openstack/openstack-helm
Code Issues Proposed changes

Merge pull request #262 from alanmeadows/keystone_config_squashed

Browse Source 
Configuration Management Overrides for Keystone
This commit is contained in:
Brandon B. Jozsa 2017-03-23 15:01:24 -04:00 committed by GitHub
commit 2f1b04dcbe
62 changed files with 4015 additions and 193 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
cinder/templates/deployment-api.yaml
View File

@ -36,7 +36,7 @@ spec:
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.hash" }}
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.hash" }}
pod.beta.kubernetes.io/init-containers: '[
{{ tuple $envAll $dependencies | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
]'
spec:
nodeSelector:

2
cinder/templates/deployment-scheduler.yaml
View File

@ -36,7 +36,7 @@ spec:
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.hash" }}
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.hash" }}
pod.beta.kubernetes.io/init-containers: '[
{{ tuple $envAll $dependencies | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
]'
spec:
nodeSelector:

2
cinder/templates/deployment-volume.yaml
View File

@ -36,7 +36,7 @@ spec:
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.hash" }}
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.hash" }}
pod.beta.kubernetes.io/init-containers: '[
{{ tuple $envAll $dependencies | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
]'
spec:
nodeSelector:

2
cinder/templates/job-db-init.yaml
View File

@ -23,7 +23,7 @@ spec:
metadata:
annotations:
pod.beta.kubernetes.io/init-containers: '[
{{ tuple $envAll $dependencies | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
]'
spec:
restartPolicy: OnFailure

2
cinder/templates/job-db-sync.yaml
View File

@ -23,7 +23,7 @@ spec:
metadata:
annotations:
pod.beta.kubernetes.io/init-containers: '[
{{ tuple $envAll $dependencies | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
]'
spec:
restartPolicy: OnFailure

2
cinder/templates/job-ks-endpoints.yaml
View File

@ -24,7 +24,7 @@ spec:
metadata:
annotations:
pod.beta.kubernetes.io/init-containers: '[
{{ tuple $envAll $dependencies | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
]'
spec:
restartPolicy: OnFailure

2
cinder/templates/job-ks-service.yaml
View File

@ -24,7 +24,7 @@ spec:
metadata:
annotations:
pod.beta.kubernetes.io/init-containers: '[
{{ tuple $envAll $dependencies | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
]'
spec:
restartPolicy: OnFailure

2
cinder/templates/job-ks-user.yaml
View File

@ -25,7 +25,7 @@ spec:
metadata:
annotations:
pod.beta.kubernetes.io/init-containers: '[
{{ tuple $envAll $dependencies | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
]'
spec:
restartPolicy: OnFailure

2
glance/templates/deployment-api.yaml
View File

@ -40,7 +40,7 @@ spec:
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.hash" }}
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.hash" }}
pod.beta.kubernetes.io/init-containers: '[
{{ tuple $envAll $dependencies | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
]'
spec:
nodeSelector:

2
glance/templates/deployment-registry.yaml
View File

@ -32,7 +32,7 @@ spec:
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.hash" }}
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.hash" }}
pod.beta.kubernetes.io/init-containers: '[
{{ tuple $envAll $dependencies | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
]'
spec:
nodeSelector:

2
glance/templates/job-db-init.yaml
View File

@ -23,7 +23,7 @@ spec:
metadata:
annotations:
pod.beta.kubernetes.io/init-containers: '[
{{ tuple $envAll $dependencies | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
]'
spec:
restartPolicy: OnFailure

2
glance/templates/job-db-sync.yaml
View File

@ -23,7 +23,7 @@ spec:
metadata:
annotations:
pod.beta.kubernetes.io/init-containers: '[
{{ tuple $envAll $dependencies | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
]'
spec:
restartPolicy: OnFailure

2
glance/templates/job-ks-endpoints.yaml
View File

@ -24,7 +24,7 @@ spec:
metadata:
annotations:
pod.beta.kubernetes.io/init-containers: '[
{{ tuple $envAll $dependencies | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
]'
spec:
restartPolicy: OnFailure

2
glance/templates/job-ks-service.yaml
View File

@ -24,7 +24,7 @@ spec:
metadata:
annotations:
pod.beta.kubernetes.io/init-containers: '[
{{ tuple $envAll $dependencies | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
]'
spec:
restartPolicy: OnFailure

2
glance/templates/job-ks-user.yaml
View File

@ -25,7 +25,7 @@ spec:
metadata:
annotations:
pod.beta.kubernetes.io/init-containers: '[
{{ tuple $envAll $dependencies | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
]'
spec:
restartPolicy: OnFailure

