From 5802a9c03291dc95572f1e829d1097d05a7c16cc Mon Sep 17 00:00:00 2001 From: "xuxant02@gmail.com" Date: Wed, 29 Sep 2021 16:31:40 +0545 Subject: [PATCH] Add Masakari Initial Chart for masakari Change-Id: Iac5f6ae2bbe9d19d21aaaf9f638bf6d566dbe26f --- masakari/.helmignore | 23 + masakari/Chart.yaml | 25 + masakari/requirements.yaml | 16 + masakari/templates/bin/_manage-db.sh.tpl | 19 + masakari/templates/bin/_masakari-api.sh.tpl | 28 + .../templates/bin/_masakari-engine.sh.tpl | 29 + .../bin/_masakari-host-monitor.sh.tpl | 29 + .../bin/_masakari-instance-monitor.sh.tpl | 29 + .../bin/_masakari-monitors-init.sh.tpl | 23 + .../bin/_masakari-process-monitor.sh.tpl | 29 + masakari/templates/configmap-bin.yaml | 50 ++ masakari/templates/configmap-etc.yaml | 139 ++++ .../templates/daemonset-host-monitor.yaml | 131 ++++ .../templates/daemonset-instance-monitor.yaml | 131 ++++ .../templates/daemonset-process-monitor.yaml | 131 ++++ masakari/templates/deployment-api.yaml | 114 ++++ masakari/templates/deployment-engine.yaml | 98 +++ masakari/templates/job-db-drop.yaml | 19 + masakari/templates/job-db-init.yaml | 18 + masakari/templates/job-db-sync.yaml | 72 +++ masakari/templates/job-ks-endpoints.yaml | 18 + masakari/templates/job-ks-service.yaml | 18 + masakari/templates/job-ks-user.yaml | 18 + masakari/templates/job-rabbitmq-init.yaml | 18 + masakari/templates/pbd-api.yaml | 27 + masakari/templates/secret-db.yaml | 33 + masakari/templates/secret-keystone.yaml | 28 + masakari/templates/secret_rabbitmq.yaml | 33 + masakari/templates/service-api.yaml | 37 ++ masakari/values.yaml | 591 ++++++++++++++++++ releasenotes/notes/masakari.yaml | 4 + 31 files changed, 1978 insertions(+) create mode 100644 masakari/.helmignore create mode 100644 masakari/Chart.yaml create mode 100644 masakari/requirements.yaml create mode 100644 masakari/templates/bin/_manage-db.sh.tpl create mode 100644 masakari/templates/bin/_masakari-api.sh.tpl create mode 100644 masakari/templates/bin/_masakari-engine.sh.tpl create mode 100644 masakari/templates/bin/_masakari-host-monitor.sh.tpl create mode 100644 masakari/templates/bin/_masakari-instance-monitor.sh.tpl create mode 100644 masakari/templates/bin/_masakari-monitors-init.sh.tpl create mode 100644 masakari/templates/bin/_masakari-process-monitor.sh.tpl create mode 100644 masakari/templates/configmap-bin.yaml create mode 100644 masakari/templates/configmap-etc.yaml create mode 100644 masakari/templates/daemonset-host-monitor.yaml create mode 100644 masakari/templates/daemonset-instance-monitor.yaml create mode 100644 masakari/templates/daemonset-process-monitor.yaml create mode 100644 masakari/templates/deployment-api.yaml create mode 100644 masakari/templates/deployment-engine.yaml create mode 100644 masakari/templates/job-db-drop.yaml create mode 100644 masakari/templates/job-db-init.yaml create mode 100644 masakari/templates/job-db-sync.yaml create mode 100644 masakari/templates/job-ks-endpoints.yaml create mode 100644 masakari/templates/job-ks-service.yaml create mode 100644 masakari/templates/job-ks-user.yaml create mode 100644 masakari/templates/job-rabbitmq-init.yaml create mode 100644 masakari/templates/pbd-api.yaml create mode 100644 masakari/templates/secret-db.yaml create mode 100644 masakari/templates/secret-keystone.yaml create mode 100644 masakari/templates/secret_rabbitmq.yaml create mode 100644 masakari/templates/service-api.yaml create mode 100644 masakari/values.yaml create mode 100644 releasenotes/notes/masakari.yaml diff --git a/masakari/.helmignore b/masakari/.helmignore new file mode 100644 index 0000000000..0e8a0eb36f --- /dev/null +++ b/masakari/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/masakari/Chart.yaml b/masakari/Chart.yaml new file mode 100644 index 0000000000..3fed149f23 --- /dev/null +++ b/masakari/Chart.yaml @@ -0,0 +1,25 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +appVersion: v1.0.0 +description: OpenStack-Helm Masakari +name: masakari +version: 0.1.0 +home: https://docs.openstack.org/developer/masakari +icon: https://www.openstack.org/themes/openstack/images/project-mascots/Masakari/OpenStack_Project_masakari_vertical.png +sources: + - https://opendev.org/openstack/masakari + - https://opendev.org/openstack/masakari-monitors + - https://opendev.org/openstack/openstack-helm +maintainers: + - name: OpenStack-Helm Authors diff --git a/masakari/requirements.yaml b/masakari/requirements.yaml new file mode 100644 index 0000000000..4124d0145d --- /dev/null +++ b/masakari/requirements.yaml @@ -0,0 +1,16 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: helm-toolkit + repository: file://../../openstack-helm-infra/helm-toolkit + version: ">= 0.1.0" diff --git a/masakari/templates/bin/_manage-db.sh.tpl b/masakari/templates/bin/_manage-db.sh.tpl new file mode 100644 index 0000000000..460f3be88c --- /dev/null +++ b/masakari/templates/bin/_manage-db.sh.tpl @@ -0,0 +1,19 @@ +#!/bin/bash + +{{/* +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +exec -ex + +masakari-manage db sync \ No newline at end of file diff --git a/masakari/templates/bin/_masakari-api.sh.tpl b/masakari/templates/bin/_masakari-api.sh.tpl new file mode 100644 index 0000000000..0bc4e6fcd1 --- /dev/null +++ b/masakari/templates/bin/_masakari-api.sh.tpl @@ -0,0 +1,28 @@ +#!/bin/bash + +{{/* +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +set -ex +COMMAND="${@:-start}" + +function start () { + exec masakari-api --config-file /etc/masakari/masakari.conf +} + +function stop () { + kill -TERM 1 +} + +$COMMAND \ No newline at end of file diff --git a/masakari/templates/bin/_masakari-engine.sh.tpl b/masakari/templates/bin/_masakari-engine.sh.tpl new file mode 100644 index 0000000000..adb2e74ff3 --- /dev/null +++ b/masakari/templates/bin/_masakari-engine.sh.tpl @@ -0,0 +1,29 @@ +#!/bin/bash + +{{/* +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +set -ex + +COMMAND="${@:-start}" + +function start () { + exec masakari-engine --config-file /etc/masakari/masakari.conf +} + +function stop () { + kill -TERM 1 +} + +$COMMAND \ No newline at end of file diff --git a/masakari/templates/bin/_masakari-host-monitor.sh.tpl b/masakari/templates/bin/_masakari-host-monitor.sh.tpl new file mode 100644 index 0000000000..676e5a23fe --- /dev/null +++ b/masakari/templates/bin/_masakari-host-monitor.sh.tpl @@ -0,0 +1,29 @@ +#!/bin/bash + +{{/* +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +set -ex +COMMAND="${@:-start}" + +function start () { + exec masakari-hostmonitor --config-file /etc/masakari/masakarimonitors.conf \ + --config-file /tmp/pod-shared/masakarimonitors.conf +} + +function stop () { + kill -TERM 1 +} + +$COMMAND diff --git a/masakari/templates/bin/_masakari-instance-monitor.sh.tpl b/masakari/templates/bin/_masakari-instance-monitor.sh.tpl new file mode 100644 index 0000000000..07ad72ae2d --- /dev/null +++ b/masakari/templates/bin/_masakari-instance-monitor.sh.tpl @@ -0,0 +1,29 @@ +#!/bin/bash + +{{/* +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +set -ex +COMMAND="${@:-start}" + +function start () { + exec masakari-instancemonitor --config-file /etc/masakari/masakarimonitors.conf \ + --config-file /tmp/pod-shared/masakarimonitors.conf +} + +function stop () { + kill -TERM 1 +} + +$COMMAND diff --git a/masakari/templates/bin/_masakari-monitors-init.sh.tpl b/masakari/templates/bin/_masakari-monitors-init.sh.tpl new file mode 100644 index 0000000000..f0e1b88be6 --- /dev/null +++ b/masakari/templates/bin/_masakari-monitors-init.sh.tpl @@ -0,0 +1,23 @@ +#!