Adding keystone
This commit is contained in:
parent
fdeb41df20
commit
73caaf06da
3
keystone/Chart.yaml
Normal file
3
keystone/Chart.yaml
Normal file
@ -0,0 +1,3 @@
|
||||
description: A Helm chart for keystone
|
||||
name: keystone
|
||||
version: 0.1.0
|
11
keystone/templates/db-sync.sh.yaml
Normal file
11
keystone/templates/db-sync.sh.yaml
Normal file
@ -0,0 +1,11 @@
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: keystone-dbsyncsh
|
||||
data:
|
||||
db-sync.sh: |+
|
||||
#!/bin/bash
|
||||
set -ex
|
||||
|
||||
keystone-manage db_sync
|
||||
kolla_keystone_bootstrap {{ .Values.global.keystone.admin_user }} {{ .Values.global.keystone.admin_password }} {{ .Values.global.keystone.admin_project_name }} admin http://keystone-api:{{ .Values.global.network.port.admin }}/v3 http://keystone-api:{{ .Values.global.network.port.public }}/v3 http://keystone-api:{{ .Values.global.network.port.public }}/v3 {{ .Values.global.keystone.admin_region_name }}
|
43
keystone/templates/db-sync.yaml
Normal file
43
keystone/templates/db-sync.yaml
Normal file
@ -0,0 +1,43 @@
|
||||
apiVersion: batch/v1
|
||||
kind: Job
|
||||
metadata:
|
||||
name: keystone-db-sync
|
||||
spec:
|
||||
template:
|
||||
spec:
|
||||
restartPolicy: OnFailure
|
||||
containers:
|
||||
- name: keystone-init
|
||||
image: {{ .Values.global.deployment.image.db_sync }}
|
||||
imagePullPolicy: Always
|
||||
env:
|
||||
- name: INTERFACE_NAME
|
||||
value: "eth0"
|
||||
- name: POD_NAME
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: metadata.name
|
||||
- name: NAMESPACE
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: metadata.namespace
|
||||
- name: COMMAND
|
||||
value: "bash /tmp/db-sync.sh"
|
||||
- name: DEPENDENCY_JOBS
|
||||
value: "keystone-init,mariadb-seed"
|
||||
- name: DEPENDENCY_SERVICE
|
||||
value: "mariadb"
|
||||
volumeMounts:
|
||||
- name: keystoneconf
|
||||
mountPath: /etc/keystone/keystone.conf
|
||||
subPath: keystone.conf
|
||||
- name: dbsyncsh
|
||||
mountPath: /tmp/db-sync.sh
|
||||
subPath: db-sync.sh
|
||||
volumes:
|
||||
- name: keystoneconf
|
||||
configMap:
|
||||
name: keystone-keystoneconf
|
||||
- name: dbsyncsh
|
||||
configMap:
|
||||
name: keystone-dbsyncsh
|
70
keystone/templates/deployment.yaml
Normal file
70
keystone/templates/deployment.yaml
Normal file
@ -0,0 +1,70 @@
|
||||
apiVersion: extensions/v1beta1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: keystone-api
|
||||
spec:
|
||||
replicas: {{ .Values.global.deployment.replicas }}
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: keystone-api
|
||||
spec:
|
||||
nodeSelector:
|
||||
{{ .Values.global.deployment.control_node_label }}: enabled
|
||||
containers:
|
||||
- name: keystone-api
|
||||
image: {{ .Values.global.deployment.image.api }}
|
||||
env:
|
||||
- name: INTERFACE_NAME
|
||||
value: "eth0"
|
||||
- name: POD_NAME
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: metadata.name
|
||||
- name: NAMESPACE
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: metadata.namespace
|
||||
- name: COMMAND
|
||||
value: "bash /tmp/start.sh"
|
||||
- name: DEPENDENCY_JOBS
|
||||
value: "keystone-init,keystone-db-sync,mariadb-seed"
|
||||
- name: DEPENDENCY_SERVICE
|
||||
value: "mariadb,rabbitmq"
|
||||
- name: DEPENDENCY_CONFIG
|
||||
value: "/etc/apache2/conf-enabled/wsgi-keystone.conf"
|
||||
ports:
|
||||
- containerPort: {{ .Values.global.network.port.public }}
|
||||
- containerPort: {{ .Values.global.network.port.admin }}
|
||||
readinessProbe:
|
||||
tcpSocket:
|
||||
port: {{ .Values.global.network.port.public }}
|
||||
volumeMounts:
|
||||
- name: keystoneconf
|
||||
mountPath: /etc/keystone/keystone.conf
|
||||
subPath: keystone.conf
|
||||
- name: wsgikeystone
|
||||
mountPath: /configmaps/wsgi-keystone.conf
|