2
heat/templates/deployment-api.yaml
View File

@ -26,7 +26,7 @@ spec:
app: heat-api
annotations:
pod.beta.kubernetes.io/init-containers: '[
{{ tuple $envAll $dependencies | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
]'
spec:
nodeSelector:

2
heat/templates/deployment-cfn.yaml
View File

@ -26,7 +26,7 @@ spec:
app: heat-cfn
annotations:
pod.beta.kubernetes.io/init-containers: '[
{{ tuple $envAll $dependencies | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
]'
spec:
nodeSelector:

2
heat/templates/deployment-cloudwatch.yaml
View File

@ -26,7 +26,7 @@ spec:
app: heat-cloudwatch
annotations:
pod.beta.kubernetes.io/init-containers: '[
{{ tuple $envAll $dependencies | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
]'
spec:
nodeSelector:

2
heat/templates/job-db-init.yaml
View File

@ -23,7 +23,7 @@ spec:
metadata:
annotations:
pod.beta.kubernetes.io/init-containers: '[
{{ tuple $envAll $dependencies | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
]'
spec:
restartPolicy: OnFailure

2
heat/templates/job-db-sync.yaml
View File

@ -23,7 +23,7 @@ spec:
metadata:
annotations:
pod.beta.kubernetes.io/init-containers: '[
{{ tuple $envAll $dependencies | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
]'
spec:
restartPolicy: OnFailure

2
heat/templates/job-ks-endpoints.yaml.yaml
View File

@ -24,7 +24,7 @@ spec:
metadata:
annotations:
pod.beta.kubernetes.io/init-containers: '[
{{ tuple $envAll $dependencies | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
]'
spec:
restartPolicy: OnFailure

2
heat/templates/job-ks-service.yaml
View File

@ -24,7 +24,7 @@ spec:
metadata:
annotations:
pod.beta.kubernetes.io/init-containers: '[
{{ tuple $envAll $dependencies | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
]'
spec:
restartPolicy: OnFailure

2
heat/templates/job-ks-user.yaml
View File

@ -28,7 +28,7 @@ spec:
metadata:
annotations:
pod.beta.kubernetes.io/init-containers: '[
{{ tuple $envAll $dependencies | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
]'
spec:
restartPolicy: OnFailure

2
heat/templates/statefulset-engine.yaml
View File

@ -27,7 +27,7 @@ spec:
app: heat-engine
annotations:
pod.beta.kubernetes.io/init-containers: '[
{{ tuple $envAll $dependencies | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
]'
spec:
nodeSelector:

64
helm-toolkit/templates/_endpoints.tpl
View File

@ -16,7 +16,6 @@
# endpoints
#-----------------------------------------
# this function returns the endpoint uri for a service, it takes an tuple
# input in the form: service-type, endpoint-class, port-name. eg:
# { tuple "orchestration" "public" "api" . | include "helm-toolkit.keystone_endpoint_uri_lookup" }
@ -41,6 +40,69 @@
{{- end -}}
{{- end -}}
# this function helps resolve database style endpoints, which really follow the same
# pattern as above, except they have a username and password component
#
# presuming that .Values contains an endpoint: definition for 'neutron-db' with the
# appropriate attributes, a call such as:
#
# { tuple "neutron-db" "internal" "userClass" "portName" . | include "helm-toolkit.authenticated_endpoint_uri_lookup" }
#
# where portName is optional if a default port has been defined in .Values
#
# returns: mysql+pymysql://username:password@internal_host:3306/dbname
{{- define "helm-toolkit.authenticated_endpoint_uri_lookup" -}}
{{- $type := index . 0 -}}
{{- $endpoint := index . 1 -}}
{{- $userclass := index . 2 -}}
{{- $port := index . 3 -}}
{{- $context := index . 4 -}}
{{- $endpointMap := index $context.Values.endpoints $type }}
{{- $userMap := index $endpointMap.auth $userclass }}
{{- $fqdn := $context.Release.Namespace -}}
{{- if $context.Values.endpoints.fqdn -}}
{{- $fqdn := $context.Values.endpoints.fqdn -}}
{{- end -}}
{{- with $endpointMap -}}
{{- $endpointScheme := .scheme }}
{{- $endpointUser := index $userMap "username" }}
{{- $endpointPass := index $userMap "password" }}
{{- $endpointHost := index .hosts $endpoint | default .hosts.default}}
{{- $endpointPort := index .port $port | default .port.default }}
{{- $endpointPath := .path | default "" }}
{{- printf "%s://%s:%s@%s.%s:%1.f%s" $endpointScheme $endpointUser $endpointPass $endpointHost $fqdn $endpointPort $endpointPath -}}
{{- end -}}
{{- end -}}
# this function returns hostnames from endpoint definitions for use cases
# where the uri style return is not appropriate, and only the hostname
# portion is used or relevant in the template
#
# { tuple "memcache" "internal" "portName" . | include "helm-toolkit.hostname_endpoint_uri_lookup" }
#
# returns: internal_host:port
#
# output that requires the port aspect striped should simply split the output based on ':'
{{- define "helm-toolkit.hostname_endpoint_uri_lookup" -}}
{{- $type := index . 0 -}}
{{- $endpoint := index . 1 -}}
{{- $port := index . 2 -}}
{{- $context := index . 3 -}}
{{- $endpointMap := index $context.Values.endpoints $type }}
{{- $fqdn := $context.Release.Namespace -}}
{{- if $context.Values.endpoints.fqdn -}}
{{- $fqdn := $context.Values.endpoints.fqdn -}}
{{- end -}}
{{- with $endpointMap -}}
{{- $endpointScheme := .scheme }}
{{- $endpointHost := index .hosts $endpoint | default .hosts.default}}
{{- $endpointPort := index .port $port | default .port.default }}
{{- printf "%s.%s:%1.f" $endpointHost $fqdn $endpointPort -}}
{{- end -}}
{{- end -}}
#-------------------------------
# endpoint name lookup
#-------------------------------

39
helm-toolkit/templates/_oslo.tpl Normal file
View File

@ -0,0 +1,39 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#-----------------------------------------------
# oslo settings we will dynamically manufacture
#-----------------------------------------------
{{- define "helm-toolkit.oslo_values_setup" -}}
{{ $obj := index . 0 }}
{{ $root := index . 1 }}
# generate database uri and set $conf.conf.oslo.db.connection
{{- if empty $obj.database.oslo.db.connection -}}
{{- tuple "oslo_db" "internal" "user" "mysql" $root | include "helm-toolkit.authenticated_endpoint_uri_lookup"| set $obj.database.oslo.db "connection" -}}
{{- end -}}
# generate amqp transport uri and set $conf.endpoints.messaging
{{- if empty $obj.default.oslo.messaging.transport_url -}}
{{- tuple "oslo_messaging" "internal" "user" "amqp" $root | include "helm-toolkit.authenticated_endpoint_uri_lookup" | set $obj.default.oslo.messaging "transport_url" -}}
{{- end -}}
# generate memcache host:port and set $conf.endpoints.memcache
{{- if empty $obj.cache.oslo.cache -}}
{{- tuple "oslo_cache" "internal" "memcache" $root | include "helm-toolkit.hostname_endpoint_uri_lookup" | set $obj.cache.oslo.cache "memcache_servers" -}}
{{- end -}}
{{- end -}}

6
helm-toolkit/templates/snippets/_k8s_init_dep_check.tpl
View File

@ -15,6 +15,7 @@
{{- define "helm-toolkit.kubernetes_entrypoint_init_container" -}}
{{- $envAll := index . 0 -}}
{{- $deps := index . 1 -}}
{{- $mounts := index . 2 -}}
{
"name": "init",
"image": {{ $envAll.Values.images.dep_check | quote }},
@ -48,7 +49,7 @@
},
{
"name": "DEPENDENCY_SERVICE",
"value": "{{ include "helm-toolkit.joinListWithComma" $deps.service }}"
"value": "{{ include "helm-toolkit.joinListWithComma" $deps.service }}"
},
{
"name": "DEPENDENCY_JOBS",
@ -66,6 +67,7 @@
"name": "COMMAND",
"value": "echo done"
}
]
],
"volumeMounts": {{ $mounts | default "[]"}}
}
{{- end -}}

2
horizon/templates/deployment.yaml
View File

@ -36,7 +36,7 @@ spec:
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.hash" }}
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.hash" }}
pod.beta.kubernetes.io/init-containers: '[
{{ tuple $envAll $dependencies | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
]'
spec:
nodeSelector:

24
keystone/templates/bin/_init.sh.tpl
View File

@ -18,19 +18,19 @@ set -ex
export HOME=/tmp
ansible localhost -vvv \
-m mysql_db -a "login_host='{{ include "helm-toolkit.mariadb_host" . }}' \
login_port='{{ .Values.database.port }}' \
login_user='{{ .Values.database.root_user }}' \
login_password='{{ .Values.database.root_password }}' \
name='{{ .Values.database.keystone_database_name }}'"
-m mysql_db -a "login_host='{{ .Values.endpoints.oslo_db.hosts.internal | default .Values.endpoints.oslo_db.hosts.default }}' \
login_port='{{ .Values.endpoints.oslo_db.port.mysql }}' \
login_user='{{ .Values.endpoints.oslo_db.auth.admin.username }}' \
login_password='{{ .Values.endpoints.oslo_db.auth.admin.password }}' \
name='{{ .Values.endpoints.oslo_db.path | trimAll "/" }}'"
ansible localhost -vvv \
-m mysql_user -a "login_host='{{ include "helm-toolkit.mariadb_host" . }}' \
login_port='{{ .Values.database.port }}' \
login_user='{{ .Values.database.root_user }}' \
login_password='{{ .Values.database.root_password }}' \
name='{{ .Values.database.keystone_user }}' \
password='{{ .Values.database.keystone_password }}' \
-m mysql_user -a "login_host='{{ .Values.endpoints.oslo_db.hosts.internal | default .Values.endpoints.oslo_db.hosts.default }}' \
login_port='{{ .Values.endpoints.oslo_db.port.mysql }}' \
login_user='{{ .Values.endpoints.oslo_db.auth.admin.username }}' \
login_password='{{ .Values.endpoints.oslo_db.auth.admin.password }}' \
name='{{ .Values.endpoints.oslo_db.auth.user.username }}' \
password='{{ .Values.endpoints.oslo_db.auth.user.password }}' \
host='%' \
priv='{{ .Values.database.keystone_database_name }}.*:ALL' \
priv='{{ .Values.endpoints.oslo_db.path | trimAll "/" }}.*:ALL' \
append_privs='yes'"

2
keystone/templates/configmap-bin.yaml
View File

@ -12,6 +12,8 @@
# See the License for the specific language governing permissions and
# limitations under the License.
{{ tuple .Values.conf.keystone . | include "helm-toolkit.oslo_values_setup" | trunc 0 }}
apiVersion: v1
kind: ConfigMap
metadata:

34
keystone/templates/configmap-etc.yaml
View File

@ -12,20 +12,46 @@
# See the License for the specific language governing permissions and
# limitations under the License.
{{ tuple .Values.conf.keystone . | include "helm-toolkit.oslo_values_setup" | trunc 0 }}
apiVersion: v1
kind: ConfigMap
metadata:
name: keystone-etc
data:
keystone.conf: |+
{{ if .Values.conf.keystone.override -}}
{{ .Values.conf.keystone.override }}
{{- else -}}
{{- if .Values.conf.keystone.prefix -}}
{{ .Values.conf.keystone.prefix }}
{{- end }}
{{ tuple "etc/_keystone.conf.tpl" . | include "helm-toolkit.template" | indent 4 }}
{{- end }}
{{- if .Values.conf.keystone.append -}}
{{ .Values.conf.keystone.append }}
{{- end }}
keystone-paste.ini: |+
{{ if .Values.conf.paste.override -}}
{{ .Values.conf.paste.override }}
{{- else -}}
{{- if .Values.conf.paste.prefix -}}
{{ .Values.conf.paste.prefix }}
{{- end }}
{{ tuple "etc/_keystone-paste.ini.tpl" . | include "helm-toolkit.template" | indent 4 }}
{{- end }}
{{- if .Values.conf.paste.append -}}
{{ .Values.conf.paste.append }}
{{- end }}
policy.json: |+
{{ if .Values.conf.policy.override -}}
{{ .Values.conf.policy.override }}
{{- else -}}
{{ tuple "etc/_policy.json.tpl" . | include "helm-toolkit.template" | indent 4 }}
{{- end }}
mpm_event.conf: |+
{{ tuple "etc/_mpm_event.conf.tpl" . | include "helm-toolkit.template" | indent 4 }}
wsgi-keystone.conf: |+
{{ tuple "etc/_wsgi-keystone.conf.tpl" . | include "helm-toolkit.template" | indent 4 }}
policy.json: |+
{{ tuple "etc/_policy.json.tpl" . | include "helm-toolkit.template" | indent 4 }}
keystone-paste.ini: |+
{{ tuple "etc/_keystone-paste.ini.tpl" . | include "helm-toolkit.template" | indent 4 }}
sso_callback_template.html: |+
{{ tuple "etc/_sso_callback_template.html.tpl" . | include "helm-toolkit.template" | indent 4 }}

