From 564f9757fcfdebb7e9efd2eb968754bb3901bd67 Mon Sep 17 00:00:00 2001 From: Alan Meadows Date: Wed, 23 Nov 2016 13:26:08 -0800 Subject: [PATCH] Refactor mariadb now that rbd PVCs can be leveraged This large commit refactors mariadb and creates a utils and openstack chart to facilitate installing all openstack elemenets and supporting infrastructure. --- Makefile | 14 +- README.md | 79 +++++++++++- ceph/.gitignore | 1 + ceph/README.md | 4 +- ceph/requirements.lock | 6 + ceph/requirements.yaml | 13 ++ .../{pre-install-secret.yaml => secrets.yaml} | 29 ++--- ceph/templates/storage.yaml | 14 ++ mariadb/README.md | 15 ++- ...riadb-daemonset.yaml => mariadb-pods.yaml} | 120 +++++++++++++----- mariadb/templates/mariadb-seed-job.yaml | 4 +- mariadb/templates/replicas.py.yaml | 10 +- mariadb/values.yaml | 9 +- openstack/.helmignore | 27 ++++ openstack/Chart.yaml | 4 + {ceph => openstack}/Makefile | 0 openstack/requirements.lock | 6 + openstack/requirements.yaml | 13 ++ openstack/templates/secrets.yaml | 9 ++ openstack/values.yaml | 14 ++ utils/.gitignore | 1 + utils/.helmignore | 27 ++++ utils/Chart.yaml | 4 + utils/Makefile | 7 + utils/templates/_common.sh | 22 ++++ utils/templates/_hosts.tpl | 9 ++ .../utils/secret-generator}/README.md | 0 .../utils/secret-generator}/ceph-key.py | 0 .../secret-generator}/generate_secrets.sh | 0 .../templates/ceph/admin.keyring.tmpl | 0 .../templates/ceph/bootstrap.keyring.tmpl | 0 .../templates/ceph/ceph.conf.tmpl | 0 .../templates/ceph/mon.keyring.tmpl | 0 {ceph => utils}/utils/test/ceph-rbd-test.yaml | 0 utils/values.yaml | 4 + 35 files changed, 395 insertions(+), 70 deletions(-) create mode 100644 ceph/.gitignore create mode 100644 ceph/requirements.lock create mode 100644 ceph/requirements.yaml rename ceph/templates/{pre-install-secret.yaml => secrets.yaml} (54%) create mode 100644 ceph/templates/storage.yaml rename mariadb/templates/{mariadb-daemonset.yaml => mariadb-pods.yaml} (58%) create mode 100644 openstack/.helmignore create mode 100755 openstack/Chart.yaml rename {ceph => openstack}/Makefile (100%) create mode 100644 openstack/requirements.lock create mode 100644 openstack/requirements.yaml create mode 100644 openstack/templates/secrets.yaml create mode 100644 openstack/values.yaml create mode 100644 utils/.gitignore create mode 100644 utils/.helmignore create mode 100755 utils/Chart.yaml create mode 100644 utils/Makefile create mode 100644 utils/templates/_common.sh create mode 100644 utils/templates/_hosts.tpl rename {ceph/utils/generator => utils/utils/secret-generator}/README.md (100%) rename {ceph/utils/generator => utils/utils/secret-generator}/ceph-key.py (100%) rename {ceph/utils/generator => utils/utils/secret-generator}/generate_secrets.sh (100%) rename {ceph/utils/generator => utils/utils/secret-generator}/templates/ceph/admin.keyring.tmpl (100%) rename {ceph/utils/generator => utils/utils/secret-generator}/templates/ceph/bootstrap.keyring.tmpl (100%) rename {ceph/utils/generator => utils/utils/secret-generator}/templates/ceph/ceph.conf.tmpl (100%) rename {ceph/utils/generator => utils/utils/secret-generator}/templates/ceph/mon.keyring.tmpl (100%) rename {ceph => utils}/utils/test/ceph-rbd-test.yaml (100%) create mode 100644 utils/values.yaml diff --git a/Makefile b/Makefile index 64c1ad7247..a4ca619628 100644 --- a/Makefile +++ b/Makefile @@ -1,12 +1,18 @@ -.PHONY: ceph all clean base64 +.PHONY: ceph mariadb all clean base64 -B64_DIRS := ceph/secrets -B64_EXCLUDE := $(wildcard ceph/secrets/*.b64) +B64_DIRS := utils/secrets +B64_EXCLUDE := $(wildcard utils/secrets/*.b64) -all: base64 ceph +all: base64 utils ceph mariadb openstack + +utils: build-utils ceph: build-ceph +mariadb: build-mariadb + +openstack: build-openstack + clean: $(shell find . -name '*.b64' -exec rm {} \;) $(shell find . -name '_partials.tpl' -exec