Ingress Controller chart

This PS adds a basic ingress controller chart for Openstack-Helm

Change-Id: Icee97fd118a8dab0563cf91400f80ee695e85dfe

Makefile

@@ -12,15 +12,15 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-.PHONY: ceph bootstrap mariadb etcd keystone memcached rabbitmq helm-toolkit neutron nova cinder heat all clean
+.PHONY: ceph bootstrap mariadb etcd keystone memcached rabbitmq helm-toolkit neutron nova cinder heat ingress all clean
 
 B64_DIRS := helm-toolkit/secrets
 B64_EXCLUDE := $(wildcard helm-toolkit/secrets/*.b64)
 
-CHARTS := ceph mariadb etcd rabbitmq memcached keystone glance horizon neutron nova cinder heat
+CHARTS := ceph mariadb etcd rabbitmq memcached keystone glance horizon neutron nova cinder heat ingress
 TOOLKIT_TPL := helm-toolkit/templates/_globals.tpl
 
-all: helm-toolkit ceph bootstrap mariadb etcd rabbitmq memcached keystone glance horizon neutron nova cinder heat
+all: helm-toolkit ceph bootstrap mariadb etcd rabbitmq memcached keystone glance horizon neutron nova cinder heat ingress
 
 helm-toolkit: build-helm-toolkit
 
@@ -51,6 +51,8 @@ heat: build-heat
 
 memcached: build-memcached
 
+ingress: build-ingress
+
 clean:
 	$(shell rm -rf helm-toolkit/secrets/*.b64)
 	$(shell rm -rf */templates/_partials.tpl)

ingress/Chart.yaml

@@ -0,0 +1,23 @@
+# Copyright 2017 The Openstack-Helm Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+description: OpenStack-Helm Ingress Controller
+name: ingress
+version: 0.1.0
+home: https://github.com/kubernetes/ingress
+sources:
+  - https://github.com/kubernetes/ingress
+  - https://git.openstack.org/cgit/openstack/openstack-helm
+maintainers:
+  - name: OpenStack-Helm Authors

ingress/templates/configmap-etc.yaml

@@ -0,0 +1,28 @@
+# Copyright 2017 The Openstack-Helm Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{- if .Values.network.host_namespace }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: ingress-etc
+data:
+  resolv.conf: |
+    search {{ .Release.Namespace }}.svc.{{ .Values.network.dns.kubernetes_domain }} svc.{{ .Values.network.dns.kubernetes_domain }} {{ .Values.network.dns.kubernetes_domain }}
+    {{- range .Values.network.dns.servers }}
+    nameserver {{ . | title }}
+    {{- end }}
+    options ndots:5
+{{- end }}

ingress/templates/error-deployment.yaml

@@ -0,0 +1,58 @@
+# Copyright 2017 The Openstack-Helm Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+  name: ingress-error-pages
+spec:
+  replicas: {{ .Values.replicas.error_page }}
+  revisionHistoryLimit: {{ .Values.upgrades.revision_history }}
+  strategy:
+    type: {{ .Values.upgrades.pod_replacement_strategy }}
+    {{ if eq .Values.upgrades.pod_replacement_strategy "RollingUpdate" }}
+    rollingUpdate:
+      maxUnavailable: {{ .Values.upgrades.rolling_update.max_unavailable }}
+      maxSurge: {{ .Values.upgrades.rolling_update.max_surge }}
+    {{ end }}
+  template:
+    metadata:
+      labels:
+        app: ingress-error-pages
+    spec:
+      nodeSelector:
+        {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }}
+      terminationGracePeriodSeconds: 60
+      containers:
+        - name: ingress-error-pages
+          image: {{ .Values.images.error_pages }}
+          imagePullPolicy: {{ .Values.images.pull_policy }}
+          {{- if .Values.resources.enabled }}
+          resources:
+            limits:
+              cpu: {{ .Values.resources.error_pages.limits.cpu | quote }}
+              memory: {{ .Values.resources.error_pages.limits.memory | quote }}
+            requests:
+              cpu: {{ .Values.resources.error_pages.requests.cpu | quote }}
+              memory: {{ .Values.resources.error_pages.requests.memory | quote }}
+          {{- end }}
+          livenessProbe:
+            httpGet:
+              path: /healthz
+              port: 8080
+              scheme: HTTP
+            initialDelaySeconds: 30
+            timeoutSeconds: 5
+          ports:
+            - containerPort: 8080

ingress/templates/error-service.yaml

@@ -0,0 +1,28 @@
+# Copyright 2017 The Openstack-Helm Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    app: ingress-error-pages
+  name: ingress-error-pages
+spec:
+  clusterIP: None
+  ports:
+  - port: 80
+    protocol: TCP
+    targetPort: 8080
+  selector:
+    app: ingress-error-pages

