openstack/openstack-helm
Code Issues Proposed changes

General consistency cleanup

Browse Source 
* Made values.yaml consistent throughout charts.  Removed any globals
references in subcharts as these are difficult to override.  Only
ports should be in globals to build URLs which can come as part
of a future commit. The hostname endpoint aspect of a service
will come from openstack-base/_hosts.tpl and the port
would come from the chart itself as a global so other charts
can reference the port to build a complete URL.  Putting the
hostnames themselves as globals in individual charts makes it
difficult to make a sweeping top level FQDN change.

* Cleaned up yaml requirements and incorporated a new _common.tpl
that is distributed to all charts to allow common endpoint naming
while still retaining the ability to install individual charts.

* Fixed keystone URL generation during bootstrap as a correct
URL is critical given keystone uses this to construct all
subsequent URLs in the request. Also allow controlling the
default endpoint version and scheme.

* Added missing NAMESPACE declaration to keystone deployment
as this is required for entrypoint to discover resources
not in the 'default' namespace.

* Refactored all nodeSelector values to be consistent throughout
all charts
This commit is contained in:
Alan Meadows 2016-11-25 16:27:18 -08:00
parent 564f9757fc
commit 7929c94c21
59 changed files with 329 additions and 204 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored
View File

@ -2,4 +2,4 @@
**/*.tgz **/*.tgz
.idea/ .idea/
**/_partials.tpl **/_partials.tpl
**/_common.tpl

37
Makefile
View File

@ -1,30 +1,47 @@
.PHONY: ceph mariadb all clean base64 .PHONY: ceph mariadb keystone memcached rabbitmq openstack-base openstack all clean base64
B64_DIRS := utils/secrets B64_DIRS := openstack-base/secrets
B64_EXCLUDE := $(wildcard utils/secrets/*.b64) B64_EXCLUDE := $(wildcard openstack-base/secrets/*.b64)
all: base64 utils ceph mariadb openstack CHARTS := ceph mariadb rabbitmq memcached keystone openstack
COMMON_TPL := openstack-base/templates/_common.tpl
utils: build-utils all: openstack-base ceph mariadb rabbitmq memcached keystone openstack
openstack-base: build-openstack-base
ceph: build-ceph ceph: build-ceph
mariadb: build-mariadb mariadb: build-mariadb
keystone: build-keystone
rabbitmq: build-rabbitmq
memcached: build-memcached
openstack: build-openstack openstack: build-openstack
clean: clean:
$(shell find . -name '*.b64' -exec rm {} \;) $(shell rm -rf openstack-base/secrets/*.b64)
$(shell find . -name '_partials.tpl' -exec rm {} \;) $(shell rm -rf */templates/_partials.tpl)
echo "Removed all .b64 and _partials.tpl" $(shell rm -rf */templates/_common.tpl)
echo "Removed all .b64, _partials.tpl, and _common.tpl files"
base64: build-openstack-base:
# rebuild all base64 values # rebuild all base64 values
$(eval B64_OBJS = $(foreach dir,$(B64_DIRS),$(shell find $(dir)/* -type f $(foreach e,$(B64_EXCLUDE), -not -path "$(e)")))) $(eval B64_OBJS = $(foreach dir,$(B64_DIRS),$(shell find $(dir)/* -type f $(foreach e,$(B64_EXCLUDE), -not -path "$(e)"))))
$(foreach var,$(B64_OBJS),cat $(var) | base64 | perl -pe 'chomp if eof' > $(var).b64;) $(foreach var,$(B64_OBJS),cat $(var) | base64 | perl -pe 'chomp if eof' > $(var).b64;)
if [ -f openstack-base/Makefile ]; then make -C openstack-base; fi
if [ -f openstack-base/requirements.yaml ]; then helm dep up openstack-base; fi
helm lint openstack-base
helm package openstack-base
$(foreach var,$(CHARTS),$(shell cp $(COMMON_TPL) $(var)/templates))
build-%: build-%:
if [ ! -f $*/templates/_common.tpl ]; then echo; seq -s= 30|tr -d '[:digit:]'; echo "You need to run 'make openstack-base' first to generate _common.tpl"; seq -s= 30|tr -d '[:digit:]'; exit 1; fi;
if [ -f $*/Makefile ]; then make -C $*; fi if [ -f $*/Makefile ]; then make -C $*; fi
if [ -f $*/requirements.yaml ]; then helm dep up $*; fi if [ -f $*/requirements.yaml ]; then helm dep up $*; fi
helm lint $*
helm package $* helm package $*

2
README.md
View File

@ -57,7 +57,7 @@ make
# generate secrets (ceph, etc.) # generate secrets (ceph, etc.)
export osd_cluster_network=10.32.0.0/12 export osd_cluster_network=10.32.0.0/12
export osd_public_network=10.32.0.0/12 export osd_public_network=10.32.0.0/12
cd utils/utils/generator cd openstack-base/utils/secret-generator
./generate_secrets.sh all `./generate_secrets.sh fsid` ./generate_secrets.sh all `./generate_secrets.sh fsid`
cd ../../.. cd ../../..

2
ceph/README.md
View File

@ -84,7 +84,7 @@ kubectl label nodes node-type=storage --all
You will need to generate ceph keys and configuration. There is a simple to use utility that can do this quickly. Please note the generator utility (per ceph-docker) requires the sigil template framework: (https://github.com/gliderlabs/sigil) to be installed and on the current path. You will need to generate ceph keys and configuration. There is a simple to use utility that can do this quickly. Please note the generator utility (per ceph-docker) requires the sigil template framework: (https://github.com/gliderlabs/sigil) to be installed and on the current path.
``` ```
cd utils/utils/generator cd openstack-base/utils/secret-generator
./generate_secrets.sh all `./generate_secrets.sh fsid` ./generate_secrets.sh all `./generate_secrets.sh fsid`
cd ../../.. cd ../../..
``` ```

9
ceph/requirements.lock
View File

@ -1,6 +1,3 @@
dependencies: dependencies: []
- name: utils digest: sha256:81059fe6210ccee4e3349c0f34c12d180f995150128a913d63b65b7937c6b152
repository: http://localhost:8879/charts generated: 2016-11-25T16:24:27.602432249-08:00
version: 0.1.0
digest: sha256:9054fd53dcc5ca45243141487390640dedd7d74aa773b814da975030fcb0e902
generated: 2016-11-23T10:08:51.239134703-08:00

14
ceph/requirements.yaml
View File

@ -1,13 +1 @@
dependencies: dependencies: []
# - name: memcached
# repository: http://localhost:8879/charts
# version: 0.1.0
# - name: rabbitmq
# repository: http://localhost:8879/charts
# version: 0.1.0
# - name: keystone
# repository: http://localhost:8879/charts
# version: 0.1.0
- name: utils
repository: http://localhost:8879/charts
version: 0.1.0

4
ceph/templates/daemonset.yaml
View File

@ -14,7 +14,7 @@ spec:
daemon: osd daemon: osd
spec: spec:
nodeSelector: nodeSelector:
node-type: storage {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }}
volumes: volumes:
- name: devices - name: devices
hostPath: hostPath:
@ -41,7 +41,7 @@ spec:
# path: /home/core/data/ceph/osd # path: /home/core/data/ceph/osd
containers: containers:
- name: osd-pod - name: osd-pod
image: {{ .Values.image_ceph_daemon }} image: {{ .Values.images.daemon }}
imagePullPolicy: Always imagePullPolicy: Always
volumeMounts: volumeMounts:
- name: devices - name: devices

20
ceph/templates/deployment.yaml
View File

@ -16,7 +16,7 @@ spec:
daemon: mds daemon: mds
spec: spec:
nodeSelector: nodeSelector:
node-type: storage {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }}
serviceAccount: default serviceAccount: default
volumes: volumes:
- name: ceph-conf - name: ceph-conf
@ -33,7 +33,7 @@ spec:
secretName: ceph-bootstrap-rgw-keyring secretName: ceph-bootstrap-rgw-keyring
containers: containers:
- name: ceph-mon - name: ceph-mon
image: {{ .Values.image_ceph_daemon }} image: {{ .Values.images.daemon }}
ports: ports:
- containerPort: 6800 - containerPort: 6800
env: env:
@ -103,7 +103,7 @@ spec:
secretName: ceph-bootstrap-rgw-keyring secretName: ceph-bootstrap-rgw-keyring
containers: containers:
- name: ceph-mon - name: ceph-mon
image: {{ .Values.image_ceph_daemon }} image: {{ .Values.images.daemon }}
imagePullPolicy: Always imagePullPolicy: Always
ports: ports:
- containerPort: 6789 - containerPort: 6789
@ -185,7 +185,7 @@ spec:
secretName: ceph-bootstrap-rgw-keyring secretName: ceph-bootstrap-rgw-keyring
containers: containers:
- name: ceph-mon - name: ceph-mon
image: {{ .Values.image_ceph_daemon }} image: {{ .Values.images.daemon }}
# imagePullPolicy: Always # imagePullPolicy: Always
lifecycle: lifecycle:
preStop: preStop:
@ -248,7 +248,7 @@ spec:
spec: spec:
hostNetwork: true hostNetwork: true
nodeSelector: nodeSelector:
node-type: storage {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }}
serviceAccount: default serviceAccount: default
volumes: volumes:
- name: ceph-conf - name: ceph-conf
@ -265,12 +265,12 @@ spec:
secretName: ceph-bootstrap-rgw-keyring secretName: ceph-bootstrap-rgw-keyring
containers: containers:
- name: ceph-rgw - name: ceph-rgw
image: {{ .Values.image_ceph_daemon }} image: {{ .Values.images.daemon }}
ports: ports:
- containerPort: {{ .Values.ceph_rgw_target_port }} - containerPort: {{ .Values.network.port.rgw_target }}
env: env:
- name: RGW_CIVETWEB_PORT - name: RGW_CIVETWEB_PORT
value: "{{ .Values.ceph_rgw_target_port }}" value: "{{ .Values.network.port.rgw_target }}"
- name: CEPH_DAEMON - name: CEPH_DAEMON
value: RGW value: RGW
- name: KV_TYPE - name: KV_TYPE
@ -289,13 +289,13 @@ spec:
livenessProbe: livenessProbe:
httpGet: httpGet:
path: / path: /
port: {{ .Values.ceph_rgw_target_port }} port: {{ .Values.network.port.rgw_target }}
initialDelaySeconds: 120 initialDelaySeconds: 120
timeoutSeconds: 5 timeoutSeconds: 5
readinessProbe: readinessProbe:
httpGet: httpGet:
path: / path: /
port: {{ .Values.ceph_rgw_target_port }} port: {{ .Values.network.port.rgw_target }}
timeoutSeconds: 5 timeoutSeconds: 5
resources: resources:
requests: requests:

6
ceph/templates/secrets.yaml
View File

@ -2,7 +2,6 @@
apiVersion: v1 apiVersion: v1
kind: Secret kind: Secret
metadata: metadata:
namespace: {{.Release.Namespace}}
name: "ceph-conf-combined-storageclass" name: "ceph-conf-combined-storageclass"
type: kubernetes.io/rbd type: kubernetes.io/rbd
data: data:
@ -11,7 +10,6 @@ data:
apiVersion: v1 apiVersion: v1
kind: Secret kind: Secret
metadata: metadata:
namespace: {{.Release.Namespace}}
name: "ceph-conf-combined" name: "ceph-conf-combined"
type: Opaque type: Opaque
data: data:
@ -25,7 +23,6 @@ data:
apiVersion: v1 apiVersion: v1
kind: Secret kind: Secret
metadata: metadata:
namespace: {{.Release.Namespace}}
name: "ceph-bootstrap-rgw-keyring" name: "ceph-bootstrap-rgw-keyring"
type: Opaque type: Opaque
data: data:
@ -35,7 +32,6 @@ data:
apiVersion: v1 apiVersion: v1
kind: Secret kind: Secret
metadata: metadata:
namespace: {{.Release.Namespace}}
name: "ceph-bootstrap-mds-keyring" name: "ceph-bootstrap-mds-keyring"
type: Opaque type: Opaque
data: data:
@ -45,7 +41,6 @@ data:
apiVersion: v1 apiVersion: v1
kind: Secret kind: Secret
metadata: metadata:
namespace: {{.Release.Namespace}}
name: "ceph-bootstrap-osd-keyring" name: "ceph-bootstrap-osd-keyring"
type: Opaque type: Opaque
data: data:
@ -55,7 +50,6 @@ data:
apiVersion: v1 apiVersion: v1
kind: Secret kind: Secret
metadata: metadata:
namespace: {{.Release.Namespace}}
name: "ceph-client-key" name: "ceph-client-key"
type: Opaque type: Opaque
data: data:

8
ceph/templates/service.yaml
View File

@ -8,9 +8,9 @@ metadata:
daemon: mon daemon: mon
spec: spec:
ports: ports:
- port: {{ .Values.ceph_mon_port }} - port: {{ .Values.network.port.mon }}
protocol: TCP protocol: TCP
targetPort: {{ .Values.ceph_mon_port }} targetPort: {{ .Values.network.port.mon }}
selector: selector:
app: ceph app: ceph
daemon: mon daemon: mon
@ -25,9 +25,9 @@ metadata:
daemon: rgw daemon: rgw
spec: spec:
ports: ports:
- port: {{ .Values.ceph_rgw_ingress_port }} - port: {{ .Values.network.port.rgw_ingress }}
protocol: TCP protocol: TCP
targetPort: {{ .Values.ceph_rgw_target_port }} targetPort: {{ .Values.network.port.rgw_target }}
selector: selector:
app: ceph app: ceph
daemon: rgw daemon: rgw

18
ceph/values.yaml
View File

@ -7,8 +7,16 @@
# tunables available - parameterizing more of the elements # tunables available - parameterizing more of the elements
# in the manifests is a work in progress # in the manifests is a work in progress
image_ceph_daemon: quay.io/attcomdev/ceph-daemon:latest
node_label: storage images:
ceph_mon_port: 6789 daemon: quay.io/attcomdev/ceph-daemon:latest
ceph_rgw_ingress_port: 80
ceph_rgw_target_port: 8088 labels:
node_selector_key: ceph-storage
node_selector_value: enabled
network:
port:
mon: 6789
rgw_ingress: 80
rgw_target: 8088

6
keystone/requirements.lock Normal file
View File

@ -0,0 +1,6 @@
dependencies:
- name: memcached
repository: http://localhost:8879/charts
version: 0.1.0
digest: sha256:481dd0955bd39e18cee2026239f140f595f08b988736ad8c1ef95c6212f619c4
generated: 2016-11-25T16:15:47.611304031-08:00

16
keystone/requirements.yaml Normal file
View File

@ -0,0 +1,16 @@
dependencies:
- name: openstack-base
repository: http://localhost:8879/charts
version: 0.1.0
dependencies:
- name: mariadb
repository: http://localhost:8879/charts
version: 0.1.0
dependencies:
- name: rabbitmq
repository: http://localhost:8879/charts
version: 0.1.0
dependencies:
- name: memcached
repository: http://localhost:8879/charts
version: 0.1.0

18
keystone/templates/db-sync.sh.yaml
View File

@ -7,5 +7,21 @@ data:
#!/bin/bash #!/bin/bash
set -ex set -ex
# order of kolla_keystone_bootstrap urls
# for those of looking for a little expanation
# to a mysterious blackbox
#
# these will feed into the keystone endpoints
# so it is important they are correct
#
# keystone_admin_url
# keystone_internal_url
# keystone_public_url
keystone-manage db_sync keystone-manage db_sync
kolla_keystone_bootstrap {{ .Values.global.keystone.admin_user }} {{ .Values.global.keystone.admin_password }} {{ .Values.global.keystone.admin_project_name }} admin http://keystone-api:{{ .Values.global.network.port.admin }}/v3 http://keystone-api:{{ .Values.global.network.port.public }}/v3 http://keystone-api:{{ .Values.global.network.port.public }}/v3 {{ .Values.global.keystone.admin_region_name }} kolla_keystone_bootstrap {{ .Values.keystone.admin_user }} {{ .Values.keystone.admin_password }} \
{{ .Values.keystone.admin_project_name }} admin \
{{ .Values.keystone.scheme }}://{{ include "keystone_api_endpoint_host_admin" . }}:{{ .Values.network.port.admin }}/{{ .Values.keystone.version }} \
{{ .Values.keystone.scheme }}://{{ include "keystone_api_endpoint_host_internal" . }}:{{ .Values.network.port.public }}/{{ .Values.keystone.version }} \
{{ .Values.keystone.scheme }}://{{ include "keystone_api_endpoint_host_public" . }}:{{ .Values.network.port.public }}/{{ .Values.keystone.version }} \
{{ .Values.keystone.admin_region_name }}

2
keystone/templates/db-sync.yaml
View File

@ -8,7 +8,7 @@ spec:
restartPolicy: OnFailure restartPolicy: OnFailure
containers: containers:
- name: keystone-init - name: keystone-init
image: {{ .Values.global.deployment.image.db_sync }} image: {{ .Values.images.db_sync }}
imagePullPolicy: Always imagePullPolicy: Always
env: env:
- name: INTERFACE_NAME - name: INTERFACE_NAME

18
keystone/templates/deployment.yaml
View File

@ -3,7 +3,7 @@ kind: Deployment
metadata: metadata:
name: keystone-api name: keystone-api
spec: spec:
replicas: {{ .Values.global.deployment.replicas }} replicas: {{ .Values.replicas }}
template: template:
metadata: metadata:
labels: labels:
@ -14,13 +14,17 @@ spec:
"name": "init", "name": "init",
"image": "quay.io/stackanetes/kubernetes-entrypoint:v0.1.0", "image": "quay.io/stackanetes/kubernetes-entrypoint:v0.1.0",
"env": [ "env": [
{
"name": "NAMESPACE",
"value": "{{ .Release.Namespace }}"
},
{ {
"name": "DEPENDENCY_SERVICE", "name": "DEPENDENCY_SERVICE",
"value": "mariadb" "value": "mariadb"
}, },
{ {
"name": "DEPENDENCY_JOBS", "name": "DEPENDENCY_JOBS",
"value": "mariadb-seed,nova-db-sync" "value": "mariadb-seed"
}, },
{ {
"name": "COMMAND", "name": "COMMAND",
@ -31,10 +35,10 @@ spec:
]' ]'
spec: spec:
nodeSelector: nodeSelector:
{{ .Values.global.deployment.control_node_label }}: enabled {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }}
containers: containers:
- name: keystone-api - name: keystone-api
image: {{ .Values.global.deployment.image.api }} image: {{ .Values.images.api }}
env: env:
- name: INTERFACE_NAME - name: INTERFACE_NAME
value: "eth0" value: "eth0"
@ -55,11 +59,11 @@ spec:
- name: DEPENDENCY_CONFIG - name: DEPENDENCY_CONFIG
value: "/etc/apache2/conf-enabled/wsgi-keystone.conf" value: "/etc/apache2/conf-enabled/wsgi-keystone.conf"
ports: ports:
- containerPort: {{ .Values.global.network.port.public }} - containerPort: {{ .Values.network.port.public }}
- containerPort: {{ .Values.global.network.port.admin }} - containerPort: {{ .Values.network.port.admin }}
readinessProbe: readinessProbe:
tcpSocket: tcpSocket:
port: {{ .Values.global.network.port.public }} port: {{ .Values.network.port.public }}
volumeMounts: volumeMounts:
- name: keystoneconf - name: keystoneconf
mountPath: /etc/keystone/keystone.conf mountPath: /etc/keystone/keystone.conf

4
keystone/templates/init.sh.yaml
View File

@ -8,6 +8,6 @@ data:
set -ex set -ex
export HOME=/tmp export HOME=/tmp
ansible localhost -vvv -m mysql_db -a "login_host='{{ .Values.global.database.address }}' login_port='{{ .Values.global.database.port }}' login_user='{{ .Values.global.database.root_user }}' login_password='{{ .Values.global.database.root_password }}' name='{{ .Values.global.database.keystone_database_name }}'" ansible localhost -vvv -m mysql_db -a "login_host='{{ include "keystone_db_host" . }}' login_port='{{ .Values.database.port }}' login_user='{{ .Values.database.root_user }}' login_password='{{ .Values.database.root_password }}' name='{{ .Values.database.keystone_database_name }}'"
ansible localhost -vvv -m mysql_user -a "login_host='{{ .Values.global.database.address }}' login_port='{{ .Values.global.database.port }}' login_user='{{ .Values.global.database.root_user }}' login_password='{{ .Values.global.database.root_password }}' name='{{ .Values.global.database.keystone_user }}' password='{{ .Values.global.database.keystone_password }}' host='%' priv='{{ .Values.global.database.keystone_database_name }}.*:ALL' append_privs='yes'" ansible localhost -vvv -m mysql_user -a "login_host='{{ include "keystone_db_host" . }}' login_port='{{ .Values.database.port }}' login_user='{{ .Values.database.root_user }}' login_password='{{ .Values.database.root_password }}' name='{{ .Values.database.keystone_user }}' password='{{ .Values.database.keystone_password }}' host='%' priv='{{ .Values.database.keystone_database_name }}.*:ALL' append_privs='yes'"

2
keystone/templates/init.yaml
View File

@ -8,7 +8,7 @@ spec:
restartPolicy: OnFailure restartPolicy: OnFailure
containers: containers:
- name: keystone-init - name: keystone-init
image: {{ .Values.global.deployment.image.init }} image: {{ .Values.images.init }}
imagePullPolicy: Always imagePullPolicy: Always
env: env:
- name: INTERFACE_NAME - name: INTERFACE_NAME

10
keystone/templates/keystone.conf.yaml
View File

@ -5,21 +5,21 @@ metadata:
data: data:
keystone.conf: |+ keystone.conf: |+
[DEFAULT] [DEFAULT]
debug = {{ .Values.global.misc.debug }} debug = {{ .Values.misc.debug }}
use_syslog = False use_syslog = False
use_stderr = True use_stderr = True
workers = {{ .Values.global.misc.workers }} workers = {{ .Values.misc.workers }}
[database] [database]
connection = mysql+pymysql://{{ .Values.global.database.keystone_user }}:{{ .Values.global.database.keystone_password }}@{{ .Values.global.database.address }}/{{ .Values.global.database.keystone_database_name }} connection = mysql+pymysql://{{ .Values.database.keystone_user }}:{{ .Values.database.keystone_password }}@{{ include "keystone_db_host" . }}/{{ .Values.database.keystone_database_name }}
max_retries = -1 max_retries = -1
[memcache] [memcache]
servers = {{ .Values.global.memcached.address }} servers = {{ include "memcached_host" . }}
[cache] [cache]
backend = dogpile.cache.memcached backend = dogpile.cache.memcached
memcache_servers = {{.Values.global.memcached.address}} memcache_servers = {{ include "memcached_host" . }}
config_prefix = cache.keystone config_prefix = cache.keystone
distributed_lock = True distributed_lock = True
enabled = True enabled = True

4
keystone/templates/service.yaml
View File

@ -5,8 +5,8 @@ metadata:
spec: spec:
ports: ports:
- name: keystone-api-public - name: keystone-api-public
port: {{ .Values.global.network.port.public }} port: {{ .Values.network.port.public }}
- name: keystone-api-admin - name: keystone-api-admin
port: {{ .Values.global.network.port.admin }} port: {{ .Values.network.port.admin }}
selector: selector:
app: keystone-api app: keystone-api

8
keystone/templates/wsgi-keystone.conf.yaml
View File

@ -4,10 +4,10 @@ metadata:
name: keystone-wsgikeystone name: keystone-wsgikeystone
data: data:
wsgi-keystone.conf: |+ wsgi-keystone.conf: |+
Listen {{ .Values.global.network.ip_address }}:{{ .Values.global.network.port.public }} Listen {{ .Values.network.ip_address }}:{{ .Values.network.port.public }}
Listen {{ .Values.global.network.ip_address }}:{{ .Values.global.network.port.admin }} Listen {{ .Values.network.ip_address }}:{{ .Values.network.port.admin }}
<VirtualHost *:{{ .Values.global.network.port.public }}> <VirtualHost *:{{ .Values.network.port.public }}>
WSGIDaemonProcess keystone-public processes=16 threads=6 user=keystone group=keystone display-name=%{GROUP} WSGIDaemonProcess keystone-public processes=16 threads=6 user=keystone group=keystone display-name=%{GROUP}
WSGIProcessGroup keystone-public WSGIProcessGroup keystone-public
WSGIScriptAlias / /var/www/cgi-bin/keystone/main WSGIScriptAlias / /var/www/cgi-bin/keystone/main
@ -20,7 +20,7 @@ data:
CustomLog "|/bin/cat" combined CustomLog "|/bin/cat" combined
</VirtualHost> </VirtualHost>
<VirtualHost *:{{ .Values.global.network.port.admin }}> <VirtualHost *:{{ .Values.network.port.admin }}>
WSGIDaemonProcess keystone-admin processes=16 threads=5 user=keystone group=keystone display-name=%{GROUP} WSGIDaemonProcess keystone-admin processes=16 threads=5 user=keystone group=keystone display-name=%{GROUP}
WSGIProcessGroup keystone-admin WSGIProcessGroup keystone-admin
WSGIScriptAlias / /var/www/cgi-bin/keystone/admin WSGIScriptAlias / /var/www/cgi-bin/keystone/admin

72
keystone/values.yaml
View File

@ -1,31 +1,41 @@
global: # Default values for keystone.
deployment: # This is a YAML-formatted file.
replicas: 1 # Declare name/value pairs to be passed into your templates.
control_node_label: openstack-control-plane # name: value
image:
db_sync: quay.io/stackanetes/stackanetes-keystone-api:newton replicas: 1
api: quay.io/stackanetes/stackanetes-keystone-api:newton
init: quay.io/stackanetes/stackanetes-kolla-toolbox:newton labels:
network: node_selector_key: openstack-control-plane
port: node_selector_value: enabled
admin: 35357
public: 5000 images:
ip_address: "{{ .IP }}" db_sync: quay.io/stackanetes/stackanetes-keystone-api:newton
database: api: quay.io/stackanetes/stackanetes-keystone-api:newton
address: mariadb init: quay.io/stackanetes/stackanetes-kolla-toolbox:newton
port: 3306
root_user: root keystone:
root_password: password version: v2.0
keystone_database_name: keystone scheme: http
keystone_password: password admin_region_name: RegionOne
keystone_user: keystone admin_user: admin
keystone: admin_password: password
admin_region_name: RegionOne admin_project_name: admin
admin_user: admin
admin_password: password network:
admin_project_name: admin port:
memcached: admin: 35357
address: memcached public: 5000
misc: ip_address: "{{ .IP }}"
workers: 8
debug: false database:
port: 3306
root_user: root
root_password: password
keystone_database_name: keystone
keystone_password: password
keystone_user: keystone
misc:
workers: 8
debug: false

6
mariadb/requirements.lock Normal file
View File

@ -0,0 +1,6 @@
dependencies:
- name: openstack-base
repository: http://localhost:8879/charts
version: 0.1.0
digest: sha256:178ec6c44cf73c5d3c6d47eccee30b1b7f7e373c57af4e37fe7ea85f3549660e
generated: 2016-11-25T16:24:28.454876345-08:00

4
mariadb/requirements.yaml Normal file
View File

@ -0,0 +1,4 @@
dependencies:
- name: openstack-base
repository: http://localhost:8879/charts
version: 0.1.0

10
mariadb/templates/mariadb-pods.yaml → mariadb/templates/mariadb-deployment.yaml
View File

@ -2,20 +2,20 @@
apiVersion: v1 apiVersion: v1
kind: Service kind: Service
metadata: metadata:
name: infra-db name: mariadb
spec: spec:
ports: ports:
- name: db - name: db
port: {{ .Values.network.port.mariadb }} port: {{ .Values.network.port.mariadb }}
selector: selector:
app: mariadb app: mariadb
{{- $root := . -}} {{- $root := . -}}
{{ range $k, $v := until (atoi .Values.replicas) }} {{ range $k, $v := until (atoi .Values.replicas) }}
--- ---
apiVersion: v1 apiVersion: v1
kind: Service kind: Service
metadata: metadata:
name: infra-db-{{$v}} name: mariadb-{{$v}}
labels: labels:
release: {{ $root.Release.Name | quote }} release: {{ $root.Release.Name | quote }}
chart: "{{ $root.Chart.Name }}-{{ $root.Chart.Version }}" chart: "{{ $root.Chart.Name }}-{{ $root.Chart.Version }}"
@ -85,7 +85,7 @@ spec:
} }
spec: spec:
nodeSelector: nodeSelector:
{{ $root.Values.labels.control_node_label }}: enabled {{ $root.Values.labels.node_selector_key }}: {{ $root.Values.labels.node_selector_value }}
containers: containers:
- name: mariadb-{{$v}} - name: mariadb-{{$v}}
image: {{ $root.Values.images.mariadb }} image: {{ $root.Values.images.mariadb }}
@ -203,4 +203,4 @@ spec:
matchLabels: matchLabels:
server-id: "{{$v}}" server-id: "{{$v}}"
claimName: mariadb-{{$v}} claimName: mariadb-{{$v}}
{{ end }} {{ end }}

14
mariadb/values.yaml
View File

@ -1,11 +1,20 @@
# Default values for mariadb.
# This is a YAML-formatted file.
# Declare name/value pairs to be passed into your templates.
# name: value
replicas: "3" # this must be quoted to deal with atoi replicas: "3" # this must be quoted to deal with atoi
images: images:
mariadb: quay.io/stackanetes/stackanetes-mariadb:newton mariadb: quay.io/stackanetes/stackanetes-mariadb:newton
ceph_rbd_job: quay.io/attcomdev/ceph-daemon:latest
volume: volume:
size: 20Gi size: 20Gi
labels: labels:
control_node_label: openstack-control-plane node_selector_key: openstack-control-plane
node_selector_value: enabled
network: network:
port: port:
wsrep: 4567 wsrep: 4567
@ -13,6 +22,7 @@ network:
dns: dns:
kubernetes_domain: cluster.local kubernetes_domain: cluster.local
ip_address: "{{ .IP }}" ip_address: "{{ .IP }}"
database: database:
root_password: password root_password: password
cluster_name: mariadb cluster_name: mariadb

6
memcached/requirements.lock Normal file
View File

@ -0,0 +1,6 @@
dependencies:
- name: openstack-base
repository: http://localhost:8879/charts
version: 0.1.0
digest: sha256:178ec6c44cf73c5d3c6d47eccee30b1b7f7e373c57af4e37fe7ea85f3549660e
generated: 2016-11-25T16:24:49.79575501-08:00

4
memcached/requirements.yaml Normal file
View File

@ -0,0 +1,4 @@
dependencies:
- name: openstack-base
repository: http://localhost:8879/charts
version: 0.1.0

4
memcached/templates/deployment.yaml
View File

@ -10,10 +10,10 @@ spec:
app: memcached app: memcached
spec: spec:
nodeSelector: nodeSelector:
{{ .Values.global.deployment.control_node_label }}: enabled {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }}
containers: containers:
- name: memcached - name: memcached
image: {{ .Values.global.deployment.image.memcached }} image: {{ .Values.images.memcached }}
imagePullPolicy: Always imagePullPolicy: Always
env: env:
- name: INTERFACE_NAME - name: INTERFACE_NAME

17
memcached/values.yaml
View File

@ -1,7 +1,14 @@
global: # Default values for memcached.
deployment: # This is a YAML-formatted file.
image: # Declare name/value pairs to be passed into your templates.
memcached: quay.io/stackanetes/stackanetes-memcached:newton # name: value
control_node_label: openstack-control-plane
images:
memcached: quay.io/stackanetes/stackanetes-memcached:newton
labels:
node_selector_key: openstack-control-plane
node_selector_value: enabled
network: network:
port: 11211 port: 11211

0
utils/.gitignore → openstack-base/.gitignore vendored
View File

0
utils/.helmignore → openstack-base/.helmignore
View File

4
openstack-base/Chart.yaml Executable file
View File

@ -0,0 +1,4 @@
apiVersion: v1
description: A base chart for all openstack charts
name: openstack-base
version: 0.1.0

4
utils/Makefile → openstack-base/Makefile
View File

@ -1,7 +1,7 @@
EXCLUDE := templates/* charts/* Chart.yaml requirement* values.yaml Makefile utils/* EXCLUDE := templates/* charts/* Chart.yaml requirement* values.yaml Makefile utils/* openstack-base/Chart.yaml
FILES := $(shell find * -type f $(foreach e,$(EXCLUDE), -not -path "$(e)") ) FILES := $(shell find * -type f $(foreach e,$(EXCLUDE), -not -path "$(e)") )
templates/_partials.tpl: Makefile $(FILES) templates/_common.tpl: Makefile $(FILES)
echo Generating $(CURDIR)/$@ echo Generating $(CURDIR)/$@
rm -f $@ rm -f $@
for i in $(FILES); do printf '{{ define "'$$i'" }}' >> $@; cat $$i >> $@; printf "{{ end }}\n" >> $@; done for i in $(FILES); do printf '{{ define "'$$i'" }}' >> $@; cat $$i >> $@; printf "{{ end }}\n" >> $@; done

3
openstack-base/requirements.lock Normal file
View File

@ -0,0 +1,3 @@
dependencies: []
digest: sha256:81059fe6210ccee4e3349c0f34c12d180f995150128a913d63b65b7937c6b152
generated: 2016-11-25T16:25:49.376763578-08:00

1
openstack-base/requirements.yaml Normal file
View File

@ -0,0 +1 @@
dependencies: []

15
openstack-base/templates/_hosts.tpl Normal file
View File

@ -0,0 +1,15 @@
# fqdn
{{define "region"}}cluster{{end}}
{{define "tld"}}local{{end}}
# infrastructure services
{{define "rabbitmq_host"}}rabbitmq.{{.Release.Namespace}}.svc.{{ include "region" . }}.{{ include "tld" . }}{{end}}
{{define "memcached_host"}}memcached.{{.Release.Namespace}}.svc.{{ include "region" . }}.{{ include "tld" . }}{{end}}
{{define "mariadb_host"}}mariadb.{{.Release.Namespace}}.svc.kubernetes.{{ include "region" . }}.{{ include "tld" . }}{{end}}
# keystone
{{define "keystone_db_host"}} {{ include "mariadb_host" . }}{{end}}
{{define "keystone_api_endpoint_host_admin"}}keystone-api.{{.Release.Namespace}}.svc.{{ include "region" . }}.{{ include "tld" . }}{{end}}
{{define "keystone_api_endpoint_host_internal"}}keystone-api.{{.Release.Namespace}}.svc.{{ include "region" . }}.{{ include "tld" . }}{{end}}
{{define "keystone_api_endpoint_host_public"}}keystone-api.{{ include "region" . }}.{{ include "tld" . }}{{end}}
{{define "keystone_api_endpoint_host_admin_ext"}}keystone-api.{{ include "region" . }}.{{ include "tld" . }}{{end}}

0
utils/utils/secret-generator/README.md → openstack-base/utils/secret-generator/README.md
View File

0
utils/utils/secret-generator/ceph-key.py → openstack-base/utils/secret-generator/ceph-key.py
View File

0
utils/utils/secret-generator/generate_secrets.sh → openstack-base/utils/secret-generator/generate_secrets.sh
View File

0
utils/utils/secret-generator/templates/ceph/admin.keyring.tmpl → openstack-base/utils/secret-generator/templates/ceph/admin.keyring.tmpl
View File

0
utils/utils/secret-generator/templates/ceph/bootstrap.keyring.tmpl → openstack-base/utils/secret-generator/templates/ceph/bootstrap.keyring.tmpl
View File

0
utils/utils/secret-generator/templates/ceph/ceph.conf.tmpl → openstack-base/utils/secret-generator/templates/ceph/ceph.conf.tmpl
View File

0
utils/utils/secret-generator/templates/ceph/mon.keyring.tmpl → openstack-base/utils/secret-generator/templates/ceph/mon.keyring.tmpl
View File

0
utils/utils/test/ceph-rbd-test.yaml → openstack-base/utils/test/ceph-rbd-test.yaml
View File

4
utils/values.yaml → openstack-base/values.yaml
View File

@ -2,3 +2,7 @@
# This is a YAML-formatted file. # This is a YAML-formatted file.
# Declare name/value pairs to be passed into your templates. # Declare name/value pairs to be passed into your templates.
# name: value # name: value
global:
region: cluster
tld: local

2
openstack/Makefile
View File

@ -1,4 +1,4 @@
EXCLUDE := templates/* charts/* Chart.yaml requirement* values.yaml Makefile utils/* EXCLUDE := templates/* charts/* Chart.yaml requirement* values.yaml Makefile openstack-base/Chart.yaml
FILES := $(shell find * -type f $(foreach e,$(EXCLUDE), -not -path "$(e)") ) FILES := $(shell find * -type f $(foreach e,$(EXCLUDE), -not -path "$(e)") )
templates/_partials.tpl: Makefile $(FILES) templates/_partials.tpl: Makefile $(FILES)

16
openstack/requirements.lock
View File

@ -1,6 +1,18 @@
dependencies: dependencies:
- name: openstack-base
repository: http://localhost:8879/charts
version: 0.1.0
- name: memcached
repository: http://localhost:8879/charts
version: 0.1.0
- name: rabbitmq
repository: http://localhost:8879/charts
version: 0.1.0
- name: mariadb - name: mariadb
repository: http://localhost:8879/charts repository: http://localhost:8879/charts
version: 0.1.0 version: 0.1.0
digest: sha256:4a2c3cbe5841ba5b4cefeb9b9929b5ebf52d7779b279a45c9f1bb229b1e358da - name: keystone
generated: 2016-11-23T10:08:51.688995889-08:00 repository: http://localhost:8879/charts
version: 0.1.0
digest: sha256:cbe0cda88c1f8f7daf37f58e8d38c913478630687b22f8e622950c08cb2fdc6d
generated: 2016-11-25T15:34:47.932395616-08:00

21
openstack/requirements.yaml
View File

@ -1,13 +1,16 @@
dependencies: dependencies:
# - name: memcached - name: openstack-base
# repository: http://localhost:8879/charts version: 0.1.0
# version: 0.1.0 repository: http://localhost:8879/charts
# - name: rabbitmq - name: memcached
# repository: http://localhost:8879/charts repository: http://localhost:8879/charts
# version: 0.1.0 version: 0.1.0
# - name: keystone - name: rabbitmq
# repository: http://localhost:8879/charts repository: http://localhost:8879/charts
# version: 0.1.0 version: 0.1.0
- name: mariadb - name: mariadb
repository: http://localhost:8879/charts repository: http://localhost:8879/charts
version: 0.1.0 version: 0.1.0
- name: keystone
repository: http://localhost:8879/charts
version: 0.1.0

12
openstack/values.yaml
View File

@ -3,10 +3,14 @@
# Declare name/value pairs to be passed into your templates. # Declare name/value pairs to be passed into your templates.
# name: value # name: value
global: mariadb:
# (alanmeadows) NOTE: these two items are not easily changeable yet images:
region: cluster mariadb: quay.io/stackanetes/stackanetes-mariadb:newton
tld: local volume:
size: 20Gi
labels:
control_node_label: openstack-control-plane
images: images:
ceph_rbd_job: quay.io/attcomdev/ceph-daemon:latest ceph_rbd_job: quay.io/attcomdev/ceph-daemon:latest

6
rabbitmq/requirements.lock Normal file
View File

@ -0,0 +1,6 @@
dependencies:
- name: openstack-base
repository: http://localhost:8879/charts
version: 0.1.0
digest: sha256:178ec6c44cf73c5d3c6d47eccee30b1b7f7e373c57af4e37fe7ea85f3549660e
generated: 2016-11-25T16:24:29.266938266-08:00

4
rabbitmq/requirements.yaml Normal file
View File

@ -0,0 +1,4 @@
dependencies:
- name: openstack-base
repository: http://localhost:8879/charts
version: 0.1.0

12
rabbitmq/templates/deployment.yaml
View File

@ -3,14 +3,14 @@ apiVersion: extensions/v1beta1
metadata: metadata:
name: rabbitmq name: rabbitmq
spec: spec:
replicas: 1 replicas: {{ .Values.replicas }}
template: template:
metadata: metadata:
labels: labels:
app: rabbitmq app: rabbitmq
spec: spec:
nodeSelector: nodeSelector:
{{.Values.global.label.control_node}}: enabled {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }}
volumes: volumes:
- name: rabbitmq-emptydir - name: rabbitmq-emptydir
emptyDir: {} emptyDir: {}
@ -19,18 +19,20 @@ spec:
name: start-rabbitmq name: start-rabbitmq
containers: containers:
- name: rabbitmq - name: rabbitmq
image: rabbitmq:3-management image: {{ .Values.images.rabbitmq }}
command: command:
- bash - bash
- /tmp/start_rabbitmq.sh - /tmp/start_rabbitmq.sh
livenessProbe: livenessProbe:
tcpSocket: tcpSocket:
port: {{.Values.global.rabbitmq_port_public}} port: {{.Values.network.port.public}}
initialDelaySeconds: 60 initialDelaySeconds: 60
timeoutSeconds: 5 timeoutSeconds: 5
ports: ports:
- name: rabbitmq - name: rabbitmq
containerPort: {{.Values.global.rabbitmq_port_public}} containerPort: {{.Values.network.port.public}}
- name: management
containerPort: {{.Values.network.port.management}}
volumeMounts: volumeMounts:
- name: rabbitmq-emptydir - name: rabbitmq-emptydir
mountPath: /var/lib/rabbitmq mountPath: /var/lib/rabbitmq

2
rabbitmq/templates/service.yaml
View File

@ -4,6 +4,6 @@ metadata:
name: rabbitmq name: rabbitmq
spec: spec:
ports: ports:
- port: {{.Values.global.rabbitmq_port_public}} - port: {{.Values.network.port.public}}
selector: selector:
app: rabbitmq app: rabbitmq

12
rabbitmq/templates/start_rabbitmq.yaml
View File

@ -17,14 +17,14 @@ data:
rabbitmq-plugins enable rabbitmq_tracing rabbitmq-plugins enable rabbitmq_tracing
rabbitmqctl trace_on rabbitmqctl trace_on
rabbitmqctl add_user {{ .Values.global.rabbitmq_default_user }} {{ .Values.global.rabbitmq_default_pass }} || true rabbitmqctl add_user {{ .Values.auth.default_user }} {{ .Values.auth.default_pass }} || true
rabbitmqctl set_permissions {{ .Values.global.rabbitmq_default_user }} ".*" ".*" ".*" || true rabbitmqctl set_permissions {{ .Values.auth.default_user }} ".*" ".*" ".*" || true
rabbitmqctl add_user {{ .Values.global.rabbitmq_admin_user }} {{ .Values.global.rabbitmq_admin_pass }}|| true rabbitmqctl add_user {{ .Values.auth.admin_user }} {{ .Values.auth.admin_pass }}|| true
rabbitmqctl set_permissions {{ .Values.global.rabbitmq_admin_user }} ".*" ".*" ".*" || true rabbitmqctl set_permissions {{ .Values.auth.admin_user }} ".*" ".*" ".*" || true
rabbitmqctl set_user_tags {{ .Values.global.rabbitmq_admin_user }} administrator || true rabbitmqctl set_user_tags {{ .Values.auth.admin_user }} administrator || true
rabbitmqctl change_password guest {{ .Values.global.rabbitmq_default_pass }} || true rabbitmqctl change_password guest {{ .Values.auth.default_pass }} || true
rabbitmqctl set_user_tags guest monitoring || true rabbitmqctl set_user_tags guest monitoring || true
/etc/init.d/rabbitmq-server stop /etc/init.d/rabbitmq-server stop
exec rabbitmq-server exec rabbitmq-server

33
rabbitmq/values.yaml
View File

@ -2,16 +2,25 @@
# This is a YAML-formatted file. # This is a YAML-formatted file.
# Declare name/value pairs to be passed into your templates. # Declare name/value pairs to be passed into your templates.
# name: value # name: value
global:
rabbitmq_default_user: openstack
rabbitmq_admin_user: rabbitmq
rabbitmq_port_public: '5672'
rabbitmq_port_management: '15672'
rabbitmq_default_pass: password replicas: "1" # this must be quoted to deal with atoi
rabbitmq_admin_pass: password
label: labels:
control_node: "openstack-control-plane" node_selector_key: openstack-control-plane
# TODO(DTadrzak): delete me node_selector_value: enabled
local:
image: "quay.io/stackanetes/stackanetes-rabbitmq:newton" auth:
default_user: openstack
default_pass: password
admin_user: rabbitmq
admin_pass: password
network:
port:
public: '5672'
management: '15672'
images:
rabbitmq: "rabbitmq:3-management"

4
utils/Chart.yaml
View File

@ -1,4 +0,0 @@
apiVersion: v1
description: A Helm chart for Kubernetes
name: utils
version: 0.1.0

22
utils/templates/_common.sh
View File

@ -1,22 +0,0 @@
{{define "common.sh"}}
#!/usr/bin/env bash
function start_application {
if [ "$DEBUG_CONTAINER" = "true" ]
then
tail -f /dev/null
else
_start_application
fi
}
CLUSTER_SCRIPT_PATH=/openstack-kube/openstack-kube/scripts
CLUSTER_CONFIG_PATH=/openstack-kube/openstack-kube/etc
export MY_IP=$(ip route get 1 | awk '{print $NF;exit}')
{{end}}

9
utils/templates/_hosts.tpl
View File

@ -1,9 +0,0 @@
{{define "rabbitmq_host"}}rabbitmq.{{.Release.Namespace}}.svc.{{.Values.global.region}}.{{.Values.global.tld}}{{end}}
{{define "memcached_host"}}memcached.{{.Release.Namespace}}.svc.{{.Values.global.region}}.{{.Values.global.tld}}{{end}}
{{define "infra-db"}}infra-db.{{.Release.Namespace}}.svc.kubernetes.{{.Values.global.region}}.{{.Values.global.tld}}{{end}}
{{define "keystone_db_host"}}infra-db.{{.Release.Namespace}}.svc.{{.Values.global.region}}.{{.Values.global.tld}}{{end}}
{{define "keystone_api_endpoint_host_admin"}}keystone.{{.Release.Namespace}}.svc.{{.Values.global.region}}.{{.Values.global.tld}}{{end}}
{{define "keystone_api_endpoint_host_internal"}}keystone.{{.Release.Namespace}}.svc.{{.Values.global.region}}.{{.Values.global.tld}}{{end}}
{{define "keystone_api_endpoint_host_public"}}identity-3.{{.Values.global.region}}.{{.Values.global.tld}}{{end}}
{{define "keystone_api_endpoint_host_admin_ext"}}identity-admin-3.{{.Values.global.region}}.{{.Values.global.tld}}{{end}}