/bin/bash + +{{/* +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +set -ex + +nova_compute_hostname="$COMPUTE_NODE_NAME" +cat </tmp/pod-shared/masakarimonitors.conf +[DEFAULT] +hostname=$nova_compute_hostname +EOF \ No newline at end of file diff --git a/masakari/templates/bin/_masakari-process-monitor.sh.tpl b/masakari/templates/bin/_masakari-process-monitor.sh.tpl new file mode 100644 index 0000000000..59d52870b9 --- /dev/null +++ b/masakari/templates/bin/_masakari-process-monitor.sh.tpl @@ -0,0 +1,29 @@ +#!/bin/bash + +{{/* +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +set -ex +COMMAND="${@:-start}" + +function start () { + exec masakari-processmonitor --config-file /etc/masakari/masakarimonitors.conf \ + --config-file /tmp/pod-shared/masakarimonitors.conf +} + +function stop () { + kill -TERM 1 +} + +$COMMAND diff --git a/masakari/templates/configmap-bin.yaml b/masakari/templates/configmap-bin.yaml new file mode 100644 index 0000000000..9b5cad177c --- /dev/null +++ b/masakari/templates/configmap-bin.yaml @@ -0,0 +1,50 @@ +{{/* +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if .Values.manifests.configmap_bin }} +{{- $envAll := . }} +{{- $rallyTests := .Values.conf.rally_tests }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: masakari-bin +data: + masakari-engine.sh: | +{{ tuple "bin/_masakari-engine.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} + masakari-api.sh: | +{{ tuple "bin/_masakari-api.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} + db-init.py: | +{{- include "helm-toolkit.scripts.db_init" . | indent 4 }} + manage-db.sh: | +{{ tuple "bin/_manage-db.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} + db-drop.py: | +{{- include "helm-toolkit.scripts.db_drop" . | indent 4 }} + ks-user.sh: | +{{- include "helm-toolkit.scripts.keystone_user" . | indent 4 }} + ks-service.sh: | +{{- include "helm-toolkit.scripts.keystone_service" . | indent 4 }} + ks-endpoints.sh: | +{{- include "helm-toolkit.scripts.keystone_endpoints" . | indent 4 }} + rabbit-init.sh: | +{{- include "helm-toolkit.scripts.rabbit_init" . | indent 4 }} + masakari-host-monitor.sh: | +{{ tuple "bin/_masakari-host-monitor.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} + masakari-process-monitor.sh: | +{{ tuple "bin/_masakari-process-monitor.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} + masakari-instance-monitor.sh: | +{{ tuple "bin/_masakari-instance-monitor.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} + masakari-monitors-init.sh: | +{{ tuple "bin/_masakari-monitors-init.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} +{{- end }} diff --git a/masakari/templates/configmap-etc.yaml b/masakari/templates/configmap-etc.yaml new file mode 100644 index 0000000000..3c10e34e9a --- /dev/null +++ b/masakari/templates/configmap-etc.yaml @@ -0,0 +1,139 @@ +{{/* +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- define "masakari.configmap.etc" }} +{{- $configMapName := index . 0 }} +{{- $envAll := index . 1 }} +{{- with $envAll }} + +{{- if empty .Values.conf.masakari.keystone_authtoken.auth_url -}} +{{- $_ := tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | set .Values.conf.masakari.keystone_authtoken "auth_url" -}} +{{- end -}} + +{{- if empty .Values.conf.masakari.keystone_authtoken.region_name -}} +{{- $_ := set .Values.conf.masakari.keystone_authtoken "region_name" .Values.endpoints.identity.auth.masakari.region_name -}} +{{- end -}} +{{- if empty .Values.conf.masakari.keystone_authtoken.project_name -}} +{{- $_ := set .Values.conf.masakari.keystone_authtoken "project_name" .Values.endpoints.identity.auth.masakari.project_name -}} +{{- end -}} +{{- if empty .Values.conf.masakari.keystone_authtoken.project_domain_name -}} +{{- $_ := set .Values.conf.masakari.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.masakari.project_domain_name -}} +{{- end -}} +{{- if empty .Values.conf.masakari.keystone_authtoken.user_domain_name -}} +{{- $_ := set .Values.conf.masakari.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.masakari.user_domain_name -}} +{{- end -}} +{{- if empty .Values.conf.masakari.keystone_authtoken.username -}} +{{- $_ := set .Values.conf.masakari.keystone_authtoken "username" .Values.endpoints.identity.auth.masakari.username -}} +{{- end -}} +{{- if empty .Values.conf.masakari.keystone_authtoken.password -}} +{{- $_ := set .Values.conf.masakari.keystone_authtoken "password" .Values.endpoints.identity.auth.masakari.password -}} +{{- end -}} + +{{- if empty .Values.conf.masakari.keystone_authtoken.memcached_servers -}} +{{- $_ := tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.masakari.keystone_authtoken "memcached_servers" -}} +{{- end -}} +{{- if empty .Values.conf.masakari.keystone_authtoken.memcache_secret_key -}} +{{- $_ := set .Values.conf.masakari.keystone_authtoken "memcache_secret_key" ( default ( randAlphaNum 64 ) .Values.endpoints.oslo_cache.auth.memcache_secret_key ) -}} +{{- end -}} + +{{- if empty .Values.conf.masakari.database.connection -}} +{{- $connection := tuple "oslo_db" "internal" "masakari" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" -}} +{{- if .Values.manifests.certificates -}} +{{- $_ := (printf "%s?charset=utf8&ssl_ca=/etc/mysql/certs/ca.crt&ssl_key=/etc/mysql/certs/tls.key&ssl_cert=/etc/mysql/certs/tls.crt&ssl_verify_cert" $connection ) | set .Values.conf.masakari.database "connection" -}} +{{- else -}} +{{- $_ := set .Values.conf.masakari.database "connection" $connection -}} +{{- end -}} +{{- end -}} + +{{- if empty .Values.conf.masakari.DEFAULT.transport_url -}} +{{- $_ := tuple "oslo_messaging" "internal" "masakari" "amqp" . | include "helm-toolkit.endpoints.authenticated_transport_endpoint_uri_lookup" | set .Values.conf.masakari.DEFAULT "transport_url" -}} +{{- end -}} + +{{- if empty .Values.conf.masakari.DEFAULT.os_privileged_user_name -}} +{{- $_ := set .Values.conf.masakari.DEFAULT "os_privileged_user_name" .Values.endpoints.identity.auth.masakari.username }} +{{- end -}} +{{- if empty .Values.conf.masakari.DEFAULT.os_privileged_user_password -}} +{{- $_ := set .Values.conf.masakari.DEFAULT "os_privileged_user_password" .Values.endpoints.identity.auth.masakari.password }} +{{- end -}} +{{- if empty .Values.conf.masakari.DEFAULT.os_privileged_user_auth_url -}} +{{- $_ := tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | set .Values.conf.masakari.DEFAULT "os_privileged_user_auth_url" }} +{{- end -}} +{{- if empty .Values.conf.masakari.DEFAULT.os_privileged_user_tenant -}} +{{- $_ := set .Values.conf.masakari.DEFAULT "os_privileged_user_tenant" .Values.endpoints.identity.auth.masakari.project_name }} +{{- end -}} + +{{- if empty .Values.conf.masakari.DEFAULT.os_region_name -}} +{{- $_ := set .Values.conf.masakari.DEFAULT "os_region_name" .Values.endpoints.identity.auth.masakari.region_name }} +{{- end -}} + +{{- if empty .Values.conf.masakari.DEFAULT.os_user_domain_name -}} +{{- $_ := set .Values.conf.masakari.DEFAULT "os_user_domain_name" .Values.endpoints.identity.auth.masakari.user_domain_name }} +{{- end -}} + +{{- if empty .Values.conf.masakari.DEFAULT.os_project_domain_name -}} +{{- $_ := set .Values.conf.masakari.DEFAULT "os_project_domain_name" .Values.endpoints.identity.auth.masakari.user_domain_name }} +{{- end -}} + +{{- if empty .Values.conf.masakarimonitors.api.region -}} +{{- $_ := set .Values.conf.masakarimonitors.api "region" .Values.endpoints.identity.auth.masakari.region_name -}} +{{- end -}} + +{{- if empty .Values.conf.masakarimonitors.api.auth_url -}} +{{- $_ := tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | set .Values.conf.masakarimonitors.api "auth_url" }} +{{- end -}} + +{{- if empty .Values.conf.masakarimonitors.api.project_name -}} +{{- $_ := set .Values.conf.masakarimonitors.api "project_name" .Values.endpoints.identity.auth.masakari.project_name }} +{{- end -}} + +{{- if empty .Values.conf.masakarimonitors.api.project_domain_name -}} +{{- $_ := set .Values.conf.masakarimonitors.api "project_domain_name" .Values.endpoints.identity.auth.masakari.project_name }} +{{- end -}} + +{{- if empty .Values.conf.masakarimonitors.api.username -}} +{{- $_ := set .Values.conf.masakarimonitors.api "username" .Values.endpoints.identity.auth.masakari.username }} +{{- end -}} + +{{- if empty .Values.conf.masakarimonitors.api.user_domain_name -}} +{{- $_ := set .Values.conf.masakarimonitors.api "user_domain_name" .Values.endpoints.identity.auth.masakari.user_domain_name }} +{{- end -}} + +{{- if empty .Values.conf.masakarimonitors.api.password -}} +{{- $_ := set .Values.conf.masakarimonitors.api "password" .Values.endpoints.identity.auth.masakari.password }} +{{- end -}} + +{{- if empty .Values.conf.masakari.taskflow.connection -}} +{{- $connection := tuple "oslo_db" "internal" "masakari" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" -}} +{{- if .Values.manifests.certificates -}} +{{- $_ := (printf "%s?charset=utf8&ssl_ca=/etc/mysql/certs/ca.crt&ssl_key=/etc/mysql/certs/tls.key&ssl_cert=/etc/mysql/certs/tls.crt&ssl_verify_cert" $connection ) | set .Values.conf.masakari.database "connection" -}} +{{- else -}} +{{- $_ := set .Values.conf.masakari.taskflow "connection" $connection -}} +{{- end -}} +{{- end -}} + +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ $configMapName }} +type: Opaque +data: + masakari.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.masakari | b64enc }} + api-paste.ini: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.paste | b64enc }} + masakarimonitors.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.masakarimonitors | b64enc }} +{{- end }} +{{- end }} +{{- if .Values.manifests.configmap_etc }} +{{- list "masakari-etc" . | include "masakari.configmap.etc" }} +{{- end }} diff --git a/masakari/templates/daemonset-host-monitor.yaml b/masakari/templates/daemonset-host-monitor.yaml new file mode 100644 index 0000000000..272916a9ae --- /dev/null +++ b/masakari/templates/daemonset-host-monitor.yaml @@ -0,0 +1,131 @@ +{{/* +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if .Values.manifests.host_monitor }} +{{- $envAll := . }} +{{- $daemonset := "masakari-host-monitor" }} + +{{- $mounts_masakari_host_monitor := .Values.pod.mounts.masakari_host_monitor.masakari_host_monitor }} +{{- $mounts_masakari_host_monitor_init := .Values.pod.mounts.masakari_host_monitor.init_container }} + +{{- $serviceAccountName := "masakari-host-monitor" }} +{{- tuple $envAll "masakari_host_monitor" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +--- +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: masakari-host-monitor + annotations: + {{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }} + labels: +{{ tuple $envAll .Chart.Name $daemonset | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }} +spec: + selector: + matchLabels: +{{ tuple $envAll .Chart.Name $daemonset | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }} +{{ tuple $envAll $daemonset | include "helm-toolkit.snippets.kubernetes_upgrades_daemonset" | indent 2 }} + template: + metadata: + labels: +{{ tuple $envAll .Chart.Name $daemonset | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }} + annotations: +{{- dict "envAll" $envAll "podName" "masakari-host-monitor" "containerNames" (list "masakari-monitor") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }} +{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }} + configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }} + configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }} + spec: +{{ dict "envAll" $envAll "application" "masakari-host-monitor" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }} + serviceAccountName: {{ $serviceAccountName }} + nodeSelector: + {{ .Values.labels.masakari.node_selector_key }}: {{ .Values.labels.masakari.node_selector_value }} + initContainers: +{{ tuple $envAll "masakari_host_monitor" $mounts_masakari_host_monitor_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} + - name: hostmonitor-init +{{ tuple $envAll "masakari_host_monitor" | include "helm-toolkit.snippets.image" | indent 10 }} +{{ tuple $envAll $envAll.Values.pod.resources.masakari_host_monitor | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }} +{{ dict "envAll" $envAll "application" "masakari" "container" "masakari_host_monitor" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }} + command: + - /tmp/masakari-monitors-init.sh + env: + - name: COMPUTE_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + volumeMounts: + - name: pod-tmp + mountPath: /tmp + - name: pod-shared + mountPath: /tmp/pod-shared + - name: masakari-bin + mountPath: /tmp/masakari-monitors-init.sh + subPath: masakari-monitors-init.sh + readOnly: true + containers: + - name: masakari-host-monitor +{{ tuple $envAll "masakari_host_monitor" | include "helm-toolkit.snippets.image" | indent 10 }} +{{ tuple $envAll $envAll.Values.pod.resources.masakari_host_monitor | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }} +{{ dict "envAll" $envAll "application" "masakari" "container" "masakari_host_monitor" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }} + command: + - /tmp/masakari-host-monitor.sh + - start + env: + - name: COMPUTE_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + lifecycle: + preStop: + exec: + command: + - /tmp/masakari-host-monitor.sh + - stop + volumeMounts: + - name: pod-tmp + mountPath: /tmp + - name: pod-shared + mountPath: /tmp/pod-shared + - name: masakari-bin + mountPath: /tmp/masakari-host-monitor.sh + subPath: masakari-host-monitor.sh + - name: masakari-etc + mountPath: /etc/masakari/masakarimonitors.conf + subPath: masakarimonitors.conf + - name: masakarietc + mountPath: /etc/masakari + - name: varrun + mountPath: /var/run + - name: run + mountPath: /run + volumes: + - name: pod-tmp + emptyDir: {} + - name: pod-shared + emptyDir: {} + - name: masakarietc + emptyDir: {} + - name: varrun + hostPath: + path: /var/run + - name: run + hostPath: + path: /run + - name: masakari-bin + configMap: + name: masakari-bin + defaultMode: 0555 + - name: masakari-etc + secret: + secretName: masakari-etc + defaultMode: 0444 +{{- end }} diff --git a/masakari/templates/daemonset-instance-monitor.yaml b/masakari/templates/daemonset-instance-monitor.yaml new file mode 100644 index 0000000000..6327e9de5e --- /dev/null +++ b/masakari/templates/daemonset-instance-monitor.yaml @@ -0,0 +1,131 @@ +{{/* +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if .Values.manifests.instance_monitor }} +{{- $envAll := . }} +{{- $daemonset := "masakari-instance-monitor" }} + +{{- $mounts_masakari_instance_monitor := .Values.pod.mounts.masakari_instance_monitor.masakari_instance_monitor }} +{{- $mounts_masakari_instance_monitor_init := .Values.pod.mounts.masakari_instance_monitor.init_container }} + +{{- $serviceAccountName := "masakari-instance-monitor" }} +{{- tuple $envAll "masakari_instance_monitor" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +--- +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: masakari-instance-monitor + annotations: + {{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }} + labels: +{{ tuple $envAll .Chart.Name $daemonset | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }} +spec: + selector: + matchLabels: +{{ tuple $envAll .Chart.Name $daemonset | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }} +{{ tuple $envAll $daemonset | include "helm-toolkit.snippets.kubernetes_upgrades_daemonset" | indent 2 }} + template: + metadata: + labels: +{{ tuple $envAll .Chart.Name $daemonset | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }} + annotations: +{{- dict "envAll" $envAll "podName" "masakari-instance-monitor" "containerNames" (list "masakari-monitor") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }} +{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }} + configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }} + configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }} + spec: +{{ dict "envAll" $envAll "application" "masakari-instance-monitor" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }} + serviceAccountName: {{ $serviceAccountName }} + nodeSelector: + {{ .Values.labels.masakari.node_selector_key }}: {{ .Values.labels.masakari.node_selector_value }} + initContainers: +{{ tuple $envAll "masakari_instance_monitor" $mounts_masakari_instance_monitor_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} + - name: instancemonitor-init +{{ tuple $envAll "masakari_instance_monitor" | include "helm-toolkit.snippets.image" | indent 10 }} +{{ tuple $envAll $envAll.Values.pod.resources.masakari_instance_monitor | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }} +{{ dict "envAll" $envAll "application" "masakari" "container" "masakari_instance_monitor" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }} + command: + - /tmp/masakari-monitors-init.sh + env: + - name: COMPUTE_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + volumeMounts: + - name: pod-tmp + mountPath: /tmp + - name: pod-shared + mountPath: /tmp/pod-shared + - name: masakari-bin + mountPath: /tmp/masakari-monitors-init.sh + subPath: masakari-monitors-init.sh + readOnly: true + containers: + - name: masakari-instance-monitor +{{ tuple $envAll "masakari_instance_monitor" | include "helm-toolkit.snippets.image" | indent 10 }} +{{ tuple $envAll $envAll.Values.pod.resources.masakari_instance_monitor | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }} +{{ dict "envAll" $envAll "application" "masakari" "container" "masakari_instance_monitor" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }} + command: + - /tmp/masakari-instance-monitor.sh + - start + env: + - name: COMPUTE_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + lifecycle: + preStop: + exec: + command: + - /tmp/masakari-instance-monitor.sh + - stop + volumeMounts: + - name: pod-tmp + mountPath: /tmp + - name: pod-shared + mountPath: /tmp/pod-shared + - name: masakari-bin + mountPath: /tmp/masakari-instance-monitor.sh + subPath: masakari-instance-monitor.sh + - name: masakari-etc + mountPath: /etc/masakari/masakarimonitors.conf + subPath: masakarimonitors.conf + - name: masakarietc + mountPath: /etc/masakari + - name: varrun + mountPath: /var/run + - name: run + mountPath: /run + volumes: + - name: pod-tmp + emptyDir: {} + - name: pod-shared + emptyDir: {} + - name: masakarietc + emptyDir: {} + - name: varrun + hostPath: + path: /var/run + - name: run + hostPath: + path: /run + - name: masakari-bin + configMap: + name: masakari-bin + defaultMode: 0555 + - name: masakari-etc + secret: + secretName: masakari-etc + defaultMode: 0444 +{{- end }} diff --git a/masakari/templates/daemonset-process-monitor.yaml b/masakari/templates/daemonset-process-monitor.yaml new file mode 100644 index 0000000000..66f22c1ad1 --- /dev/null +++ b/masakari/templates/daemonset-process-monitor.yaml @@ -0,0 +1,131 @@ +{{/* +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if .Values.manifests.process_monitor }} +{{- $envAll := . }} +{{- $daemonset := "masakari-process-monitor" }} + +{{- $mounts_masakari_process_monitor := .Values.pod.mounts.masakari_process_monitor.masakari_process_monitor }} +{{- $mounts_masakari_process_monitor_init := .Values.pod.mounts.masakari_process_monitor.init_container }} + +{{- $serviceAccountName := "masakari-process-monitor" }} +{{- tuple $envAll "masakari_process_monitor" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +--- +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: masakari-process-monitor + annotations: + {{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }} + labels: +{{ tuple $envAll .Chart.Name $daemonset | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }} +spec: + selector: + matchLabels: +{{ tuple $envAll .Chart.Name $daemonset | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }} +{{ tuple $envAll $daemonset | include "helm-toolkit.snippets.kubernetes_upgrades_daemonset" | indent 2 }} + template: + metadata: + labels: +{{ tuple $envAll .Chart.Name $daemonset | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }} + annotations: +{{- dict "envAll" $envAll "podName" "masakari-process-monitor" "containerNames" (list "masakari-monitor") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }} +{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }} + configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }} + configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }} + spec: +{{ dict "envAll" $envAll "application" "masakari-process-monitor" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }} + serviceAccountName: {{ $serviceAccountName }} + nodeSelector: + {{ .Values.labels.masakari.node_selector_key }}: {{ .Values.labels.masakari.node_selector_value }} + initContainers: +{{ tuple $envAll "masakari_process_monitor" $mounts_masakari_process_monitor_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} + - name: procressemonitor-init +{{ tuple $envAll "masakari_instance_monitor" | include "helm-toolkit.snippets.image" | indent 10 }} +{{ tuple $envAll $envAll.Values.pod.resources.masakari_instance_monitor | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }} +{{ dict "envAll" $envAll "application" "masakari" "container" "masakari_process_monitor" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }} + command: + - /tmp/masakari-monitors-init.sh + env: + - name: COMPUTE_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + volumeMounts: + - name: pod-tmp + mountPath: /tmp + - name: pod-shared + mountPath: /tmp/pod-shared + - name: masakari-bin + mountPath: /tmp/masakari-monitors-init.sh + subPath: masakari-monitors-init.sh + readOnly: true + containers: + - name: masakari-process-monitor +{{ tuple $envAll "masakari_process_monitor" | include "helm-toolkit.snippets.image" | indent 10 }} +{{ tuple $envAll $envAll.Values.pod.resources.masakari_process_monitor | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }} +{{ dict "envAll" $envAll "application" "masakari" "container" "masakari_process_monitor" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }} + command: + - /tmp/masakari-process-monitor.sh + - start + env: + - name: COMPUTE_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + lifecycle: + preStop: + exec: + command: + - /tmp/masakari-process-monitor.sh + - stop + volumeMounts: + - name: pod-tmp + mountPath: /tmp + - name: etcmasakari + mountPath: /etc/masakari + - name: pod-shared + mountPath: /tmp/pod-shared + - name: masakari-bin + mountPath: /tmp/masakari-process-monitor.sh + subPath: masakari-process-monitor.sh + - name: masakari-etc + mountPath: /etc/masakari/masakarimonitors.conf + subPath: masakarimonitors.conf + - name: varrun + mountPath: /var/run + - name: run + mountPath: /run + volumes: + - name: pod-tmp + emptyDir: {} + - name: etcmasakari + emptyDir: {} + - name: pod-shared + emptyDir: {} + - name: varrun + hostPath: + path: /var/run + - name: run + hostPath: + path: /run + - name: masakari-bin + configMap: + name: masakari-bin + defaultMode: 0555 + - name: masakari-etc + secret: + secretName: masakari-etc + defaultMode: 0444 +{{- end }} diff --git a/masakari/templates/deployment-api.yaml b/masakari/templates/deployment-api.yaml new file mode 100644 index 0000000000..ed75c954a4 --- /dev/null +++ b/masakari/templates/deployment-api.yaml @@ -0,0 +1,114 @@ +{{/* +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- define "masakariApiLivenessProbeTemplate" }} +tcpSocket: + port: {{ tuple "instance_ha" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }} +{{- end }} + +{{- define "masakariApiReadinessProbeTemplate" }} +tcpSocket: + port: {{ tuple "instance_ha" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }} +{{- end }} + + +{{- if .Values.manifests.deployment_api }} +{{- $envAll := . }} + +{{- $mounts_masakari_api := .Values.pod.mounts.masakari_api.masakari_api }} +{{- $mounts_masakari_api_init := .Values.pod.mounts.masakari_api.init_container }} + +{{- $serviceAccountName := "masakari-api" }} +{{- tuple $envAll "masakari_api" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: masakari-api + annotations: + {{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }} + labels: +{{ tuple $envAll "masakari" "api" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }} +spec: + replicas: {{ .Values.pod.replicas.masakari_api }} + selector: + matchLabels: +{{ tuple $envAll "masakari" "api" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }} +{{ tuple $envAll | include "helm-toolkit.snippets.kubernetes_upgrades_deployment" | indent 2 }} + template: + metadata: + labels: +{{ tuple $envAll "masakari" "api" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }} + annotations: +{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }} + configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }} + configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }} +{{ dict "envAll" $envAll "podName" "masakari-api" "containerNames" (list "masakari-api-init" "masakari-api" "init") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }} + spec: + serviceAccountName: {{ $serviceAccountName }} +{{ dict "envAll" $envAll "application" "masakari" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }} + affinity: +{{ tuple $envAll "masakari" "api" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }} + nodeSelector: + {{ .Values.labels.masakari.node_selector_key }}: {{ .Values.labels.masakari.node_selector_value }} + terminationGracePeriodSeconds: {{ .Values.pod.lifecycle.termination_grace_period.masakari_api.timeout | default "30" }} + initContainers: +{{ tuple $envAll "masakari_api" $mounts_masakari_api_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} + containers: + - name: masakari-api +{{ tuple $envAll "masakari_api" | include "helm-toolkit.snippets.image" | indent 10 }} +{{ tuple $envAll $envAll.Values.pod.resources.masakari_api | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }} +{{ dict "envAll" $envAll "application" "masakari" "container" "masakari_api" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }} + command: + - /tmp/masakari-api.sh + - start + lifecycle: + preStop: + exec: + command: + - /tmp/masakari-api.sh + - stop + ports: + - name: n-api + containerPort: {{ tuple "instance_ha" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }} +{{ dict "envAll" $envAll "component" "masakari" "container" "default" "type" "liveness" "probeTemplate" (include "masakariApiLivenessProbeTemplate" $envAll | fromYaml) | include "helm-toolkit.snippets.kubernetes_probe" | indent 10 }} +{{ dict "envAll" $envAll "component" "masakari" "container" "default" "type" "readiness" "probeTemplate" (include "masakariApiReadinessProbeTemplate" $envAll | fromYaml) | include "helm-toolkit.snippets.kubernetes_probe" | indent 10 }} + volumeMounts: + - name: pod-tmp + mountPath: /tmp + - name: masakari-bin + mountPath: /tmp/masakari-api.sh + subPath: masakari-api.sh + - name: etcmasakari + mountPath: /etc/masakari + - name: masakari-etc + mountPath: /etc/masakari/masakari.conf + subPath: masakari.conf + - name: masakari-etc + mountPath: /etc/masakari/api-paste.ini + subPath: api-paste.ini + volumes: + - name: pod-tmp + emptyDir: {} + - name: etcmasakari + emptyDir: {} + - name: masakari-bin + configMap: + name: masakari-bin + defaultMode: 0555 + - name: masakari-etc + secret: + secretName: masakari-etc + defaultMode: 0444 +{{- end }} diff --git a/masakari/templates/deployment-engine.yaml b/masakari/templates/deployment-engine.yaml new file mode 100644 index 0000000000..118f0f38f9 --- /dev/null +++ b/masakari/templates/deployment-engine.yaml @@ -0,0 +1,98 @@ +{{/* +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if .Values.manifests.deployment_engine }} +{{- $envAll := . }} + +{{- $mounts_masakari_engine := .Values.pod.mounts.masakari_engine.masakari_engine }} +{{- $mounts_masakari_engine_init := .Values.pod.mounts.masakari_engine.init_container }} + +{{- $serviceAccountName := "masakari-engine" }} +{{- tuple $envAll "masakari_engine" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: masakari-engine + annotations: + {{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }} + labels: +{{ tuple $envAll "masakari" "engine" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }} +spec: + replicas: {{ .Values.pod.replicas.masakari_engine }} + selector: + matchLabels: +{{ tuple $envAll "masakari" "engine" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }} +{{ tuple $envAll | include "helm-toolkit.snippets.kubernetes_upgrades_deployment" | indent 2 }} + template: + metadata: + labels: +{{ tuple $envAll "masakari" "engine" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }} + annotations: +{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }} + configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }} + configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }} +{{ dict "envAll" $envAll "podName" "masakari-engine" "containerNames" (list "masakari-engine-init" "masakari-engine" "init") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }} + spec: + serviceAccountName: {{ $serviceAccountName }} +{{ dict "envAll" $envAll "application" "masakari-engine" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }} + affinity: +{{ tuple $envAll "masakari" "engine" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }} + nodeSelector: + {{ .Values.labels.masakari.node_selector_key }}: {{ .Values.labels.masakari.node_selector_value }} + terminationGracePeriodSeconds: {{ .Values.pod.lifecycle.termination_grace_period.masakari_engine.timeout | default "30" }} + initContainers: +{{ tuple $envAll "masakari_engine" $mounts_masakari_engine_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} + containers: + - name: masakari-engine +{{ tuple $envAll "masakari_engine" | include "helm-toolkit.snippets.image" | indent 10 }} +{{ tuple $envAll $envAll.Values.pod.resources.masakari_engine | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }} +{{ dict "envAll" $envAll "application" "masakari" "container" "masakari_engine" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }} + command: + - /tmp/masakari-engine.sh + - start + lifecycle: + preStop: + exec: + command: + - /tmp/masakari-engine.sh + - stop + volumeMounts: + - name: pod-tmp + mountPath: /tmp + - name: masakari-bin + mountPath: /tmp/masakari-engine.sh + subPath: masakari-engine.sh + readOnly: true + - name: etcmasakari + mountPath: /etc/masakari + - name: masakari-etc + mountPath: /etc/masakari/masakari.conf + subPath: masakari.conf +{{ if $mounts_masakari_engine.volumeMounts }}{{ toYaml $mounts_masakari_engine.volumeMounts | indent 12 }}{{ end }} + volumes: + - name: pod-tmp + emptyDir: {} + - name: etcmasakari + emptyDir: {} + - name: masakari-bin + configMap: + name: masakari-bin + defaultMode: 0555 + - name: masakari-etc + secret: + secretName: masakari-etc + defaultMode: 0444 +{{ if $mounts_masakari_engine.volumes}}{{ toYaml $mounts_masakari_engine.volumes | indent 8 }}{{ end }} +{{- end }} diff --git a/masakari/templates/job-db-drop.yaml b/masakari/templates/job-db-drop.yaml new file mode 100644 index 0000000000..5fd13229db --- /dev/null +++ b/masakari/templates/job-db-drop.yaml @@ -0,0 +1,19 @@ +{{/* +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if .Values.manifests.job_db_drop }} +{{- $dbToDrop := dict "inputType" "secret" "adminSecret" .Values.secrets.oslo_db.admin "userSecret" .Values.secrets.oslo_db.masakari -}} +{{- $dbDropJob := dict "envAll" . "serviceName" "masakari" "dbToDrop" $dbToDrop -}} +{{ $dbDropJob | include "helm-toolkit.manifests.job_db_drop_mysql" }} +{{- end }} diff --git a/masakari/templates/job-db-init.yaml b/masakari/templates/job-db-init.yaml new file mode 100644 index 0000000000..08bfef8e7a --- /dev/null +++ b/masakari/templates/job-db-init.yaml @@ -0,0 +1,18 @@ +{{/* +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if .Values.manifests.job_db_init }} +{{- $dbInitJob := dict "envAll" . "serviceName" "masakari" -}} +{{ $dbInitJob | include "helm-toolkit.manifests.job_db_init_mysql" }} +{{- end }} diff --git a/masakari/templates/job-db-sync.yaml b/masakari/templates/job-db-sync.yaml new file mode 100644 index 0000000000..8765bbabc6 --- /dev/null +++ b/masakari/templates/job-db-sync.yaml @@ -0,0 +1,72 @@ +{{/* +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if .Values.manifests.job_db_sync }} +{{- $envAll := . }} + +{{- $serviceAccountName := "masakari-db-sync" }} +{{ tuple $envAll "db_sync" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +--- +apiVersion: batch/v1 +kind: Job +metadata: + name: masakari-db-sync + annotations: + {{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }} +spec: + template: + metadata: + labels: +{{ tuple $envAll "masakari" "db-migrate" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }} + annotations: +{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }} + spec: + serviceAccountName: {{ $serviceAccountName }} + restartPolicy: OnFailure + nodeSelector: + {{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }} + initContainers: +{{ tuple $envAll "db_migrate" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} + containers: + - name: masakari-db-sync +{{ tuple $envAll "db_sync" | include "helm-toolkit.snippets.image" | indent 10 }} +{{ tuple $envAll $envAll.Values.pod.resources.jobs.db_sync | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }} +{{ dict "envAll" $envAll "application" "masakari" "container" "masakari_db_migrate" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }} + command: + - /tmp/manage-db.sh + volumeMounts: + - name: pod-tmp + mountPath: /tmp + - name: masakari-bin + mountPath: /tmp/manage-db.sh + subPath: manage-db.sh + - name: etcmasakari + mountPath: /etc/masakari + - name: masakari-etc + mountPath: /etc/masakari/masakari.conf + subPath: masakari.conf + volumes: + - name: pod-tmp + emptyDir: {} + - name: etcmasakari + emptyDir: {} + - name: masakari-etc + secret: + secretName: masakari-etc + defaultMode: 0444 + - name: masakari-bin + configMap: + name: masakari-bin + defaultMode: 0555 +{{- end }} diff --git a/masakari/templates/job-ks-endpoints.yaml b/masakari/templates/job-ks-endpoints.yaml new file mode 100644 index 0000000000..60d9cd143c --- /dev/null +++ b/masakari/templates/job-ks-endpoints.yaml @@ -0,0 +1,18 @@ +{{/* +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if .Values.manifests.job_ks_endpoints }} +{{- $ksServiceJob := dict "envAll" . "serviceName" "masakari" "serviceTypes" ( tuple "instance-ha" ) -}} +{{ $ksServiceJob | include "helm-toolkit.manifests.job_ks_endpoints" }} +{{- end }} diff --git a/masakari/templates/job-ks-service.yaml b/masakari/templates/job-ks-service.yaml new file mode 100644 index 0000000000..07f0da899e --- /dev/null +++ b/masakari/templates/job-ks-service.yaml @@ -0,0 +1,18 @@ +{{/* +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if .Values.manifests.job_ks_service }} +{{- $ksServiceJob := dict "envAll" . "serviceName" "masakari" "serviceTypes" ( tuple "instance-ha" ) -}} +{{ $ksServiceJob | include "helm-toolkit.manifests.job_ks_service" }} +{{- end }} diff --git a/masakari/templates/job-ks-user.yaml b/masakari/templates/job-ks-user.yaml new file mode 100644 index 0000000000..2fa5eaa4e0 --- /dev/null +++ b/masakari/templates/job-ks-user.yaml @@ -0,0 +1,18 @@ +{{/* +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if .Values.manifests.job_ks_user }} +{{- $ksUserJob := dict "envAll" . "serviceName" "masakari" -}} +{{ $ksUserJob | include "helm-toolkit.manifests.job_ks_user" }} +{{- end }} diff --git a/masakari/templates/job-rabbitmq-init.yaml b/masakari/templates/job-rabbitmq-init.yaml new file mode 100644 index 0000000000..cf8d0ba1db --- /dev/null +++ b/masakari/templates/job-rabbitmq-init.yaml @@ -0,0 +1,18 @@ +{{/* +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if .Values.manifests.job_rabbit_init }} +{{- $rmqUserJob := dict "envAll" . "serviceName" "masakari" -}} +{{ $rmqUserJob | include "helm-toolkit.manifests.job_rabbit_init" }} +{{- end }} diff --git a/masakari/templates/pbd-api.yaml b/masakari/templates/pbd-api.yaml new file mode 100644 index 0000000000..4f3acacb9e --- /dev/null +++ b/masakari/templates/pbd-api.yaml @@ -0,0 +1,27 @@ +{{/* +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if .Values.manifests.pdb_api }} +{{- $envAll := . }} +--- +apiVersion: policy/v1beta1 +kind: PodDisruptionBudget +metadata: + name: masakari-api +spec: + minAvailable: {{ .Values.pod.lifecycle.disruption_budget.masakari_api.min_available }} + selector: + matchLabels: +{{ tuple $envAll "masakari" "masakari_api" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }} +{{- end }} diff --git a/masakari/templates/secret-db.yaml b/masakari/templates/secret-db.yaml new file mode 100644 index 0000000000..0ef238f1d9 --- /dev/null +++ b/masakari/templates/secret-db.yaml @@ -0,0 +1,33 @@ +{{/* +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if .Values.manifests.secret_db }} +{{- $envAll := . }} +{{- range $key1, $userClass := tuple "admin" "masakari" }} +{{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }} +{{- $connection := tuple "oslo_db" "internal" $userClass "mysql" $envAll | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ $secretName }} +type: Opaque +data: +{{- if $envAll.Values.manifests.certificates }} + DB_CONNECTION: {{ (printf "%s?charset=utf8&ssl_ca=/etc/mysql/certs/ca.crt&ssl_key=/etc/mysql/certs/tls.key&ssl_cert=/etc/mysql/certs/tls.crt&ssl_verify_cert" $connection ) | b64enc -}} +{{- else }} + DB_CONNECTION: {{ $connection | b64enc -}} +{{- end }} +{{- end }} +{{- end }} diff --git a/masakari/templates/secret-keystone.yaml b/masakari/templates/secret-keystone.yaml new file mode 100644 index 0000000000..0307f29e60 --- /dev/null +++ b/masakari/templates/secret-keystone.yaml @@ -0,0 +1,28 @@ +{{/* +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if .Values.manifests.secret_keystone }} +{{- $envAll := . }} +{{- range $key1, $userClass := tuple "admin" "masakari" "test" }} +{{- $secretName := index $envAll.Values.secrets.identity $userClass }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ $secretName }} +type: Opaque +data: +{{- tuple $userClass "internal" $envAll | include "helm-toolkit.snippets.keystone_secret_openrc" | indent 2 -}} +{{- end }} +{{- end }} diff --git a/masakari/templates/secret_rabbitmq.yaml b/masakari/templates/secret_rabbitmq.yaml new file mode 100644 index 0000000000..cef2b0245b --- /dev/null +++ b/masakari/templates/secret_rabbitmq.yaml @@ -0,0 +1,33 @@ +{{/* +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if .Values.manifests.secret_rabbitmq }} +{{- $envAll := . }} +{{- $rabbitmqProtocol := "http" }} +{{- if $envAll.Values.manifests.certificates }} +{{- $rabbitmqProtocol = "https" }} +{{- end }} +{{- range $key1, $userClass := tuple "admin" "masakari" }} +{{- $secretName := index $envAll.Values.secrets.oslo_messaging $userClass }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ $secretName }} +type: Opaque +data: + RABBITMQ_CONNECTION: {{ tuple "oslo_messaging" "internal" $userClass $rabbitmqProtocol $envAll | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | b64enc }} + TRANSPORT_URL: {{ tuple "oslo_messaging" "internal" $userClass "amqp" $envAll | include "helm-toolkit.endpoints.authenticated_transport_endpoint_uri_lookup" | b64enc }} +{{- end }} +{{- end }} diff --git a/masakari/templates/service-api.yaml b/masakari/templates/service-api.yaml new file mode 100644 index 0000000000..85f1395a5f --- /dev/null +++ b/masakari/templates/service-api.yaml @@ -0,0 +1,37 @@ +{{/* +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if .Values.manifests.service_api }} +{{- $envAll := . }} +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ tuple "instance_ha" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }} +spec: + ports: + - name: n-api + port: {{ tuple "instance_ha" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }} + {{ if .Values.network.masakari_api.node_port.enabled }} + nodePort: {{ .Values.network.masakari_api.node_port.port }} + {{ end }} + selector: +{{ tuple $envAll "masakari" "api" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }} + {{ if .Values.network.masakari_api.node_port.enabled }} + type: NodePort + {{ if .Values.network.masakari_api.external_policy_local }} + externalTrafficPolicy: Local + {{ end }} + {{ end }} +{{- end }} diff --git a/masakari/values.yaml b/masakari/values.yaml new file mode 100644 index 0000000000..62c66172d9 --- /dev/null +++ b/masakari/values.yaml @@ -0,0 +1,591 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +--- +images: + tags: + db_init: docker.io/openstackhelm/heat:stein-ubuntu_bionic + db_sync: docker.io/xuxant/masakari:wallaby + db_drop: quay.io/vexxhost/heat:ussuri + ks_endpoints: quay.io/vexxhost/heat:wallaby + ks_service: quay.io/vexxhost/heat:wallaby + ks_user: quay.io/vexxhost/heat:wallaby + masakari_api: docker.io/openstackhelm/masakari:master-ubuntu_focal + masakari_engine: docker.io/openstackhelm/masakari:master-ubuntu_focal + masakari_host_monitor: docker.io/xuxant/masakari-monitors:focal + masakari_process_monitor: docker.io/xuxant/masakari-monitors:focal + masakari_instance_monitor: docker.io/xuxant/masakari-monitors:focal + rabbit_init: docker.io/rabbitmq:3.7-management + dep_check: 'quay.io/airshipit/kubernetes-entrypoint:v1.0.0' + pull_policy: "IfNotPresent" + local_registry: + active: false + exclude: + - dep_check + - image_repo_sync + +labels: + masakari: + node_selector_key: openstack-control-plane + node_selector_value: enabled + job: + node_selector_key: openstack-control-plane + node_selector_value: enabled + test: + node_selector_key: openstack-control-plane + node_selector_value: enabled + +endpoints: + cluster_domain_suffix: cluster.local + local_image_registry: + name: docker-registry + namespace: docker-registry + hosts: + default: localhost + internal: docker-registry + node: localhost + host_fqdn_override: + default: null + port: + registry: + node: 5000 + instance_ha: + name: masakari + hosts: + default: masakari-api + public: masakari-api + host_fqdn_override: + default: null + path: + default: "/v1/%(tenant_id)s" + scheme: + default: 'http' + port: + api: + default: 15868 + public: 80 + oslo_db: + auth: + admin: + username: root + password: password + secret: + tls: + internal: mariadb-tls-direct + masakari: + username: masakari + password: password + hosts: + default: mariadb + host_fqdn_override: + default: null + path: /masakari + scheme: mysql+pymysql + port: + mysql: + default: 3306 + identity: + name: keystone + auth: + admin: + region_name: RegionOne + username: admin + password: password + project_name: admin + user_domain_name: default + project_domain_name: default + masakari: + role: admin + region_name: RegionOne + username: masakari + password: password + project_name: service + user_domain_name: service + project_domain_name: service + test: + role: admin + region_name: RegionOne + username: neutron-test + password: password + project_name: test + user_domain_name: service + project_domain_name: service + hosts: + default: keystone + internal: keystone-api + host_fqdn_override: + default: null + path: + default: /v3 + scheme: + default: http + port: + api: + default: 80 + internal: 5000 + oslo_messaging: + auth: + admin: + username: rabbitmq + password: password + secret: + tls: + internal: rabbitmq-tls-direct + masakari: + username: masakari + password: password + statefulset: + replicas: 2 + name: rabbitmq-rabbitmq + hosts: + default: rabbitmq + host_fqdn_override: + default: null + path: /masakari + scheme: rabbit + port: + amqp: + default: 5672 + http: + default: 15672 + oslo_cache: + auth: + # NOTE(portdirect): this is used to define the value for keystone + # authtoken cache encryption key, if not set it will be populated + # automatically with a random value, but to take advantage of + # this feature all services should be set to use the same key, + # and memcache service. + memcache_secret_key: null + hosts: + default: memcached + host_fqdn_override: + default: null + port: + memcache: + default: 11211 + fluentd: + namespace: null + name: fluentd + hosts: + default: fluentd-logging + host_fqdn_override: + default: null + path: + default: null + scheme: 'http' + port: + service: + default: 24224 + metrics: + default: 24220 + # NOTE(tp6510): these endpoints allow for things like DNS lookups and ingress + # They are using to enable the Egress K8s network policy. + kube_dns: + namespace: kube-system + name: kubernetes-dns + hosts: + default: kube-dns + host_fqdn_override: + default: null + path: + default: null + scheme: http + port: + dns: + default: 53 + protocol: UDP + ingress: + namespace: null + name: ingress + hosts: + default: ingress + port: + ingress: + default: 80 + +secrets: + identity: + admin: masakari-keystone-admin + masakari: masakari-keystone-user + test: masakari-keystone-test + oslo_db: + admin: masakari-db-admin + masakari: masakari-db-user + oslo_messaging: + admin: masakari-rabbitmq-admin + masakari: masakari-rabbitmq-user + +dependencies: + static: + masakari_api: + jobs: + - masakari-db-sync + - masakari-ks-user + - masakari-ks-endpoints + - masakari-ks-service + services: + - endpoint: internal + service: identity + masakari_engine: + jobs: + - masakari-db-sync + - masakari-ks-user + - masakari-ks-endpoints + - masakari-ks-service + services: + - endpoint: internal + service: identity + db_init: + services: + - endpoint: internal + service: oslo_db + db_sync: + jobs: + - masakari-db-init + services: + - endpoint: internal + service: oslo_db + ks_endpoints: + jobs: + - masakari-ks-service + services: + - endpoint: internal + service: identity + ks_service: + services: + - endpoint: internal + service: identity + ks_user: + services: + - endpoint: internal + service: identity + +pod: + security_context: + masakari: + pod: + runAsUser: 42424 + container: + masakari_api: + readOnlyRootFilesystem: false + allowPrivilegeEscalation: false + runAsUser: 0 + masakari_engine: + readOnlyRootFilesystem: false + allowPrivilegeEscalation: false + runAsUser: 0 + masakari_db_sync: + readOnlyRootFilesystem: false + allowPrivilegeEscalation: false + runAsUser: 0 + masakari_host_monitor: + readOnlyRootFilesystem: false + allowPrivilegeEscalation: false + runAsUser: 0 + masakari_process_monitir: + readOnlyRootFilesystem: false + allowPrivilegeEscalation: false + runAsUser: 0 + masakari_instance_monitor: + readOnlyRootFilesystem: false + allowPrivilegeEscalation: false + runAsUser: 0 + test: + pod: + runAsUser: 42424 + container: + horizon_test: + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + probes: + rpc_timeout: 60 + rpc_retries: 2 + masakari: + default: + liveness: + enabled: true + params: + initialDelaySeconds: 120 + periodSeconds: 90 + timeoutSeconds: 70 + readiness: + enabled: true + params: + initialDelaySeconds: 80 + periodSeconds: 90 + timeoutSeconds: 70 + masakari-engine: + default: + liveness: + enabled: true + params: + initialDelaySeconds: 30 + periodSeconds: 60 + timeoutSeconds: 15 + readiness: + enabled: true + params: + initialDelaySeconds: 30 + periodSeconds: 60 + timeoutSeconds: 15 + affinity: + anti: + type: + default: preferredDuringSchedulingIgnoredDuringExecution + topologyKey: + default: kubernetes.io/hostname + weight: + default: 10 + replicas: + masakari_api: 1 + masakari_engine: 1 + lifecycle: + upgrades: + deployments: + revision_history: 3 + pod_replacement_strategy: RollingUpdate + rolling_update: + max_unavailable: 1 + max_surge: 3 + daemonsets: + pod_replacement_strategy: RollingUpdate + compute: + enabled: true + min_ready_seconds: 0 + max_unavailable: 1 + disruption_budget: + masakari_api: + min_available: 0 + masakari_engine: + min_available: 0 + termination_grace_period: + masakari_api: + timeout: 30 + masakari_engine: + timeout: 30 + mounts: + masakari_api: + init_container: null + masakari_api: + volumeMounts: + volumes: + masakari_engine: + init_container: null + masakari_engine: + volumeMounts: + volumes: + masakari_instance_monitor: + init_container: null + masakari_instance_monitor: + volumeMounts: + volumes: + masakari_host_monitor: + init_container: null + masakari_host_monitor: + volumeMounts: + volumes: + masakari_process_monitor: + init_container: null + masakari_process_monitor: + volumeMounts: + volumes: + masakari_db_sync: + masakari_db_sync: + volumeMounts: + volumes: + masakari_db_init: + masakari_db_sync: + volumeMounts: + volumes: + masakari_ks_users: + masakari_db_sync: + volumeMounts: + volumes: + masakari_ks_service: + masakari_db_sync: + volumeMounts: + volumes: + resources: + enabled: false + masakari_api: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" + masakari_engine: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" + masakari_host_monitor: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" + masakari_instance_monitor: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" + masakari_process_monitor: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" + jobs: + rabbit_init: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" + db_init: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" + db_sync: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" + db_drop: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" + ks_endpoints: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" + ks_service: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" + ks_user: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" +conf: + paste: + composite:masakari_api: + use: call:masakari.api.urlmap:urlmap_factory + /: apiversions + /v1: masakari_api_v1 + composite:masakari_api_v1: + use: call:masakari.api.auth:pipeline_factory_v1 + keystone: cors http_proxy_to_wsgi request_id faultwrap sizelimit authtoken keystonecontext osapi_masakari_app_v1 + noauth2: cors http_proxy_to_wsgi request_id faultwrap sizelimit noauth2 osapi_masakari_app_v1 + filter:cors: + paste.filter_factory: oslo_middleware.cors:filter_factory + oslo_config_project: masakari + filter:http_proxy_to_wsgi: + paste.filter_factory: oslo_middleware.http_proxy_to_wsgi:HTTPProxyToWSGI.factory + filter:request_id: + paste.filter_factory: oslo_middleware:RequestId.factory + filter:faultwrap: + paste.filter_factory: masakari.api.openstack:FaultWrapper.factory + filter:sizelimit: + paste.filter_factory: oslo_middleware:RequestBodySizeLimiter.factory + filter:authtoken: + paste.filter_factory: keystonemiddleware.auth_token:filter_factory + filter:keystonecontext: + paste.filter_factory: masakari.api.auth:MasakariKeystoneContext.factory + filter:noauth2: + paste.filter_factory: masakari.api.auth:NoAuthMiddleware.factory + app:osapi_masakari_app_v1: + paste.app_factory: masakari.api.openstack.ha:APIRouterV1.factory + pipeline:apiversions: + pipeline: faultwrap http_proxy_to_wsgi apiversionsapp + app:apiversionsapp: + paste.app_factory: masakari.api.openstack.ha.versions:Versions.factory + masakari: + DEFAULT: + auth_strategy: keystone + duplicate_notification_detection_interval: 180 + host_failure_recovery_threads: 1 + masakari_api_workers: 1 + graceful_shutdown_timeout: 5 + api_paste_config: /etc/masakari/api-paste.ini + keystone_authtoken: + auth_type: password + database: + max_retries: -1 + # Connection string is evaluated though the endpoints for taskflow. + taskflow: + connection: null + masakarimonitors: + DEFAULT: + debug: False + api: + api_version: v1 + api_interface: internal + callback: + retry_max: 10 + retry_interval: 10 + introspectiveinstancemonitor: + guest_monitor_interval: 10 + guest_monitor_timeout: 5 + +network: + masakari_api: + node_port: + enabled: false + port: 33033 + external_policy_local: false + +manifests: + job_ks_user: true + job_db_sync: true + job_db_init: true + job_db_drop: false + job_ks_endpoints: true + job_ks_service: true + deployment_api: true + deployment_engine: true + configmap_bin: true + configmap_etc: true + secret_db: true + secret_rabbitmq: true + secret_keystone: true + job_rabbit_init: true + service_api: true + pdb_api: true + host_monitor: true + instance_monitor: true + process_monitor: true diff --git a/releasenotes/notes/masakari.yaml b/releasenotes/notes/masakari.yaml new file mode 100644 index 0000000000..7ba92b6b17 --- /dev/null +++ b/releasenotes/notes/masakari.yaml @@ -0,0 +1,4 @@ +--- +masakari: + - 0.1.0 Initial Chart +...