rm {} \;) diff --git a/README.md b/README.md index 54511aad88..a621131a96 100644 --- a/README.md +++ b/README.md @@ -2,6 +2,72 @@ This is a fully self-contained OpenStack deployment on Kubernetes. This collection is a work in progress so components will continue to be added over time. +## Requirements + +The aic-helm project is fairly opinionated. We will work to generalize the configuration but since we are targeting a fully functional proof of concept end-to-end, we will have to limit the plugin like functionality within this project. + +### helm + +The entire aic-helm project is obviously helm driven. All components should work with 2.0.0-rc2 or later. + +### baremetal provisioning + +The aic-helm project assumes Canonical's MaaS as the foundational bootstrap provider. We create the MaaS service inside Kubernetes for ease of deployment and upgrades. This has a few requirements for external network connectivity to provide bootstrapping noted in the maas chart README. + +### dynamic volume provisioning + +At the moment, this is not optional. We will strive to make a non-1.5.0 requirement path in all charts using an alternative persistent storage approach but that currently, all charts make the assumption that dynamic volume provisioning is supported. + +To support dynamic volume provisioning, the aic-helm project requires Kubernetes 1.5.0-beta1 in order to obtain rbd dynamic volume support. Although rbd volumes are supported in the stable v1.4 version, dynamic rbd volumes allowing PVCs are only supported in 1.5.0-beta.1 and beyond. Note that you can still use helm-2.0.0 with 1.5.0-beta.1, but you will not be able to use PetSets until the following helm [issue](https://github.com/kubernetes/helm/issues/1581) is resolved. + +This can be accomplished with a [kubeadm](http://kubernetes.io/docs/getting-started-guides/kubeadm/) based cluster install: + +``` +kubeadm init --use-kubernetes-version v1.5.0-beta.1 +``` + +Note that in addition to Kubernetes 1.5.0-beta.1, you will need to replace the kube-controller-manager container with one that supports the rbd utilities. We have made a convenient container that you can drop in as a replacement. It is an ubuntu based container with the ceph tools and the kube-controller-manager binary from the 1.5.0-beta.1 release available as a [Dockerfile](https://github.com/att-comdev/dockerfiles/tree/master/kube-controller-manager) or a quay.io image you can update in your kubeadm manifest ```/etc/kubernetes/manifests/kube-controller-manager.json``` directly with ```image: quay.io/attcomdev/kube-controller-manager``` + +The kubelet should pick up the change and restart the container. + +Finally, for the kube-controller-manager to be able to talk to the ceph-mon instances, ensure it can resolve ceph-mon.ceph (assuming you install the ceph chart into the ceph namespace). This is done by ensuring that both the baremetal host running the kubelet process and the kube-controller-manager container have the SkyDNS address and the appropriate search string in /etc/resolv.conf. This is covered in more detail in the [ceph](ceph/README.md) but a typical resolv.conf would look like this: + +``` +nameserver 10.32.0.2 ### skydns instance ip +nameserver 8.8.8.8 +nameserver 8.8.4.4 +search svc.cluster.local +``` +## QuickStart + +You can start aic-helm fairly quickly. Assuming the above requirements are met, you can install the charts in a layered approach. Today, the openstack chart is only tied to the mariadb sub-chart. We will continue to add other OpenStack components into the openstack parent chart as they are validated. + +Note that the openstack parent chart should always be used as it does some prepatory work for the openstack namespace for subcharts, such as ensuring ceph secrets are available to all subcharts. + +``` +# label all