openstack/openstack-helm
Code Issues Proposed changes

Ironic: chart and initial gate scripts

Browse Source 
This PS adds a chart, and checks, for OpenStack Ironic.

Change-Id: I9632885e5a0ca18e4e425c6b163f73d0d1e5649d
This commit is contained in:
Pete Birley 2017-09-08 01:17:49 -05:00
parent cdaa02ef38
commit 70d010d63a
56 changed files with 3333 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
.zuul.yaml
View File

@ -45,6 +45,12 @@
- ^.*\.rst$
- ^doc/.*$
- ^releasenotes/.*$
- openstack-helm-ironic-ubuntu:
voting: false
irrelevant-files:
- ^.*\.rst$
- ^doc/.*$
- ^releasenotes/.*$
gate:
jobs:
- openstack-helm-linter:
@ -124,3 +130,9 @@
name: openstack-helm-multinode-fedora
parent: openstack-helm-multinode
nodeset: openstack-helm-five-node-fedora
- job:
name: openstack-helm-ironic-ubuntu
parent: openstack-helm-multinode
nodeset: openstack-helm-ubuntu
run: tools/gate/playbooks/ironic-deploy.yaml

25
ironic/Chart.yaml Normal file
View File

@ -0,0 +1,25 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: v1
description: OpenStack-Helm Ironic
name: ironic
version: 0.1.0
home: https://docs.openstack.org/developer/ironic
icon: https://www.openstack.org/themes/openstack/images/project-mascots/Ironic/OpenStack_Project_Ironic_vertical.png
sources:
- https://git.openstack.org/cgit/openstack/ironic
- https://git.openstack.org/cgit/openstack/openstack-helm
maintainers:
- name: OpenStack-Helm Authors

18
ironic/requirements.yaml Normal file
View File

@ -0,0 +1,18 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
dependencies:
- name: helm-toolkit
repository: http://localhost:8879/charts
version: 0.1.0

20
ironic/templates/bin/_bootstrap.sh.tpl Normal file
View File

@ -0,0 +1,20 @@
#!/bin/bash
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
set -ex
{{ .Values.bootstrap.script | default "echo 'Not Enabled'" }}

21
ironic/templates/bin/_db-sync.sh.tpl Normal file
View File

@ -0,0 +1,21 @@
#!/bin/bash
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
set -ex
ironic-dbsync upgrade

31
ironic/templates/bin/_ironic-api.sh.tpl Normal file
View File

@ -0,0 +1,31 @@
#!/bin/bash
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
set -ex
COMMAND="${@:-start}"
function start () {
exec ironic-api \
--config-file /etc/ironic/ironic.conf
}
function stop () {
kill -TERM 1
}
$COMMAND

39
ironic/templates/bin/_ironic-conductor-http-init.sh.tpl Normal file
View File

@ -0,0 +1,39 @@
#!/bin/bash
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
set -ex
if [ "x" == "x${PROVISIONER_INTERFACE}" ]; then
echo "Provisioner interface is not set"
exit 1
fi
function net_pxe_addr {
ip addr | awk "/inet / && /${PROVISIONER_INTERFACE}/{print \$2; exit }"
}
function net_pxe_ip {
echo $(net_pxe_addr) | awk -F '/' '{ print $1; exit }'
}
PXE_IP=$(net_pxe_ip)
if [ "x" == "x${PXE_IP}" ]; then
echo "Could not find IP for pxe to bind to"
exit 1
fi
sed "s|OSH_PXE_IP|${PXE_IP}|g" /etc/nginx/nginx.conf > /tmp/pod-shared/nginx.conf

23
ironic/templates/bin/_ironic-conductor-http.sh.tpl Normal file
View File

@ -0,0 +1,23 @@
#!/bin/bash
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
set -ex
mkdir -p /var/lib/openstack-helm/httpboot
cp -v /tmp/pod-shared/nginx.conf /etc/nginx/nginx.conf
exec nginx -g 'daemon off;'

57
ironic/templates/bin/_ironic-conductor-init.sh.tpl Normal file
View File

@ -0,0 +1,57 @@
#!/bin/bash
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
set -ex
if [ "x" == "x${PROVISIONER_INTERFACE}" ]; then
echo "Provisioner interface is not set"
exit 1
fi
function net_pxe_addr {
ip addr | awk "/inet / && /${PROVISIONER_INTERFACE}/{print \$2; exit }"
}
function net_pxe_ip {
echo $(net_pxe_addr) | awk -F '/' '{ print $1; exit }'
}
PXE_IP=$(net_pxe_ip)
if [ "x" == "x${PXE_IP}" ]; then
echo "Could not find IP for pxe to bind to"
exit 1
fi
cat <<EOF>/tmp/pod-shared/conductor-local-ip.conf
[DEFAULT]
# IP address of this host. If unset, will determine the IP
# programmatically. If unable to do so, will use "127.0.0.1".
# (string value)
my_ip = ${PXE_IP}
[pxe]
# IP address of ironic-conductor node's TFTP server. (string
# value)
tftp_server = ${PXE_IP}
[deploy]
# ironic-conductor node's HTTP server URL. Example:
# http://192.1.2.3:8080 (string value)
# from .deploy.ironic.http_url
http_url = http://${PXE_IP}:{{ tuple "baremetal" "internal" "pxe_http" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
EOF

31
ironic/templates/bin/_ironic-conductor-pxe-init.sh.tpl Normal file
View File

@ -0,0 +1,31 @@
#!/bin/bash
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
set -ex
apt-get update
apt-get install ipxe -y
mkdir -p /var/lib/openstack-helm/tftpboot
mkdir -p /var/lib/openstack-helm/tftpboot/master_images
for FILE in undionly.kpxe ipxe.efi; do
if [ -f /usr/lib/ipxe/$FILE ]; then
cp -v /usr/lib/ipxe/$FILE /var/lib/openstack-helm/tftpboot
fi
done

39
ironic/templates/bin/_ironic-conductor-pxe.sh.tpl Normal file
View File

@ -0,0 +1,39 @@
#!/bin/bash
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
set -ex
function net_pxe_addr {
ip addr | awk "/inet / && /${PROVISIONER_INTERFACE}/{print \$2; exit }"
}
function net_pxe_ip {
echo $(net_pxe_addr) | awk -F '/' '{ print $1; exit }'
}
PXE_IP=$(net_pxe_ip)
if [ "x" == "x${PXE_IP}" ]; then
echo "Could not find IP for pxe to bind to"
exit 1
fi
ln -s /var/lib/openstack-helm/tftpboot /tftpboot
exec /usr/sbin/in.tftpd \
--verbose \
--foreground \
--user root \
--address ${PXE_IP}:69 \
--map-file /tftp-map-file /tftpboot

26
ironic/templates/bin/_ironic-conductor.sh.tpl Normal file
View File

@ -0,0 +1,26 @@
#!/bin/bash
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
set -ex
mkdir -p /var/lib/openstack-helm/ironic/images
mkdir -p /var/lib/openstack-helm/ironic/master_images
exec ironic-conductor \
--config-file /etc/ironic/ironic.conf \
--config-file /tmp/pod-shared/conductor-local-ip.conf

53
ironic/templates/configmap-bin.yaml Normal file
View File

@ -0,0 +1,53 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.configmap_bin }}
{{- $envAll := . }}
---
apiVersion: v1
kind: ConfigMap
metadata:
name: ironic-bin
data:
{{- if .Values.bootstrap.enabled }}
bootstrap.sh: |+
{{ tuple "bin/_bootstrap.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
{{- end }}
db-init.py: |
{{- include "helm-toolkit.scripts.db_init" . | indent 4 }}
db-sync.sh: |
{{ tuple "bin/_db-sync.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
ks-service.sh: |+
{{- include "helm-toolkit.scripts.keystone_service" . | indent 4 }}
ks-endpoints.sh: |+
{{- include "helm-toolkit.scripts.keystone_endpoints" . | indent 4 }}
ks-user.sh: |+
{{- include "helm-toolkit.scripts.keystone_user" . | indent 4 }}
ironic-api.sh: |
{{ tuple "bin/_ironic-api.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
ironic-conductor.sh: |
{{ tuple "bin/_ironic-conductor.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
ironic-conductor-init.sh: |
{{ tuple "bin/_ironic-conductor-init.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
ironic-conductor-pxe.sh: |
{{ tuple "bin/_ironic-conductor-pxe.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
ironic-conductor-pxe-init.sh: |
{{ tuple "bin/_ironic-conductor-pxe-init.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
ironic-conductor-http.sh: |
{{ tuple "bin/_ironic-conductor-http.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
ironic-conductor-http-init.sh: |
{{ tuple "bin/_ironic-conductor-http-init.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
{{- end }}

