From 4479a0d93fabd34d84bb6412635b34137f97885c Mon Sep 17 00:00:00 2001 From: portdirect Date: Mon, 9 Jan 2017 02:09:40 +0000 Subject: [PATCH] Cinder Refactor WIP This work is dependant on the Common Chart elements introduced with the Heat PR, and should not be merged prior to https://github.com/att-comdev/openstack-helm/pull/77 --- cinder/templates/_helpers.tpl | 73 --------- cinder/templates/bin/_db-init.sh.tpl | 21 +++ .../config/cinder-api-paste.ini.yaml | 7 - cinder/templates/config/cinder-api.conf.yaml | 7 - .../config/cinder-backend-rbd1.conf.yaml | 7 - .../config/cinder-backends.conf.yaml | 7 - .../config/cinder-concurrency.conf.yaml | 7 - cinder/templates/config/cinder-db.conf.yaml | 8 - .../templates/config/cinder-glance.conf.yaml | 7 - cinder/templates/config/cinder-log.conf.yaml | 7 - .../config/cinder-messaging.conf.yaml | 8 - .../config/contents/_cinder-api.conf.tpl | 12 -- .../contents/_cinder-backend-rbd1.conf.tpl | 11 -- .../config/contents/_cinder-backends.conf.tpl | 2 - .../contents/_cinder-concurrency.conf.tpl | 2 - .../config/contents/_cinder-db.conf.tpl | 3 - .../config/contents/_cinder-glance.conf.tpl | 3 - .../config/contents/_cinder-keystone.conf.tpl | 13 -- .../config/contents/_cinder-log.conf.tpl | 4 - .../contents/_cinder-messaging.conf.tpl | 5 - cinder/templates/configmap-bin.yaml | 13 ++ cinder/templates/configmap-etc.yaml | 9 ++ cinder/templates/deployment-api.yaml | 76 ++++++++++ cinder/templates/deployments/api/api.sh.yaml | 7 - cinder/templates/deployments/api/api.yaml | 138 ------------------ .../templates/deployments/api/bin/_api.sh.tpl | 19 --- .../_cinder-api-paste.ini.tpl | 0 cinder/templates/etc/_cinder.conf.tpl | 57 ++++++++ .../db/init/db-init.yaml => job-db-init.yaml} | 12 +- .../db/sync/db-sync.yaml => job-db-sync.yaml} | 32 ++-- cinder/templates/job-ks-endpoints.yaml.yaml | 65 +++++++++ cinder/templates/job-ks-service.yaml | 59 ++++++++ .../user/ks-user.yaml => job-ks-user.yaml} | 44 ++---- .../jobs/db/init/bin/_db-init.sh.tpl | 6 - cinder/templates/jobs/db/init/db-init.sh.yaml | 7 - .../jobs/db/sync/bin/_db-sync.sh.tpl | 19 --- cinder/templates/jobs/db/sync/db-sync.sh.yaml | 7 - .../endpoints/bin/_ks-endpoints.sh.tpl | 63 -------- .../keystone/endpoints/ks-endpoints.sh.yaml | 7 - .../jobs/keystone/endpoints/ks-endpoints.yaml | 130 ----------------- .../keystone/service/bin/_ks-service.sh.tpl | 35 ----- .../jobs/keystone/service/ks-service.sh.yaml | 7 - .../jobs/keystone/service/ks-service.yaml | 54 ------- .../jobs/keystone/user/bin/_ks-user.sh.tpl | 56 ------- .../jobs/keystone/user/ks-user.sh.yaml | 7 - ...nv.yaml => secret-keystone-admin.env.yaml} | 0 ...onf.yaml => secret-keystone-user.env.yaml} | 4 +- cinder/values.yaml | 37 +++++ 48 files changed, 366 insertions(+), 818 deletions(-) delete mode 100644 cinder/templates/_helpers.tpl create mode 100644 cinder/templates/bin/_db-init.sh.tpl delete mode 100644 cinder/templates/config/cinder-api-paste.ini.yaml delete mode 100644 cinder/templates/config/cinder-api.conf.yaml delete mode 100644 cinder/templates/config/cinder-backend-rbd1.conf.yaml delete mode 100644 cinder/templates/config/cinder-backends.conf.yaml delete mode 100644 cinder/templates/config/cinder-concurrency.conf.yaml delete mode 100644 cinder/templates/config/cinder-db.conf.yaml delete mode 100644 cinder/templates/config/cinder-glance.conf.yaml delete mode 100644 cinder/templates/config/cinder-log.conf.yaml delete mode 100644 cinder/templates/config/cinder-messaging.conf.yaml delete mode 100644 cinder/templates/config/contents/_cinder-api.conf.tpl delete mode 100644 cinder/templates/config/contents/_cinder-backend-rbd1.conf.tpl delete mode 100644 cinder/templates/config/contents/_cinder-backends.conf.tpl delete mode 100644 cinder/templates/config/contents/_cinder-concurrency.conf.tpl delete mode 100644 cinder/templates/config/contents/_cinder-db.conf.tpl delete mode 100644 cinder/templates/config/contents/_cinder-glance.conf.tpl delete mode 100644 cinder/templates/config/contents/_cinder-keystone.conf.tpl delete mode 100644 cinder/templates/config/contents/_cinder-log.conf.tpl delete mode 100644 cinder/templates/config/contents/_cinder-messaging.conf.tpl create mode 100644 cinder/templates/configmap-bin.yaml create mode 100644 cinder/templates/configmap-etc.yaml create mode 100644 cinder/templates/deployment-api.yaml delete mode 100644 cinder/templates/deployments/api/api.sh.yaml delete mode 100644 cinder/templates/deployments/api/api.yaml delete mode 100644 cinder/templates/deployments/api/bin/_api.sh.tpl rename cinder/templates/{config/contents => etc}/_cinder-api-paste.ini.tpl (100%) create mode 100644 cinder/templates/etc/_cinder.conf.tpl rename cinder/templates/{jobs/db/init/db-init.yaml => job-db-init.yaml} (88%) rename cinder/templates/{jobs/db/sync/db-sync.yaml => job-db-sync.yaml} (66%) create mode 100644 cinder/templates/job-ks-endpoints.yaml.yaml create mode 100644 cinder/templates/job-ks-service.yaml rename cinder/templates/{jobs/keystone/user/ks-user.yaml => job-ks-user.yaml} (51%) delete mode 100644 cinder/templates/jobs/db/init/bin/_db-init.sh.tpl delete mode 100644 cinder/templates/jobs/db/init/db-init.sh.yaml delete mode 100644 cinder/templates/jobs/db/sync/bin/_db-sync.sh.tpl delete mode 100644 cinder/templates/jobs/db/sync/db-sync.sh.yaml delete mode 100644 cinder/templates/jobs/keystone/endpoints/bin/_ks-endpoints.sh.tpl delete mode 100644 cinder/templates/jobs/keystone/endpoints/ks-endpoints.sh.yaml delete mode 100644 cinder/templates/jobs/keystone/endpoints/ks-endpoints.yaml delete mode 100644 cinder/templates/jobs/keystone/service/bin/_ks-service.sh.tpl delete mode 100644 cinder/templates/jobs/keystone/service/ks-service.sh.yaml delete mode 100644 cinder/templates/jobs/keystone/service/ks-service.yaml delete mode 100644 cinder/templates/jobs/keystone/user/bin/_ks-user.sh.tpl delete mode 100644 cinder/templates/jobs/keystone/user/ks-user.sh.yaml rename cinder/templates/{config/cinder-keystone-admin.env.yaml => secret-keystone-admin.env.yaml} (100%) rename cinder/templates/{config/cinder-keystone.conf.yaml => secret-keystone-user.env.yaml} (80%) diff --git a/cinder/templates/_helpers.tpl b/cinder/templates/_helpers.tpl deleted file mode 100644 index 80039684b4..0000000000 --- a/cinder/templates/_helpers.tpl +++ /dev/null @@ -1,73 +0,0 @@ -{{- define "joinListWithColon" -}} -{{ range $k, $v := . }}{{ if $k }},{{ end }}{{ $v }}{{ end }} -{{- end -}} - -{{- define "env_admin_openrc" }} -- name: OS_IDENTITY_API_VERSION - value: "3" -- name: OS_AUTH_URL - valueFrom: - secretKeyRef: - name: cinder-env-keystone-admin - key: OS_AUTH_URL -- name: OS_REGION_NAME - valueFrom: - secretKeyRef: - name: cinder-env-keystone-admin - key: OS_REGION_NAME -- name: OS_PROJECT_DOMAIN_NAME - valueFrom: - secretKeyRef: - name: cinder-env-keystone-admin - key: OS_PROJECT_DOMAIN_NAME -- name: OS_PROJECT_NAME - valueFrom: - secretKeyRef: - name: cinder-env-keystone-admin - key: OS_PROJECT_NAME -- name: OS_USER_DOMAIN_NAME - valueFrom: - secretKeyRef: - name: cinder-env-keystone-admin - key: OS_USER_DOMAIN_NAME -- name: OS_USERNAME - valueFrom: - secretKeyRef: - name: cinder-env-keystone-admin - key: OS_USERNAME -- name: OS_PASSWORD - valueFrom: - secretKeyRef: - name: cinder-env-keystone-admin - key: OS_PASSWORD -{{- end }} - -{{- define "container_ks_service" }} -image: {{ .Values.images.ks_service }} -imagePullPolicy: {{ .Values.images.pull_policy }} -command: - - bash - - /tmp/ks-service.sh -volumeMounts: - - name: ks-service-sh - mountPath: /tmp/ks-service.sh - subPath: ks-service.sh - readOnly: true -env: -{{ include "env_admin_openrc" . | indent 2 }} -{{- end }} - -{{- define "container_ks_endpoint" }} -image: {{ .Values.images.ks_endpoints }} -imagePullPolicy: {{ .Values.images.pull_policy }} -command: - - bash - - /tmp/ks-endpoints.sh -volumeMounts: - - name: ks-endpoints-sh - mountPath: /tmp/ks-endpoints.sh - subPath: ks-endpoints.sh - readOnly: true -env: -{{ include "env_admin_openrc" . | indent 2 }} -{{- end }} diff --git a/cinder/templates/bin/_db-init.sh.tpl b/cinder/templates/bin/_db-init.sh.tpl new file mode 100644 index 0000000000..93bd518bb1 --- /dev/null +++ b/cinder/templates/bin/_db-init.sh.tpl @@ -0,0 +1,21 @@ +#!/bin/bash +set -ex +export HOME=/tmp + +ansible localhost -vvv \ + -m mysql_db -a "login_host='{{ .Values.database.address }}' \ + login_port='{{ .Values.database.port }}' \ + login_user='{{ .Values.database.root_user }}' \ + login_password='{{ .Values.database.root_password }}' \ + name='{{ .Values.database.cinder_database_name }}'" + +ansible localhost -vvv \ + -m mysql_user -a "login_host='{{ .Values.database.address }}' \ + login_port='{{ .Values.database.port }}' \ + login_user='{{ .Values.database.root_user }}' \ + login_password='{{ .Values.database.root_password }}' \ + name='{{ .Values.database.cinder_user }}' \ + password='{{ .Values.database.cinder_password }}' \ + host='%' \ + priv='{{ .Values.database.cinder_database_name }}.*:ALL' \ + append_privs='yes'" diff --git a/cinder/templates/config/cinder-api-paste.ini.yaml b/cinder/templates/config/cinder-api-paste.ini.yaml deleted file mode 100644 index a0d87145f7..0000000000 --- a/cinder/templates/config/cinder-api-paste.ini.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: cinder-ini-api-paste -data: - api-paste.ini: |+ -{{ tuple "contents/_cinder-api-paste.ini.tpl" . | include "template" | indent 4 }} diff --git a/cinder/templates/config/cinder-api.conf.yaml b/cinder/templates/config/cinder-api.conf.yaml deleted file mode 100644 index ae0df4269b..0000000000 --- a/cinder/templates/config/cinder-api.conf.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: cinder-conf-api -data: - cinder-api.conf: |+ -{{ tuple "contents/_cinder-api.conf.tpl" . | include "template" | indent 4 }} diff --git a/cinder/templates/config/cinder-backend-rbd1.conf.yaml b/cinder/templates/config/cinder-backend-rbd1.conf.yaml deleted file mode 100644 index 1beb401635..0000000000 --- a/cinder/templates/config/cinder-backend-rbd1.conf.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: cinder-conf-backend-rbd1 -data: - cinder-backend-rbd1.conf: |+ -{{ tuple "contents/_cinder-backend-rbd1.conf.tpl" . | include "template" | indent 4 }} diff --git a/cinder/templates/config/cinder-backends.conf.yaml b/cinder/templates/config/cinder-backends.conf.yaml deleted file mode 100644 index b5f839c5e6..0000000000 --- a/cinder/templates/config/cinder-backends.conf.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: cinder-conf-backends -data: - cinder-backends.conf: |+ -{{ tuple "contents/_cinder-backends.conf.tpl" . | include "template" | indent 4 }} diff --git a/cinder/templates/config/cinder-concurrency.conf.yaml b/cinder/templates/config/cinder-concurrency.conf.yaml deleted file mode 100644 index 3385d54bc0..0000000000 --- a/cinder/templates/config/cinder-concurrency.conf.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: cinder-conf-concurrency -data: - cinder-concurrency.conf: |+ -{{ tuple "contents/_cinder-concurrency.conf.tpl" . | include "template" | indent 4 }} diff --git a/cinder/templates/config/cinder-db.conf.yaml b/cinder/templates/config/cinder-db.conf.yaml deleted file mode 100644 index 80a10531fe..0000000000 --- a/cinder/templates/config/cinder-db.conf.yaml +++ /dev/null @@ -1,8 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: cinder-conf-db -type: Opaque -data: - cinder-db.conf: | -{{ tuple "contents/_cinder-db.conf.tpl" . | include "template" | b64enc | indent 4 }} diff --git a/cinder/templates/config/cinder-glance.conf.yaml b/cinder/templates/config/cinder-glance.conf.yaml deleted file mode 100644 index a1c7e91a96..0000000000 --- a/cinder/templates/config/cinder-glance.conf.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: cinder-conf-glance -data: - cinder-glance.conf: |+ -{{ tuple "contents/_cinder-glance.conf.tpl" . | include "template" | indent 4 }} diff --git a/cinder/templates/config/cinder-log.conf.yaml b/cinder/templates/config/cinder-log.conf.yaml deleted file mode 100644 index 683a58930c..0000000000 --- a/cinder/templates/config/cinder-log.conf.