||||
- name: mpmeventconf
|
||||
mountPath: /etc/apache2/mods-available/mpm_event.conf
|
||||
subPath: mpm_event.conf
|
||||
- name: startsh
|
||||
mountPath: /tmp/start.sh
|
||||
subPath: start.sh
|
||||
volumes:
|
||||
- name: keystoneconf
|
||||
configMap:
|
||||
name: keystone-keystoneconf
|
||||
- name: wsgikeystone
|
||||
configMap:
|
||||
name: keystone-wsgikeystone
|
||||
- name: mpmeventconf
|
||||
configMap:
|
||||
name: keystone-mpmeventconf
|
||||
# https://github.com/kubernetes/kubernetes/issues/23722
|
||||
items:
|
||||
- key: mpm-event.conf
|
||||
path: mpm_event.conf
|
||||
- name: startsh
|
||||
configMap:
|
||||
name: keystone-startsh
|
13
keystone/templates/init.sh.yaml
Normal file
13
keystone/templates/init.sh.yaml
Normal file
@ -0,0 +1,13 @@
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: keystone-initsh
|
||||
data:
|
||||
init.sh: |+
|
||||
#!/bin/bash
|
||||
set -ex
|
||||
export HOME=/tmp
|
||||
|
||||
ansible localhost -vvv -m mysql_db -a "login_host='{{ .Values.global.database.address }}' login_port='{{ .Values.global.database.port }}' login_user='{{ .Values.global.database.root_user }}' login_password='{{ .Values.global.database.root_password }}' name='{{ .Values.global.database.keystone_database_name }}'"
|
||||
ansible localhost -vvv -m mysql_user -a "login_host='{{ .Values.global.database.address }}' login_port='{{ .Values.global.database.port }}' login_user='{{ .Values.global.database.root_user }}' login_password='{{ .Values.global.database.root_password }}' name='{{ .Values.global.database.keystone_user }}' password='{{ .Values.global.database.keystone_password }}' host='%' priv='{{ .Values.global.database.keystone_database_name }}.*:ALL' append_privs='yes'"
|
||||
|
37
keystone/templates/init.yaml
Normal file
37
keystone/templates/init.yaml
Normal file
@ -0,0 +1,37 @@
|
||||
apiVersion: batch/v1
|
||||
kind: Job
|
||||
metadata:
|
||||
name: keystone-init
|
||||
spec:
|
||||
template:
|
||||
spec:
|
||||
restartPolicy: OnFailure
|
||||
containers:
|
||||
- name: keystone-init
|
||||
image: {{ .Values.global.deployment.image.init }}
|
||||
imagePullPolicy: Always
|
||||
env:
|
||||
- name: INTERFACE_NAME
|
||||
value: "eth0"
|
||||
- name: POD_NAME
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: metadata.name
|
||||
- name: NAMESPACE
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: metadata.namespace
|
||||
- name: COMMAND
|
||||
value: "bash /tmp/init.sh"
|
||||
- name: DEPENDENCY_JOBS
|
||||
value: "mariadb-seed"
|
||||
- name: DEPENDENCY_SERVICE
|
||||
value: "mariadb"
|
||||
volumeMounts:
|
||||
- name: initsh
|
||||
mountPath: /tmp/init.sh
|
||||
subPath: init.sh
|
||||
volumes:
|
||||
- name: initsh
|
||||
configMap:
|
||||
name: keystone-initsh
|
26
keystone/templates/keystone.conf.yaml
Normal file
26
keystone/templates/keystone.conf.yaml
Normal file
@ -0,0 +1,26 @@
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: keystone-keystoneconf
|
||||
data:
|
||||
keystone.conf: |+
|
||||
[DEFAULT]
|
||||
debug = {{ .Values.global.misc.debug }}
|
||||
use_syslog = False
|
||||
use_stderr = True
|
||||
workers = {{ .Values.global.misc.workers }}
|
||||
|
||||
[database]
|
||||
connection = mysql+pymysql://{{ .Values.global.database.keystone_user }}:{{ .Values.global.database.keystone_password }}@{{ .Values.global.database.address }}/{{ .Values.global.database.keystone_database_name }}
|
||||
max_retries = -1
|
||||
|
||||
[memcache]
|
||||
servers = {{ .Values.global.memcached.address }}
|
||||
|
||||
[cache]
|
||||
backend = dogpile.cache.memcached
|
||||
memcache_servers = {{.Values.global.memcached.address}}
|
||||
config_prefix = cache.keystone
|
||||
distributed_lock = True
|
||||
enabled = True
|
||||
|
15
keystone/templates/mpm_event.conf.yaml
Normal file