212
ironic/templates/configmap-etc.yaml Normal file
View File

@ -0,0 +1,212 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.configmap_etc }}
{{- $envAll := . }}
{{- if empty .Values.conf.ironic.keystone_authtoken.auth_uri -}}
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.ironic.keystone_authtoken "auth_uri" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.ironic.keystone_authtoken.auth_url -}}
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.ironic.keystone_authtoken "auth_url" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.ironic.keystone_authtoken.region_name -}}
{{- set .Values.conf.ironic.keystone_authtoken "region_name" .Values.endpoints.identity.auth.ironic.region_name | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.ironic.keystone_authtoken.project_name -}}
{{- set .Values.conf.ironic.keystone_authtoken "project_name" .Values.endpoints.identity.auth.ironic.project_name | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.ironic.keystone_authtoken.project_domain_name -}}
{{- set .Values.conf.ironic.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.ironic.project_domain_name | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.ironic.keystone_authtoken.user_domain_name -}}
{{- set .Values.conf.ironic.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.ironic.user_domain_name | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.ironic.keystone_authtoken.username -}}
{{- set .Values.conf.ironic.keystone_authtoken "username" .Values.endpoints.identity.auth.ironic.username | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.ironic.keystone_authtoken.password -}}
{{- set .Values.conf.ironic.keystone_authtoken "password" .Values.endpoints.identity.auth.ironic.password | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.ironic.keystone_authtoken.memcached_servers -}}
{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.ironic.keystone_authtoken "memcached_servers" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.ironic.database.connection -}}
{{- tuple "oslo_db" "internal" "ironic" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.ironic.database "connection" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.ironic.DEFAULT.transport_url -}}
{{- tuple "oslo_messaging" "internal" "ironic" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.ironic.DEFAULT "transport_url" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.ironic.glance.glance_host -}}
{{- tuple "image" "internal" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup"| set .Values.conf.ironic.glance "glance_host" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.ironic.glance.glance_port -}}
{{- tuple "image" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup"| set .Values.conf.ironic.glance "glance_port" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.ironic.glance.auth_url -}}
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.ironic.glance "auth_url" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.ironic.glance.project_name -}}
{{- set .Values.conf.ironic.glance "project_name" .Values.endpoints.identity.auth.ironic.project_name | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.ironic.glance.project_domain_name -}}
{{- set .Values.conf.ironic.glance "project_domain_name" .Values.endpoints.identity.auth.ironic.project_domain_name | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.ironic.glance.user_domain_name -}}
{{- set .Values.conf.ironic.glance "user_domain_name" .Values.endpoints.identity.auth.ironic.user_domain_name | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.ironic.glance.username -}}
{{- set .Values.conf.ironic.glance "username" .Values.endpoints.identity.auth.ironic.username | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.ironic.glance.password -}}
{{- set .Values.conf.ironic.glance "password" .Values.endpoints.identity.auth.ironic.password | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.ironic.inspector.auth_url -}}
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.ironic.inspector "auth_url" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.ironic.inspector.project_name -}}
{{- set .Values.conf.ironic.inspector "project_name" .Values.endpoints.identity.auth.ironic.project_name | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.ironic.inspector.project_domain_name -}}
{{- set .Values.conf.ironic.inspector "project_domain_name" .Values.endpoints.identity.auth.ironic.project_domain_name | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.ironic.inspector.user_domain_name -}}
{{- set .Values.conf.ironic.inspector "user_domain_name" .Values.endpoints.identity.auth.ironic.user_domain_name | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.ironic.inspector.username -}}
{{- set .Values.conf.ironic.inspector "username" .Values.endpoints.identity.auth.ironic.username | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.ironic.inspector.password -}}
{{- set .Values.conf.ironic.inspector "password" .Values.endpoints.identity.auth.ironic.password | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.ironic.neutron.url -}}
{{- tuple "network" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.ironic.neutron "url" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.ironic.neutron.auth_url -}}
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.ironic.neutron "auth_url" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.ironic.neutron.project_name -}}
{{- set .Values.conf.ironic.neutron "project_name" .Values.endpoints.identity.auth.ironic.project_name | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.ironic.neutron.project_domain_name -}}
{{- set .Values.conf.ironic.neutron "project_domain_name" .Values.endpoints.identity.auth.ironic.project_domain_name | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.ironic.neutron.user_domain_name -}}
{{- set .Values.conf.ironic.neutron "user_domain_name" .Values.endpoints.identity.auth.ironic.user_domain_name | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.ironic.neutron.username -}}
{{- set .Values.conf.ironic.neutron "username" .Values.endpoints.identity.auth.ironic.username | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.ironic.neutron.password -}}
{{- set .Values.conf.ironic.neutron "password" .Values.endpoints.identity.auth.ironic.password | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.ironic.service_catalog.auth_url -}}
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.ironic.service_catalog "auth_url" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.ironic.service_catalog.project_name -}}
{{- set .Values.conf.ironic.service_catalog "project_name" .Values.endpoints.identity.auth.ironic.project_name | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.ironic.service_catalog.project_domain_name -}}
{{- set .Values.conf.ironic.service_catalog "project_domain_name" .Values.endpoints.identity.auth.ironic.project_domain_name | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.ironic.service_catalog.user_domain_name -}}
{{- set .Values.conf.ironic.service_catalog "user_domain_name" .Values.endpoints.identity.auth.ironic.user_domain_name | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.ironic.service_catalog.username -}}
{{- set .Values.conf.ironic.service_catalog "username" .Values.endpoints.identity.auth.ironic.username | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.ironic.service_catalog.password -}}
{{- set .Values.conf.ironic.service_catalog "password" .Values.endpoints.identity.auth.ironic.password | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.ironic.swift.auth_url -}}
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.ironic.swift "auth_url" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.ironic.swift.project_name -}}
{{- set .Values.conf.ironic.swift "project_name" .Values.endpoints.identity.auth.ironic.project_name | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.ironic.swift.project_domain_name -}}
{{- set .Values.conf.ironic.swift "project_domain_name" .Values.endpoints.identity.auth.ironic.project_domain_name | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.ironic.swift.user_domain_name -}}
{{- set .Values.conf.ironic.swift "user_domain_name" .Values.endpoints.identity.auth.ironic.user_domain_name | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.ironic.swift.username -}}
{{- set .Values.conf.ironic.swift "username" .Values.endpoints.identity.auth.ironic.username | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.ironic.swift.password -}}
{{- set .Values.conf.ironic.swift "password" .Values.endpoints.identity.auth.ironic.password | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.ironic.conductor.api_url -}}
{{- tuple "baremetal" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.ironic.conductor "api_url" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.ironic.api.public_endpoint -}}
{{- tuple "baremetal" "public" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.ironic.api "public_endpoint" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.ironic.glance.swift_endpoint_url -}}
{{- tuple "ceph_object_store" "public" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| trimSuffix .Values.endpoints.ceph_object_store.path.default | set .Values.conf.ironic.glance "swift_endpoint_url" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.ironic.glance.swift_temp_url_key -}}
{{- set .Values.conf.ironic.glance "swift_temp_url_key" .Values.endpoints.ceph_object_store.auth.glance.tmpurlkey | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.ironic.api.port -}}
{{- set .Values.conf.ironic.api "port" (tuple "baremetal" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup") | quote | trunc 0 -}}
{{- end -}}
---
apiVersion: v1
kind: ConfigMap
metadata:
name: ironic-etc
data:
ironic.conf: |+
{{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.ironic | indent 4 }}
policy.json: |+
{{ toJson .Values.conf.policy | indent 4 }}
tftp-map-file: |+
{{ if .Values.conf.tftp_map_file.override -}}
{{ .Values.conf.tftp_map_file.override | indent 4 }}
{{- else -}}
{{ tuple "etc/_tftp-map-file.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
{{- end }}
{{- if .Values.conf.tftp_map_file.append -}}
{{ .Values.conf.tftp_map_file.append | indent 4 }}
{{- end }}
nginx.conf: |+
{{ if .Values.conf.nginx.override -}}
{{ .Values.conf.nginx.override | indent 4 }}
{{- else -}}
{{ tuple "etc/_nginx.conf.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
{{- end }}
{{- if .Values.conf.nginx.append -}}
{{ .Values.conf.nginx.append | indent 4 }}
{{- end }}
{{- end }}

93
ironic/templates/deployment-api.yaml Normal file
View File

@ -0,0 +1,93 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.deployment_api }}
{{- $envAll := . }}
{{- $dependencies := .Values.dependencies.api }}
{{- $mounts_ironic_api := .Values.pod.mounts.ironic_api.ironic_api }}
{{- $mounts_ironic_api_init := .Values.pod.mounts.ironic_api.init_container }}
{{- $serviceAccountName := "ironic-api" }}
{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
---
apiVersion: apps/v1beta1
kind: Deployment
metadata:
name: ironic-api
spec:
replicas: {{ .Values.pod.replicas.api }}
{{ tuple $envAll | include "helm-toolkit.snippets.kubernetes_upgrades_deployment" | indent 2 }}
template:
metadata:
labels:
{{ tuple $envAll "ironic" "api" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
annotations:
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
spec:
serviceAccountName: {{ $serviceAccountName }}
affinity:
{{ tuple $envAll "ironic" "api" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
nodeSelector:
{{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }}
terminationGracePeriodSeconds: {{ .Values.pod.lifecycle.termination_grace_period.api.timeout | default "30" }}
initContainers:
{{ tuple $envAll $dependencies $mounts_ironic_api_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
containers:
- name: ironic-api
image: {{ .Values.images.tags.ironic_api }}
imagePullPolicy: {{ .Values.images.pull_policy }}
{{ tuple $envAll $envAll.Values.pod.resources.api | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
command:
- /tmp/ironic-api.sh
- start
lifecycle:
preStop:
exec:
command:
- /tmp/ironic-api.sh
- stop
ports:
- containerPort: {{ tuple "baremetal" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
readinessProbe:
tcpSocket:
port: {{ tuple "baremetal" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
volumeMounts:
- name: ironic-bin
mountPath: /tmp/ironic-api.sh
subPath: ironic-api.sh
readOnly: true
- name: ironic-etc
mountPath: /etc/ironic/ironic.conf
subPath: ironic.conf
readOnly: true
- name: ironic-etc
mountPath: /etc/ironic/policy.json
subPath: policy.json
readOnly: true
{{- if $mounts_ironic_api.volumeMounts }}{{ toYaml $mounts_ironic_api.volumeMounts | indent 12 }}{{ end }}
volumes:
- name: ironic-bin
configMap:
name: ironic-bin
defaultMode: 0555
- name: ironic-etc
configMap:
name: ironic-etc
defaultMode: 0444
{{- if $mounts_ironic_api.volumes }}{{ toYaml $mounts_ironic_api.volumes | indent 8 }}{{ end }}
{{- end }}

41
ironic/templates/etc/_nginx.conf.tpl Normal file
View File

@ -0,0 +1,41 @@
user nginx;
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
server {
listen OSH_PXE_IP:{{ tuple "baremetal" "internal" "pxe_http" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }};
server_name localhost;
#charset koi8-r;
#access_log /var/log/nginx/host.access.log main;
location / {
root /var/lib/openstack-helm/httpboot;
}
}
}

4
ironic/templates/etc/_tftp-map-file.tpl Normal file
View File

@ -0,0 +1,4 @@
re ^(/tftpboot/) /tftpboot/\2
re ^/tftpboot/ /tftpboot/
re ^(^/) /tftpboot/\1
re ^([^/]) /tftpboot/\1

57
ironic/templates/ingress-api.yaml Normal file
View File

@ -0,0 +1,57 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if and .Values.manifests.ingress_api .Values.network.api.ingress.public }}
{{- $envAll := . }}
{{- $backendServiceType := "baremetal" }}
{{- $backendPort := "m-api" }}
{{- $ingressName := tuple $backendServiceType "public" $envAll | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
{{- $backendName := tuple $backendServiceType "internal" $envAll | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
{{- $hostName := tuple $backendServiceType "public" $envAll | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
{{- $hostNameNamespaced := tuple $backendServiceType "public" $envAll | include "helm-toolkit.endpoints.hostname_namespaced_endpoint_lookup" }}
{{- $hostNameFull := tuple $backendServiceType "public" $envAll | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" }}
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: {{ $ingressName }}
annotations:
kubernetes.io/ingress.class: "nginx"
ingress.kubernetes.io/rewrite-target: /
spec:
rules:
{{ if ne $hostNameNamespaced $hostNameFull }}
{{- range $key1, $vHost := tuple $hostName $hostNameNamespaced $hostNameFull }}
- host: {{ $vHost }}
http:
paths:
- path: /
backend:
serviceName: {{ $backendName }}
servicePort: {{ $backendPort }}
{{- end }}
{{- else }}
{{- range $key1, $vHost := tuple $hostName $hostNameNamespaced }}
- host: {{ $vHost }}
http:
paths:
- path: /
backend:
serviceName: {{ $backendName }}
servicePort: {{ $backendPort }}
{{- end }}
{{- end }}
{{- end }}

