[Cinder] Add visibilty settings to volume types
This is to add public/private visibility option and project level access list to a volume type while creating. Change-Id: Id33c8c9f10e60fcdb4b6c49e69f3b5d8f11850c6
This commit is contained in:
parent
1d9e3ecc00
commit
48625ad984
@ -14,7 +14,7 @@ apiVersion: v1
|
||||
appVersion: v1.0.0
|
||||
description: OpenStack-Helm Cinder
|
||||
name: cinder
|
||||
version: 0.2.18
|
||||
version: 0.2.19
|
||||
home: https://docs.openstack.org/cinder/latest/
|
||||
icon: https://www.openstack.org/themes/openstack/images/project-mascots/Cinder/OpenStack_Project_Cinder_vertical.png
|
||||
sources:
|
||||
|
@ -22,30 +22,53 @@ export HOME=/tmp
|
||||
{{- /* Create volume types defined in Values.bootstrap */}}
|
||||
{{- /* Types can only be created for backends defined in Values.conf */}}
|
||||
{{- $volumeTypes := .Values.bootstrap.volume_types }}
|
||||
{{- /* Generating list of backends listed in .Values.conf.backends */}}
|
||||
{{- $backendsList := list}}
|
||||
{{- range $backend_name, $backend_properties := .Values.conf.backends }}
|
||||
{{- if $backend_properties }}
|
||||
{{- if and $backend_properties $backend_properties.volume_backend_name }}
|
||||
{{- $backendsList = append $backendsList $backend_properties.volume_backend_name }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{- range $name, $properties := $volumeTypes }}
|
||||
{{- if $properties.volume_backend_name }}
|
||||
{{- if (eq $properties.volume_backend_name $backend_properties.volume_backend_name) }}
|
||||
if [[ $(openstack volume type list -f value -c Name | grep -w {{ $name }}) ]]; then
|
||||
if [[ ! $(openstack volume type show {{ $name }} | grep volume_backend_name) ]]; then
|
||||
openstack volume type set \
|
||||
{{- range $key, $value := $properties }}
|
||||
--property {{ $key }}={{ $value }} \
|
||||
{{- end }}
|
||||
{{ $name }}
|
||||
fi
|
||||
else
|
||||
{{- if and $properties.volume_backend_name (has $properties.volume_backend_name $backendsList) }}
|
||||
{{- $access_type := $properties.access_type | default "public"}}
|
||||
# Create a volume type if it doesn't exist.
|
||||
# Assumption: the volume type name is unique.
|
||||
openstack volume type show {{ $name }} || \
|
||||
openstack volume type create \
|
||||
--public \
|
||||
{{- range $key, $value := $properties }}
|
||||
--property {{ $key }}={{ $value }} \
|
||||
{{- end }}
|
||||
--{{ $access_type }} \
|
||||
{{ $name }}
|
||||
fi
|
||||
{{/*
|
||||
We will try to set or update volume type properties.
|
||||
To update properties, the volume type MUST NOT BE IN USE,
|
||||
and projects and domains with access to the volume type
|
||||
MUST EXIST, as well.