known nodes as candidates for pods +kubectl label nodes node-type=storage --all +kubectl label nodes openstack-control-plane=enabled --all + +# build aic-helm +cd aic-helm +helm serve . & +make + +# generate secrets (ceph, etc.) +export osd_cluster_network=10.32.0.0/12 +export osd_public_network=10.32.0.0/12 +cd utils/utils/generator +./generate_secrets.sh all `./generate_secrets.sh fsid` +cd ../../.. + +# install +helm install local/chef --namespace=ceph +helm install local/openstack --namespace=openstack +``` + +## Control Plane Charts + The following charts form the foundation to help establish an OpenStack control plane, including shared storage and bare metal provisioning: - [ceph](ceph/README.md) @@ -10,6 +76,17 @@ The following charts form the foundation to help establish an OpenStack control These charts, unlike the OpenStack charts below, are designed to run directly. They form the foundational layers necessary to bootstrap an environment in may run in separate namespaces. The intention is to layer them. Please see the direct links above as they become available for README instructions crafted for each chart. Please walk through each of these as some of them require build steps that should be done before running make. -The OpenStack charts under development will focus on container images leveraging the entrypoint model. This differs somewhat from the existing [openstack-helm](https://github.com/sapcc/openstack-helm) repository maintained by SAP right now although we have shamelessly "borrowed" many concepts from them. For these charts, we will be following the same region approach as openstack-helm, namely that these charts will not install and run directly. They are included in the "openstack" chart as requirements, the openstack chart is effectively an abstract region and is intended to be required by a concrete region chart. We will provide an example region chart as well as sample region specific settings and certificate generation instructions. +## Infrastructure Charts + +- [mariadb](mariadb/README.md) +- rabbitmq (in progress) +- memcached (in progress) + +## OpenStack Charts + +- keystone (in progress) + +The OpenStack charts under development will focus on container images leveraging the entrypoint model. This differs somewhat from the existing [openstack-helm](https://github.com/sapcc/openstack-helm) repository maintained by SAP right now although we have shamelessly "borrowed" many oncepts from them. For these charts, we will be following the same region approach as openstack-helm, namely that these charts will not install and run directly. They are included in the "openstack" chart as requirements, the openstack chart is effectively an abstract region and is intended to be required by a concrete region chart. We will provide an example region chart as well as sample region specific settings and certificate generation instructions. + Similar to openstack-helm, much of the 'make' complexity in this repository surrounds the fact that helm does not support directory based config maps or secrets. This will continue to be the case until (https://github.com/kubernetes/helm/issues/950) receives more attention. diff --git a/ceph/.gitignore b/ceph/.gitignore new file mode 100644 index 0000000000..ce71aabd5c --- /dev/null +++ b/ceph/.gitignore @@ -0,0 +1 @@ +secrets/* diff --git a/ceph/README.md b/ceph/README.md index 800260f50f..39dd656232 100644 --- a/ceph/README.md +++ b/ceph/README.md @@ -84,8 +84,8 @@ kubectl label nodes node-type=storage --all You will need to generate ceph keys and configuration. There is a simple to use utility that can do this quickly. Please note the generator utility (per ceph-docker) requires the sigil template framework: (https://github.com/gliderlabs/sigil) to be installed and on the current path. ``` -cd ceph/utils/generator -./generate_secrets.sh `./generate_secrets.sh fsid` +cd utils/utils/generator +./generate_secrets.sh all `./generate_secrets.sh fsid` cd ../../.. ``` diff --git a/ceph/requirements.lock b/ceph/requirements.lock new file mode 100644 index 0000000000..3029fde21c --- /dev/null +++ b/ceph/requirements.lock @@ -0,0 +1,6 @@ +dependencies: +- name: utils + repository: http://localhost:8879/charts + version: 0.1.0 +digest: sha256:9054fd53dcc5ca45243141487390640dedd7d74aa773b814da975030fcb0e902 +generated: 2016-11-23T10:08:51.239134703-08:00 diff --git a/ceph/requirements.yaml b/ceph/requirements.yaml new file mode 100644 index 0000000000..18d10d2bbd --- /dev/null +++ b/ceph/requirements.yaml @@ -0,0 +1,13 @@ +dependencies: + # - name: memcached + # repository: http://localhost:8879/charts + # version: 0.1.0 + # - name: rabbitmq + # repository: http://localhost:8879/charts + # version: 0.1.0 + # - name: keystone + # repository: http://localhost:8879/charts + # version: 0.1.0 + - name: utils + repository: http://localhost:8879/charts + version: 0.1.0 diff --git a/ceph/templates/pre-install-secret.yaml b/ceph/templates/secrets.yaml similarity index 54% rename from ceph/templates/pre-install-secret.yaml rename to ceph/templates/secrets.yaml index 6129a503b1..b20f4bfac7 100644 --- a/ceph/templates/pre-install-secret.yaml +++ b/ceph/templates/secrets.yaml @@ -1,13 +1,18 @@ --- apiVersion: v1 kind: Secret +metadata: + namespace: {{.Release.Namespace}} + name: "ceph-conf-combined-storageclass" +type: kubernetes.io/rbd +data: + key: {{ include "secrets/ceph-client-key.b64" . | quote }} +--- +apiVersion: v1 +kind: Secret metadata: namespace: {{.Release.Namespace}} name: "ceph-conf-combined" - # This declares the resource to be a hook. By convention, we also name the - # file "pre-install-XXX.yaml", but Helm itself doesn't care about file names. - annotations: - "helm.sh/hook": pre-install type: Opaque data: ceph.conf: | @@ -22,10 +27,6 @@ kind: Secret metadata: namespace: {{.Release.Namespace}} name: "ceph-bootstrap-rgw-keyring" - # This declares the resource to be a hook. By convention, we also name the - # file "pre-install-XXX.yaml", but Helm itself doesn't care about file names. - annotations: - "helm.sh/hook": pre-install type: Opaque data: ceph.keyring: | @@ -36,10 +37,6 @@ kind: Secret metadata: namespace: {{.Release.Namespace}} name: "ceph-bootstrap-mds-keyring" - # This declares the resource to be a hook. By convention, we also name the - # file "pre-install-XXX.yaml", but Helm itself doesn't care about file names. - annotations: - "helm.sh/hook": pre-install type: Opaque data: ceph.keyring: | @@ -50,10 +47,6 @@ kind: Secret metadata: namespace: {{.Release.Namespace}} name: "ceph-bootstrap-osd-keyring" - # This declares the resource to be a hook. By convention, we also name the - # file "pre-install-XXX.yaml", but Helm itself doesn't care about file names. - annotations: - "helm.sh/hook": pre-install type: Opaque data: ceph.keyring: | @@ -64,10 +57,6 @@ kind: Secret metadata: namespace: {{.Release.Namespace}} name: "ceph-client-key" - # This declares the resource to be a hook. By convention, we also name the - # file "pre-install-XXX.yaml", but Helm itself doesn't care about file names. - annotations: - "helm.sh/hook": pre-install type: Opaque data: ceph-client-key: {{ include "secrets/ceph-client-key.b64" . | quote }} diff --git a/ceph/templates/storage.yaml b/ceph/templates/storage.yaml new file mode 100644 index 0000000000..6d00770b2c --- /dev/null +++ b/ceph/templates/storage.yaml @@ -0,0 +1,14 @@ +--- +apiVersion: storage.k8s.io/v1beta1 +kind: StorageClass +metadata: + name: general +provisioner: kubernetes.io/rbd +parameters: + monitors: ceph-mon.ceph:6789 + adminId: admin + adminSecretName: ceph-conf-combined-storageclass + adminSecretNamespace: ceph + pool: rbd + userId: admin + userSecretName: ceph-client-key diff --git a/mariadb/README.md b/mariadb/README.md index 55eb3a4c3f..2ec37da2d9 100644 --- a/mariadb/README.md +++ b/mariadb/README.md @@ -1,2 +1,13 @@ -Please remember to label nodes with control_node_label from values.yaml -And remember that number of control nodes should be odd. +# aic-helm/mariadb + +By default, this chart creates a 3-member mariadb galera cluster. + +PetSets would be ideal to use for this purpose, but as they are going through a transition in 1.5.0-beta.1 and not supported by Helm 2.0.0 under their new name, StatefulSets, we have opted to leverage helms template generation ability to create Values.replicas * POD+PVC+PV resources. Essentially, we create a mariadb-0, mariadb-1, and mariadb-2 Pod and associated unique PersistentVolumeClaims for each. This removes the previous daemonset limitations in other mariadb approaches. + +You must ensure that your control nodes that should receive mariadb instances are labeled with openstack-control-plane=enabled: + +``` +kubectl label nodes openstack-control-plane=enabled --all +``` + +We will continue to refine our labeling so that it is consistent throughout the project. \ No newline at end of file diff --git a/mariadb/templates/mariadb-daemonset.yaml b/mariadb/templates/mariadb-pods.yaml similarity index 58% rename from mariadb/templates/mariadb-daemonset.yaml rename to mariadb/templates/mariadb-pods.yaml index 3dffffaef7..fe9af37674 100644 --- a/mariadb/templates/mariadb-daemonset.yaml +++ b/mariadb/templates/mariadb-pods.yaml @@ -1,42 +1,94 @@ -apiVersion: extensions/v1beta1 -kind: DaemonSet +--- +apiVersion: v1 +kind: Service metadata: - name: mariadb + name: infra-db spec: + ports: + - name: db + port: {{ .Values.network.port.mariadb }} selector: - matchLabels: - galera: enabled + app: mariadb + {{- $root := . -}} +{{ range $k, $v := until (atoi .Values.replicas) }} +--- +apiVersion: v1 +kind: Service +metadata: + name: infra-db-{{$v}} + labels: + release: {{ $root.Release.Name | quote }} + chart: "{{ $root.Chart.Name }}-{{ $root.Chart.Version }}" +spec: + ports: + - name: db + port: {{ $root.Values.network.port.mariadb }} + - name: wsrep + port: {{ $root.Values.network.port.wsrep }} + selector: + app: mariadb + server-id: "{{$v}}" +--- +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: mariadb-{{$v}} + annotations: + volume.beta.kubernetes.io/storage-class: "general" +spec: + accessModes: [ "ReadWriteOnce" ] + resources: + requests: + storage: {{ $root.Values.volume.size }} +--- +kind: Deployment +apiVersion: extensions/v1beta1 +metadata: + labels: + app: mariadb + galera: enabled + server-id: "{{$v}}" + name: mariadb-{{$v}} +spec: + replicas: 1 template: + securityContext: + runAsUser: 0 metadata: + name: mariadb-{{$v}} labels: app: mariadb galera: enabled + server-id: "{{$v}}" annotations: - pod.beta.kubernetes.io/init-containers: '[ + pod.beta.kubernetes.io/hostname: mariadb-{{$v}} + helm.sh/created: {{ $root.Release.Time.Seconds | quote }} + # alanmeadows: this soft requirement allows single + # host deployments to spawn several mariadb containers + # but in a larger environment, would attempt to spread + # them out + scheduler.alpha.kubernetes.io/affinity: > { - "name": "init", - "image": "quay.io/stackanetes/kubernetes-entrypoint:v0.1.0", - "env": [ - { - "name": "DEPENDENCY_JOBS", - "value": "mariadb-seed" - }, - { - "name": "COMMAND", - "value": "echo Done" - } - ] - } - ]' + "podAntiAffinity": { + "preferredDuringSchedulingIgnoredDuringExecution": [{ + "labelSelector": { + "matchExpressions": [{ + "key": "app", + "operator": "In", + "values":["mariadb"] + }] + }, + "topologyKey": "kubernetes.io/hostname", + "weight": 10 + }] + } + } spec: nodeSelector: - {{ .Values.deployment.control_node_label }}: enabled - # TODO(DTadrzak): it