ingress/templates/ingress-deployment.yaml

@@ -0,0 +1,94 @@
+# Copyright 2017 The Openstack-Helm Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: extensions/v1beta1
+kind: {{ .Values.deployment_type }}
+metadata:
+  name: ingress-api
+spec:
+{{- if eq .Values.deployment_type "Deployment" }}
+  replicas: {{ .Values.replicas.ingress }}
+  revisionHistoryLimit: {{ .Values.upgrades.revision_history }}
+  strategy:
+    type: {{ .Values.upgrades.pod_replacement_strategy }}
+    {{ if eq .Values.upgrades.pod_replacement_strategy "RollingUpdate" }}
+    rollingUpdate:
+      maxUnavailable: {{ .Values.upgrades.rolling_update.max_unavailable }}
+      maxSurge: {{ .Values.upgrades.rolling_update.max_surge }}
+    {{ end }}
+{{- end }}
+  template:
+    metadata:
+      labels:
+        app: ingress-api
+    spec:
+      nodeSelector:
+        {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }}
+{{- if .Values.network.host_namespace }}
+      hostNetwork: true
+{{- end }}
+      terminationGracePeriodSeconds: 60
+      containers:
+        - name: ingress-api
+          image: {{ .Values.images.ingress }}
+          imagePullPolicy: {{ .Values.images.pull_policy }}
+          {{- if .Values.resources.enabled }}
+          resources:
+            limits:
+              cpu: {{ .Values.resources.ingress.limits.cpu | quote }}
+              memory: {{ .Values.resources.ingress.limits.memory | quote }}
+            requests:
+              cpu: {{ .Values.resources.ingress.requests.cpu | quote }}
+              memory: {{ .Values.resources.ingress.requests.memory | quote }}
+          {{- end }}
+          readinessProbe:
+            httpGet:
+              path: /healthz
+              port: 10254
+              scheme: HTTP
+          livenessProbe:
+            httpGet:
+              path: /healthz
+              port: 10254
+              scheme: HTTP
+            initialDelaySeconds: 10
+            timeoutSeconds: 1
+          env:
+            - name: POD_NAME
+              valueFrom:
+                fieldRef:
+                  fieldPath: metadata.name
+            - name: POD_NAMESPACE
+              valueFrom:
+                fieldRef:
+                  fieldPath: metadata.namespace
+          ports:
+            - containerPort: 80
+              hostPort: 80
+            - containerPort: 443
+              hostPort: 443
+          args:
+            - /nginx-ingress-controller
+            - '--default-backend-service=$(POD_NAMESPACE)/ingress-error-pages'
+            - '--v=3'
+{{- if .Values.network.host_namespace }}
+          volumeMounts:
+            - name: resolvconf
+              mountPath: /etc/resolv.conf
+              subPath: resolv.conf
+      volumes:
+        - name: resolvconf
+          configMap:
+            name: ingress-etc
+{{- end }}

ingress/values.yaml

@@ -0,0 +1,68 @@
+# Copyright 2017 The Openstack-Helm Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Default values for memcached.
+# This is a YAML-formatted file.
+# Declare name/value pairs to be passed into your templates.
+# name: value
+
+replicas:
+  ingress: 1
+  error_page: 1
+
+images:
+  entrypoint: docker.io/kolla/ubuntu-source-kubernetes-entrypoint:4.0.0
+  ingress: gcr.io/google_containers/nginx-ingress-controller:0.8.3
+  error_pages: gcr.io/google_containers/defaultbackend:1.0
+  pull_policy: "IfNotPresent"
+
+upgrades:
+  revision_history: 3
+  pod_replacement_strategy: RollingUpdate
+  rolling_update:
+    max_unavailable: 1
+    max_surge: 3
+
+labels:
+  node_selector_key: openstack-control-plane
+  node_selector_value: enabled
+
+network:
+  host_namespace: true
+  dns:
+    kubernetes_domain: cluster.local
+    # this must list the skydns server first, and in calico
+    # this is consistently 10.96.0.10
+    servers:
+    - 10.96.0.10
+    - 8.8.8.8
+
+deployment_type: Deployment
+
+resources:
+  enabled: false
+  error_pages:
+    limits:
+      memory: "128Mi"
+      cpu: "500m"
+    requests:
+      memory: "128Mi"
+      cpu: "500m"
+  ingress:
+    limits:
+      memory: "128Mi"
+      cpu: "500m"
+    requests:
+      memory: "128Mi"
+      cpu: "500m"