63
keystone/templates/deployment.yaml
View File

@ -11,9 +11,11 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- $envAll := . }}
{{- $dependencies := .Values.dependencies.api }}
{{- $mounts_keystone_api := .Values.mounts.keystone_api.keystone_api }}
{{- $mounts_keystone_api_init := .Values.mounts.keystone_api.init_container }}
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
@ -36,7 +38,7 @@ spec:
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.hash" }}
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.hash" }}
pod.beta.kubernetes.io/init-containers: '[
{{ tuple $envAll $dependencies | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
{{ tuple $envAll $dependencies $mounts_keystone_api_init | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
]'
spec:
nodeSelector:
@ -72,58 +74,7 @@ spec:
readinessProbe:
tcpSocket:
port: {{ .Values.network.port.api }}
volumeMounts:
- name: pod-etc-keystone
mountPath: /etc/keystone
- name: keystoneconf
mountPath: /etc/keystone/keystone.conf
subPath: keystone.conf
readOnly: true
- name: keystonepaste
mountPath: /etc/keystone/keystone-paste.ini
subPath: keystone-paste.ini
readOnly: true
- name: keystonepolicy
mountPath: /etc/keystone/policy.json
subPath: policy.json
readOnly: true
- name: keystonessotemplate
mountPath: /etc/keystone/sso_callback_template.html
subPath: sso_callback_template.html
readOnly: true
- name: wsgikeystone
mountPath: /etc/apache2/conf-enabled/wsgi-keystone.conf
subPath: wsgi-keystone.conf
readOnly: true
- name: mpmeventconf
mountPath: /etc/apache2/mods-available/mpm_event.conf
subPath: mpm_event.conf
readOnly: true
- name: startsh
mountPath: /tmp/start.sh
subPath: start.sh
readOnly: true
volumeMounts:
{{ toYaml $mounts_keystone_api.volumeMounts | indent 12 }}
volumes:
- name: pod-etc-keystone
emptyDir: {}
- name: keystoneconf
configMap:
name: keystone-etc
- name: keystonepaste
configMap:
name: keystone-etc
- name: keystonepolicy
configMap:
name: keystone-etc
- name: keystonessotemplate
configMap:
name: keystone-etc
- name: wsgikeystone
configMap:
name: keystone-etc
- name: mpmeventconf
configMap:
name: keystone-etc
- name: startsh
configMap:
name: keystone-bin
{{ toYaml $mounts_keystone_api.volumes | indent 8 }}

15
keystone/templates/etc/_keystone-paste.ini.tpl
View File

@ -41,9 +41,6 @@ oslo_config_project = keystone
[filter:http_proxy_to_wsgi]
use = egg:oslo.middleware#http_proxy_to_wsgi
[filter:healthcheck]
use = egg:oslo.middleware#healthcheck
[filter:ec2_extension]
use = egg:keystone#ec2_extension
@ -74,17 +71,17 @@ use = egg:keystone#admin_service
[pipeline:public_api]
# The last item in this pipeline must be public_service or an equivalent
# application. It cannot be a filter.
pipeline = healthcheck cors sizelimit http_proxy_to_wsgi osprofiler url_normalize request_id build_auth_context token_auth json_body ec2_extension public_service
pipeline = cors sizelimit http_proxy_to_wsgi osprofiler url_normalize request_id admin_token_auth build_auth_context token_auth json_body ec2_extension public_service
[pipeline:admin_api]
# The last item in this pipeline must be admin_service or an equivalent
# application. It cannot be a filter.
pipeline = healthcheck cors sizelimit http_proxy_to_wsgi osprofiler url_normalize request_id build_auth_context token_auth json_body ec2_extension s3_extension admin_service
pipeline = cors sizelimit http_proxy_to_wsgi osprofiler url_normalize request_id admin_token_auth build_auth_context token_auth json_body ec2_extension s3_extension admin_service
[pipeline:api_v3]
# The last item in this pipeline must be service_v3 or an equivalent
# application. It cannot be a filter.
pipeline = healthcheck cors sizelimit http_proxy_to_wsgi osprofiler url_normalize request_id build_auth_context token_auth json_body ec2_extension_v3 s3_extension service_v3
pipeline = cors sizelimit http_proxy_to_wsgi osprofiler url_normalize request_id admin_token_auth build_auth_context token_auth json_body ec2_extension_v3 s3_extension service_v3
[app:public_version_service]
use = egg:keystone#public_version_service
@ -93,10 +90,10 @@ use = egg:keystone#public_version_service
use = egg:keystone#admin_version_service
[pipeline:public_version_api]
pipeline = healthcheck cors sizelimit osprofiler url_normalize public_version_service
pipeline = cors sizelimit osprofiler url_normalize public_version_service
[pipeline:admin_version_api]
pipeline = healthcheck cors sizelimit osprofiler url_normalize admin_version_service
pipeline = cors sizelimit osprofiler url_normalize admin_version_service
[composite:main]
use = egg:Paste#urlmap
@ -108,4 +105,4 @@ use = egg:Paste#urlmap
use = egg:Paste#urlmap
/v2.0 = admin_api
/v3 = api_v3
/ = admin_version_api
/ = admin_version_api