must be removed in the future - securityContext: - runAsUser: 0 + {{ $root.Values.labels.control_node_label }}: enabled containers: - - name: mariadb - image: {{ .Values.deployment.image }} + - name: mariadb-{{$v}} + image: {{ $root.Values.images.mariadb }} imagePullPolicy: Always env: - name: INTERFACE_NAME @@ -54,7 +106,8 @@ spec: - name: DEPENDENCY_CONFIG value: "/etc/my.cnf.d/wsrep.cnf" ports: - - containerPort: {{ .Values.network.port.mariadb }} + - containerPort: {{ $root.Values.network.port.mariadb }} + - containerPort: {{ $root.Values.network.port.wsrep }} readinessProbe: exec: command: @@ -95,14 +148,14 @@ spec: subPath: tuning.cnf - name: wsrep mountPath: /configmaps/wsrep.cnf - - name: mysql - mountPath: /var/lib/mysql - name: replicas mountPath: /tmp/replicas.py subPath: replicas.py - name: readiness mountPath: /mariadb-readiness.py subPath: mariadb-readiness.py + - name: mysql-data + mountPath: /var/lib/mysql volumes: - name: mycnfd emptyDir: {} @@ -145,6 +198,9 @@ spec: - name: readiness configMap: name: mariadb-readiness - - name: mysql - hostPath: - path: /var/lib/mysql-openstack-{{ .Values.database.cluster_name }} + - name: mysql-data + persistentVolumeClaim: + matchLabels: + server-id: "{{$v}}" + claimName: mariadb-{{$v}} + {{ end }} \ No newline at end of file diff --git a/mariadb/templates/mariadb-seed-job.yaml b/mariadb/templates/mariadb-seed-job.yaml index dfe026b6b0..61737a05bf 100644 --- a/mariadb/templates/mariadb-seed-job.yaml +++ b/mariadb/templates/mariadb-seed-job.yaml @@ -9,10 +9,10 @@ spec: app: mariadb spec: restartPolicy: Never - terminationGracePeriodSeconds: 10000 + terminationGracePeriodSeconds: 30 containers: - name: mariadb-init - image: {{ .Values.deployment.image }} + image: {{ .Values.images.mariadb }} imagePullPolicy: Always env: - name: INTERFACE_NAME diff --git a/mariadb/templates/replicas.py.yaml b/mariadb/templates/replicas.py.yaml index 092f90586c..c876cfd8fc 100644 --- a/mariadb/templates/replicas.py.yaml +++ b/mariadb/templates/replicas.py.yaml @@ -11,7 +11,7 @@ data: import sys import urllib2 - URL = ('https://kubernetes.default.svc.{{ .Values.network.dns.kubernetes_domain }}/apis/extensions/v1beta1/daemonsets') + URL = ('https://kubernetes.default.svc.{{ .Values.network.dns.kubernetes_domain }}/apis/extensions/v1beta1/deployments') TOKEN_FILE = '/var/run/secrets/kubernetes.io/serviceaccount/token' def create_ctx(): @@ -20,7 +20,7 @@ data: ctx.verify_mode = ssl.CERT_NONE return ctx - def get_daemonsets(): + def get_deployments(): url = URL.format() try: token = file(TOKEN_FILE, 'r').read() @@ -36,11 +36,11 @@ data: return output def main(): - reply = get_daemonsets() + reply = get_deployments() name = "mariadb" namespace = "default" if not os.environ["NAMESPACE"] else os.environ["NAMESPACE"] - mariadb = filter(lambda d: d["metadata"]["namespace"] == namespace and d["metadata"]["name"] == name, reply["items"]) - print mariadb[0]["status"]['desiredNumberScheduled'] + mariadb = filter(lambda d: d["metadata"]["namespace"] == namespace and d["metadata"]["name"].startswith(name), reply["items"]) + print len(mariadb) if __name__ == "__main__": main() diff --git a/mariadb/values.yaml b/mariadb/values.yaml index dd624dedb8..80bb777027 100644 --- a/mariadb/values.yaml +++ b/mariadb/values.yaml @@ -1,5 +1,10 @@ -deployment: - image: quay.io/stackanetes/stackanetes-mariadb:newton +replicas: "3" # this must be quoted to deal with atoi +images: + mariadb: quay.io/stackanetes/stackanetes-mariadb:newton + ceph_rbd_job: quay.io/attcomdev/ceph-daemon:latest +volume: + size: 20Gi +labels: control_node_label: openstack-control-plane network: port: diff --git a/openstack/.helmignore b/openstack/.helmignore new file mode 100644 index 0000000000..302b9211d4 --- /dev/null +++ b/openstack/.helmignore @@ -0,0 +1,27 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj + +bin/ +etc/ +patches/ +*.py +Makefile \ No newline at end of file diff --git a/openstack/Chart.yaml b/openstack/Chart.yaml new file mode 100755 index 0000000000..2bc60c01ea --- /dev/null +++ b/openstack/Chart.