15
keystone/templates/mpm_event.conf.yaml
Normal file
@ -0,0 +1,15 @@
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: keystone-mpmeventconf
|
||||
data:
|
||||
mpm-event.conf: |+
|
||||
<IfModule mpm_event_module>
|
||||
ServerLimit 1024
|
||||
StartServers 32
|
||||
MinSpareThreads 32
|
||||
MaxSpareThreads 256
|
||||
ThreadsPerChild 25
|
||||
MaxRequestsPerChild 128
|
||||
ThreadLimit 720
|
||||
</IfModule>
|
12
keystone/templates/service.yaml
Normal file
12
keystone/templates/service.yaml
Normal file
@ -0,0 +1,12 @@
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: keystone-api
|
||||
spec:
|
||||
ports:
|
||||
- name: keystone-api-public
|
||||
port: {{ .Values.global.network.port.public }}
|
||||
- name: keystone-api-admin
|
||||
port: {{ .Values.global.network.port.admin }}
|
||||
selector:
|
||||
app: keystone-api
|
15
keystone/templates/start.sh.yaml
Normal file
15
keystone/templates/start.sh.yaml
Normal file
@ -0,0 +1,15 @@
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: keystone-startsh
|
||||
data:
|
||||
start.sh: |+
|
||||
#!/bin/bash
|
||||
set -ex
|
||||
|
||||
# Loading Apache2 ENV variables
|
||||
source /etc/apache2/envvars
|
||||
rm -rf /var/run/apache2/*
|
||||
APACHE_DIR="apache2"
|
||||
|
||||
apache2 -DFOREGROUND
|
34
keystone/templates/wsgi-keystone.conf.yaml
Normal file
34
keystone/templates/wsgi-keystone.conf.yaml
Normal file
@ -0,0 +1,34 @@
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: keystone-wsgikeystone
|
||||
data:
|
||||
wsgi-keystone.conf: |+
|
||||
Listen {{ .Values.global.network.ip_address }}:{{ .Values.global.network.port.public }}
|
||||
Listen {{ .Values.global.network.ip_address }}:{{ .Values.global.network.port.admin }}
|
||||
|
||||
<VirtualHost *:{{ .Values.global.network.port.public }}>
|
||||
WSGIDaemonProcess keystone-public processes=16 threads=6 user=keystone group=keystone display-name=%{GROUP}
|
||||
WSGIProcessGroup keystone-public
|
||||
WSGIScriptAlias / /var/www/cgi-bin/keystone/main
|
||||
WSGIApplicationGroup %{GLOBAL}
|
||||
WSGIPassAuthorization On
|
||||
<IfVersion >= 2.4>
|
||||
ErrorLogFormat "%{cu}t %M"
|
||||
</IfVersion>
|
||||
ErrorLog "|$/bin/cat 1>&2"
|
||||
CustomLog "|/bin/cat" combined
|
||||
</VirtualHost>
|
||||
|
||||
<VirtualHost *:{{ .Values.global.network.port.admin }}>
|
||||
WSGIDaemonProcess keystone-admin processes=16 threads=5 user=keystone group=keystone display-name=%{GROUP}
|
||||
WSGIProcessGroup keystone-admin
|
||||
WSGIScriptAlias / /var/www/cgi-bin/keystone/admin
|
||||
WSGIApplicationGroup %{GLOBAL}
|
||||
WSGIPassAuthorization On
|
||||
<IfVersion >= 2.4>
|
||||
ErrorLogFormat "%{cu}t %M"
|
||||
</IfVersion>
|
||||
ErrorLog "|$/bin/cat 1>&2"
|
||||
CustomLog "|/bin/cat" combined
|
||||
</VirtualHost>
|
31
keystone/values.yaml
Normal file
31
keystone/values.yaml
Normal file
@ -0,0 +1,31 @@
|
||||
global:
|
||||
deployment:
|
||||
replicas: 1
|
||||
control_node_label: openstack-control-plane
|
||||
image:
|
||||
db_sync: quay.io/stackanetes/stackanetes-keystone-api:newton
|
||||
api: quay.io/stackanetes/stackanetes-keystone-api:newton
|
||||
init: quay.io/stackanetes/stackanetes-kolla-toolbox:newton
|
||||
network:
|
||||
port:
|
||||
admin: 35357
|
||||
public: 5000
|
||||
ip_address: "{{ .IP }}"
|
||||
database:
|
||||
address: mariadb
|
||||
port: 3306
|
||||
root_user: root
|
||||
root_password: password
|
||||
keystone_database_name: keystone
|
||||
keystone_password: password
|
||||
keystone_user: keystone
|
||||
keystone:
|
||||
admin_region_name: RegionOne
|
||||
admin_user: admin
|
||||
admin_password: password
|
||||
admin_project_name: admin
|
||||
memcached:
|
||||
address: memcached
|
||||
misc:
|
||||
workers: 8
|
||||
debug: false
|
Loading…
x
Reference in New Issue
Block a user