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: cinder-conf-log -data: - cinder-log.conf: |+ -{{ tuple "contents/_cinder-log.conf.tpl" . | include "template" | indent 4 }} diff --git a/cinder/templates/config/cinder-messaging.conf.yaml b/cinder/templates/config/cinder-messaging.conf.yaml deleted file mode 100644 index 0645feed73..0000000000 --- a/cinder/templates/config/cinder-messaging.conf.yaml +++ /dev/null @@ -1,8 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: cinder-conf-messaging -type: Opaque -data: - cinder-messaging.conf: | -{{ tuple "contents/_cinder-messaging.conf.tpl" . | include "template" | b64enc | indent 4 }} diff --git a/cinder/templates/config/contents/_cinder-api.conf.tpl b/cinder/templates/config/contents/_cinder-api.conf.tpl deleted file mode 100644 index b4ac662150..0000000000 --- a/cinder/templates/config/contents/_cinder-api.conf.tpl +++ /dev/null @@ -1,12 +0,0 @@ -[DEFAULT] -enable_v1_api = false -volume_name_template = %s - -osapi_volume_workers = {{ .Values.api.workers }} -osapi_volume_listen = 0.0.0.0 -osapi_volume_listen_port = {{ .Values.service.api.port }} - -api_paste_config = /etc/cinder/api-paste.ini - -[oslo_concurrency] -lock_path = /var/lib/cinder/tmp diff --git a/cinder/templates/config/contents/_cinder-backend-rbd1.conf.tpl b/cinder/templates/config/contents/_cinder-backend-rbd1.conf.tpl deleted file mode 100644 index abd6eeda39..0000000000 --- a/cinder/templates/config/contents/_cinder-backend-rbd1.conf.tpl +++ /dev/null @@ -1,11 +0,0 @@ -[rbd1] -volume_driver = cinder.volume.drivers.rbd.RBDDriver -rbd_pool = {{ .Values.backends.rbd1.pool }} -rbd_ceph_conf = /etc/ceph/ceph.conf -rbd_flatten_volume_from_snapshot = false -rbd_max_clone_depth = 5 -rbd_store_chunk_size = 4 -rados_connect_timeout = -1 -rbd_user = {{ .Values.backends.rbd1.user }} -rbd_secret_uuid = {{ .Values.backends.rbd1.secret }} -report_discard_supported = True diff --git a/cinder/templates/config/contents/_cinder-backends.conf.tpl b/cinder/templates/config/contents/_cinder-backends.conf.tpl deleted file mode 100644 index 62a1dbcc41..0000000000 --- a/cinder/templates/config/contents/_cinder-backends.conf.tpl +++ /dev/null @@ -1,2 +0,0 @@ -[DEFAULT] -enabled_backends = {{ include "joinListWithColon" .Values.backends.enabled }} diff --git a/cinder/templates/config/contents/_cinder-concurrency.conf.tpl b/cinder/templates/config/contents/_cinder-concurrency.conf.tpl deleted file mode 100644 index 06be34ce23..0000000000 --- a/cinder/templates/config/contents/_cinder-concurrency.conf.tpl +++ /dev/null @@ -1,2 +0,0 @@ -[oslo_concurrency] -lock_path = /var/lib/cinder/tmp diff --git a/cinder/templates/config/contents/_cinder-db.conf.tpl b/cinder/templates/config/contents/_cinder-db.conf.tpl deleted file mode 100644 index 1b67679065..0000000000 --- a/cinder/templates/config/contents/_cinder-db.conf.tpl +++ /dev/null @@ -1,3 +0,0 @@ -[database] -connection = mysql+pymysql://{{ .Values.database.cinder_user }}:{{ .Values.database.cinder_password }}@{{ .Values.database.address }}:{{ .Values.database.port }}/{{ .Values.database.cinder_database_name }} -max_retries = -1 diff --git a/cinder/templates/config/contents/_cinder-glance.conf.tpl b/cinder/templates/config/contents/_cinder-glance.conf.tpl deleted file mode 100644 index 31807c7aa3..0000000000 --- a/cinder/templates/config/contents/_cinder-glance.conf.tpl +++ /dev/null @@ -1,3 +0,0 @@ -[DEFAULT] -glance_api_servers = "{{ .Values.glance.proto }}://{{ .Values.glance.host }}:{{ .Values.glance.port }}" -glance_api_version = {{ .Values.glance.version }} diff --git a/cinder/templates/config/contents/_cinder-keystone.conf.tpl b/cinder/templates/config/contents/_cinder-keystone.conf.tpl deleted file mode 100644 index 1311ed69db..0000000000 --- a/cinder/templates/config/contents/_cinder-keystone.conf.tpl +++ /dev/null @@ -1,13 +0,0 @@ -[DEFAULT] -auth_strategy = keystone -os_region_name = {{ .Values.keystone.cinder_region_name }} - -[keystone_authtoken] -auth_uri = {{ .Values.keystone.auth_uri }} -auth_url = {{ .Values.keystone.auth_url }} -auth_type = password -project_domain_name = {{ .Values.keystone.cinder_project_domain }} -user_domain_name = {{ .Values.keystone.cinder_user_domain }} -project_name = {{ .Values.keystone.cinder_project_name }} -username = {{ .Values.keystone.cinder_user }} -password = {{ .Values.keystone.cinder_password }} diff --git a/cinder/templates/config/contents/_cinder-log.conf.tpl b/cinder/templates/config/contents/_cinder-log.conf.tpl deleted file mode 100644 index a0ec3d1f2f..0000000000 --- a/cinder/templates/config/contents/_cinder-log.conf.tpl +++ /dev/null @@ -1,4 +0,0 @@ -[DEFAULT] -debug = {{ .Values.misc.debug }} -use_syslog = False -use_stderr = True diff --git a/cinder/templates/config/contents/_cinder-messaging.conf.tpl b/cinder/templates/config/contents/_cinder-messaging.conf.tpl deleted file mode 100644 index 819bd099f3..0000000000 --- a/cinder/templates/config/contents/_cinder-messaging.conf.tpl +++ /dev/null @@ -1,5 +0,0 @@ -[oslo_messaging_rabbit] -rabbit_userid = {{ .Values.messaging.user }} -rabbit_password = {{ .Values.messaging.password }} -rabbit_ha_queues = true -rabbit_hosts = {{ .Values.messaging.hosts }} diff --git a/cinder/templates/configmap-bin.yaml b/cinder/templates/configmap-bin.yaml new file mode 100644 index 0000000000..b549121df9 --- /dev/null +++ b/cinder/templates/configmap-bin.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: cinder-bin +data: + db-init.sh: |+ +{{ tuple "bin/_db-init.sh.tpl" . | include "template" | indent 4 }} + ks-service.sh: |+ +{{- include "common_keystone_service" . | indent 4 }} + ks-endpoints.sh: |+ +{{- include "common_keystone_endpoints" . | indent 4 }} + ks-user.sh: |+ +{{- include "common_keystone_user" . | indent 4 }} diff --git a/cinder/templates/configmap-etc.yaml b/cinder/templates/configmap-etc.yaml new file mode 100644 index 0000000000..d3c2bab33d --- /dev/null +++ b/cinder/templates/configmap-etc.yaml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: cinder-etc +data: + cinder.conf: |+ +{{ tuple "etc/_cinder.conf.tpl" . | include "template" | indent 4 }} + api-paste.ini: |+ +{{ tuple "etc/_cinder-api-paste.ini.tpl" . | include "template" | indent 4 }} diff --git a/cinder/templates/deployment-api.yaml b/cinder/templates/deployment-api.yaml new file mode 100644 index 0000000000..4cd72f3acb --- /dev/null +++ b/cinder/templates/deployment-api.yaml @@ -0,0 +1,76 @@ +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: cinder-api +spec: + replicas: {{ .Values.replicas }} + template: + metadata: + labels: + app: cinder-api + annotations: + pod.beta.kubernetes.io/init-containers: '[ + { + "name": "init", + "image": {{ .Values.images.dep_check | quote }}, + "imagePullPolicy": {{ .Values.images.pull_policy | quote }}, + "env": [ + { + "name": "NAMESPACE", + "value": "{{ .Release.Namespace }}" + }, + { + "name": "DEPENDENCY_SERVICE", + "value": "{{ include "joinListWithColon" .Values.dependencies.api.service }}" + }, + { + "name": "DEPENDENCY_JOBS", + "value": "{{ include "joinListWithColon" .Values.dependencies.api.jobs }}" + }, + { + "name": "COMMAND", + "value": "echo done" + } + ] + } + ]' + spec: + nodeSelector: + {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} + containers: + - name: cinder-api + image: {{ .Values.images.api }} + imagePullPolicy: {{ .Values.images.pull_policy }} + command: + - cinder-api + - --config-dir + - /etc/cinder/conf + ports: + - containerPort: {{ .Values.service.api.port }} + readinessProbe: + tcpSocket: + port: {{ .Values.service.api.port }} + volumeMounts: + - name: pod-etc-cinder + mountPath: /etc/cinder + - name: pod-var-cache-cinder + mountPath: /var/cache/cinder + - name: cinderconf + mountPath: /etc/cinder/conf/cinder.conf + subPath: cinder.conf + readOnly: true + - name: cinderpaste + mountPath: /etc/cinder/api-paste.ini + subPath: api-paste.ini + readOnly: true + volumes: + - name: pod-etc-cinder + emptyDir: {} + - name: pod-var-cache-cinder + emptyDir: {} + - name: cinderconf + configMap: + name: cinder-etc + - name: cinderpaste + configMap: + name: cinder-etc diff --git a/cinder/templates/deployments/api/api.sh.yaml b/cinder/templates/deployments/api/api.sh.yaml deleted file mode 100644 index bda7100b28..0000000000 --- a/cinder/templates/deployments/api/api.sh.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: cinder-api-sh -data: - start.sh: |+ -{{ tuple "bin/_api.sh.tpl" . | include "template" | indent 4 }} diff --git a/cinder/templates/deployments/api/api.yaml b/cinder/templates/deployments/api/api.yaml deleted file mode 100644 index 63e40bd604..0000000000 --- a/cinder/templates/deployments/api/api.yaml +++ /dev/null @@ -1,138 +0,0 @@ -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: cinder-api -spec: - replicas: {{ .Values.replicas }} - template: - metadata: - labels: - app: cinder-api - annotations: - pod.beta.kubernetes.io/init-containers: '[ - { - "name": "init", - "image": {{ .Values.images.dep_check | quote }}, - "imagePullPolicy": {{ .Values.images.pull_policy | quote }}, - "env": [ - { - "name": "NAMESPACE", - "value": "{{ .Release.Namespace }}" - }, - { - "name": "DEPENDENCY_SERVICE", - "value": "{{ include "joinListWithColon" .Values.dependencies.api.service }}" - }, - { - "name": "DEPENDENCY_JOBS", - "value": "{{ include "joinListWithColon" .Values.dependencies.api.jobs }}" - }, - { - "name": "COMMAND", - "value": "echo done" - } - ] - } - ]' - spec: - nodeSelector: - {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} - containers: - - name: cinder-api - image: {{ .Values.images.api }} - imagePullPolicy: {{ .Values.images.pull_policy }} - command: - - bash - - /tmp/start.sh - ports: - - containerPort: {{ .Values.service.api.port }} - readinessProbe: - tcpSocket: - port: {{ .Values.service.api.port }} - volumeMounts: - - name: cinder-api-sh - mountPath: /tmp/start.sh - subPath: start.sh - readOnly: true - - name: pod-etc-cinder - mountPath: /etc/cinder - - name: pod-var-lib-cinder-tmp - mountPath: /var/lib/cinder/tmp - - name: cinder-ini-api-paste - mountPath: /etc/cinder/api-paste.ini - subPath: api-paste.ini - readOnly: true - - name: cinder-conf-api - mountPath: /etc/cinder/conf/cinder-api.conf - subPath: cinder-api.conf - readOnly: true - - name: cinder-conf-backends - mountPath: /etc/cinder/conf/cinder-backends.conf - subPath: cinder-backends.conf - readOnly: true - - name: cinder-conf-backend-rbd1 - mountPath: /etc/cinder/conf/cinder-backend-rbd1.conf - subPath: cinder-backend-rbd1.conf - readOnly: true - - name: cinder-conf-concurrency - mountPath: /etc/cinder/conf/cinder-concurrency.conf - subPath: cinder-concurrency.conf - readOnly: true - - name: cinder-conf-db - mountPath: /etc/cinder/conf/cinder-db.conf - subPath: cinder-db.conf - readOnly: true - - name: cinder-conf-glance - mountPath: /etc/cinder/conf/cinder-glance.conf - subPath: cinder-glance.conf - readOnly: true - - name: cinder-conf-keystone - mountPath: /etc/cinder/conf/cinder-keystone.conf - subPath: cinder-keystone.conf - readOnly: true - - name: cinder-conf-log - mountPath: /etc/cinder/conf/cinder-log.conf - subPath: cinder-log.conf - readOnly: true - - name: cinder-conf-messaging - mountPath: /etc/cinder/conf/cinder-messaging.conf - subPath: cinder-messaging.conf - readOnly: true - volumes: - - name: cinder-api-sh - configMap: - name: cinder-api-sh - - name: pod-etc-cinder - emptyDir: {} - - name: pod-var-lib-cinder-tmp - emptyDir: {} - - name: cinder-ini-api-paste - configMap: - name: cinder-ini-api-paste - - name: cinder-conf-api - configMap: - name: cinder-conf-api - - name: cinder-conf-backends - configMap: - name: cinder-conf-backends - - name: cinder-conf-backend-rbd1 - configMap: - name: cinder-conf-backend-rbd1 - - name: cinder-conf-concurrency - configMap: - name: cinder-conf-concurrency - - name: cinder-conf-db - secret: - secretName: cinder-conf-db - - name: cinder-conf-glance - configMap: - name: cinder-conf-glance - - name: cinder-conf-keystone - secret: - secretName: cinder-conf-keystone - - name: cinder-conf-log - configMap: - name: cinder-conf-log - - name: cinder-conf-messaging - secret: - secretName: cinder-conf-messaging diff --git a/cinder/templates/deployments/api/bin/_api.sh.tpl b/cinder/templates/deployments/api/bin/_api.sh.tpl deleted file mode 100644 index 91e4f3a933..0000000000 --- a/cinder/templates/deployments/api/bin/_api.sh.tpl +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash - -# Copyright 2017 Pete Birley -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -set -ex - -exec cinder-api --config-dir /etc/cinder/conf diff --git a/cinder/templates/config/contents/_cinder-api-paste.ini.tpl b/cinder/templates/etc/_cinder-api-paste.ini.tpl similarity index 100% rename from cinder/templates/config/contents/_cinder-api-paste.ini.tpl rename to cinder/templates/etc/_cinder-api-paste.ini.tpl diff --git a/cinder/templates/etc/_cinder.conf.tpl b/cinder/templates/etc/_cinder.conf.tpl new file mode 100644 index 0000000000..1253606039 --- /dev/null +++ b/cinder/templates/etc/_cinder.conf.tpl @@ -0,0 +1,57 @@ +[DEFAULT] +debug = {{ .Values.misc.debug }} +use_syslog = False +use_stderr = True + +enable_v1_api = false +volume_name_template = %s + +osapi_volume_workers = {{ .Values.api.workers }} +osapi_volume_listen = 0.0.0.0 +osapi_volume_listen_port = {{ .Values.service.api.port }} + +api_paste_config = /etc/cinder/api-paste.ini + +glance_api_servers = "{{ .Values.glance.proto }}://{{ .Values.glance.host }}:{{ .Values.glance.port }}" +glance_api_version = {{ .Values.glance.version }} + +enabled_backends = {{ include "joinListWithColon" .Values.backends.enabled }} + +auth_strategy = keystone +os_region_name = {{ .Values.keystone.cinder_region_name }} + + +[database] +connection = mysql+pymysql://{{ .Values.database.cinder_user }}:{{ .Values.database.cinder_password }}@{{ .Values.database.address }}:{{ .Values.database.port }}/{{ .Values.database.cinder_database_name }} +max_retries = -1 + +[keystone_authtoken] +auth_uri = {{ .Values.keystone.auth_uri }} +auth_url = {{ .Values.keystone.auth_url }} +auth_type = password +project_domain_name = {{ .Values.keystone.cinder_project_domain }} +user_domain_name = {{ .Values.keystone.cinder_user_domain }} +project_name = {{ .Values.keystone.cinder_project_name }} +username = {{ .Values.keystone.cinder_user }} +password = {{ .Values.keystone.cinder_password }} + +[oslo_concurrency] +lock_path = /var/lib/cinder/tmp + +[oslo_messaging_rabbit] +rabbit_userid = {{ .Values.messaging.user }} +rabbit_password = {{ .Values.messaging.password }} +rabbit_ha_queues = true +rabbit_hosts = {{ .Values.messaging.hosts }} + +[rbd1] +volume_driver = cinder.volume.drivers.rbd.RBDDriver +rbd_pool = {{ .Values.backends.rbd1.pool }} +rbd_ceph_conf = /etc/ceph/ceph.conf +rbd_flatten_volume_from_snapshot = false +rbd_max_clone_depth = 5 +rbd_store_chunk_size = 4 +rados_connect_timeout = -1 +rbd_user = {{ .Values.backends.rbd1.user }} +rbd_secret_uuid = {{ .Values.backends.rbd1.secret }} +report_discard_supported = True diff --git a/cinder/templates/jobs/db/init/db-init.yaml b/cinder/templates/job-db-init.yaml similarity index 88% rename from cinder/templates/jobs/db/init/db-init.yaml rename to cinder/templates/job-db-init.yaml index 4c27f8c888..6d59153ede 100644 --- a/cinder/templates/jobs/db/init/db-init.yaml +++ b/cinder/templates/job-db-init.yaml @@ -42,13 +42,13 @@ spec: value: /usr/share/ansible/ command: - bash - - /tmp/init.sh + - /tmp/db-init.sh volumeMounts: - - name: db-init-sh - mountPath: /tmp/init.sh - subPath: init.sh + - name: dbinitsh + mountPath: /tmp/db-init.sh + subPath: db-init.sh readOnly: true volumes: - - name: db-init-sh + - name: dbinitsh configMap: - name: cinder-db-init-sh + name: cinder-bin diff --git a/cinder/templates/jobs/db/sync/db-sync.yaml b/cinder/templates/job-db-sync.yaml similarity index 66% rename from cinder/templates/jobs/db/sync/db-sync.yaml rename to cinder/templates/job-db-sync.yaml index ba4d31efb1..6be19e7084 100644 --- a/cinder/templates/jobs/db/sync/db-sync.yaml +++ b/cinder/templates/job-db-sync.yaml @@ -38,32 +38,22 @@ spec: image: {{ .Values.images.db_sync }} imagePullPolicy: {{ .Values.images.pull_policy }} command: - - bash - - /tmp/db-sync.sh + - cinder-manage + args: + - --config-dir + - /etc/cinder/conf + - db + - sync volumeMounts: - - name: db-sync-sh - mountPath: /tmp/db-sync.sh - subPath: db-sync.sh - readOnly: true - name: pod-etc-cinder mountPath: /etc/cinder - - name: cinder-conf-db - mountPath: /etc/cinder/conf/cinder-db.conf - subPath: cinder-db.conf - readOnly: true - - name: cinder-conf-log - mountPath: /etc/cinder/conf/cinder-log.conf - subPath: cinder-log.conf + - name: cinderconf + mountPath: /etc/cinder/conf/cinder.conf + subPath: cinder.conf readOnly: true volumes: - - name: db-sync-sh - configMap: - name: cinder-db-sync-sh - name: pod-etc-cinder emptyDir: {} - - name: cinder-conf-db - secret: - secretName: cinder-conf-db - - name: cinder-conf-log + - name: cinderconf configMap: - name: cinder-conf-log + name: cinder-etc diff --git a/cinder/templates/job-ks-endpoints.yaml.yaml b/cinder/templates/job-ks-endpoints.yaml.yaml new file mode 100644 index 0000000000..e2e082bd64 --- /dev/null +++ b/cinder/templates/job-ks-endpoints.yaml.yaml @@ -0,0 +1,65 @@ +{{- $envAll := . }} +{{- $ksAdminSecret := $envAll.Values.keystone.admin_secret | default "cinder-env-keystone-admin" }} +apiVersion: batch/v1 +kind: Job +metadata: + name: cinder-ks-endpoints +spec: + template: + metadata: + annotations: + pod.beta.kubernetes.io/init-containers: '[ + { + "name": "init", + "image": {{ .Values.images.dep_check | quote }}, + "imagePullPolicy": {{ .Values.images.pull_policy | quote }}, + "env": [ + { + "name": "NAMESPACE", + "value": "{{ .Release.Namespace }}" + }, + { + "name": "DEPENDENCY_SERVICE", + "value": "{{ include "joinListWithColon" .Values.dependencies.ks_service.service }}" + }, + { + "name": "COMMAND", + "value": "echo done" + } + ] + } + ]' + spec: + restartPolicy: OnFailure + containers: +{{- range $key1, $osServiceName := tuple "cinder" "cinderv2" "cinderv3" }} +{{- range $key2, $osServiceEndPoint := tuple "admin" "internal" "public" }} + - name: {{ $osServiceName }}-ks-endpoints-{{ $osServiceEndPoint }} + image: {{ $envAll.Values.images.ks_endpoints }} + imagePullPolicy: {{ $envAll.Values.images.pull_policy }} + command: + - bash + - /tmp/ks-endpoints.sh + volumeMounts: + - name: ks-endpoints-sh + mountPath: /tmp/ks-endpoints.sh + subPath: ks-endpoints.sh + readOnly: true + env: +{{- with $env := dict "ksUserSecret" $ksAdminSecret }} +{{- include "env_ks_openrc_tpl" $env | indent 12 }} +{{- end }} + - name: OS_SVC_ENDPOINT + value: {{ $osServiceEndPoint }} + - name: OS_SERVICE_NAME + value: {{ $osServiceName }} + - name: OS_SERVICE_TYPE + value: {{ tuple $osServiceName $envAll | include "endpoint_type_lookup" }} + - name: OS_SERVICE_ENDPOINT + value: {{ tuple $osServiceName $osServiceEndPoint "api" $envAll | include "endpoint_addr_lookup" }} +{{- end }} +{{- end }} + volumes: + - name: ks-endpoints-sh + configMap: + name: cinder-bin diff --git a/cinder/templates/job-ks-service.yaml b/cinder/templates/job-ks-service.yaml new file mode 100644 index 0000000000..b22ee7aa3c --- /dev/null +++ b/cinder/templates/job-ks-service.yaml @@ -0,0 +1,59 @@ +{{- $envAll := . }} +{{- $ksAdminSecret := .Values.keystone.admin_secret | default "cinder-env-keystone-admin" }} +apiVersion: batch/v1 +kind: Job +metadata: + name: cinder-ks-service +spec: + template: + metadata: + annotations: + pod.beta.kubernetes.io/init-containers: '[ + { + "name": "init", + "image": {{ .Values.images.dep_check | quote }}, + "imagePullPolicy": {{ .Values.images.pull_policy | quote }}, + "env": [ + { + "name": "NAMESPACE", + "value": "{{ .Release.Namespace }}" + }, + { + "name": "DEPENDENCY_SERVICE", + "value": "{{ include "joinListWithColon" .Values.dependencies.ks_service.service }}" + }, + { + "name": "COMMAND", + "value": "echo done" + } + ] + } + ]' + spec: + restartPolicy: OnFailure + containers: +{{- range $key1, $osServiceName := tuple "cinder" "cinderv2" "cinderv3" }} + - name: {{ $osServiceName }}-ks-service-registration + image: {{ $envAll.Values.images.ks_service }} + imagePullPolicy: {{ $envAll.Values.images.pull_policy }} + command: + - bash + - /tmp/ks-service.sh + volumeMounts: + - name: ks-service-sh + mountPath: /tmp/ks-service.sh + subPath: ks-service.sh + readOnly: true + env: +{{- with $env := dict "ksUserSecret" $ksAdminSecret }} +{{- include "env_ks_openrc_tpl" $env | indent 12 }} +{{- end }} + - name: OS_SERVICE_NAME + value: {{ $osServiceName }} + - name: OS_SERVICE_TYPE + value: {{ tuple $osServiceName $envAll | include "endpoint_type_lookup" }} +{{- end }} + volumes: + - name: ks-service-sh + configMap: + name: cinder-bin diff --git a/cinder/templates/jobs/keystone/user/ks-user.yaml b/cinder/templates/job-ks-user.yaml similarity index 51% rename from cinder/templates/jobs/keystone/user/ks-user.yaml rename to cinder/templates/job-ks-user.yaml index 06c4e8637f..b8cdec3dd4 100644 --- a/cinder/templates/jobs/keystone/user/ks-user.yaml +++ b/cinder/templates/job-ks-user.yaml @@ -1,3 +1,5 @@ +{{- $ksAdminSecret := .Values.keystone.admin_secret | default "cinder-env-keystone-admin" }} +{{- $ksUserSecret := .Values.keystone.user_secret | default "cinder-env-keystone-user" }} apiVersion: batch/v1 kind: Job metadata: @@ -18,7 +20,7 @@ spec: }, { "name": "DEPENDENCY_SERVICE", - "value": "{{ include "joinListWithColon" .Values.dependencies.ks_user.service }}" + "value": "{{ include "joinListWithColon" .Values.dependencies.ks_user.service }}" }, { "name": "COMMAND", @@ -40,43 +42,19 @@ spec: - name: ks-user-sh mountPath: /tmp/ks-user.sh subPath: ks-user.sh + readOnly: true env: -{{ include "env_admin_openrc" . | indent 12 }} +{{- with $env := dict "ksUserSecret" $ksAdminSecret }} +{{- include "env_ks_openrc_tpl" $env | indent 12 }} +{{- end }} - name: SERVICE_OS_SERVICE_NAME value: "cinder" - - name: SERVICE_OS_REGION_NAME - valueFrom: - secretKeyRef: - name: cinder-conf-keystone - key: OS_REGION_NAME - - name: SERVICE_OS_PROJECT_DOMAIN_NAME - valueFrom: - secretKeyRef: - name: cinder-conf-keystone - key: OS_PROJECT_DOMAIN_NAME - - name: SERVICE_OS_PROJECT_NAME - valueFrom: - secretKeyRef: - name: cinder-conf-keystone - key: OS_PROJECT_NAME - - name: SERVICE_OS_USER_DOMAIN_NAME - valueFrom: - secretKeyRef: - name: cinder-conf-keystone - key: OS_USER_DOMAIN_NAME - - name: SERVICE_OS_USERNAME - valueFrom: - secretKeyRef: - name: cinder-conf-keystone - key: OS_USERNAME - - name: SERVICE_OS_PASSWORD - valueFrom: - secretKeyRef: - name: cinder-conf-keystone - key: OS_PASSWORD +{{- with $env := dict "ksUserSecret" $ksUserSecret }} +{{- include "env_ks_user_create_openrc_tpl" $env | indent 12 }} +{{- end }} - name: SERVICE_OS_ROLE value: {{ .Values.keystone.cinder_user_role | quote }} volumes: - name: ks-user-sh configMap: - name: cinder-ks-user-sh + name: cinder-bin diff --git a/cinder/templates/jobs/db/init/bin/_db-init.sh.tpl b/cinder/templates/jobs/db/init/bin/_db-init.sh.tpl deleted file mode 100644 index 66e953e971..0000000000 --- a/cinder/templates/jobs/db/init/bin/_db-init.sh.tpl +++ /dev/null @@ -1,6 +0,0 @@ -#!/bin/bash -set -ex -export HOME=/tmp - -ansible localhost -vvv -m mysql_db -a "login_host='{{ .Values.database.address }}' login_port='{{ .Values.database.port }}' login_user='{{ .Values.database.root_user }}' login_password='{{ .Values.database.root_password }}' name='{{ .Values.database.cinder_database_name }}'" -ansible localhost -vvv -m mysql_user -a "login_host='{{ .Values.database.address }}' login_port='{{ .Values.database.port }}' login_user='{{ .Values.database.root_user }}' login_password='{{ .Values.database.root_password }}' name='{{ .Values.database.cinder_user }}' password='{{ .Values.database.cinder_password }}' host='%' priv='{{ .Values.database.cinder_database_name }}.*:ALL' append_privs='yes'" diff --git a/cinder/templates/jobs/db/init/db-init.sh.yaml b/cinder/templates/jobs/db/init/db-init.sh.yaml deleted file mode 100644 index 74875985bf..0000000000 --- a/cinder/templates/jobs/db/init/db-init.sh.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: cinder-db-init-sh -data: - init.sh: |+ -{{ tuple "bin/_db-init.sh.tpl" . | include "template" | indent 4 }} diff --git a/cinder/templates/jobs/db/sync/bin/_db-sync.sh.tpl b/cinder/templates/jobs/db/sync/bin/_db-sync.sh.tpl deleted file mode 100644 index a36edc6c92..0000000000 --- a/cinder/templates/jobs/db/sync/bin/_db-sync.sh.tpl +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash - -# Copyright 2017 Pete Birley -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -set -ex - -cinder-manage --config-dir /etc/cinder/conf db sync diff --git a/cinder/templates/jobs/db/sync/db-sync.sh.yaml b/cinder/templates/jobs/db/sync/db-sync.sh.yaml deleted file mode 100644 index f395f01ecc..0000000000 --- a/cinder/templates/jobs/db/sync/db-sync.sh.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: cinder-db-sync-sh -data: - db-sync.sh: |+ -{{ tuple "bin/_db-sync.sh.tpl" . | include "template" | indent 4 }} diff --git a/cinder/templates/jobs/keystone/endpoints/bin/_ks-endpoints.sh.tpl b/cinder/templates/jobs/keystone/endpoints/bin/_ks-endpoints.sh.tpl deleted file mode 100644 index 264d1b1384..0000000000 --- a/cinder/templates/jobs/keystone/endpoints/bin/_ks-endpoints.sh.tpl +++ /dev/null @@ -1,63 +0,0 @@ -#!