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +description: A Helm chart for Kubernetes +name: openstack +version: 0.1.0 diff --git a/ceph/Makefile b/openstack/Makefile similarity index 100% rename from ceph/Makefile rename to openstack/Makefile diff --git a/openstack/requirements.lock b/openstack/requirements.lock new file mode 100644 index 0000000000..bd70792e0a --- /dev/null +++ b/openstack/requirements.lock @@ -0,0 +1,6 @@ +dependencies: +- name: mariadb + repository: http://localhost:8879/charts + version: 0.1.0 +digest: sha256:4a2c3cbe5841ba5b4cefeb9b9929b5ebf52d7779b279a45c9f1bb229b1e358da +generated: 2016-11-23T10:08:51.688995889-08:00 diff --git a/openstack/requirements.yaml b/openstack/requirements.yaml new file mode 100644 index 0000000000..6ae507ab84 --- /dev/null +++ b/openstack/requirements.yaml @@ -0,0 +1,13 @@ +dependencies: + # - name: memcached + # repository: http://localhost:8879/charts + # version: 0.1.0 + # - name: rabbitmq + # repository: http://localhost:8879/charts + # version: 0.1.0 + # - name: keystone + # repository: http://localhost:8879/charts + # version: 0.1.0 + - name: mariadb + repository: http://localhost:8879/charts + version: 0.1.0 diff --git a/openstack/templates/secrets.yaml b/openstack/templates/secrets.yaml new file mode 100644 index 0000000000..9344d9ea81 --- /dev/null +++ b/openstack/templates/secrets.yaml @@ -0,0 +1,9 @@ +--- +apiVersion: v1 +kind: Secret +metadata: + namespace: {{.Release.Namespace}} + name: "ceph-client-key" +type: kubernetes.io/rbd +data: + key: {{ include "secrets/ceph-client-key.b64" . | quote }} \ No newline at end of file diff --git a/openstack/values.yaml b/openstack/values.yaml new file mode 100644 index 0000000000..3721b6b934 --- /dev/null +++ b/openstack/values.yaml @@ -0,0 +1,14 @@ +# Default values for openstack. +# This is a YAML-formatted file. +# Declare name/value pairs to be passed into your templates. +# name: value + +global: + # (alanmeadows) NOTE: these two items are not easily changeable yet + region: cluster + tld: local + images: + ceph_rbd_job: quay.io/attcomdev/ceph-daemon:latest + + labels: + control_node_label: openstack-control-plane diff --git a/utils/.gitignore b/utils/.gitignore new file mode 100644 index 0000000000..ce71aabd5c --- /dev/null +++ b/utils/.gitignore @@ -0,0 +1 @@ +secrets/* diff --git a/utils/.helmignore b/utils/.helmignore new file mode 100644 index 0000000000..e8ef5ffab2 --- /dev/null +++ b/utils/.helmignore @@ -0,0 +1,27 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj + +bin/ +etc/ +patches/ +*.py +Makefile diff --git a/utils/Chart.yaml b/utils/Chart.yaml new file mode 100755 index 0000000000..05cb820d15 --- /dev/null +++ b/utils/Chart.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +description: A Helm chart for Kubernetes +name: utils +version: 0.1.0 diff --git a/utils/Makefile b/utils/Makefile new file mode 100644 index 0000000000..4320386501 --- /dev/null +++ b/utils/Makefile @@ -0,0 +1,7 @@ +EXCLUDE := templates/* charts/* Chart.yaml requirement* values.yaml Makefile utils/* +FILES := $(shell find * -type f $(foreach e,$(EXCLUDE), -not -path "$(e)") ) + +templates/_partials.tpl: Makefile $(FILES) + echo Generating $(CURDIR)/$@ + rm -f $@ + for i in $(FILES); do printf '{{ define "'$$i'" }}' >> $@; cat $$i >> $@; printf "{{ end }}\n" >> $@; done diff --git a/utils/templates/_common.sh b/utils/templates/_common.sh new file mode 100644 index 0000000000..26cbf8843e --- /dev/null +++ b/utils/templates/_common.sh @@ -0,0 +1,22 @@ +{{define "common.sh"}} +#!