|
||||
*/}}
|
||||
is_in_use=$(openstack volume list --long --all-projects -c Type -f value | grep -E "^{{ $name }}\s*$" || true)
|
||||
if [[ -z ${is_in_use} ]]; then
|
||||
{{- if (eq $access_type "private") }}
|
||||
volumeTypeID=$(openstack volume type show {{ $name }} -f value -c id)
|
||||
cinder type-update --is-public false ${volumeTypeID}
|
||||
{{- end }}
|
||||
|
||||
{{- if and $properties.grant_access (eq $access_type "private") }}
|
||||
{{- range $domain, $domainProjects := $properties.grant_access }}
|
||||
{{- range $project := $domainProjects }}
|
||||
project_id=$(openstack project show --domain {{ $domain }} -c id -f value {{ $project }})
|
||||
if [[ -z $(openstack volume type show {{ $name }} -c access_project_ids -f value | grep ${project_id} || true) ]]; then
|
||||
openstack volume type set --project-domain {{ $domain }} --project {{ $project }} {{ $name }}
|
||||
fi
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{- range $key, $value := $properties }}
|
||||
{{- if and (ne $key "access_type") (ne $key "grant_access") $value }}
|
||||
openstack volume type set --property {{ $key }}={{ $value }} {{ $name }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
fi
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
@ -53,7 +76,7 @@ fi
|
||||
{{- if .Values.bootstrap.bootstrap_conf_backends }}
|
||||
{{- range $name, $properties := .Values.conf.backends }}
|
||||
{{- if $properties }}
|
||||
openstack volume type show {{ $name }} || \
|
||||
openstack volume type show {{ $name }} || \
|
||||
openstack volume type create \
|
||||
--public \
|
||||
--property volume_backend_name={{ $properties.volume_backend_name }} \
|
||||
@ -65,14 +88,14 @@ openstack volume type show {{ $name }} || \
|
||||
{{- /* Create and associate volume QoS if defined */}}
|
||||
{{- if .Values.bootstrap.volume_qos}}
|
||||
{{- range $qos_name, $qos_properties := .Values.bootstrap.volume_qos }}
|
||||
type_defined=true
|
||||
type_defined=true
|
||||
{{- /* If the volume type to associate with is not defined, skip the qos */}}
|
||||
{{- range $qos_properties.associates }}
|
||||
if ! openstack volume type show {{ . }}; then
|
||||
if ! openstack volume type show {{ . }}; then
|
||||
type_defined=false
|
||||
fi
|
||||
fi
|
||||
{{- end }}
|
||||
if $type_defined; then
|
||||
if [[ ${type_defined} ]]; then
|
||||
openstack volume qos show {{ $qos_name }} || \
|
||||
openstack volume qos create \
|
||||
--consumer {{ $qos_properties.consumer }} \
|
||||
@ -83,14 +106,13 @@ if $type_defined; then
|
||||
{{- range $qos_properties.associates }}
|
||||
openstack volume qos associate {{ $qos_name }} {{ . }}
|
||||
{{- end }}
|
||||
fi
|
||||
fi
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{- /* Check volume type and properties were added */}}
|
||||
openstack volume type list --long
|
||||
openstack volume qos list
|
||||
|
||||
{{- end }}
|
||||
|
||||
exit 0
|
||||
|
@ -368,6 +368,19 @@ bootstrap:
|
||||
name:
|
||||
group:
|
||||
volume_backend_name:
|
||||
# access_type: "private"
|
||||
# If you set up access_type to private, only the creator
|
||||
# will get an access to the volume type. You can extend
|
||||
# the access to your volume type by providing a list of
|
||||
# domain names and projects as shown below
|
||||
# grant_access:
|
||||
# <domain name 1>:
|
||||
# - <project name 1>
|
||||
# - <project name 2>
|
||||
# <...>
|
||||
# <domain name 2>:
|
||||
# - <project name 1>
|
||||
# <...>
|
||||
# Volume QoS if any. By default, None QoS is created.
|
||||
# Below values with a number at the end need to be replaced
|
||||
# with real names.
|
||||
|
@ -22,6 +22,10 @@ bootstrap:
|
||||
PURE-MULTIATTACH:
|
||||
multiattach: "\"<is> True\""
|
||||
volume_backend_name: "PURE_BE"
|
||||
access_type: "private"
|
||||
grant_access:
|
||||
default:
|
||||
- admin
|
||||
conf:
|
||||
cinder:
|
||||
DEFAULT:
|
||||
|
@ -35,4 +35,5 @@ cinder:
|
||||
- 0.2.16 Enable taint toleration for Openstack services
|
||||
- 0.2.17 Remove unsupported values overrides
|
||||
- 0.2.18 Add helm hook in bootstrap job
|
||||
- 0.2.19 Add volume types visibility (public/private)
|
||||
...
|
||||
|
Loading…
Reference in New Issue
Block a user