3669
keystone/templates/etc/_keystone.conf.tpl
View File

File diff suppressed because it is too large Load Diff

4
keystone/templates/etc/_policy.json.tpl
View File

@ -176,7 +176,7 @@
"identity:list_projects_for_user": "",
"identity:list_domains_for_user": "",
"identity:list_revoke_events": "rule:service_or_admin",
"identity:list_revoke_events": "",
"identity:create_policy_association_for_endpoint": "rule:admin_required",
"identity:check_policy_association_for_endpoint": "rule:admin_required",
@ -192,8 +192,8 @@
"identity:create_domain_config": "rule:admin_required",
"identity:get_domain_config": "rule:admin_required",
"identity:get_security_compliance_domain_config": "",
"identity:update_domain_config": "rule:admin_required",
"identity:delete_domain_config": "rule:admin_required",
"identity:get_domain_config_default": "rule:admin_required"
}

16
keystone/templates/job-db-init.yaml
View File

@ -14,6 +14,9 @@
{{- $envAll := . }}
{{- $dependencies := .Values.dependencies.init }}
{{- $mounts_keystone_db_init := .Values.mounts.keystone_db_init.keystone_db_init }}
{{- $mounts_keystone_db_init_init := .Values.mounts.keystone_db_init.init_container }}
apiVersion: batch/v1
kind: Job
metadata:
@ -23,7 +26,7 @@ spec:
metadata:
annotations:
pod.beta.kubernetes.io/init-containers: '[
{{ tuple $envAll $dependencies | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
{{ tuple $envAll $dependencies $mounts_keystone_db_init_init | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
]'
spec:
restartPolicy: OnFailure
@ -45,11 +48,8 @@ spec:
command:
- bash
- /tmp/init.sh
volumeMounts:
- name: keystone-bin
mountPath: /tmp/init.sh
subPath: init.sh
volumeMounts:
{{ toYaml $mounts_keystone_db_init.volumeMounts | indent 12 }}
volumes:
- name: keystone-bin
configMap:
name: keystone-bin
{{ toYaml $mounts_keystone_db_init.volumes | indent 8 }}

26
keystone/templates/job-db-sync.yaml
View File

@ -14,6 +14,8 @@
{{- $envAll := . }}
{{- $dependencies := .Values.dependencies.db_sync }}
{{- $mounts_keystone_db_sync := .Values.mounts.keystone_db_sync.keystone_db_sync }}
{{- $mounts_keystone_db_sync_init := .Values.mounts.keystone_db_sync.init_container }}
apiVersion: batch/v1
kind: Job
metadata:
@ -23,7 +25,7 @@ spec:
metadata:
annotations:
pod.beta.kubernetes.io/init-containers: '[
{{ tuple $envAll $dependencies | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
{{ tuple $envAll $dependencies $mounts_keystone_db_sync_init | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
]'
spec:
restartPolicy: OnFailure
@ -45,23 +47,7 @@ spec:
command:
- bash
- /tmp/db-sync.sh
volumeMounts:
- name: pod-etc-keystone
mountPath: /etc/keystone
- name: keystoneconf
mountPath: /etc/keystone/keystone.conf
subPath: keystone.conf
readOnly: true
- name: keystone-bin
mountPath: /tmp/db-sync.sh
subPath: db-sync.sh
readOnly: true
volumeMounts:
{{ toYaml $mounts_keystone_db_sync.volumeMounts | indent 12 }}
volumes:
- name: pod-etc-keystone
emptyDir: {}
- name: keystoneconf
configMap:
name: keystone-etc
- name: keystone-bin
configMap:
name: keystone-bin
{{ toYaml $mounts_keystone_db_sync.volumes | indent 8 }}