66
ironic/templates/job-bootstrap.yaml Normal file
View File

@ -0,0 +1,66 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if and .Values.manifests.job_bootstrap .Values.bootstrap.enabled }}
{{- $envAll := . }}
{{- $dependencies := .Values.dependencies.bootstrap }}
{{- $mounts_ironic_bootstrap := .Values.pod.mounts.ironic_bootstrap.ironic_bootstrap }}
{{- $mounts_ironic_bootstrap_init := .Values.pod.mounts.ironic_bootstrap.init_container }}
{{- $serviceAccountName := "ironic-bootstrap" }}
{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
---
apiVersion: batch/v1
kind: Job
metadata:
name: ironic-bootstrap
spec:
template:
metadata:
labels:
{{ tuple $envAll "ironic" "bootstrap" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
spec:
serviceAccountName: {{ $serviceAccountName }}
restartPolicy: OnFailure
nodeSelector:
{{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }}
initContainers:
{{ tuple $envAll $dependencies $mounts_ironic_bootstrap_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
containers:
- name: ironic-bootstrap
image: {{ .Values.images.tags.bootstrap }}
imagePullPolicy: {{ .Values.images.pull_policy }}
{{ tuple $envAll $envAll.Values.pod.resources.jobs.bootstrap | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
env:
{{- with $env := dict "ksUserSecret" .Values.secrets.identity.ironic }}
{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }}
{{- end }}
command:
- /tmp/bootstrap.sh
volumeMounts:
- name: ironic-bin
mountPath: /tmp/bootstrap.sh
subPath: bootstrap.sh
readOnly: true
{{- if $mounts_ironic_bootstrap.volumeMounts }}{{ toYaml $mounts_ironic_bootstrap.volumeMounts | indent 10 }}{{ end }}
volumes:
- name: ironic-bin
configMap:
name: ironic-bin
defaultMode: 0555
{{- if $mounts_ironic_bootstrap.volumes }}{{ toYaml $mounts_ironic_bootstrap.volumes | indent 6 }}{{ end }}
{{- end }}

81
ironic/templates/job-db-init.yaml Normal file
View File

@ -0,0 +1,81 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.job_db_init }}
{{- $envAll := . }}
{{- $dependencies := .Values.dependencies.db_init }}
{{- $serviceAccountName := "ironic-db-init" }}
{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
---
apiVersion: batch/v1
kind: Job
metadata:
name: ironic-db-init
spec:
template:
metadata:
labels:
{{ tuple $envAll "ironic" "db-init" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
spec:
serviceAccountName: {{ $serviceAccountName }}
restartPolicy: OnFailure
nodeSelector:
{{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }}
initContainers:
{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
containers:
- name: ironic-db-init
image: {{ .Values.images.tags.db_init | quote }}
imagePullPolicy: {{ .Values.images.pull_policy | quote }}
{{ tuple $envAll $envAll.Values.pod.resources.jobs.db_init | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
env:
- name: ROOT_DB_CONNECTION
valueFrom:
secretKeyRef:
name: {{ .Values.secrets.oslo_db.admin }}
key: DB_CONNECTION
- name: OPENSTACK_CONFIG_FILE
value: /etc/ironic/ironic.conf
- name: OPENSTACK_CONFIG_DB_SECTION
value: database
- name: OPENSTACK_CONFIG_DB_KEY
value: connection
command:
- /tmp/db-init.py
volumeMounts:
- name: ironic-bin
mountPath: /tmp/db-init.py
subPath: db-init.py
readOnly: true
- name: etcironic
mountPath: /etc/ironic
- name: ironic-etc
mountPath: /etc/ironic/ironic.conf
subPath: ironic.conf
readOnly: true
volumes:
- name: etcironic
emptyDir: {}
- name: ironic-etc
configMap:
name: ironic-etc
defaultMode: 0444
- name: ironic-bin
configMap:
name: ironic-bin
defaultMode: 0555
{{- end }}

69
ironic/templates/job-db-sync.yaml Normal file
View File

@ -0,0 +1,69 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.job_db_sync }}
{{- $envAll := . }}
{{- $dependencies := .Values.dependencies.db_sync }}
{{- $serviceAccountName := "ironic-db-sync" }}
{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
---
apiVersion: batch/v1
kind: Job
metadata:
name: ironic-db-sync
spec:
template:
metadata:
labels:
{{ tuple $envAll "ironic" "db-sync" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
spec:
serviceAccountName: {{ $serviceAccountName }}
restartPolicy: OnFailure
nodeSelector:
{{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }}
initContainers:
{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
containers:
- name: ironic-db-sync
image: {{ .Values.images.tags.ironic_db_sync }}
imagePullPolicy: {{ .Values.images.pull_policy }}
{{ tuple $envAll $envAll.Values.pod.resources.jobs.db_sync | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
command:
- /tmp/db-sync.sh
volumeMounts:
- name: ironic-bin
mountPath: /tmp/db-sync.sh
subPath: db-sync.sh
readOnly: true
- name: etcironic
mountPath: /etc/ironic
- name: ironic-etc
mountPath: /etc/ironic/ironic.conf
subPath: ironic.conf
readOnly: true
volumes:
- name: etcironic
emptyDir: {}
- name: ironic-etc
configMap:
name: ironic-etc
defaultMode: 0444
- name: ironic-bin
configMap:
name: ironic-bin
defaultMode: 0555
{{- end }}

73
ironic/templates/job-ks-endpoints.yaml Normal file
View File

@ -0,0 +1,73 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.job_ks_endpoints }}
{{- $envAll := . }}
{{- $dependencies := .Values.dependencies.ks_endpoints }}
{{- $serviceAccountName := "ironic-ks-endpoints" }}
{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
---
apiVersion: batch/v1
kind: Job
metadata:
name: ironic-ks-endpoints
spec:
template:
metadata:
labels:
{{ tuple $envAll "ironic" "ks-endpoints" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
spec:
serviceAccountName: {{ $serviceAccountName }}
restartPolicy: OnFailure
nodeSelector:
{{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }}
initContainers:
{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
containers:
{{- range $key1, $osServiceType := tuple "baremetal" }}
{{- range $key2, $osServiceEndPoint := tuple "admin" "internal" "public" }}
- name: {{ $osServiceType }}-ks-endpoints-{{ $osServiceEndPoint }}
image: {{ $envAll.Values.images.tags.ks_endpoints }}
imagePullPolicy: {{ $envAll.Values.images.pull_policy }}
{{ tuple $envAll $envAll.Values.pod.resources.jobs.ks_endpoints | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
command:
- /tmp/ks-endpoints.sh
volumeMounts:
- name: ks-endpoints-sh
mountPath: /tmp/ks-endpoints.sh
subPath: ks-endpoints.sh
readOnly: true
env:
{{- with $env := dict "ksUserSecret" $envAll.Values.secrets.identity.admin }}
{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }}
{{- end }}
- name: OS_SVC_ENDPOINT
value: {{ $osServiceEndPoint }}
- name: OS_SERVICE_NAME
value: {{ tuple $osServiceType $envAll | include "helm-toolkit.endpoints.keystone_endpoint_name_lookup" }}
- name: OS_SERVICE_TYPE
value: {{ $osServiceType }}
- name: OS_SERVICE_ENDPOINT
value: {{ tuple $osServiceType $osServiceEndPoint "api" $envAll | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" }}
{{- end }}
{{- end }}
volumes:
- name: ks-endpoints-sh
configMap:
name: ironic-bin
defaultMode: 0555
{{- end }}

67
ironic/templates/job-ks-service.yaml Normal file
View File

@ -0,0 +1,67 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.job_ks_service }}
{{- $envAll := . }}
{{- $dependencies := .Values.dependencies.ks_service }}
{{- $serviceAccountName := "ironic-ks-service" }}
{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
---
apiVersion: batch/v1
kind: Job
metadata:
name: ironic-ks-service
spec:
template:
metadata:
labels:
{{ tuple $envAll "ironic" "ks-service" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
spec:
serviceAccountName: {{ $serviceAccountName }}
restartPolicy: OnFailure
nodeSelector:
{{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }}
initContainers:
{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
containers:
{{- range $key1, $osServiceType := tuple "baremetal" }}
- name: {{ $osServiceType }}-ks-service-registration
image: {{ $envAll.Values.images.tags.ks_service }}
imagePullPolicy: {{ $envAll.Values.images.pull_policy }}
{{ tuple $envAll $envAll.Values.pod.resources.jobs.ks_service | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
command:
- /tmp/ks-service.sh
volumeMounts:
- name: ks-service-sh
mountPath: /tmp/ks-service.sh
subPath: ks-service.sh
readOnly: true
env:
{{- with $env := dict "ksUserSecret" $envAll.Values.secrets.identity.admin }}
{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }}
{{- end }}
- name: OS_SERVICE_NAME
value: {{ tuple $osServiceType $envAll | include "helm-toolkit.endpoints.keystone_endpoint_name_lookup" }}
- name: OS_SERVICE_TYPE
value: {{ $osServiceType }}
{{- end }}
volumes:
- name: ks-service-sh
configMap:
name: ironic-bin
defaultMode: 0555
{{- end }}

68
ironic/templates/job-ks-user.yaml Normal file
View File

@ -0,0 +1,68 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.job_ks_user }}
{{- $envAll := . }}
{{- $dependencies := .Values.dependencies.ks_user }}
{{- $serviceAccountName := "ironic-ks-user" }}
{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
---
apiVersion: batch/v1
kind: Job
metadata:
name: ironic-ks-user
spec:
template:
metadata:
labels:
{{ tuple $envAll "ironic" "ks-user" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
spec:
serviceAccountName: {{ $serviceAccountName }}
restartPolicy: OnFailure
nodeSelector:
{{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }}
initContainers:
{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
containers:
- name: ironic-ks-user
image: {{ .Values.images.tags.ks_user }}
imagePullPolicy: {{ .Values.images.pull_policy }}
{{ tuple $envAll $envAll.Values.pod.resources.jobs.ks_user | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
command:
- /tmp/ks-user.sh
volumeMounts:
- name: ks-user-sh
mountPath: /tmp/ks-user.sh
subPath: ks-user.sh
readOnly: true
env:
{{- with $env := dict "ksUserSecret" $envAll.Values.secrets.identity.admin }}
{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }}
{{- end }}
- name: SERVICE_OS_SERVICE_NAME
value: "ironic"
{{- with $env := dict "ksUserSecret" .Values.secrets.identity.ironic }}
{{- include "helm-toolkit.snippets.keystone_user_create_env_vars" $env | indent 12 }}
{{- end }}
- name: SERVICE_OS_ROLE
value: {{ .Values.endpoints.identity.auth.ironic.role | quote }}
volumes:
- name: ks-user-sh
configMap:
name: ironic-bin
defaultMode: 0555
{{- end }}

29
ironic/templates/pdb-api.yaml Normal file
View File

@ -0,0 +1,29 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.pdb_api }}
{{- $envAll := . }}
---
apiVersion: policy/v1beta1
kind: PodDisruptionBudget
metadata:
name: ironic-api
spec:
minAvailable: {{ .Values.pod.lifecycle.disruption_budget.api.min_available }}
selector:
matchLabels:
{{ tuple $envAll "ironic" "api" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
{{- end }}

30
ironic/templates/secret-db.yaml Normal file
View File

@ -0,0 +1,30 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.secret_db }}
{{- $envAll := . }}
{{- range $key1, $userClass := tuple "admin" "ironic" }}
{{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ $secretName }}
type: Opaque
data:
DB_CONNECTION: {{ tuple "oslo_db" "internal" $userClass "mysql" $envAll | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | b64enc -}}
{{- end }}
{{- end }}

30
ironic/templates/secret-keystone.yaml Normal file
View File

@ -0,0 +1,30 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.secret_keystone }}
{{- $envAll := . }}
{{- range $key1, $userClass := tuple "admin" "ironic" }}
{{- $secretName := index $envAll.Values.secrets.identity $userClass }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ $secretName }}
type: Opaque
data:
{{- tuple $userClass "internal" $envAll | include "helm-toolkit.snippets.keystone_secret_openrc" | indent 2 -}}
{{- end }}
{{- end }}