/bin/bash - -# Copyright 2017 Pete Birley -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -set -ex - -# Get Service ID -OS_SERVICE_ID=$( openstack service list -f csv --quote none | \ - grep ",${OS_SERVICE_NAME},${OS_SERVICE_TYPE}$" | \ - sed -e "s/,${OS_SERVICE_NAME},${OS_SERVICE_TYPE}//g" ) - -# Get Endpoint ID if it exists -OS_ENDPOINT_ID=$( openstack endpoint list -f csv --quote none | \ - grep "^[a-z0-9]*,${OS_REGION_NAME},${OS_SERVICE_NAME},${OS_SERVICE_TYPE},True,${OS_SERVICE_INTERFACE}," | \ - awk -F ',' '{ print $1 }' ) - -# Making sure only a single endpoint exists for a service within a region -if [ "$(echo $OS_ENDPOINT_ID | wc -w)" -gt "1" ]; then - echo "More than one endpoint found, cleaning up" - for ENDPOINT_ID in $OS_ENDPOINT_ID; do - openstack endpoint delete ${ENDPOINT_ID} - done - unset OS_ENDPOINT_ID -fi - -# Determine if Endpoint needs updated -if [[ ${OS_ENDPOINT_ID} ]]; then - OS_ENDPOINT_URL_CURRENT=$(openstack endpoint show ${OS_ENDPOINT_ID} --f value -c url) - if [ "${OS_ENDPOINT_URL_CURRENT}" == "${OS_SERVICE_ENDPOINT}" ]; then - echo "Endpoints Match: no action required" - OS_ENDPOINT_UPDATE="False" - else - echo "Endpoints Dont Match: removing existing entries" - openstack endpoint delete ${OS_ENDPOINT_ID} - OS_ENDPOINT_UPDATE="True" - fi -else - OS_ENDPOINT_UPDATE="True" -fi - -# Update Endpoint if required -if [[ "${OS_ENDPOINT_UPDATE}" == "True" ]]; then - OS_ENDPOINT_ID=$( openstack endpoint create -f value -c id \ - --region="${OS_REGION_NAME}" \ - "${OS_SERVICE_ID}" \ - ${OS_SERVICE_INTERFACE} \ - "${OS_SERVICE_ENDPOINT}" ) -fi - -# Display the Endpoint -openstack endpoint show ${OS_ENDPOINT_ID} diff --git a/cinder/templates/jobs/keystone/endpoints/ks-endpoints.sh.yaml b/cinder/templates/jobs/keystone/endpoints/ks-endpoints.sh.yaml deleted file mode 100644 index b4841d89d4..0000000000 --- a/cinder/templates/jobs/keystone/endpoints/ks-endpoints.sh.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: cinder-ks-endpoints-sh -data: - ks-endpoints.sh: |+ -{{ tuple "bin/_ks-endpoints.sh.tpl" . | include "template" | indent 4 }} diff --git a/cinder/templates/jobs/keystone/endpoints/ks-endpoints.yaml b/cinder/templates/jobs/keystone/endpoints/ks-endpoints.yaml deleted file mode 100644 index 1c23325d6f..0000000000 --- a/cinder/templates/jobs/keystone/endpoints/ks-endpoints.yaml +++ /dev/null @@ -1,130 +0,0 @@ -apiVersion: batch/v1 -kind: Job -metadata: - name: cinder-ks-endpoints -spec: - template: - metadata: - annotations: - pod.beta.kubernetes.io/init-containers: '[ - { - "name": "init", - "image": {{ .Values.images.dep_check | quote }}, - "imagePullPolicy": {{ .Values.images.pull_policy | quote }}, - "env": [ - { - "name": "NAMESPACE", - "value": "{{ .Release.Namespace }}" - }, - { - "name": "DEPENDENCY_SERVICE", - "value": "{{ include "joinListWithColon" .Values.dependencies.ks_endpoints.service }}" - }, - { - "name": "DEPENDENCY_JOBS", - "value": "{{ include "joinListWithColon" .Values.dependencies.ks_endpoints.jobs }}" - }, - { - "name": "COMMAND", - "value": "echo done" - } - ] - } - ]' - spec: - restartPolicy: OnFailure - containers: - - name: cinder-ks-endpoints-v1-admin -{{ include "container_ks_endpoint" . | indent 10 }} - - name: OS_SERVICE_INTERFACE - value: admin - - name: OS_SERVICE_NAME - value: cinder - - name: OS_SERVICE_TYPE - value: volume - - name: OS_SERVICE_ENDPOINT - value: {{ .Values.service.api.proto }}://{{ .Values.service.api.name }}:{{ .Values.service.api.port }}/v1/%(tenant_id)s - - name: cinder-ks-endpoints-v1-internal -{{ include "container_ks_endpoint" . | indent 10 }} - - name: OS_SERVICE_INTERFACE - value: internal - - name: OS_SERVICE_NAME - value: cinder - - name: OS_SERVICE_TYPE - value: volume - - name: OS_SERVICE_ENDPOINT - value: {{ .Values.service.api.proto }}://{{ .Values.service.api.name }}:{{ .Values.service.api.port }}/v1/%(tenant_id)s - - name: cinder-ks-endpoints-v1-public -{{ include "container_ks_endpoint" . | indent 10 }} - - name: OS_SERVICE_INTERFACE - value: public - - name: OS_SERVICE_NAME - value: cinder - - name: OS_SERVICE_TYPE - value: volume - - name: OS_SERVICE_ENDPOINT - value: {{ .Values.service.api.proto }}://{{ .Values.service.api.name }}:{{ .Values.service.api.port }}/v1/%(tenant_id)s - - name: cinder-ks-endpoints-v2-admin -{{ include "container_ks_endpoint" . | indent 10 }} - - name: OS_SERVICE_INTERFACE - value: admin - - name: OS_SERVICE_NAME - value: cinder - - name: OS_SERVICE_TYPE - value: volumev2 - - name: OS_SERVICE_ENDPOINT - value: {{ .Values.service.api.proto }}://{{ .Values.service.api.name }}:{{ .Values.service.api.port }}/v2/%(tenant_id)s - - name: cinder-ks-endpoints-v2-internal -{{ include "container_ks_endpoint" . | indent 10 }} - - name: OS_SERVICE_INTERFACE - value: internal - - name: OS_SERVICE_NAME - value: cinder - - name: OS_SERVICE_TYPE - value: volumev2 - - name: OS_SERVICE_ENDPOINT - value: {{ .Values.service.api.proto }}://{{ .Values.service.api.name }}:{{ .Values.service.api.port }}/v2/%(tenant_id)s - - name: cinder-ks-endpoints-v2-public -{{ include "container_ks_endpoint" . | indent 10 }} - - name: OS_SERVICE_INTERFACE - value: public - - name: OS_SERVICE_NAME - value: cinder - - name: OS_SERVICE_TYPE - value: volumev2 - - name: OS_SERVICE_ENDPOINT - value: {{ .Values.service.api.proto }}://{{ .Values.service.api.name }}:{{ .Values.service.api.port }}/v2/%(tenant_id)s - - name: cinder-ks-endpoints-v3-admin -{{ include "container_ks_endpoint" . | indent 10 }} - - name: OS_SERVICE_INTERFACE - value: admin - - name: OS_SERVICE_NAME - value: cinder - - name: OS_SERVICE_TYPE - value: volumev3 - - name: OS_SERVICE_ENDPOINT - value: {{ .Values.service.api.proto }}://{{ .Values.service.api.name }}:{{ .Values.service.api.port }}/v3/%(tenant_id)s - - name: cinder-ks-endpoints-v3-internal -{{ include "container_ks_endpoint" . | indent 10 }} - - name: OS_SERVICE_INTERFACE - value: internal - - name: OS_SERVICE_NAME - value: cinder - - name: OS_SERVICE_TYPE - value: volumev3 - - name: OS_SERVICE_ENDPOINT - value: {{ .Values.service.api.proto }}://{{ .Values.service.api.name }}:{{ .Values.service.api.port }}/v3/%(tenant_id)s - - name: cinder-ks-endpoints-v3-public -{{ include "container_ks_endpoint" . | indent 10 }} - - name: OS_SERVICE_INTERFACE - value: public - - name: OS_SERVICE_NAME - value: cinder - - name: OS_SERVICE_TYPE - value: volumev3 - - name: OS_SERVICE_ENDPOINT - value: {{ .Values.service.api.proto }}://{{ .Values.service.api.name }}:{{ .Values.service.api.port }}/v3/%(tenant_id)s - volumes: - - name: ks-endpoints-sh - configMap: - name: cinder-ks-endpoints-sh diff --git a/cinder/templates/jobs/keystone/service/bin/_ks-service.sh.tpl b/cinder/templates/jobs/keystone/service/bin/_ks-service.sh.tpl deleted file mode 100644 index 4777d08c48..0000000000 --- a/cinder/templates/jobs/keystone/service/bin/_ks-service.sh.tpl +++ /dev/null @@ -1,35 +0,0 @@ -#!