148
keystone/values.yaml
View File

@ -45,29 +45,11 @@ keystone:
admin_password: password
admin_project_name: admin
api:
default:
debug: false
token:
provider: uuid
network:
port:
admin: 35357
api: 5000
memcached:
host: memcached
port: 11211
database:
port: 3306
root_user: root
root_password: password
keystone_database_name: keystone
keystone_password: password
keystone_user: keystone
dependencies:
api:
jobs:
@ -112,6 +94,103 @@ resources:
memory: "128Mi"
cpu: "500m"
mounts:
keystone_db_init:
init_container: null
keystone_db_init:
volumes:
- name: keystone-bin
configMap:
name: keystone-bin
volumeMounts:
- name: keystone-bin
mountPath: /tmp/init.sh
subPath: init.sh
keystone_db_sync:
init_container: null
keystone_db_sync:
volumes:
- name: empty
emptyDir: {}
- name: keystone-etc
configMap:
name: keystone-etc
- name: keystone-bin
configMap:
name: keystone-bin
volumeMounts:
- name: empty
mountPath: /etc/keystone
- name: keystone-etc
mountPath: /etc/keystone/keystone.conf
subPath: keystone.conf
readOnly: true
- name: keystone-bin
mountPath: /tmp/db-sync.sh
subPath: db-sync.sh
readOnly: true
keystone_api:
init_container: null
keystone_api:
volumes:
- name: empty
emptyDir: {}
- name: keystone-etc
configMap:
name: keystone-etc
- name: keystone-bin
configMap:
name: keystone-bin
volumeMounts:
- name: empty
mountPath: /etc/keystone
- name: keystone-etc
mountPath: /etc/keystone/keystone.conf
subPath: keystone.conf
readOnly: true
- name: keystone-etc
mountPath: /etc/keystone/keystone-paste.ini
subPath: keystone-paste.ini
readOnly: true
- name: keystone-etc
mountPath: /etc/keystone/policy.json
subPath: policy.json
readOnly: true
- name: keystone-etc
mountPath: /etc/keystone/sso_callback_template.html
subPath: sso_callback_template.html
readOnly: true
- name: keystone-etc
mountPath: /etc/apache2/conf-enabled/wsgi-keystone.conf
subPath: wsgi-keystone.conf
readOnly: true
- name: keystone-etc
mountPath: /etc/apache2/mods-available/mpm_event.conf
subPath: mpm_event.conf
readOnly: true
- name: keystone-bin
mountPath: /tmp/start.sh
subPath: start.sh
readOnly: true
conf:
paste:
override:
append:
policy:
override:
append:
keystone:
override:
append:
token:
keystone:
provider: uuid
database:
oslo:
db:
max_retries: -1
# typically overriden by environmental
# values, but should include all endpoints
# required by this chart
@ -125,3 +204,36 @@ endpoints:
port:
admin: 35357
api: 5000
oslo_db:
auth:
admin:
username: root
password: password
user:
username: keystone
password: password
hosts:
default: mariadb
path: /keystone
scheme: mysql+pymysql
port:
mysql: 3306
oslo_messaging:
auth:
admin:
username: admin
password: password
user:
username: keystone
password: password
hosts:
default: rabbitmq
path: /openstack
scheme: rabbit
port:
amqp: 5672
oslo_cache:
hosts:
default: memcache
port:
memcache: 11211

2
maas/templates/job-import.yaml
View File

@ -9,7 +9,7 @@ spec:
metadata:
annotations:
pod.beta.kubernetes.io/init-containers: '[
{{ tuple $envAll $dependencies | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
]'
spec:
restartPolicy: OnFailure

2
neutron/templates/daemonset-dhcp-agent.yaml
View File

@ -27,7 +27,7 @@ spec:
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.hash" }}
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.hash" }}
pod.beta.kubernetes.io/init-containers: '[
{{ tuple $envAll $dependencies | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
]'
spec:
nodeSelector:

2
neutron/templates/daemonset-l3-agent.yaml
View File

@ -27,7 +27,7 @@ spec:
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.hash" }}
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.hash" }}
pod.beta.kubernetes.io/init-containers: '[
{{ tuple $envAll $dependencies | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
]'
spec:
nodeSelector:

2
neutron/templates/daemonset-metadata-agent.yaml
View File

@ -27,7 +27,7 @@ spec:
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.hash" }}
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.hash" }}
pod.beta.kubernetes.io/init-containers: '[
{{ tuple $envAll $dependencies | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
]'
spec:
nodeSelector:

2
neutron/templates/daemonset-ovs-agent.yaml
View File

@ -27,7 +27,7 @@ spec:
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.hash" }}
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.hash" }}
pod.beta.kubernetes.io/init-containers: '[
{{ tuple $envAll $dependencies | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
]'
spec:
nodeSelector:

2
neutron/templates/deployment-server.yaml
View File

@ -36,7 +36,7 @@ spec:
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.hash" }}
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.hash" }}
pod.beta.kubernetes.io/init-containers: '[
{{ tuple $envAll $dependencies | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
]'
spec:
nodeSelector:

2
neutron/templates/job-db-init.yaml
View File

@ -23,7 +23,7 @@ spec:
metadata:
annotations:
pod.beta.kubernetes.io/init-containers: '[
{{ tuple $envAll $dependencies | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
]'
spec:
restartPolicy: OnFailure

2
neutron/templates/job-db-sync.yaml
View File

@ -23,7 +23,7 @@ spec:
metadata:
annotations:
pod.beta.kubernetes.io/init-containers: '[
{{ tuple $envAll $dependencies | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
]'
spec:
restartPolicy: OnFailure