36
ironic/templates/service-api.yaml Normal file
View File

@ -0,0 +1,36 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.service_api }}
{{- $envAll := . }}
---
apiVersion: v1
kind: Service
metadata:
name: {{ tuple "baremetal" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
spec:
ports:
- name: m-api
port: {{ tuple "baremetal" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
{{ if .Values.network.api.node_port.enabled }}
nodePort: {{ .Values.network.api.node_port.port }}
{{ end }}
selector:
{{ tuple $envAll "ironic" "api" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
{{ if .Values.network.api.node_port.enabled }}
type: NodePort
{{ end }}
{{- end }}

30
ironic/templates/service-ingress-api.yaml Normal file
View File

@ -0,0 +1,30 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if and .Values.manifests.service_ingress_api .Values.network.api.ingress.public }}
{{- $envAll := . }}
---
apiVersion: v1
kind: Service
metadata:
name: {{ tuple "baremetal" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
spec:
ports:
- name: http
port: 80
selector:
app: ingress-api
{{- end }}

203
ironic/templates/statefulset-conductor.yaml Normal file
View File

@ -0,0 +1,203 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.statefulset_conductor }}
{{- $envAll := . }}
{{- $dependencies := .Values.dependencies.conductor }}
{{- $mounts_ironic_conductor := .Values.pod.mounts.ironic_conductor.ironic_conductor }}
{{- $mounts_ironic_conductor_init := .Values.pod.mounts.ironic_conductor.init_container }}
{{- $serviceAccountName := "ironic-conductor" }}
{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
---
apiVersion: apps/v1beta1
kind: StatefulSet
metadata:
name: ironic-conductor
spec:
serviceName: ironic-conductor
replicas: {{ .Values.pod.replicas.conductor }}
template:
metadata:
labels:
{{ tuple $envAll "ironic" "conductor" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
spec:
serviceAccountName: {{ $serviceAccountName }}
affinity:
{{ tuple $envAll "ironic" "conductor" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
nodeSelector:
{{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }}
securityContext:
runAsUser: 0
hostNetwork: True
hostIPC: True
dnsPolicy: ClusterFirstWithHostNet
initContainers:
{{ tuple $envAll $dependencies $mounts_ironic_conductor_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
- name: ironic-conductor-pxe-init
image: {{ .Values.images.tags.ironic_pxe_init }}
imagePullPolicy: {{ .Values.images.pull_policy }}
{{ tuple $envAll $envAll.Values.pod.resources.conductor | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
command:
- /tmp/ironic-conductor-pxe-init.sh
volumeMounts:
- name: ironic-bin
mountPath: /tmp/ironic-conductor-pxe-init.sh
subPath: ironic-conductor-pxe-init.sh
readOnly: true
- name: pod-data
mountPath: /var/lib/openstack-helm
- name: ironic-conductor-init
image: {{ .Values.images.tags.ironic_conductor }}
imagePullPolicy: {{ .Values.images.pull_policy }}
{{ tuple $envAll $envAll.Values.pod.resources.conductor | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
env:
- name: PROVISIONER_INTERFACE
value: {{ .Values.network.interface.provisioner }}
command:
- /tmp/ironic-conductor-init.sh
volumeMounts:
- name: ironic-bin
mountPath: /tmp/ironic-conductor-init.sh
subPath: ironic-conductor-init.sh
readOnly: true
- name: pod-shared
mountPath: /tmp/pod-shared
- name: ironic-conductor-http-init
image: {{ .Values.images.tags.ironic_conductor }}
imagePullPolicy: {{ .Values.images.pull_policy }}
{{ tuple $envAll $envAll.Values.pod.resources.conductor | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
env:
- name: PROVISIONER_INTERFACE
value: {{ .Values.network.interface.provisioner }}
command:
- /tmp/ironic-conductor-http-init.sh
volumeMounts:
- name: ironic-bin
mountPath: /tmp/ironic-conductor-http-init.sh
subPath: ironic-conductor-http-init.sh
readOnly: true
- name: ironic-etc
mountPath: /etc/nginx/nginx.conf
subPath: nginx.conf
readOnly: true
- name: pod-shared
mountPath: /tmp/pod-shared
containers:
- name: ironic-conductor
image: {{ .Values.images.tags.ironic_conductor }}
imagePullPolicy: {{ .Values.images.pull_policy }}
{{ tuple $envAll $envAll.Values.pod.resources.conductor | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
securityContext:
privileged: true
command:
- /tmp/ironic-conductor.sh
volumeMounts:
- name: ironic-bin
mountPath: /tmp/ironic-conductor.sh
subPath: ironic-conductor.sh
readOnly: true
- name: pod-shared
mountPath: /tmp/pod-shared
- name: pod-var-cache-ironic
mountPath: /var/cache/ironic
- name: ironic-etc
mountPath: /etc/ironic/ironic.conf
subPath: ironic.conf
readOnly: true
- name: ironic-etc
mountPath: /etc/ironic/policy.json
subPath: policy.json
readOnly: true
- name: host-var-lib-ironic
mountPath: /var/lib/ironic
- name: host-run
mountPath: /var/run
- name: host-dev
mountPath: /dev
- name: host-sys
mountPath: /sys
- name: pod-data
mountPath: /var/lib/openstack-helm
- name: ironic-conductor-pxe
image: {{ .Values.images.tags.ironic_pxe }}
imagePullPolicy: {{ .Values.images.pull_policy }}
{{ tuple $envAll $envAll.Values.pod.resources.conductor | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
securityContext:
privileged: true
env:
- name: PROVISIONER_INTERFACE
value: {{ .Values.network.interface.provisioner }}
command:
- /tmp/ironic-conductor-pxe.sh
volumeMounts:
- name: ironic-bin
mountPath: /tmp/ironic-conductor-pxe.sh
subPath: ironic-conductor-pxe.sh
readOnly: true
- name: ironic-etc
mountPath: /tftp-map-file
subPath: tftp-map-file
readOnly: true
- name: pod-data
mountPath: /var/lib/openstack-helm
- name: ironic-conductor-http
image: {{ .Values.images.tags.ironic_pxe_http }}
imagePullPolicy: {{ .Values.images.pull_policy }}
{{ tuple $envAll $envAll.Values.pod.resources.conductor | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
command:
- /tmp/ironic-conductor-http.sh
volumeMounts:
- name: ironic-bin
mountPath: /tmp/ironic-conductor-http.sh
subPath: ironic-conductor-http.sh
readOnly: true
- name: pod-shared
mountPath: /tmp/pod-shared
readOnly: true
- name: pod-data
mountPath: /var/lib/openstack-helm
{{- if $mounts_ironic_conductor.volumeMounts }}{{ toYaml $mounts_ironic_conductor.volumeMounts | indent 12 }}{{ end }}
volumes:
- name: pod-shared
emptyDir: {}
- name: pod-var-cache-ironic
emptyDir: {}
- name: ironic-bin
configMap:
name: ironic-bin
defaultMode: 0555
- name: ironic-etc
configMap:
name: ironic-etc
defaultMode: 0444
- name: host-var-lib-ironic
hostPath:
path: /var/lib/ironic
- name: host-run
hostPath:
path: /var/run
- name: host-dev
hostPath:
path: /dev
- name: host-sys
hostPath:
path: /sys
- name: pod-data
emptyDir: {}
{{- if $mounts_ironic_conductor.volumes }}{{ toYaml $mounts_ironic_conductor.volumes | indent 8 }}{{ end }}
{{- end }}

