict "ksUserSecret" .Values.secrets.identity.admin }} +{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }} +{{- end }} + - name: SERVICE_OS_SERVICE_NAME + value: "prometheus-openstack-exporter" +{{- with $env := dict "ksUserSecret" .Values.secrets.identity.user }} +{{- include "helm-toolkit.snippets.keystone_user_create_env_vars" $env | indent 12 }} +{{- end }} + - name: SERVICE_OS_ROLE + value: {{ .Values.endpoints.identity.auth.user.role | quote }} + volumes: + - name: ks-user-sh + configMap: + name: prometheus-openstack-exporter-bin + defaultMode: 0555 +{{- end }} diff --git a/prometheus-openstack-exporter/templates/secret-openstack-metrics-user.yaml b/prometheus-openstack-exporter/templates/secret-keystone.yaml similarity index 69% rename from prometheus-openstack-exporter/templates/secret-openstack-metrics-user.yaml rename to prometheus-openstack-exporter/templates/secret-keystone.yaml index 1e6deb3da..2f159e298 100644 --- a/prometheus-openstack-exporter/templates/secret-openstack-metrics-user.yaml +++ b/prometheus-openstack-exporter/templates/secret-keystone.yaml @@ -14,16 +14,17 @@ See the License for the specific language governing permissions and limitations under the License. */}} -{{- if .Values.manifests.openstack_metrics_user }} +{{- if .Values.manifests.secret_keystone }} {{- $envAll := . }} -{{- $secretName := index $envAll.Values.secrets.identity.user }} +{{- range $key1, $userClass := tuple "admin" "user" }} +{{- $secretName := index $envAll.Values.secrets.identity $userClass }} --- apiVersion: v1 kind: Secret metadata: name: {{ $secretName }} - namespace: {{ $envAll.Values.endpoints.openstack_metrics_exporter.namespace }} type: Opaque data: -{{- tuple "user" "internal" $envAll | include "helm-toolkit.snippets.keystone_secret_openrc" | indent 2 -}} +{{- tuple $userClass "internal" $envAll | include "helm-toolkit.snippets.keystone_secret_openrc" | indent 2 -}} +{{- end }} {{- end }} diff --git a/prometheus-openstack-exporter/templates/service.yaml b/prometheus-openstack-exporter/templates/service.yaml index 678e4a795..5657aafd5 100644 --- a/prometheus-openstack-exporter/templates/service.yaml +++ b/prometheus-openstack-exporter/templates/service.yaml @@ -14,23 +14,23 @@ See the License for the specific language governing permissions and limitations under the License. */}} -{{- if .Values.manifests.service_openstack_metrics_exporter }} +{{- if .Values.manifests.service }} {{- $envAll := . }} -{{- $endpoint := $envAll.Values.endpoints.openstack_metrics_exporter }} +{{- $endpoint := $envAll.Values.endpoints.prometheus_openstack_exporter }} --- apiVersion: v1 kind: Service metadata: - name: {{ tuple "openstack_metrics_exporter" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }} + name: {{ tuple "prometheus_openstack_exporter" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }} labels: -{{ tuple $envAll "openstack-exporter" "metrics" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }} +{{ tuple $envAll "prometheus-openstack-exporter" "metrics" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }} annotations: {{ tuple $endpoint | include "helm-toolkit.snippets.prometheus_service_annotations" | indent 4 }} spec: ports: - name: http - port: {{ .Values.network.openstack_metrics_exporter.port }} - targetPort: {{ .Values.network.openstack_metrics_exporter.port }} + port: {{ tuple "prometheus_openstack_exporter" "internal" "exporter" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }} + targetPort: {{ tuple "prometheus_openstack_exporter" "internal" "exporter" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }} selector: -{{ tuple $envAll "openstack-exporter" "exporter" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }} +{{ tuple $envAll "prometheus-openstack-exporter" "exporter" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }} {{- end }} diff --git a/prometheus-openstack-exporter/values.yaml b/prometheus-openstack-exporter/values.yaml index 1775a2075..8aad85587 100644 --- a/prometheus-openstack-exporter/values.yaml +++ b/prometheus-openstack-exporter/values.yaml @@ -12,17 +12,17 @@ # See the License for the specific language governing permissions and # limitations