/usr/bin/env bash + + +function start_application { + +if [ "$DEBUG_CONTAINER" = "true" ] +then + tail -f /dev/null +else + _start_application +fi + +} + +CLUSTER_SCRIPT_PATH=/openstack-kube/openstack-kube/scripts +CLUSTER_CONFIG_PATH=/openstack-kube/openstack-kube/etc + +export MY_IP=$(ip route get 1 | awk '{print $NF;exit}') + + +{{end}} \ No newline at end of file diff --git a/utils/templates/_hosts.tpl b/utils/templates/_hosts.tpl new file mode 100644 index 0000000000..33af01367c --- /dev/null +++ b/utils/templates/_hosts.tpl @@ -0,0 +1,9 @@ +{{define "rabbitmq_host"}}rabbitmq.{{.Release.Namespace}}.svc.{{.Values.global.region}}.{{.Values.global.tld}}{{end}} +{{define "memcached_host"}}memcached.{{.Release.Namespace}}.svc.{{.Values.global.region}}.{{.Values.global.tld}}{{end}} +{{define "infra-db"}}infra-db.{{.Release.Namespace}}.svc.kubernetes.{{.Values.global.region}}.{{.Values.global.tld}}{{end}} + +{{define "keystone_db_host"}}infra-db.{{.Release.Namespace}}.svc.{{.Values.global.region}}.{{.Values.global.tld}}{{end}} +{{define "keystone_api_endpoint_host_admin"}}keystone.{{.Release.Namespace}}.svc.{{.Values.global.region}}.{{.Values.global.tld}}{{end}} +{{define "keystone_api_endpoint_host_internal"}}keystone.{{.Release.Namespace}}.svc.{{.Values.global.region}}.{{.Values.global.tld}}{{end}} +{{define "keystone_api_endpoint_host_public"}}identity-3.{{.Values.global.region}}.{{.Values.global.tld}}{{end}} +{{define "keystone_api_endpoint_host_admin_ext"}}identity-admin-3.{{.Values.global.region}}.{{.Values.global.tld}}{{end}} diff --git a/ceph/utils/generator/README.md b/utils/utils/secret-generator/README.md similarity index 100% rename from ceph/utils/generator/README.md rename to utils/utils/secret-generator/README.md diff --git a/ceph/utils/generator/ceph-key.py b/utils/utils/secret-generator/ceph-key.py similarity index 100% rename from ceph/utils/generator/ceph-key.py rename to utils/utils/secret-generator/ceph-key.py diff --git a/ceph/utils/generator/generate_secrets.sh b/utils/utils/secret-generator/generate_secrets.sh similarity index 100% rename from ceph/utils/generator/generate_secrets.sh rename to utils/utils/secret-generator/generate_secrets.sh diff --git a/ceph/utils/generator/templates/ceph/admin.keyring.tmpl b/utils/utils/secret-generator/templates/ceph/admin.keyring.tmpl similarity index 100% rename from ceph/utils/generator/templates/ceph/admin.keyring.tmpl rename to utils/utils/secret-generator/templates/ceph/admin.keyring.tmpl diff --git a/ceph/utils/generator/templates/ceph/bootstrap.keyring.tmpl b/utils/utils/secret-generator/templates/ceph/bootstrap.keyring.tmpl similarity index 100% rename from ceph/utils/generator/templates/ceph/bootstrap.keyring.tmpl rename to utils/utils/secret-generator/templates/ceph/bootstrap.keyring.tmpl diff --git a/ceph/utils/generator/templates/ceph/ceph.conf.tmpl b/utils/utils/secret-generator/templates/ceph/ceph.conf.tmpl similarity index 100% rename from ceph/utils/generator/templates/ceph/ceph.conf.tmpl rename to utils/utils/secret-generator/templates/ceph/ceph.conf.tmpl diff --git a/ceph/utils/generator/templates/ceph/mon.keyring.tmpl b/utils/utils/secret-generator/templates/ceph/mon.keyring.tmpl similarity index 100% rename from ceph/utils/generator/templates/ceph/mon.keyring.tmpl rename to utils/utils/secret-generator/templates/ceph/mon.keyring.tmpl diff --git a/ceph/utils/test/ceph-rbd-test.yaml b/utils/utils/test/ceph-rbd-test.yaml similarity index 100% rename from ceph/utils/test/ceph-rbd-test.yaml rename to utils/utils/test/ceph-rbd-test.yaml diff --git a/utils/values.yaml b/utils/values.yaml new file mode 100644 index 0000000000..6b9b662a78 --- /dev/null +++ b/utils/values.yaml @@ -0,0 +1,4 @@ +# Default values for utils. +# This is a YAML-formatted file. +# Declare name/value pairs to be passed into your templates. +# name: value