459
ironic/values.yaml Normal file
View File

@ -0,0 +1,459 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Default values for keystone.
# This is a YAML-formatted file.
# Declare name/value pairs to be passed into your templates.
# name: value
labels:
node_selector_key: openstack-control-plane
node_selector_value: enabled
images:
tags:
bootstrap: docker.io/kolla/ubuntu-source-heat-engine:3.0.3
db_init: docker.io/kolla/ubuntu-source-heat-engine:3.0.3
ironic_db_sync: docker.io/kolla/ubuntu-source-ironic-api:3.0.3
ks_user: docker.io/kolla/ubuntu-source-heat-engine:3.0.3
ks_service: docker.io/kolla/ubuntu-source-heat-engine:3.0.3
ks_endpoints: docker.io/kolla/ubuntu-source-heat-engine:3.0.3
ironic_api: docker.io/kolla/ubuntu-source-ironic-api:3.0.3
ironic_conductor: docker.io/kolla/ubuntu-source-ironic-conductor:3.0.3
ironic_pxe: docker.io/kolla/ubuntu-source-ironic-pxe:3.0.3
ironic_pxe_init: docker.io/kolla/ubuntu-source-ironic-pxe:3.0.3
ironic_pxe_http: docker.io/nginx:1.13.3
dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.2.1
pull_policy: "IfNotPresent"
conf:
paste:
override:
append:
policy: {}
tftp_map_file:
override:
append:
nginx:
override:
append:
ironic:
DEFAULT:
enabled_drivers: agent_ipmitool
api:
port: null
conductor:
api_url: null
database:
connection: null
deploy:
http_root: /var/lib/openstack-helm/httpboot
glance:
auth_type: password
swift_temp_url_duration: 86400
temp_url_endpoint_type: radosgw
inspector:
auth_type: password
keystone_authtoken:
auth_type: password
auth_version: v3
neutron:
auth_type: password
cleaning_network_uuid: null
pxe:
pxe_append_params: "nofb nomodeset vga=normal ipa-debug=1"
images_path: /var/lib/openstack-helm/ironic/images
instance_master_path: /var/lib/openstack-helm/ironic/master_images
pxe_config_template: $pybasedir/drivers/modules/ipxe_config.template
uefi_pxe_config_template: $pybasedir/drivers/modules/ipxe_config.template
tftp_root: /var/lib/openstack-helm/tftpboot
tftp_master_path: /var/lib/openstack-helm/tftpboot/master_images
pxe_bootfile_name: undionly.kpxe
uefi_pxe_bootfile_name: ipxe.efi
ipxe_enabled: true
service_catalog:
auth_type: password
swift:
auth_url: null
network:
interface:
provisioner: null
api:
ingress:
public: true
node_port:
enabled: false
port: 30511
bootstrap:
enabled: true
script: |
RELEASE="newton"
IMAGE_URL_BASE="http://tarballs.openstack.org/ironic-python-agent/tinyipa/files"
IMAGE_INITRAMFS="ironic-agent.initramfs"
IMAGE_INITRAMFS_URL="${IMAGE_URL_BASE}/tinyipa-stable-${RELEASE}.gz"
IMAGE_KERNEL="ironic-agent.kernel"
IMAGE_KERNEL_URL="${IMAGE_URL_BASE}/tinyipa-stable-${RELEASE}.vmlinuz"
openstack image show ${IMAGE_INITRAMFS} || (
IMAGE_LOC=$(mktemp)
curl -L ${IMAGE_INITRAMFS_URL} -o ${IMAGE_LOC}
openstack image create \
--file ${IMAGE_LOC} \
--disk-format ari \
--container-format ari \
--public \
${IMAGE_INITRAMFS}
rm -f ${IMAGE_LOC}
)
openstack image show ${IMAGE_KERNEL} || (
IMAGE_LOC=$(mktemp)
curl -L ${IMAGE_KERNEL_URL} -o ${IMAGE_LOC}
openstack image create \
--file ${IMAGE_LOC} \
--disk-format aki \
--container-format aki \
--public \
${IMAGE_KERNEL}
rm -f ${IMAGE_LOC}
)
dependencies:
db_init:
services:
- service: oslo_db
endpoint: internal
db_sync:
jobs:
- ironic-db-init
services:
- service: oslo_db
endpoint: internal
ks_user:
services:
- service: identity
endpoint: internal
ks_service:
services:
- service: identity
endpoint: internal
ks_endpoints:
jobs:
- ironic-ks-service
services:
- service: identity
endpoint: internal
bootstrap:
jobs:
- ironic-db-sync
- ironic-ks-user
- ironic-ks-endpoints
services:
- service: identity
endpoint: internal
- service: image
endpoint: internal
- service: baremetal
endpoint: internal
api:
jobs:
- ironic-db-sync
- ironic-ks-user
- ironic-ks-endpoints
services:
- service: oslo_db
endpoint: internal
- service: identity
endpoint: internal
conductor:
jobs:
- ironic-db-sync
- ironic-ks-user
- ironic-ks-endpoints
services:
- service: oslo_db
endpoint: internal
- service: identity
endpoint: internal
- service: baremetal
endpoint: internal
# Names of secrets used by bootstrap and environmental checks
secrets:
identity:
admin: ironic-keystone-admin
ironic: ironic-keystone-user
oslo_db:
admin: ironic-db-admin
ironic: ironic-db-user
# typically overriden by environmental
# values, but should include all endpoints
# required by this chart
endpoints:
cluster_domain_suffix: cluster.local
identity:
name: keystone
auth:
admin:
region_name: RegionOne
username: admin
password: password
project_name: admin
user_domain_name: default
project_domain_name: default
ironic:
role: admin
region_name: RegionOne
username: ironic
password: password
project_name: service
user_domain_name: default
project_domain_name: default
hosts:
default: keystone-api
public: keystone
host_fqdn_override:
default: null
path:
default: /v3
scheme:
default: http
port:
admin:
default: 35357
api:
default: 80
baremetal:
name: ironic
hosts:
default: ironic-api
public: ironic
host_fqdn_override:
default: null
path:
default: null
scheme:
default: http
port:
api:
default: 6385
public: 80
pxe_http:
default: 8080
image:
name: glance
hosts:
default: glance-api
public: glance
host_fqdn_override:
default: null
path:
default: null
scheme:
default: http
port:
api:
default: 9292
public: 80
ceph_object_store:
name: radosgw
namespace: ceph
auth:
glance:
tmpurlkey: supersecret
hosts:
default: ceph-rgw
host_fqdn_override:
default: null
path:
default: /auth/v1.0
scheme:
default: http
port:
api:
default: 8088
oslo_db:
auth:
admin:
username: root
password: password
ironic:
username: ironic
password: password
hosts:
default: mariadb
host_fqdn_override:
default: null
path: /ironic
scheme: mysql+pymysql
port:
mysql:
default: 3306
oslo_cache:
hosts:
default: memcached
host_fqdn_override:
default: null
port:
memcache:
default: 11211
oslo_messaging:
auth:
ironic:
username: rabbitmq
password: password
hosts:
default: rabbitmq
host_fqdn_override:
default: null
path: /
scheme: rabbit
port:
amqp:
default: 5672
network:
name: neutron
hosts:
default: neutron-server
public: neutron
host_fqdn_override:
default: null
path:
default: null
scheme:
default: 'http'
port:
api:
default: 9696
public: 80
pod:
affinity:
anti:
type:
default: preferredDuringSchedulingIgnoredDuringExecution
topologyKey:
default: kubernetes.io/hostname
mounts:
ironic_api:
init_container: null
ironic_api:
ironic_conductor:
init_container: null
ironic_conductor:
ironic_bootstrap:
init_container: null
ironic_bootstrap:
replicas:
api: 1
conductor: 1
lifecycle:
upgrades:
deployments:
revision_history: 3
pod_replacement_strategy: RollingUpdate
rolling_update:
max_unavailable: 1
max_surge: 3
disruption_budget:
api:
min_available: 0
termination_grace_period:
api:
timeout: 30
resources:
enabled: false
api:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
conductor:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
jobs:
bootstrap:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
db_init:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
db_sync:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
ks_endpoints:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
ks_service:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
ks_user:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
tests:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
manifests:
configmap_bin: true
configmap_etc: true
deployment_api: true
ingress_api: true
job_bootstrap: true
job_db_init: true
job_db_sync: true
job_ks_endpoints: true
job_ks_service: true
job_ks_user: true
pdb_api: true
secret_db: true
secret_keystone: true
service_api: true
service_ingress_api: true
statefulset_conductor: true

3
nova/templates/bin/_nova-scheduler.sh.tpl
View File

@ -16,6 +16,7 @@ See the License for the specific language governing permissions and
limitations under the License.
*/}}
set -x
set -xe
exec nova-scheduler \
--config-file /etc/nova/nova.conf

1
tools/deployment/baremetal/000-install-packages.sh Symbolic link
View File

@ -0,0 +1 @@
../developer/common/000-install-packages.sh

117
tools/deployment/baremetal/005-setup-nodes.sh Executable file
View File

@ -0,0 +1,117 @@
#!/bin/bash
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
set -xe
#NOTE: Build charts
make all
#NOTE: Deploy libvirt with vbmc then define domains to use as baremetal nodes
helm install ./libvirt \
--namespace=libvirt \
--name=libvirt \
--set ceph.enabled=false \
--set images.tags.libvirt=docker.io/openstackhelm/vbmc:centos
#NOTE: Wait for deploy
sleep 5 #NOTE(portdirect): work around k8s not immedately assigning pods to nodes
./tools/deployment/common/wait-for-pods.sh libvirt
#NOTE: Validate Deployment info
helm status libvirt
#NOTE: Create domains and start vbmc for ironic to manage as baremetal nodes
LIBVIRT_PODS=$(kubectl get --namespace libvirt pods \
-l application=libvirt,component=libvirt \
--no-headers -o name | awk -F '/' '{ print $NF }')
rm -f /tmp/bm-hosts.txt || true
for LIBVIRT_POD in ${LIBVIRT_PODS}; do
TEMPLATE_MAC_ADDR="00:01:DE:AD:BE:EF"
MAC_ADDR=$(printf '00:01:DE:%02X:%02X:%02X\n' $[RANDOM%256] $[RANDOM%256] $[RANDOM%256])
LIBVIRT_POD_NODE=$(kubectl get -n libvirt pod ${LIBVIRT_POD} -o json | jq -r '.spec.nodeName')
LIBVIRT_NODE_IP=$(kubectl get node ${LIBVIRT_POD_NODE} -o json | jq -r '.status.addresses[] | select(.type=="InternalIP").address')
kubectl exec -n libvirt ${LIBVIRT_POD} -- mkdir -p /var/lib/libvirt/images
kubectl exec -n libvirt ${LIBVIRT_POD} -- rm -f /var/lib/libvirt/images/vm-1.qcow2 || true
kubectl exec -n libvirt ${LIBVIRT_POD} -- qemu-img create -f qcow2 /var/lib/libvirt/images/vm-1.qcow2 5G
kubectl exec -n libvirt ${LIBVIRT_POD} -- chown -R qemu: /var/lib/libvirt/images/vm-1.qcow2
VM_DEF="$(sed "s|${TEMPLATE_MAC_ADDR}|${MAC_ADDR}|g" ./tools/gate/files/fake-baremetal-1.xml | base64 -w0)"
kubectl exec -n libvirt ${LIBVIRT_POD} -- sh -c "echo "${VM_DEF}" | base64 -d > /tmp/fake-baremetal-1.xml"
kubectl exec -n libvirt ${LIBVIRT_POD} -- sh -c "virsh undefine fake-baremetal-1 || true"
kubectl exec -n libvirt ${LIBVIRT_POD} -- virsh define /tmp/fake-baremetal-1.xml
kubectl exec -n libvirt ${LIBVIRT_POD} -- sh -c "vbmc delete fake-baremetal-1 || true"
kubectl exec -n libvirt ${LIBVIRT_POD} -- vbmc add fake-baremetal-1
kubectl exec -n libvirt ${LIBVIRT_POD} -- sh -c "nohup vbmc start fake-baremetal-1 &>/dev/null &"
kubectl exec -n libvirt ${LIBVIRT_POD} -- virsh list --all
kubectl exec -n libvirt ${LIBVIRT_POD} -- vbmc show fake-baremetal-1
echo "${LIBVIRT_NODE_IP} ${MAC_ADDR}" >> /tmp/bm-hosts.txt
done
#NOTE: Deploy OvS to connect nodes to the deployment host
helm install ./openvswitch \
--namespace=openstack \
--name=openvswitch
#NOTE: Wait for deploy
./tools/deployment/common/wait-for-pods.sh openstack
#NOTE: Validate Deployment info
helm status openvswitch
#NOTE: Setup GRE tunnels between deployment node and libvirt hosts
OSH_IRONIC_PXE_DEV="${OSH_IRONIC_PXE_DEV:="ironic-pxe"}"
OSH_IRONIC_PXE_ADDR="${OSH_IRONIC_PXE_ADDR:="172.24.6.1/24"}"
MASTER_IP=$(kubectl get node $(hostname -f) -o json | jq -r '.status.addresses[] | select(.type=="InternalIP").address')
NODE_IPS=$(kubectl get nodes -o json | jq -r '.items[].status.addresses[] | select(.type=="InternalIP").address' | sort -V)
OVS_VSWITCHD_PODS=$(kubectl get --namespace openstack pods \
-l application=openvswitch,component=openvswitch-vswitchd \
--no-headers -o name | awk -F '/' '{ print $NF }')
for OVS_VSWITCHD_POD in ${OVS_VSWITCHD_PODS}; do
kubectl exec --namespace openstack "${OVS_VSWITCHD_POD}" \
-- ovs-vsctl add-br "${OSH_IRONIC_PXE_DEV}"
if [ "x$(kubectl --namespace openstack get pod ${OVS_VSWITCHD_POD} -o wide --no-headers | awk '{ print $NF }')" == "x$(hostname -f)" ] ; then
COUNTER=0
for NODE_IP in ${NODE_IPS}; do
if ! [ "x${MASTER_IP}" == "x${NODE_IP}" ]; then
kubectl exec --namespace openstack "${OVS_VSWITCHD_POD}" \
-- ovs-vsctl add-port ${OSH_IRONIC_PXE_DEV} gre${COUNTER} \
-- set interface gre${COUNTER} type=gre options:remote_ip=${NODE_IP}
let COUNTER=COUNTER+1
fi
done
kubectl exec --namespace openstack "${OVS_VSWITCHD_POD}" \
-- ip addr add "${OSH_IRONIC_PXE_ADDR}" dev "${OSH_IRONIC_PXE_DEV}"
#NOTE(portdirect): for simplity assume we are using the default dev
# for tunnels, and a MTU overhead of 50
MASTER_NODE_DEV="$(kubectl exec --namespace openstack "${OVS_VSWITCHD_POD}" \
-- ip -4 route list 0/0 | awk '{ print $5; exit }')"
MASTER_NODE_MTU="$(kubectl exec --namespace openstack "${OVS_VSWITCHD_POD}" \
-- cat /sys/class/net/${MASTER_NODE_DEV}/mtu)"
kubectl exec --namespace openstack "${OVS_VSWITCHD_POD}" \
-- ip link set dev ${OSH_IRONIC_PXE_DEV} mtu $((${MASTER_NODE_MTU} - 50))
kubectl exec --namespace openstack "${OVS_VSWITCHD_POD}" \
-- ip link set "${OSH_IRONIC_PXE_DEV}" up
else
kubectl exec --namespace openstack "${OVS_VSWITCHD_POD}" \
-- ovs-vsctl add-port ${OSH_IRONIC_PXE_DEV} gre0 \
-- set interface gre0 type=gre options:remote_ip=${MASTER_IP}
fi
done
#NOTE: Set up the ${OSH_IRONIC_PXE_DEV} to forward traffic
DEFAULT_ROUTE_DEV="$(sudo ip -4 route list 0/0 | awk '{ print $5; exit }')"
sudo iptables -t nat -A POSTROUTING -o ${DEFAULT_ROUTE_DEV} -j MASQUERADE
sudo iptables -A FORWARD -i ${DEFAULT_ROUTE_DEV} -o ${OSH_IRONIC_PXE_DEV} -m state --state RELATED,ESTABLISHED -j ACCEPT
sudo iptables -A FORWARD -i ${OSH_IRONIC_PXE_DEV} -o ${DEFAULT_ROUTE_DEV} -j ACCEPT

38
tools/deployment/baremetal/010-setup-client.sh Executable file
View File

@ -0,0 +1,38 @@
#!/bin/bash
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
set -xe
sudo -H -E pip install python-openstackclient python-heatclient python-ironicclient
sudo -H mkdir -p /etc/openstack
cat << EOF | sudo -H tee -a /etc/openstack/clouds.yaml
clouds:
openstack_helm:
region_name: RegionOne
identity_api_version: 3
auth:
username: 'admin'
password: 'password'
project_name: 'admin'
project_domain_name: 'default'
user_domain_name: 'default'
auth_url: 'http://keystone.openstack.svc.cluster.local/v3'
EOF
sudo -H chown -R $(id -un): /etc/openstack
#NOTE: Build charts
make all

48
tools/deployment/baremetal/020-ingress.sh Executable file
View File

@ -0,0 +1,48 @@
#!/bin/bash
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
set -xe
#NOTE: Pull images and lint chart
make pull-images ingress
#NOTE: Deploy global ingress
helm install ./ingress \
--namespace=kube-system \
--name=ingress-kube-system \
--set labels.node_selector_key=openstack-helm-node-class \
--set labels.node_selector_value=primary \
--set deployment.mode=cluster \
--set deployment.type=DaemonSet \
--set network.host_namespace=true \
--set network.vip.manage=false \
--set network.vip.addr=172.18.0.1/32 \
--set conf.services.udp.53='kube-system/kube-dns:53'
#NOTE: Deploy namespace ingress
helm install ./ingress \
--namespace=openstack \
--name=ingress-openstack \
--set labels.node_selector_key=openstack-helm-node-class \
--set labels.node_selector_value=primary
#NOTE: Wait for deploy
./tools/deployment/common/wait-for-pods.sh kube-system
./tools/deployment/common/wait-for-pods.sh openstack
#NOTE: Display info
helm status ingress-kube-system
helm status ingress-openstack

91
tools/deployment/baremetal/030-ceph.sh Executable file
View File

@ -0,0 +1,91 @@
#!/bin/bash
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
set -xe
#NOTE: Pull images and lint chart
make pull-images ceph
#NOTE: Deploy command
uuidgen > /tmp/ceph-fs-uuid.txt
tee /tmp/ceph.yaml <<EOF
labels:
jobs:
node_selector_key: openstack-helm-node-class
node_selector_value: primary
provisioner:
node_selector_key: openstack-helm-node-class
node_selector_value: primary
mon:
node_selector_key: openstack-helm-node-class
node_selector_value: primary
mds:
node_selector_key: openstack-helm-node-class
node_selector_value: primary
osd:
node_selector_key: openstack-helm-node-class
node_selector_value: primary
rgw:
node_selector_key: openstack-helm-node-class
node_selector_value: primary
mgr:
node_selector_key: openstack-helm-node-class
node_selector_value: primary
endpoints:
identity:
namespace: openstack
object_store:
namespace: ceph
ceph_mon:
namespace: ceph
network:
public: 172.17.0.1/16
cluster: 172.17.0.1/16
deployment:
storage_secrets: true
ceph: true
rbd_provisioner: true
cephfs_provisioner: true
client_secrets: false
rgw_keystone_user_and_endpoints: false
bootstrap:
enabled: true
conf:
rgw_ks:
enabled: true
ceph:
config:
global:
fsid: "$(cat /tmp/ceph-fs-uuid.txt)"
osd_pool_default_size: 1
osd:
osd_crush_chooseleaf_type: 0
EOF
helm install ./ceph \
--namespace=ceph \
--name=ceph \
--values=/tmp/ceph.yaml
#NOTE: Wait for deploy
./tools/deployment/common/wait-for-pods.sh ceph
#NOTE: Validate deploy
MON_POD=$(kubectl get pods \
--namespace=ceph \
--selector="application=ceph" \
--selector="component=mon" \
--no-headers | awk '{ print $1; exit }')
kubectl exec -n ceph ${MON_POD} -- ceph -s

69
tools/deployment/baremetal/035-ceph-ns-activate.sh Executable file
View File

@ -0,0 +1,69 @@
#!/bin/bash
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
set -xe
#NOTE: Pull images and lint chart
make pull-images ceph
#NOTE: Deploy command
tee /tmp/ceph-openstack-config.yaml <<EOF
labels:
jobs:
node_selector_key: openstack-helm-node-class
node_selector_value: primary
endpoints:
identity:
namespace: openstack
object_store:
namespace: ceph
ceph_mon:
namespace: ceph
network:
public: 172.17.0.1/16
cluster: 172.17.0.1/16
deployment:
storage_secrets: false
ceph: false
rbd_provisioner: false
cephfs_provisioner: false
client_secrets: true
rgw_keystone_user_and_endpoints: false
bootstrap:
enabled: false
conf:
rgw_ks:
enabled: true
ceph:
config:
global:
osd_pool_default_size: 1
fsid: "$(cat /tmp/ceph-fs-uuid.txt)"
osd:
osd_crush_chooseleaf_type: 0
EOF
helm install ./ceph \
--namespace=openstack \
--name=ceph-openstack-config \
--values=/tmp/ceph-openstack-config.yaml
#NOTE: Wait for deploy
./tools/deployment/common/wait-for-pods.sh openstack
#NOTE: Validate Deployment info
kubectl get -n openstack jobs --show-all
kubectl get -n openstack secrets
kubectl get -n openstack configmaps

34
tools/deployment/baremetal/040-mariadb.sh Executable file
View File

@ -0,0 +1,34 @@
#!/bin/bash
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
set -xe
#NOTE: Pull images and lint chart
make pull-images mariadb
#NOTE: Deploy command
helm install ./mariadb \
--namespace=openstack \
--name=mariadb \
--set labels.node_selector_key=openstack-helm-node-class \
--set labels.node_selector_value=primary \
--set pod.replicas.server=1
#NOTE: Wait for deploy
./tools/deployment/common/wait-for-pods.sh openstack
#NOTE: Validate Deployment info
helm status mariadb

34
tools/deployment/baremetal/050-rabbitmq.sh Executable file
View File

@ -0,0 +1,34 @@
#!/bin/bash
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
set -xe
#NOTE: Pull images and lint chart
make pull-images rabbitmq
#NOTE: Deploy command
helm install ./rabbitmq \
--namespace=openstack \
--name=rabbitmq \
--set labels.node_selector_key=openstack-helm-node-class \
--set labels.node_selector_value=primary \
--set pod.replicas.server=1
#NOTE: Wait for deploy
./tools/deployment/common/wait-for-pods.sh openstack
#NOTE: Validate Deployment info
helm status rabbitmq

33
tools/deployment/baremetal/060-memcached.sh Executable file
View File

@ -0,0 +1,33 @@
#!/bin/bash
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
set -xe
#NOTE: Pull images and lint chart
make pull-images memcached
#NOTE: Deploy command
helm install ./memcached \
--namespace=openstack \
--name=memcached \
--set labels.node_selector_key=openstack-helm-node-class \
--set labels.node_selector_value=primary
#NOTE: Wait for deploy
./tools/deployment/common/wait-for-pods.sh openstack
#NOTE: Validate Deployment info
helm status memcached

36
tools/deployment/baremetal/080-keystone.sh Executable file
View File

@ -0,0 +1,36 @@
#!/bin/bash
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
set -xe
#NOTE: Pull images and lint chart
make pull-images keystone
#NOTE: Deploy command
helm install ./keystone \
--namespace=openstack \
--name=keystone \
--set labels.node_selector_key=openstack-helm-node-class \
--set labels.node_selector_value=primary
#NOTE: Wait for deploy
./tools/deployment/common/wait-for-pods.sh openstack
#NOTE: Validate Deployment info
helm status keystone
export OS_CLOUD=openstack_helm
sleep 30 #NOTE(portdirect): Wait for ingress controller to update rules and restart Nginx
openstack endpoint list

39
tools/deployment/baremetal/090-glance.sh Executable file
View File

@ -0,0 +1,39 @@
#!/bin/bash
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
set -xe
#NOTE: Pull images and lint chart
make pull-images glance
#NOTE: Deploy command
helm install ./glance \
--namespace=openstack \
--name=glance \
--set labels.node_selector_key=openstack-helm-node-class \
--set labels.node_selector_value=primary \
--set storage=radosgw
#NOTE: Wait for deploy
./tools/deployment/common/wait-for-pods.sh openstack
#NOTE: Validate Deployment info
helm status glance
export OS_CLOUD=openstack_helm
openstack service list
sleep 30 #NOTE(portdirect): Wait for ingress controller to update rules and restart Nginx
openstack image list
openstack image show 'Cirros 0.3.5 64-bit'

35
tools/deployment/baremetal/100-heat.sh Executable file
View File

@ -0,0 +1,35 @@
#!/bin/bash
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
set -xe
#NOTE: Pull images and lint chart
make pull-images heat
#NOTE: Deploy command
helm install ./heat \
--namespace=openstack \
--name=heat \
--set labels.node_selector_key=openstack-helm-node-class \
--set labels.node_selector_value=primary
#NOTE: Wait for deploy
./tools/deployment/common/wait-for-pods.sh openstack
#NOTE: Validate Deployment info
export OS_CLOUD=openstack_helm
openstack service list
sleep 30 #NOTE(portdirect): Wait for ingress controller to update rules and restart Nginx
openstack orchestration service list