2
neutron/templates/job-ks-endpoints.yaml
View File

@ -24,7 +24,7 @@ spec:
metadata:
annotations:
pod.beta.kubernetes.io/init-containers: '[
{{ tuple $envAll $dependencies | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
]'
spec:
restartPolicy: OnFailure

2
neutron/templates/job-ks-service.yaml
View File

@ -24,7 +24,7 @@ spec:
metadata:
annotations:
pod.beta.kubernetes.io/init-containers: '[
{{ tuple $envAll $dependencies | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
]'
spec:
restartPolicy: OnFailure

2
neutron/templates/job-ks-user.yaml
View File

@ -25,7 +25,7 @@ spec:
metadata:
annotations:
pod.beta.kubernetes.io/init-containers: '[
{{ tuple $envAll $dependencies | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
]'
spec:
restartPolicy: OnFailure

2
nova/templates/daemonset-compute.yaml
View File

@ -27,7 +27,7 @@ spec:
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.hash" }}
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.hash" }}
pod.beta.kubernetes.io/init-containers: '[
{{ tuple $envAll $dependencies | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
]'
spec:
nodeSelector:

2
nova/templates/daemonset-libvirt.yaml
View File

@ -27,7 +27,7 @@ spec:
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.hash" }}
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.hash" }}
pod.beta.kubernetes.io/init-containers: '[
{{ tuple $envAll $dependencies | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
]'
spec:
nodeSelector:

2
nova/templates/deployment-api-metadata.yaml
View File

@ -36,7 +36,7 @@ spec:
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.hash" }}
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.hash" }}
pod.beta.kubernetes.io/init-containers: '[
{{ tuple $envAll $dependencies | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
]'
spec:
nodeSelector:

2
nova/templates/deployment-api-osapi.yaml
View File

@ -36,7 +36,7 @@ spec:
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.hash" }}
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.hash" }}
pod.beta.kubernetes.io/init-containers: '[
{{ tuple $envAll $dependencies | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
]'
spec:
nodeSelector:

2
nova/templates/deployment-conductor.yaml
View File

@ -36,7 +36,7 @@ spec:
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.hash" }}
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.hash" }}
pod.beta.kubernetes.io/init-containers: '[
{{ tuple $envAll $dependencies | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
]'
spec:
nodeSelector:

2
nova/templates/deployment-consoleauth.yaml
View File

@ -36,7 +36,7 @@ spec:
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.hash" }}
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.hash" }}
pod.beta.kubernetes.io/init-containers: '[
{{ tuple $envAll $dependencies | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
]'
spec:
nodeSelector:

2
nova/templates/deployment-scheduler.yaml
View File

@ -36,7 +36,7 @@ spec:
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.hash" }}
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.hash" }}
pod.beta.kubernetes.io/init-containers: '[
{{ tuple $envAll $dependencies | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
]'
spec:
nodeSelector:

2
nova/templates/job-db-init.yaml
View File

@ -23,7 +23,7 @@ spec:
metadata:
annotations:
pod.beta.kubernetes.io/init-containers: '[
{{ tuple $envAll $dependencies | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
]'
spec:
restartPolicy: OnFailure

2
nova/templates/job-db-sync.yaml
View File

@ -23,7 +23,7 @@ spec:
metadata:
annotations:
pod.beta.kubernetes.io/init-containers: '[
{{ tuple $envAll $dependencies | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
]'
spec:
restartPolicy: OnFailure

2
nova/templates/job-ks-endpoints.yaml
View File

@ -24,7 +24,7 @@ spec:
metadata:
annotations:
pod.beta.kubernetes.io/init-containers: '[
{{ tuple $envAll $dependencies | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
]'
spec:
restartPolicy: OnFailure

2
nova/templates/job-ks-service.yaml
View File

@ -24,7 +24,7 @@ spec:
metadata:
annotations:
pod.beta.kubernetes.io/init-containers: '[
{{ tuple $envAll $dependencies | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
]'
spec:
restartPolicy: OnFailure

2
nova/templates/job-ks-user.yaml
View File

@ -25,7 +25,7 @@ spec:
metadata:
annotations:
pod.beta.kubernetes.io/init-containers: '[
{{ tuple $envAll $dependencies | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
]'
spec:
restartPolicy: OnFailure

2
rabbitmq/templates/deployment.yaml
View File

@ -36,7 +36,7 @@ spec:
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.hash" }}
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.hash" }}
pod.beta.kubernetes.io/init-containers: '[
{{ tuple $envAll $dependencies | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
]'
# TODO: this needs to be moved to common.
scheduler.alpha.kubernetes.io/affinity: >