diff --git a/nova/templates/bin/_ceph-secret-define.sh.tpl b/nova/templates/bin/_ceph-secret-define.sh.tpl new file mode 100644 index 0000000000..77d9e2d34c --- /dev/null +++ b/nova/templates/bin/_ceph-secret-define.sh.tpl @@ -0,0 +1,41 @@ +#!/bin/bash + +# Copyright 2017 The Openstack-Helm Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -ex +# Wait for the libvirtd is up +TIMEOUT=60 +while [[ ! -f /var/run/libvirtd.pid ]]; do + if [[ ${TIMEOUT} -gt 0 ]]; then + let TIMEOUT-=1 + sleep 1 + else + exit 1 + fi +done + +cat > /tmp/secret.xml < + {{ .Values.ceph.secret_uuid }} + + client.{{ .Values.ceph.cinder_user }} secret + + +EOF + +virsh secret-define --file /tmp/secret.xml +virsh secret-set-value --secret {{ .Values.ceph.secret_uuid }} --base64 {{ .Values.ceph.cinder_keyring }} + +rm /tmp/secret.xml diff --git a/nova/templates/bin/_libvirt.sh.tpl b/nova/templates/bin/_libvirt.sh.tpl index aec2646983..00c54919ff 100644 --- a/nova/templates/bin/_libvirt.sh.tpl +++ b/nova/templates/bin/_libvirt.sh.tpl @@ -28,23 +28,4 @@ if [[ -c /dev/kvm ]]; then chown root:kvm /dev/kvm fi - -sleep 30 - -{{- if .Values.ceph.enabled }} -cat > /tmp/secret.xml < - {{ .Values.ceph.secret_uuid }} - - client.{{ .Values.ceph.cinder_user }} secret - - -EOF - -virsh secret-define --file /tmp/secret.xml -virsh secret-set-value --secret {{ .Values.ceph.secret_uuid }} --base64 {{ .Values.ceph.cinder_keyring }} -rm /tmp/secret.xml -{{- end }} - - exec libvirtd -v --listen diff --git a/nova/templates/configmap-bin.yaml b/nova/templates/configmap-bin.yaml index e4fe90a05c..ff6469fb57 100644 --- a/nova/templates/configmap-bin.yaml +++ b/nova/templates/configmap-bin.yaml @@ -29,6 +29,10 @@ data: {{- include "helm-toolkit.scripts.keystone_user" . | indent 4 }} libvirt.sh: | {{ tuple "bin/_libvirt.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} +{{- if .Values.ceph.enabled }} + ceph-secret-define.sh: | +{{ tuple "bin/_ceph-secret-define.sh.tpl" . | include "helm-toolkit.template" | indent 4 }} +{{- end }} bootstrap.sh: | {{ tuple "bin/_bootstrap.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} nova-api.sh: | diff --git a/nova/templates/daemonset-libvirt.yaml b/nova/templates/daemonset-libvirt.yaml index 5b66b06cd9..da4ce749bf 100644 --- a/nova/templates/daemonset-libvirt.yaml +++ b/nova/templates/daemonset-libvirt.yaml @@ -43,6 +43,14 @@ spec: - name: nova-libvirt image: {{ .Values.images.libvirt }} imagePullPolicy: {{ .Values.images.pull_policy }} + {{- if .Values.ceph.enabled }} + lifecycle: + postStart: + exec: + command: + - bash + - /tmp/ceph-secret-define.sh + {{- end }} {{- if .Values.resources.enabled }} resources: requests: @@ -104,6 +112,10 @@ spec: mountPath: /etc/ceph/ceph.client.keyring subPath: ceph.client.keyring readOnly: true + - name: nova-bin + mountPath: /tmp/ceph-secret-define.sh + subPath: ceph-secret-define.sh + readOnly: true {{- end }} {{ if $mounts_nova_libvirt.volumeMounts }}{{ toYaml $mounts_nova_libvirt.volumeMounts | indent 12 }}{{ end }} volumes: