From 73caaf06daf688080f41014d1df0a488ea0f9480 Mon Sep 17 00:00:00 2001 From: pprokop Date: Fri, 18 Nov 2016 16:45:56 +0100 Subject: [PATCH] Adding keystone --- keystone/Chart.yaml | 3 + keystone/templates/db-sync.sh.yaml | 11 ++++ keystone/templates/db-sync.yaml | 43 +++++++++++++ keystone/templates/deployment.yaml | 70 ++++++++++++++++++++++ keystone/templates/init.sh.yaml | 13 ++++ keystone/templates/init.yaml | 37 ++++++++++++ keystone/templates/keystone.conf.yaml | 26 ++++++++ keystone/templates/mpm_event.conf.yaml | 15 +++++ keystone/templates/service.yaml | 12 ++++ keystone/templates/start.sh.yaml | 15 +++++ keystone/templates/wsgi-keystone.conf.yaml | 34 +++++++++++ keystone/values.yaml | 31 ++++++++++ 12 files changed, 310 insertions(+) create mode 100644 keystone/Chart.yaml create mode 100644 keystone/templates/db-sync.sh.yaml create mode 100644 keystone/templates/db-sync.yaml create mode 100644 keystone/templates/deployment.yaml create mode 100644 keystone/templates/init.sh.yaml create mode 100644 keystone/templates/init.yaml create mode 100644 keystone/templates/keystone.conf.yaml create mode 100644 keystone/templates/mpm_event.conf.yaml create mode 100644 keystone/templates/service.yaml create mode 100644 keystone/templates/start.sh.yaml create mode 100644 keystone/templates/wsgi-keystone.conf.yaml create mode 100644 keystone/values.yaml diff --git a/keystone/Chart.yaml b/keystone/Chart.yaml new file mode 100644 index 0000000000..e83f42b08c --- /dev/null +++ b/keystone/Chart.yaml @@ -0,0 +1,3 @@ +description: A Helm chart for keystone +name: keystone +version: 0.1.0 diff --git a/keystone/templates/db-sync.sh.yaml b/keystone/templates/db-sync.sh.yaml new file mode 100644 index 0000000000..de1ddaff46 --- /dev/null +++ b/keystone/templates/db-sync.sh.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: keystone-dbsyncsh +data: + db-sync.sh: |+ + #!/bin/bash + set -ex + + keystone-manage db_sync + kolla_keystone_bootstrap {{ .Values.global.keystone.admin_user }} {{ .Values.global.keystone.admin_password }} {{ .Values.global.keystone.admin_project_name }} admin http://keystone-api:{{ .Values.global.network.port.admin }}/v3 http://keystone-api:{{ .Values.global.network.port.public }}/v3 http://keystone-api:{{ .Values.global.network.port.public }}/v3 {{ .Values.global.keystone.admin_region_name }} diff --git a/keystone/templates/db-sync.yaml b/keystone/templates/db-sync.yaml new file mode 100644 index 0000000000..f7ea254127 --- /dev/null +++ b/keystone/templates/db-sync.yaml @@ -0,0 +1,43 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: keystone-db-sync +spec: + template: + spec: + restartPolicy: OnFailure + containers: + - name: keystone-init + image: {{ .Values.global.deployment.image.db_sync }} + imagePullPolicy: Always + env: + - name: INTERFACE_NAME + value: "eth0" + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: COMMAND + value: "bash /tmp/db-sync.sh" + - name: DEPENDENCY_JOBS + value: "keystone-init,mariadb-seed" + - name: DEPENDENCY_SERVICE + value: "mariadb" + volumeMounts: + - name: keystoneconf + mountPath: /etc/keystone/keystone.conf + subPath: keystone.conf + - name: dbsyncsh + mountPath: /tmp/db-sync.sh + subPath: db-sync.sh + volumes: + - name: keystoneconf + configMap: + name: keystone-keystoneconf + - name: dbsyncsh + configMap: + name: keystone-dbsyncsh diff --git a/keystone/templates/deployment.yaml b/keystone/templates/deployment.yaml new file mode 100644 index 0000000000..7e52451b2c --- /dev/null +++ b/keystone/templates/deployment.yaml @@ -0,0 +1,70 @@ +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: keystone-api +spec: + replicas: {{ .Values.global.deployment.replicas }} + template: + metadata: + labels: + app: keystone-api + spec: + nodeSelector: + {{ .Values.global.deployment.control_node_label }}: enabled + containers: + - name: keystone-api + image: {{ .Values.global.deployment.image.api }} + env: + - name: INTERFACE_NAME + value: "eth0" + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: COMMAND + value: "bash /tmp/start.sh" + - name: DEPENDENCY_JOBS + value: "keystone-init,keystone-db-sync,mariadb-seed" + - name: DEPENDENCY_SERVICE + value: "mariadb,rabbitmq" + - name: DEPENDENCY_CONFIG + value: "/etc/apache2/conf-enabled/wsgi-keystone.conf" + ports: + - containerPort: {{ .Values.global.network.port.public }} + - containerPort: {{ .Values.global.network.port.admin }} + readinessProbe: + tcpSocket: + port: {{ .Values.global.network.port.public }} + volumeMounts: + - name: keystoneconf + mountPath: /etc/keystone/keystone.conf + subPath: keystone.conf + - name: wsgikeystone + mountPath: /configmaps/wsgi-keystone.conf + - name: mpmeventconf + mountPath: /etc/apache2/mods-available/mpm_event.conf + subPath: mpm_event.conf + - name: startsh + mountPath: /tmp/start.sh + subPath: start.sh + volumes: + - name: keystoneconf + configMap: + name: keystone-keystoneconf + - name: wsgikeystone + configMap: + name: keystone-wsgikeystone + - name: mpmeventconf + configMap: + name: keystone-mpmeventconf + # https://github.com/kubernetes/kubernetes/issues/23722 + items: + - key: mpm-event.conf + path: mpm_event.conf + - name: startsh + configMap: + name: keystone-startsh diff --git a/keystone/templates/init.sh.yaml b/keystone/templates/init.sh.yaml new file mode 100644 index 0000000000..872b259623 --- /dev/null +++ b/keystone/templates/init.sh.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: keystone-initsh +data: + init.sh: |+ + #!/bin/bash + set -ex + export HOME=/tmp + + ansible localhost -vvv -m mysql_db -a "login_host='{{ .Values.global.database.address }}' login_port='{{ .Values.global.database.port }}' login_user='{{ .Values.global.database.root_user }}' login_password='{{ .Values.global.database.root_password }}' name='{{ .Values.global.database.keystone_database_name }}'" + ansible localhost -vvv -m mysql_user -a "login_host='{{ .Values.global.database.address }}' login_port='{{ .Values.global.database.port }}' login_user='{{ .Values.global.database.root_user }}' login_password='{{ .Values.global.database.root_password }}' name='{{ .Values.global.database.keystone_user }}' password='{{ .Values.global.database.keystone_password }}' host='%' priv='{{ .Values.global.database.keystone_database_name }}.*:ALL' append_privs='yes'" + diff --git a/keystone/templates/init.yaml b/keystone/templates/init.yaml new file mode 100644 index 0000000000..dc559c8822 --- /dev/null +++ b/keystone/templates/init.yaml @@ -0,0 +1,37 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: keystone-init +spec: + template: + spec: + restartPolicy: OnFailure + containers: + - name: keystone-init + image: {{ .Values.global.deployment.image.init }} + imagePullPolicy: Always + env: + - name: INTERFACE_NAME + value: "eth0" + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: COMMAND + value: "bash /tmp/init.sh" + - name: DEPENDENCY_JOBS + value: "mariadb-seed" + - name: DEPENDENCY_SERVICE + value: "mariadb" + volumeMounts: + - name: initsh + mountPath: /tmp/init.sh + subPath: init.sh + volumes: + - name: initsh + configMap: + name: keystone-initsh diff --git a/keystone/templates/keystone.conf.yaml b/keystone/templates/keystone.conf.yaml new file mode 100644 index 0000000000..b4d482596f --- /dev/null +++ b/keystone/templates/keystone.conf.yaml @@ -0,0 +1,26 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: keystone-keystoneconf +data: + keystone.conf: |+ + [DEFAULT] + debug = {{ .Values.global.misc.debug }} + use_syslog = False + use_stderr = True + workers = {{ .Values.global.misc.workers }} + + [database] + connection = mysql+pymysql://{{ .Values.global.database.keystone_user }}:{{ .Values.global.database.keystone_password }}@{{ .Values.global.database.address }}/{{ .Values.global.database.keystone_database_name }} + max_retries = -1 + + [memcache] + servers = {{ .Values.global.memcached.address }} + + [cache] + backend = dogpile.cache.memcached + memcache_servers = {{.Values.global.memcached.address}} + config_prefix = cache.keystone + distributed_lock = True + enabled = True + diff --git a/keystone/templates/mpm_event.conf.yaml b/keystone/templates/mpm_event.conf.yaml new file mode 100644 index 0000000000..8e5555c949 --- /dev/null +++ b/keystone/templates/mpm_event.conf.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: keystone-mpmeventconf +data: + mpm-event.conf: |+ + + ServerLimit 1024 + StartServers 32 + MinSpareThreads 32 + MaxSpareThreads 256 + ThreadsPerChild 25 + MaxRequestsPerChild 128 + ThreadLimit 720 + diff --git a/keystone/templates/service.yaml b/keystone/templates/service.yaml new file mode 100644 index 0000000000..e6f3ac85e4 --- /dev/null +++ b/keystone/templates/service.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: Service +metadata: + name: keystone-api +spec: + ports: + - name: keystone-api-public + port: {{ .Values.global.network.port.public }} + - name: keystone-api-admin + port: {{ .Values.global.network.port.admin }} + selector: + app: keystone-api diff --git a/keystone/templates/start.sh.yaml b/keystone/templates/start.sh.yaml new file mode 100644 index 0000000000..f42d9deb45 --- /dev/null +++ b/keystone/templates/start.sh.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: keystone-startsh +data: + start.sh: |+ + #!/bin/bash + set -ex + + # Loading Apache2 ENV variables + source /etc/apache2/envvars + rm -rf /var/run/apache2/* + APACHE_DIR="apache2" + + apache2 -DFOREGROUND diff --git a/keystone/templates/wsgi-keystone.conf.yaml b/keystone/templates/wsgi-keystone.conf.yaml new file mode 100644 index 0000000000..b39af2a4f7 --- /dev/null +++ b/keystone/templates/wsgi-keystone.conf.yaml @@ -0,0 +1,34 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: keystone-wsgikeystone +data: + wsgi-keystone.conf: |+ + Listen {{ .Values.global.network.ip_address }}:{{ .Values.global.network.port.public }} + Listen {{ .Values.global.network.ip_address }}:{{ .Values.global.network.port.admin }} + + + WSGIDaemonProcess keystone-public processes=16 threads=6 user=keystone group=keystone display-name=%{GROUP} + WSGIProcessGroup keystone-public + WSGIScriptAlias / /var/www/cgi-bin/keystone/main + WSGIApplicationGroup %{GLOBAL} + WSGIPassAuthorization On + = 2.4> + ErrorLogFormat "%{cu}t %M" + + ErrorLog "|$/bin/cat 1>&2" + CustomLog "|/bin/cat" combined + + + + WSGIDaemonProcess keystone-admin processes=16 threads=5 user=keystone group=keystone display-name=%{GROUP} + WSGIProcessGroup keystone-admin + WSGIScriptAlias / /var/www/cgi-bin/keystone/admin + WSGIApplicationGroup %{GLOBAL} + WSGIPassAuthorization On + = 2.4> + ErrorLogFormat "%{cu}t %M" + + ErrorLog "|$/bin/cat 1>&2" + CustomLog "|/bin/cat" combined + diff --git a/keystone/values.yaml b/keystone/values.yaml new file mode 100644 index 0000000000..ce40550a23 --- /dev/null +++ b/keystone/values.yaml @@ -0,0 +1,31 @@ +global: + deployment: + replicas: 1 + control_node_label: openstack-control-plane + image: + db_sync: quay.io/stackanetes/stackanetes-keystone-api:newton + api: quay.io/stackanetes/stackanetes-keystone-api:newton + init: quay.io/stackanetes/stackanetes-kolla-toolbox:newton + network: + port: + admin: 35357 + public: 5000 + ip_address: "{{ .IP }}" + database: + address: mariadb + port: 3306 + root_user: root + root_password: password + keystone_database_name: keystone + keystone_password: password + keystone_user: keystone + keystone: + admin_region_name: RegionOne + admin_user: admin + admin_password: password + admin_project_name: admin + memcached: + address: memcached + misc: + workers: 8 + debug: false