204
tools/deployment/baremetal/110-compute-kit.sh Executable file
View File

@ -0,0 +1,204 @@
#!/bin/bash
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
set -xe
#NOTE: Pull images and lint chart
make pull-images neutron
make pull-images ironic
make pull-images nova
#NOTE: Deploy neutron
#NOTE(portdirect): for simplicity we will assume the default route device
# should be used for tunnels
NETWORK_TUNNEL_DEV="$(sudo ip -4 route list 0/0 | awk '{ print $5; exit }')"
tee /tmp/neutron.yaml << EOF
network:
interface:
tunnel: "${NETWORK_TUNNEL_DEV}"
labels:
ovs:
node_selector_key: openstack-helm-node-class
node_selector_value: primary
agent:
dhcp:
node_selector_key: openstack-helm-node-class
node_selector_value: primary
l3:
node_selector_key: openstack-helm-node-class
node_selector_value: primary
metadata:
node_selector_key: openstack-helm-node-class
node_selector_value: primary
server:
node_selector_key: openstack-helm-node-class
node_selector_value: primary
pod:
replicas:
server: 1
conf:
neutron:
DEFAULT:
l3_ha: False
min_l3_agents_per_router: 1
max_l3_agents_per_router: 1
l3_ha_network_type: vxlan
dhcp_agents_per_network: 1
plugins:
ml2_conf:
ml2_type_flat:
flat_networks: public,physnet2
openvswitch_agent:
agent:
tunnel_types: vxlan
ovs:
bridge_mappings: "external:br-ex,physnet2:ironic-pxe"
manifests:
daemonset_dhcp_agent: false
daemonset_metadata_agent: false
daemonset_l3_agent: false
EOF
helm install ./neutron \
--namespace=openstack \
--name=neutron \
--values=/tmp/neutron.yaml
#NOTE: Wait for deploy
./tools/deployment/common/wait-for-pods.sh openstack
#NOTE: Validate Deployment info
export OS_CLOUD=openstack_helm
openstack service list
sleep 30 #NOTE(portdirect): Wait for ingress controller to update rules and restart Nginx
export OSH_IRONIC_PXE_NET_NAME="${OSH_IRONIC_PXE_NET_NAME:="baremetal"}"
IRONIC_NEUTRON_CLEANING_NET_ID=$(openstack network create -f value -c id --share --provider-network-type flat \
--provider-physical-network physnet2 ${OSH_IRONIC_PXE_NET_NAME})
export OSH_IRONIC_PXE_DEV=${OSH_IRONIC_PXE_DEV:="ironic-pxe"}
export OSH_IRONIC_PXE_ADDR="${OSH_IRONIC_PXE_ADDR:="172.24.6.1/24"}"
export OSH_IRONIC_PXE_SUBNET="${OSH_IRONIC_PXE_SUBNET:="172.24.6.0/24"}"
export OSH_IRONIC_PXE_ALOC_START="${OSH_IRONIC_PXE_ALOC_START:="172.24.6.100"}"
export OSH_IRONIC_PXE_ALOC_END="${OSH_IRONIC_PXE_ALOC_END:="172.24.6.200"}"
export OSH_IRONIC_PXE_SUBNET_NAME="${OSH_IRONIC_PXE_SUBNET_NAME:="baremetal"}"
openstack subnet create \
--gateway ${OSH_IRONIC_PXE_ADDR%/*} \
--allocation-pool start=${OSH_IRONIC_PXE_ALOC_START},end=${OSH_IRONIC_PXE_ALOC_END} \
--dns-nameserver $(kubectl get -n kube-system svc kube-dns -o json | jq -r '.spec.clusterIP') \
--subnet-range ${OSH_IRONIC_PXE_SUBNET} \
--network ${OSH_IRONIC_PXE_NET_NAME} \
${OSH_IRONIC_PXE_SUBNET_NAME}
tee /tmp/ironic.yaml << EOF
labels:
node_selector_key: openstack-helm-node-class
node_selector_value: primary
network:
interface:
provisioner: "${OSH_IRONIC_PXE_DEV}"
conf:
ironic:
conductor:
automated_clean: "false"
deploy:
shred_final_overwrite_with_zeros: "false"
neutron:
cleaning_network_uuid: "${IRONIC_NEUTRON_CLEANING_NET_ID}"
EOF
helm install ./ironic \
--namespace=openstack \
--name=ironic \
--values=/tmp/ironic.yaml
#NOTE: Wait for deploy
./tools/deployment/common/wait-for-pods.sh openstack
tee /tmp/nova.yaml << EOF
labels:
agent:
compute:
node_selector_key: openstack-helm-node-class
node_selector_value: primary
compute_ironic:
node_selector_key: openstack-helm-node-class
node_selector_value: primary
conductor:
node_selector_key: openstack-helm-node-class
node_selector_value: primary
consoleauth:
node_selector_key: openstack-helm-node-class
node_selector_value: primary
scheduler:
node_selector_key: openstack-helm-node-class
node_selector_value: primary
osapi:
node_selector_key: openstack-helm-node-class
node_selector_value: primary
api_metadata:
node_selector_key: openstack-helm-node-class
node_selector_value: primary
placement:
node_selector_key: openstack-helm-node-class
node_selector_value: primary
job:
node_selector_key: openstack-helm-node-class
node_selector_value: primary
novncproxy:
node_selector_key: openstack-helm-node-class
node_selector_value: primary
spiceproxy:
node_selector_key: openstack-helm-node-class
node_selector_value: primary
conf:
nova:
DEFAULT:
force_config_drive: false
scheduler_host_manager: ironic_host_manager
compute_driver: ironic.IronicDriver
ram_allocation_ratio: 1.0
reserved_host_memory_mb: 0
scheduler_use_baremetal_filters: true
baremetal_scheduler_default_filters: "RetryFilter,AvailabilityZoneFilter,ComputeFilter,ComputeCapabilitiesFilter"
scheduler_tracks_instance_changes: false
scheduler_host_subset_size: 9999
manifests:
daemonset_compute: false
daemonset_libvirt: false
statefulset_compute_ironic: true
job_cell_setup: false
EOF
# Deploy Nova and enable the neutron agents
helm install ./nova \
--namespace=openstack \
--name=nova \
--values=/tmp/nova.yaml
helm upgrade neutron ./neutron \
--values=/tmp/neutron.yaml \
--set=manifests.daemonset_dhcp_agent=true \
--set=manifests.daemonset_metadata_agent=true \
--set=manifests.daemonset_l3_agent=true
#NOTE: Wait for deploy
./tools/deployment/common/wait-for-pods.sh openstack
#NOTE: Validate Deployment info
export OS_CLOUD=openstack_helm
openstack service list
sleep 30
openstack network agent list
openstack baremetal driver list
openstack compute service list

30
tools/deployment/baremetal/800-create-baremetal-host-aggregate.sh Executable file
View File

@ -0,0 +1,30 @@
#!/bin/bash
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
set -xe
export OS_CLOUD=openstack_helm
export OSH_IRONIC_NODE_ARCH=${OSH_IRONIC_NODE_ARCH:="x86_64"}
#NOTE: setup a host aggregate for baremetal nodes to use
openstack aggregate create \
--property baremetal=true \
--property cpu_arch=${OSH_IRONIC_NODE_ARCH} \
baremetal-hosts
IRONIC_COMPUTES=$(openstack compute service list | grep compute | grep $(hostname) | grep -v down | awk '{print $6}')
for COMPUTE in $IRONIC_COMPUTES; do
openstack aggregate add host baremetal-hosts ${COMPUTE}
done

77
tools/deployment/baremetal/810-register-baremetal-nodes.sh Executable file
View File

@ -0,0 +1,77 @@
#!/bin/bash
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
set -xe
export OS_CLOUD=openstack_helm
export OSH_IRONIC_NODE_DISC=${OSH_IRONIC_NODE_DISC:="5"}
export OSH_IRONIC_NODE_RAM=${OSH_IRONIC_NODE_RAM:="4096"}
export OSH_IRONIC_NODE_CPU=${OSH_IRONIC_NODE_CPU:="2"}
export OSH_IRONIC_NODE_ARCH=${OSH_IRONIC_NODE_ARCH:="x86_64"}
#NOTE: Register the baremetal nodes with ironic
DEPLOY_VMLINUZ_UUID=$(openstack image show ironic-agent.kernel -f value -c id)
DEPLOY_INITRD_UUID=$(openstack image show ironic-agent.initramfs -f value -c id)
MASTER_IP=$(kubectl get node $(hostname -f) -o json | jq -r '.status.addresses[] | select(.type=="InternalIP").address')
while read NODE_DETAIL_RAW; do
NODE_DETAIL=($(echo ${NODE_DETAIL_RAW}))
NODE_BMC_IP=${NODE_DETAIL[0]}
NODE_MAC=${NODE_DETAIL[1]}
if ! [ "x${MASTER_IP}" == "x${NODE_BMC_IP}" ]; then
BM_NODE=$(openstack baremetal node create \
--driver agent_ipmitool \
--driver-info ipmi_username=admin \
--driver-info ipmi_password=password \
--driver-info ipmi_address="${NODE_BMC_IP}" \
--driver-info ipmi_port=623 \
--driver-info deploy_kernel=${DEPLOY_VMLINUZ_UUID} \
--driver-info deploy_ramdisk=${DEPLOY_INITRD_UUID} \
--property local_gb=${OSH_IRONIC_NODE_DISC} \
--property memory_mb=${OSH_IRONIC_NODE_RAM} \
--property cpus=${OSH_IRONIC_NODE_CPU} \
--property cpu_arch=${OSH_IRONIC_NODE_ARCH} \
-f value -c uuid)
openstack baremetal node manage "${BM_NODE}"
openstack baremetal port create --node ${BM_NODE} "${NODE_MAC}"
openstack baremetal node validate "${BM_NODE}"
openstack baremetal node provide "${BM_NODE}"
openstack baremetal node show "${BM_NODE}"
fi
done < /tmp/bm-hosts.txt
#NOTE: Wait for our baremetal nodes to become avalible for provisioning
function wait_for_ironic_node {
# Default wait timeout is 1200 seconds
set +x
end=$(date +%s)
if ! [ -z $2 ]; then
end=$((end + $2))
else
end=$((end + 1200))
fi
while true; do
STATE=$(openstack baremetal node show $1 -f value -c provision_state)
[ "x${STATE}" == "xavailable" ] && break
sleep 1
now=$(date +%s)
[ $now -gt $end ] && echo "Node did not come up in time" && openstack baremetal node show $1 && exit -1
done
set -x
}
for NODE in $(openstack baremetal node list -f value -c UUID); do
wait_for_ironic_node $NODE
done
openstack baremetal node list

32
tools/deployment/baremetal/820-create-baremetal-flavor.sh Executable file
View File

@ -0,0 +1,32 @@
#!/bin/bash
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
set -xe
export OS_CLOUD=openstack_helm
export OSH_IRONIC_NODE_DISC=${OSH_IRONIC_NODE_DISC:="5"}
export OSH_IRONIC_NODE_RAM=${OSH_IRONIC_NODE_RAM:="4096"}
export OSH_IRONIC_NODE_CPU=${OSH_IRONIC_NODE_CPU:="2"}
export OSH_IRONIC_NODE_ARCH=${OSH_IRONIC_NODE_ARCH:="x86_64"}
#NOTE: Create a flavor assocated with our baremetal nodes
openstack flavor create \
--disk ${OSH_IRONIC_NODE_DISC} \
--ram ${OSH_IRONIC_NODE_RAM} \
--vcpus ${OSH_IRONIC_NODE_CPU} \
--property cpu_arch=${OSH_IRONIC_NODE_ARCH} \
--property baremetal=true \
baremetal