under the License. -# Default values for kube-state-metrics. +# Default values for prometheus-openstack-exporter. # This is a YAML-formatted file. # Declare variables to be passed into your templates. images: tags: - openstack_metrics_exporter: docker.io/rakeshpatnaik/prometheus-openstack-exporter:v0.1 + prometheus_openstack_exporter: docker.io/rakeshpatnaik/prometheus-openstack-exporter:v0.1 helm_tests: docker.io/kolla/ubuntu-source-kolla-toolbox:3.0.3 - pull_policy: IfNotPresent dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.2.1 image_repo_sync: docker.io/docker:17.07.0 + ks_user: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 pull_policy: IfNotPresent local_registry: active: false @@ -36,17 +36,17 @@ labels: pod: affinity: - anti: - type: - default: preferredDuringSchedulingIgnoredDuringExecution - topologyKey: - default: kubernetes.io/hostname + anti: + type: + default: preferredDuringSchedulingIgnoredDuringExecution + topologyKey: + default: kubernetes.io/hostname mounts: - openstack_metrics_exporter: - openstack_metrics_exporter: + prometheus_openstack_exporter: + prometheus_openstack_exporter: init_container: null replicas: - openstack_metrics_exporter: 1 + prometheus_openstack_exporter: 1 lifecycle: upgrades: revision_history: 3 @@ -55,7 +55,7 @@ pod: max_unavailable: 1 max_surge: 3 termination_grace_period: - openstack_metrics_exporter: + prometheus_openstack_exporter: timeout: 30 resources: enabled: false @@ -74,12 +74,25 @@ pod: limits: memory: "1024Mi" cpu: "2000m" - -secrets: - identity: - user: openstack-metrics-user + ks_user: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" dependencies: + ks_user: + services: + - service: identity + endpoint: internal + prometheus_openstack_exporter: + jobs: + - prometheus-openstack-exporter-ks-user + services: + - service: identity + endpoint: internal image_repo_sync: services: - service: local_image_registry @@ -88,18 +101,21 @@ dependencies: conditional_dependencies: local_image_registry: jobs: - - openstack-metrics-exporter-image-repo-sync + - prometheus-openstack-exporter-image-repo-sync services: - service: local_image_registry endpoint: node conf: - openstack_metrics_exporter: - polling_interval_seconds: 30 - timeout_seconds: 20 - retries: 1 - os_cpu_oc_ratio: 1.5 - os_ram_oc_ratio: 1.0 + prometheus_openstack_exporter: + OS_POLLING_INTERVAL: 30 + TIMEOUT_SECONDS: 20 + OS_RETRIES: 1 + +secrets: + identity: + admin: prometheus-openstack-exporter-keystone-admin + user: prometheus-openstack-exporter-keystone-user endpoints: cluster_domain_suffix: cluster.local @@ -115,7 +131,7 @@ endpoints: port: registry: node: 5000 - openstack_metrics_exporter: + prometheus_openstack_exporter: namespace: null hosts: default: openstack-metrics @@ -125,14 +141,24 @@ endpoints: default: null scheme: default: 'http' + port: + exporter: + default: 9103 scrape: true identity: name: keystone auth: + admin: + region_name: RegionOne + username: admin + password: password + project_name: admin + user_domain_name: default + project_domain_name: default user: role: admin region_name: RegionOne - username: nova + username: prometheus-openstack-exporter password: password project_name: service user_domain_name: default @@ -152,17 +178,10 @@ endpoints: api: default: 80 -network: - openstack_metrics_exporter: - port: 9103 - manifests: configmap_bin: true - clusterrole: true - clusterrolebinding: true deployment: true job_image_repo_sync: true - rbac_entrypoint: true - service_openstack_metrics_exporter: true - serviceaccount: true - openstack_metrics_user: true + job_ks_user: true + secret_keystone: true + service: true diff --git a/tools/gate/chart-deploys/default.yaml b/tools/gate/chart-deploys/default.yaml index ff049e6c2..ac0c21695 100644 --- a/tools/gate/chart-deploys/default.yaml +++ b/tools/gate/chart-deploys/default.yaml @@ -145,6 +145,15 @@ charts: enabled: false timeout: 300 output: false + values: + # NOTE(portdirect): Keystone Management is disabled here, as keystone is + # not deployed in the OSH infra gates. + manifests: + job_ks_user: false + dependencies: + prometheus_openstack_exporter: + jobs: null + services: null grafana: chart_name: grafana