From 5b37bcfb06e600701c7cca0495ea6372c2c3530f Mon Sep 17 00:00:00 2001 From: Pete Birley Date: Mon, 24 Apr 2017 18:03:35 -0500 Subject: [PATCH] Ingress Controller chart This PS adds a basic ingress controller chart for Openstack-Helm Change-Id: Icee97fd118a8dab0563cf91400f80ee695e85dfe --- Makefile | 8 +- ingress/Chart.yaml | 23 ++++++ ingress/templates/configmap-etc.yaml | 28 +++++++ ingress/templates/error-deployment.yaml | 58 ++++++++++++++ ingress/templates/error-service.yaml | 28 +++++++ ingress/templates/ingress-deployment.yaml | 94 +++++++++++++++++++++++ ingress/values.yaml | 68 ++++++++++++++++ 7 files changed, 304 insertions(+), 3 deletions(-) create mode 100644 ingress/Chart.yaml create mode 100644 ingress/templates/configmap-etc.yaml create mode 100644 ingress/templates/error-deployment.yaml create mode 100644 ingress/templates/error-service.yaml create mode 100644 ingress/templates/ingress-deployment.yaml create mode 100644 ingress/values.yaml diff --git a/Makefile b/Makefile index 75f4ee5bae..218bf2516c 100644 --- a/Makefile +++ b/Makefile @@ -12,15 +12,15 @@ # See the License for the specific language governing permissions and # limitations under the License. -.PHONY: ceph bootstrap mariadb etcd keystone memcached rabbitmq helm-toolkit neutron nova cinder heat all clean +.PHONY: ceph bootstrap mariadb etcd keystone memcached rabbitmq helm-toolkit neutron nova cinder heat ingress all clean B64_DIRS := helm-toolkit/secrets B64_EXCLUDE := $(wildcard helm-toolkit/secrets/*.b64) -CHARTS := ceph mariadb etcd rabbitmq memcached keystone glance horizon neutron nova cinder heat +CHARTS := ceph mariadb etcd rabbitmq memcached keystone glance horizon neutron nova cinder heat ingress TOOLKIT_TPL := helm-toolkit/templates/_globals.tpl -all: helm-toolkit ceph bootstrap mariadb etcd rabbitmq memcached keystone glance horizon neutron nova cinder heat +all: helm-toolkit ceph bootstrap mariadb etcd rabbitmq memcached keystone glance horizon neutron nova cinder heat ingress helm-toolkit: build-helm-toolkit @@ -51,6 +51,8 @@ heat: build-heat memcached: build-memcached +ingress: build-ingress + clean: $(shell rm -rf helm-toolkit/secrets/*.b64) $(shell rm -rf */templates/_partials.tpl) diff --git a/ingress/Chart.yaml b/ingress/Chart.yaml new file mode 100644 index 0000000000..44f2fb7683 --- /dev/null +++ b/ingress/Chart.yaml @@ -0,0 +1,23 @@ +# Copyright 2017 The Openstack-Helm Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +description: OpenStack-Helm Ingress Controller +name: ingress +version: 0.1.0 +home: https://github.com/kubernetes/ingress +sources: + - https://github.com/kubernetes/ingress + - https://git.openstack.org/cgit/openstack/openstack-helm +maintainers: + - name: OpenStack-Helm Authors diff --git a/ingress/templates/configmap-etc.yaml b/ingress/templates/configmap-etc.yaml new file mode 100644 index 0000000000..801da0f50d --- /dev/null +++ b/ingress/templates/configmap-etc.yaml @@ -0,0 +1,28 @@ +# Copyright 2017 The Openstack-Helm Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +{{- if .Values.network.host_namespace }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: ingress-etc +data: + resolv.conf: | + search {{ .Release.Namespace }}.svc.{{ .Values.network.dns.kubernetes_domain }} svc.{{ .Values.network.dns.kubernetes_domain }} {{ .Values.network.dns.kubernetes_domain }} + {{- range .Values.network.dns.servers }} + nameserver {{ . | title }} + {{- end }} + options ndots:5 +{{- end }} diff --git a/ingress/templates/error-deployment.yaml b/ingress/templates/error-deployment.yaml new file mode 100644 index 0000000000..933d7edf80 --- /dev/null +++ b/ingress/templates/error-deployment.yaml @@ -0,0 +1,58 @@ +# Copyright 2017 The Openstack-Helm Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: ingress-error-pages +spec: + replicas: {{ .Values.replicas.error_page }} + revisionHistoryLimit: {{ .Values.upgrades.revision_history }} + strategy: + type: {{ .Values.upgrades.pod_replacement_strategy }} + {{ if eq .Values.upgrades.pod_replacement_strategy "RollingUpdate" }} + rollingUpdate: + maxUnavailable: {{ .Values.upgrades.rolling_update.max_unavailable }} + maxSurge: {{ .Values.upgrades.rolling_update.max_surge }} + {{ end }} + template: + metadata: + labels: + app: ingress-error-pages + spec: + nodeSelector: + {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} + terminationGracePeriodSeconds: 60 + containers: + - name: ingress-error-pages + image: {{ .Values.images.error_pages }} + imagePullPolicy: {{ .Values.images.pull_policy }} + {{- if .Values.resources.enabled }} + resources: + limits: + cpu: {{ .Values.resources.error_pages.limits.cpu | quote }} + memory: {{ .Values.resources.error_pages.limits.memory | quote }} + requests: + cpu: {{ .Values.resources.error_pages.requests.cpu | quote }} + memory: {{ .Values.resources.error_pages.requests.memory | quote }} + {{- end }} + livenessProbe: + httpGet: + path: /healthz + port: 8080 + scheme: HTTP + initialDelaySeconds: 30 + timeoutSeconds: 5 + ports: + - containerPort: 8080 diff --git a/ingress/templates/error-service.yaml b/ingress/templates/error-service.yaml new file mode 100644 index 0000000000..02c4766cdb --- /dev/null +++ b/ingress/templates/error-service.yaml @@ -0,0 +1,28 @@ +# Copyright 2017 The Openstack-Helm Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + labels: + app: ingress-error-pages + name: ingress-error-pages +spec: + clusterIP: None + ports: + - port: 80 + protocol: TCP + targetPort: 8080 + selector: + app: ingress-error-pages diff --git a/ingress/templates/ingress-deployment.yaml b/ingress/templates/ingress-deployment.yaml new file mode 100644 index 0000000000..043f038a22 --- /dev/null +++ b/ingress/templates/ingress-deployment.yaml @@ -0,0 +1,94 @@ +# Copyright 2017 The Openstack-Helm Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: {{ .Values.deployment_type }} +metadata: + name: ingress-api +spec: +{{- if eq .Values.deployment_type "Deployment" }} + replicas: {{ .Values.replicas.ingress }} + revisionHistoryLimit: {{ .Values.upgrades.revision_history }} + strategy: + type: {{ .Values.upgrades.pod_replacement_strategy }} + {{ if eq .Values.upgrades.pod_replacement_strategy "RollingUpdate" }} + rollingUpdate: + maxUnavailable: {{ .Values.upgrades.rolling_update.max_unavailable }} + maxSurge: {{ .Values.upgrades.rolling_update.max_surge }} + {{ end }} +{{- end }} + template: + metadata: + labels: + app: ingress-api + spec: + nodeSelector: + {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} +{{- if .Values.network.host_namespace }} + hostNetwork: true +{{- end }} + terminationGracePeriodSeconds: 60 + containers: + - name: ingress-api + image: {{ .Values.images.ingress }} + imagePullPolicy: {{ .Values.images.pull_policy }} + {{- if .Values.resources.enabled }} + resources: + limits: + cpu: {{ .Values.resources.ingress.limits.cpu | quote }} + memory: {{ .Values.resources.ingress.limits.memory | quote }} + requests: + cpu: {{ .Values.resources.ingress.requests.cpu | quote }} + memory: {{ .Values.resources.ingress.requests.memory | quote }} + {{- end }} + readinessProbe: + httpGet: + path: /healthz + port: 10254 + scheme: HTTP + livenessProbe: + httpGet: + path: /healthz + port: 10254 + scheme: HTTP + initialDelaySeconds: 10 + timeoutSeconds: 1 + env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + ports: + - containerPort: 80 + hostPort: 80 + - containerPort: 443 + hostPort: 443 + args: + - /nginx-ingress-controller + - '--default-backend-service=$(POD_NAMESPACE)/ingress-error-pages' + - '--v=3' +{{- if .Values.network.host_namespace }} + volumeMounts: + - name: resolvconf + mountPath: /etc/resolv.conf + subPath: resolv.conf + volumes: + - name: resolvconf + configMap: + name: ingress-etc +{{- end }} diff --git a/ingress/values.yaml b/ingress/values.yaml new file mode 100644 index 0000000000..48c560dccc --- /dev/null +++ b/ingress/values.yaml @@ -0,0 +1,68 @@ +# Copyright 2017 The Openstack-Helm Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Default values for memcached. +# This is a YAML-formatted file. +# Declare name/value pairs to be passed into your templates. +# name: value + +replicas: + ingress: 1 + error_page: 1 + +images: + entrypoint: docker.io/kolla/ubuntu-source-kubernetes-entrypoint:4.0.0 + ingress: gcr.io/google_containers/nginx-ingress-controller:0.8.3 + error_pages: gcr.io/google_containers/defaultbackend:1.0 + pull_policy: "IfNotPresent" + +upgrades: + revision_history: 3 + pod_replacement_strategy: RollingUpdate + rolling_update: + max_unavailable: 1 + max_surge: 3 + +labels: + node_selector_key: openstack-control-plane + node_selector_value: enabled + +network: + host_namespace: true + dns: + kubernetes_domain: cluster.local + # this must list the skydns server first, and in calico + # this is consistently 10.96.0.10 + servers: + - 10.96.0.10 + - 8.8.8.8 + +deployment_type: Deployment + +resources: + enabled: false + error_pages: + limits: + memory: "128Mi" + cpu: "500m" + requests: + memory: "128Mi" + cpu: "500m" + ingress: + limits: + memory: "128Mi" + cpu: "500m" + requests: + memory: "128Mi" + cpu: "500m"