/bin/bash - -# Copyright 2017 Pete Birley -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -set -ex - -# Service boilerplate description -OS_SERVICE_DESC="${OS_REGION_NAME}: ${OS_SERVICE_NAME} (${OS_SERVICE_TYPE}) service" - -# Get Service ID if it exists -unset OS_SERVICE_ID -OS_SERVICE_ID=$( openstack service list -f csv --quote none | \ - grep ",${OS_SERVICE_NAME},${OS_SERVICE_TYPE}$" | \ - sed -e "s/,${OS_SERVICE_NAME},${OS_SERVICE_TYPE}//g" ) - -# If a Service ID was not found, then create the service -if [[ -z ${OS_SERVICE_ID} ]]; then - OS_SERVICE_ID=$(openstack service create -f value -c id \ - --name="${OS_SERVICE_NAME}" \ - --description "${OS_SERVICE_DESC}" \ - --enable \ - "${OS_SERVICE_TYPE}") -fi diff --git a/cinder/templates/jobs/keystone/service/ks-service.sh.yaml b/cinder/templates/jobs/keystone/service/ks-service.sh.yaml deleted file mode 100644 index e4ea00a37f..0000000000 --- a/cinder/templates/jobs/keystone/service/ks-service.sh.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: cinder-ks-service-sh -data: - ks-service.sh: |+ -{{ tuple "bin/_ks-service.sh.tpl" . | include "template" | indent 4 }} diff --git a/cinder/templates/jobs/keystone/service/ks-service.yaml b/cinder/templates/jobs/keystone/service/ks-service.yaml deleted file mode 100644 index 3893433885..0000000000 --- a/cinder/templates/jobs/keystone/service/ks-service.yaml +++ /dev/null @@ -1,54 +0,0 @@ -apiVersion: batch/v1 -kind: Job -metadata: - name: cinder-ks-service -spec: - template: - metadata: - annotations: - pod.beta.kubernetes.io/init-containers: '[ - { - "name": "init", - "image": {{ .Values.images.dep_check | quote }}, - "imagePullPolicy": {{ .Values.images.pull_policy | quote }}, - "env": [ - { - "name": "NAMESPACE", - "value": "{{ .Release.Namespace }}" - }, - { - "name": "DEPENDENCY_SERVICE", - "value": "{{ include "joinListWithColon" .Values.dependencies.ks_service.service }}" - }, - { - "name": "COMMAND", - "value": "echo done" - } - ] - } - ]' - spec: - restartPolicy: OnFailure - containers: - - name: cinder-ks-service-v1 -{{ include "container_ks_service" . | indent 10 }} - - name: OS_SERVICE_NAME - value: "cinder" - - name: OS_SERVICE_TYPE - value: "volume" - - name: cinder-ks-service-v2 -{{ include "container_ks_service" . | indent 10 }} - - name: OS_SERVICE_NAME - value: "cinder" - - name: OS_SERVICE_TYPE - value: "volumev2" - - name: cinder-ks-service-v3 -{{ include "container_ks_service" . | indent 10 }} - - name: OS_SERVICE_NAME - value: "cinder" - - name: OS_SERVICE_TYPE - value: "volumev3" - volumes: - - name: ks-service-sh - configMap: - name: cinder-ks-service-sh diff --git a/cinder/templates/jobs/keystone/user/bin/_ks-user.sh.tpl b/cinder/templates/jobs/keystone/user/bin/_ks-user.sh.tpl deleted file mode 100644 index fdc7358b32..0000000000 --- a/cinder/templates/jobs/keystone/user/bin/_ks-user.sh.tpl +++ /dev/null @@ -1,56 +0,0 @@ -#!/bin/bash - -# Copyright 2017 Pete Birley -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -set -ex - -# Manage user project -USER_PROJECT_ID=$(openstack project create --or-show --enable -f value -c id \ - --domain="${SERVICE_OS_PROJECT_DOMAIN_NAME}" \ - --description="Service Project for ${SERVICE_OS_REGION_NAME}/${SERVICE_OS_PROJECT_DOMAIN_NAME}" \ - "${SERVICE_OS_PROJECT_NAME}"); - -# Display project -openstack project show "${USER_PROJECT_ID}" - -# Manage user -USER_ID=$(openstack user create --or-show --enable -f value -c id \ - --domain="${SERVICE_OS_USER_DOMAIN_NAME}" \ - --project-domain="${SERVICE_OS_PROJECT_DOMAIN_NAME}" \ - --project="${USER_PROJECT_ID}" \ - --description="Service User for ${SERVICE_OS_REGION_NAME}/${SERVICE_OS_USER_DOMAIN_NAME}/${SERVICE_OS_SERVICE_NAME}" \ - --password="${SERVICE_OS_PASSWORD}" \ - "${SERVICE_OS_USERNAME}"); - -# Display user -openstack user show "${USER_ID}" - -# Manage user role -USER_ROLE_ID=$(openstack role create --or-show -f value -c id \ - "${SERVICE_OS_ROLE}"); - -# Manage user role assignment -openstack role add \ - --user="${USER_ID}" \ - --user-domain="${SERVICE_OS_USER_DOMAIN_NAME}" \ - --project-domain="${SERVICE_OS_PROJECT_DOMAIN_NAME}" \ - --project="${USER_PROJECT_ID}" \ - "${USER_ROLE_ID}" - -# Display user role assignment -openstack role assignment list \ - --role="${SERVICE_OS_ROLE}" \ - --user-domain="${SERVICE_OS_USER_DOMAIN_NAME}" \ - --user="${USER_ID}" diff --git a/cinder/templates/jobs/keystone/user/ks-user.sh.yaml b/cinder/templates/jobs/keystone/user/ks-user.sh.yaml deleted file mode 100644 index 52e6941d0c..0000000000 --- a/cinder/templates/jobs/keystone/user/ks-user.sh.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: cinder-ks-user-sh -data: - ks-user.sh: |+ -{{ tuple "bin/_ks-user.sh.tpl" . | include "template" | indent 4 }} diff --git a/cinder/templates/config/cinder-keystone-admin.env.yaml b/cinder/templates/secret-keystone-admin.env.yaml similarity index 100% rename from cinder/templates/config/cinder-keystone-admin.env.yaml rename to cinder/templates/secret-keystone-admin.env.yaml diff --git a/cinder/templates/config/cinder-keystone.conf.yaml b/cinder/templates/secret-keystone-user.env.yaml similarity index 80% rename from cinder/templates/config/cinder-keystone.conf.yaml rename to cinder/templates/secret-keystone-user.env.yaml index 992a6d43bd..e0f5ad63af 100644 --- a/cinder/templates/config/cinder-keystone.conf.yaml +++ b/cinder/templates/secret-keystone-user.env.yaml @@ -1,11 +1,9 @@ apiVersion: v1 kind: Secret metadata: - name: cinder-conf-keystone + name: cinder-env-keystone-user type: Opaque data: - cinder-keystone.conf: | -{{ tuple "contents/_cinder-keystone.conf.tpl" . | include "template" | b64enc | indent 4 }} OS_AUTH_URL: | {{ .Values.keystone.auth_url | b64enc | indent 4 }} OS_REGION_NAME: | diff --git a/cinder/values.yaml b/cinder/values.yaml index 0fd2966596..e0d7e35522 100644 --- a/cinder/values.yaml +++ b/cinder/values.yaml @@ -108,3 +108,40 @@ dependencies: service: - mariadb - keystone-api + +endpoints: + keystone: + hosts: + default: keystone-api + path: /v3 + type: identity + scheme: 'http' + port: + admin: 35357 + public: 5000 + cinder: + hosts: + default: cinder-api + path: '/v1/%(tenant_id)s' + type: volume + scheme: 'http' + port: + api: 8776 + cinderv2: + name: cinder + hosts: + default: cinder-api + path: '/v2/%(tenant_id)s' + type: volumev2 + scheme: 'http' + port: + api: 8776 + cinderv3: + name: cinder + hosts: + default: cinder-api + path: '/v3/%(tenant_id)s' + type: volumev3 + scheme: 'http' + port: + api: 8776