66
tools/deployment/baremetal/900-use-it.sh Executable file
View File

@ -0,0 +1,66 @@
#!/bin/bash
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
set -xe
#NOTE: Validate Deployment info
export OS_CLOUD=openstack_helm
export OSH_VM_KEY_STACK="heat-vm-key"
# Setup SSH Keypair in Nova
mkdir -p ${HOME}/.ssh
openstack keypair create --private-key ${HOME}/.ssh/osh_key ${OSH_VM_KEY_STACK}
chmod 600 ${HOME}/.ssh/osh_key
# Deploy heat stack to provision node
openstack stack create --wait --timeout 15 \
-t ./tools/gate/files/heat-basic-bm-deployment.yaml \
heat-basic-bm-deployment
FLOATING_IP=$(openstack stack output show \
heat-basic-bm-deployment \
ip \
-f value -c output_value)
# Wait for the nodes SSH port to come up
function wait_for_ssh_port {
# Default wait timeout is 300 seconds
set +x
end=$(date +%s)
if ! [ -z $2 ]; then
end=$((end + $2))
else
end=$((end + 300))
fi
while true; do
# Use Nmap as its the same on Ubuntu and RHEL family distros
nmap -Pn -p22 $1 | awk '$1 ~ /22/ {print $2}' | grep -q 'open' && \
break || true
sleep 1
now=$(date +%s)
[ $now -gt $end ] && echo "Could not connect to $1 port 22 in time" && exit -1
done
set -x
}
wait_for_ssh_port $FLOATING_IP
# SSH into the VM and check it can reach the outside world
ssh-keyscan "$FLOATING_IP" >> ~/.ssh/known_hosts
BM_GATEWAY="$(ssh -i ${HOME}/.ssh/osh_key cirros@${FLOATING_IP} ip -4 route list 0/0 | awk '{ print $3; exit }')"
ssh -i ${HOME}/.ssh/osh_key cirros@${FLOATING_IP} ping -q -c 1 -W 2 ${BM_GATEWAY}
# Check the VM can reach the metadata server
ssh -i ${HOME}/.ssh/osh_key cirros@${FLOATING_IP} curl --verbose --connect-timeout 5 169.254.169.254

2
tools/deployment/developer/common/030-ingress.sh
View File

@ -26,7 +26,7 @@ helm install ./ingress \
--set deployment.mode=cluster \
--set deployment.type=DaemonSet \
--set network.host_namespace=true \
--set network.vip.manage=true \
--set network.vip.manage=false \
--set network.vip.addr=172.18.0.1/32 \
--set conf.services.udp.53='kube-system/kube-dns:53'

70
tools/gate/files/fake-baremetal-1.xml Normal file
View File

@ -0,0 +1,70 @@
<domain type='qemu'>
<name>fake-baremetal-1</name>
<memory unit='MB'>4096</memory>
<vcpu placement='static'>4</vcpu>
<resource>
<partition>/machine</partition>
</resource>
<os>
<type arch='x86_64' machine='pc'>hvm</type>
<boot dev='network'/>
<boot dev='hd'/>
<bootmenu enable='no'/>
<bios useserial='yes'/>
</os>
<features>
<acpi/>
<apic/>
</features>
<cpu>
<topology sockets='1' cores='4' threads='1'/>
</cpu>
<clock offset='localtime'/>
<on_poweroff>destroy</on_poweroff>
<on_reboot>restart</on_reboot>
<on_crash>restart</on_crash>
<devices>
<emulator>/usr/libexec/qemu-kvm</emulator>
<disk type='file' device='disk'>
<driver name='qemu' type='qcow2'/>
<source file='/var/lib/libvirt/images/vm-1.qcow2'/>
<target dev='vda' bus='virtio'/>
<alias name='virtio-disk0'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x05' function='0x0'/>
</disk>
<controller type='usb' index='0'>
<address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x2'/>
</controller>
<controller type='ide' index='0'>
<address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x1'/>
</controller>
<controller type='pci' index='0' model='pci-root'/>
<interface type='bridge'>
<mac address='00:01:DE:AD:BE:EF'/>
<source bridge='ironic-pxe'/>
<virtualport type='openvswitch'>
</virtualport>
<model type='virtio'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x04' function='0x0'/>
</interface>
<serial type='file'>
<source path='/tmp/vm-1.log' append='on'/>
<target port='0'/>
</serial>
<serial type='pty'>
<target port='1'/>
</serial>
<console type='file'>
<source path='/tmp/vm-1.log' append='on'/>
<target type='serial' port='0'/>
</console>
<input type='tablet' bus='usb'>
<address type='usb' bus='0' port='1'/>
</input>
<input type='mouse' bus='ps2'/>
<input type='keyboard' bus='ps2'/>
<memballoon model='virtio'>
<address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/>
</memballoon>
</devices>
</domain>

41
tools/gate/files/heat-basic-bm-deployment.yaml Normal file
View File

@ -0,0 +1,41 @@
heat_template_version: 2016-10-14
parameters:
baremetal_net:
type: string
default: baremetal
baremetal_subnet:
type: string
default: baremetal
image:
type: string
default: Cirros 0.3.5 64-bit
flavor:
type: string
default: baremetal
ssh_key:
type: string
default: heat-vm-key
resources:
server:
type: OS::Nova::Server
properties:
image: {get_param: image}
flavor: {get_param: flavor}
key_name: {get_param: ssh_key}
networks:
- port: { get_resource: server_port }
user_data_format: RAW
server_port:
type: OS::Neutron::Port
properties:
network: {get_param: baremetal_net}
fixed_ips:
- subnet: { get_param: baremetal_subnet }
port_security_enabled: false
outputs:
ip:
value: {get_attr: [server_port, fixed_ips, 0, ip_address]}

118
tools/gate/playbooks/ironic-deploy.yaml Normal file
View File

@ -0,0 +1,118 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- hosts: primary
tasks:
- name: Deploy Packages
shell: |
set -xe;
./tools/deployment/baremetal/000-install-packages.sh
args:
chdir: "{{ zuul.project.src_dir }}"
- name: Setup Nodes
shell: |
set -xe;
./tools/deployment/baremetal/005-setup-nodes.sh
args:
chdir: "{{ zuul.project.src_dir }}"
- name: Deploy clients
shell: |
set -xe;
./tools/deployment/baremetal/010-setup-client.sh
args:
chdir: "{{ zuul.project.src_dir }}"
- name: Deploy ingress
shell: |
set -xe;
./tools/deployment/baremetal/020-ingress.sh
args:
chdir: "{{ zuul.project.src_dir }}"
- name: Deploy Ceph
shell: |
set -xe;
./tools/deployment/baremetal/030-ceph.sh
args:
chdir: "{{ zuul.project.src_dir }}"
- name: Setup openstack namespace for ceph
shell: |
set -xe;
./tools/deployment/baremetal/035-ceph-ns-activate.sh
args:
chdir: "{{ zuul.project.src_dir }}"
- name: Deploy MariaDB
shell: |
set -xe;
./tools/deployment/baremetal/040-mariadb.sh
args:
chdir: "{{ zuul.project.src_dir }}"
- name: Deploy RabbitMQ
shell: |
set -xe;
./tools/deployment/baremetal/050-rabbitmq.sh
args:
chdir: "{{ zuul.project.src_dir }}"
- name: Deploy Memcached
shell: |
set -xe;
./tools/deployment/baremetal/060-memcached.sh
args:
chdir: "{{ zuul.project.src_dir }}"
- name: Deploy Keystone
shell: |
set -xe;
./tools/deployment/baremetal/080-keystone.sh
args:
chdir: "{{ zuul.project.src_dir }}"
- name: Deploy Glance
shell: |
set -xe;
./tools/deployment/baremetal/090-glance.sh
args:
chdir: "{{ zuul.project.src_dir }}"
- name: Deploy Hea
shell: |
set -xe;
./tools/deployment/baremetal/100-heat.sh
args:
chdir: "{{ zuul.project.src_dir }}"
- name: Deploy Compute Kit
shell: |
set -xe;
./tools/deployment/baremetal/110-compute-kit.sh
args:
chdir: "{{ zuul.project.src_dir }}"
- name: Create baremetal host aggregate
shell: |
set -xe;
./tools/deployment/baremetal/800-create-baremetal-host-aggregate.sh
args:
chdir: "{{ zuul.project.src_dir }}"
- name: Register baremetal nodes
shell: |
set -xe;
./tools/deployment/baremetal/810-register-baremetal-nodes.sh
args:
chdir: "{{ zuul.project.src_dir }}"
- name: Create baremetal flavor
shell: |
set -xe;
./tools/deployment/baremetal/820-create-baremetal-flavor.sh
args:
chdir: "{{ zuul.project.src_dir }}"
- name: Deploy Node
shell: |
set -xe;
./tools/deployment/baremetal/900-use-it.sh
args:
chdir: "{{ zuul.project.src_dir }}"

2
tools/images/ceph-config-helper/README.rst
View File

@ -1,5 +1,5 @@
Ceph Config Helper Container
=====================
============================
This container builds a small image with kubectl and some other utilites for
use in the ceph-config chart.

36
tools/images/vbmc/Dockerfile Normal file
View File

@ -0,0 +1,36 @@
FROM centos:7
MAINTAINER pete.birley@att.com
RUN set -ex ;\
yum -y upgrade ;\
yum -y install \
epel-release \
centos-release-openstack-newton \
centos-release-qemu-ev ;\
yum -y install \
ceph-common \
git \
libguestfs \
libvirt \
libvirt-daemon \
libvirt-daemon-config-nwfilter \
libvirt-daemon-driver-lxc \
libvirt-daemon-driver-nwfilter \
libvirt-devel \
openvswitch \
python-devel \
qemu-kvm ;\
yum -y group install \
"Development Tools" ;\
yum clean all ;\
rm -rf /var/cache/yum ;\
curl https://bootstrap.pypa.io/get-pip.py -o /tmpget-pip.py ;\
python /tmpget-pip.py ;\
rm -f /tmp/get-pip.py ;\
TMP_DIR=$(mktemp -d) ;\
git clone https://github.com/openstack/virtualbmc ${TMP_DIR} ;\
pip install -U ${TMP_DIR} ;\
rm -rf ${TMP_DIR} ;\
useradd --user-group --create-home --home-dir /var/lib/nova nova ;\
chmod 755 /var/lib/nova ;\
usermod -a -G qemu nova

37
tools/images/vbmc/README.rst Normal file
View File

@ -0,0 +1,37 @@
VBMC Container
==============
This container builds a small image with kubectl and some other utilities for
use in both the ironic checks and development.
Instructions
------------
OS Specific Host setup:
~~~~~~~~~~~~~~~~~~~~~~~
Ubuntu:
^^^^^^^
From a freshly provisioned Ubuntu 16.04 LTS host run:
.. code:: bash
sudo apt-get update -y
sudo apt-get install -y \
docker.io \
git
Build the VBMC Image environment
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
A known good image is published to dockerhub on a fairly regular basis, but if
you wish to build your own image, from the root directory of the OpenStack-Helm
repo run:
.. code:: bash
sudo docker build \
-t docker.io/openstackhelm/vbmc:centos \
tools/images/vbmc
sudo docker push docker.io/openstackhelm/vbmc:centos