diff --git a/Makefile b/Makefile index 5c7e2a1e61..4ae089a7fd 100644 --- a/Makefile +++ b/Makefile @@ -1,12 +1,12 @@ -.PHONY: ceph bootstrap mariadb keystone memcached rabbitmq common openstack neutron maas all clean +.PHONY: ceph bootstrap mariadb keystone memcached rabbitmq common openstack neutron nova maas all clean B64_DIRS := common/secrets B64_EXCLUDE := $(wildcard common/secrets/*.b64) -CHARTS := ceph mariadb rabbitmq GLANCE memcached keystone glance horizon neutron maas openstack +CHARTS := ceph mariadb rabbitmq GLANCE memcached keystone glance horizon neutron nova maas openstack COMMON_TPL := common/templates/_globals.tpl -all: common ceph bootstrap mariadb rabbitmq memcached keystone glance horizon neutron maas openstack +all: common ceph bootstrap mariadb rabbitmq memcached keystone glance horizon neutron nova maas openstack common: build-common @@ -27,6 +27,8 @@ glance: build-glance neutron: build-neutron +nova: build-nova + maas: build-maas memcached: build-memcached diff --git a/nova/Chart.yaml b/nova/Chart.yaml new file mode 100644 index 0000000000..85f08c3269 --- /dev/null +++ b/nova/Chart.yaml @@ -0,0 +1,3 @@ +description: A Helm chart for nova +name: nova +version: 0.1.0 diff --git a/nova/requirements.yaml b/nova/requirements.yaml new file mode 100644 index 0000000000..2350b1facb --- /dev/null +++ b/nova/requirements.yaml @@ -0,0 +1,4 @@ +dependencies: + - name: common + repository: http://localhost:8879/charts + version: 0.1.0 diff --git a/nova/templates/bin/_db-sync.sh.tpl b/nova/templates/bin/_db-sync.sh.tpl new file mode 100644 index 0000000000..b447fad189 --- /dev/null +++ b/nova/templates/bin/_db-sync.sh.tpl @@ -0,0 +1,6 @@ +#!/bin/bash +set -ex + +nova-manage db sync +nova-manage api_db sync +nova-manage db online_data_migrations diff --git a/nova/templates/bin/_init.sh.tpl b/nova/templates/bin/_init.sh.tpl new file mode 100644 index 0000000000..b175ca7d5a --- /dev/null +++ b/nova/templates/bin/_init.sh.tpl @@ -0,0 +1,36 @@ +#!/bin/bash + +echo "Hello World" + +set -ex +export HOME=/tmp + +ansible localhost -vvv -m mysql_db -a "login_host='{{ include "keystone_db_host" . }}' \ +login_port='{{ .Values.database.port }}' \ +login_user='{{ .Values.database.root_user }}' \ +login_password='{{ .Values.database.root_password }}' \ +name='{{ .Values.database.nova_database_name }}'" + +ansible localhost -vvv -m mysql_user -a "login_host='{{ include "keystone_db_host" . }}' \ +login_port='{{ .Values.database.port }}' \ +login_user='{{ .Values.database.root_user }}' \ +login_password='{{ .Values.database.root_password }}' \ +name='{{ .Values.database.nova_user }}' \ +password='{{ .Values.database.nova_password }}' \ +host='%' \ +priv='{{ .Values.database.nova_database_name }}.*:ALL' append_privs='yes'" + +ansible localhost -vvv -m mysql_db -a "login_host='{{ include "keystone_db_host" . }}' \ +login_port='{{ .Values.database.port }}' \ +login_user='{{ .Values.database.root_user }}' \ +login_password='{{ .Values.database.root_password }}' \ +name='{{ .Values.database.nova_api_database_name }}'" + +ansible localhost -vvv -m mysql_user -a "login_host='{{ include "keystone_db_host" . }}' \ +login_port='{{ .Values.database.port }}' \ +login_user='{{ .Values.database.root_user }}' \ +login_password='{{ .Values.database.root_password }}' \ +name='{{ .Values.database.nova_user }}' \ +password='{{ .Values.database.nova_password }}' \ +host='%' \ +priv='{{ .Values.database.nova_api_database_name }}.*:ALL' append_privs='yes'" diff --git a/nova/templates/bin/_libvirt.sh.tpl b/nova/templates/bin/_libvirt.sh.tpl new file mode 100644 index 0000000000..33fc015e0e --- /dev/null +++ b/nova/templates/bin/_libvirt.sh.tpl @@ -0,0 +1,35 @@ +#!/bin/bash +set -ex + +if [[ -f /var/run/libvirtd.pid ]]; then + test -d /proc/$(< /var/run/libvirtd.pid) && \ + ( echo "Libvirtd daemon is running" && exit 10 ) +fi + +rm -f /var/run/libvirtd.pid + +if [[ -c /dev/kvm ]]; then + chmod 660 /dev/kvm + chown root:kvm /dev/kvm +fi + + +sleep 30 + +{{- if .Values.ceph.enabled }} +cat > /tmp/secret.xml < + {{ .Values.ceph.secret_uuid }} + + client.{{ .Values.ceph.cinder_user }} secret + + +EOF + +virsh secret-define --file /tmp/secret.xml +virsh secret-set-value --secret {{ .Values.ceph.secret_uuid }} --base64 {{ .Values.ceph.cinder_keyring }} +rm /tmp/secret.xml +{{- end }} + + +exec libvirtd -v --listen diff --git a/nova/templates/bin/_post.sh.tpl b/nova/templates/bin/_post.sh.tpl new file mode 100644 index 0000000000..6792568029 --- /dev/null +++ b/nova/templates/bin/_post.sh.tpl @@ -0,0 +1,57 @@ +#!/bin/bash +set -ex +export HOME=/tmp + +ansible localhost -vvv -m kolla_keystone_service -a "service_name=nova \ +service_type=compute \ +description='Openstack Compute' \ +endpoint_region={{ .Values.keystone.nova_region_name }} \ +url='{{ include "endpoint_nova_api_internal" . }}' \ +interface=admin \ +region_name={{ .Values.keystone.admin_region_name }} \ +auth='{{ include "keystone_auth" .}}'" \ +-e "{'openstack_nova_auth':{{ include "keystone_auth" .}}}" + +ansible localhost -vvv -m kolla_keystone_service -a "service_name=nova \ +service_type=compute \ +description='Openstack Compute' \ +endpoint_region={{ .Values.keystone.nova_region_name }} \ +url='{{ include "endpoint_nova_api_internal" . }}' \ +interface=internal \ +region_name={{ .Values.keystone.admin_region_name }} \ +auth='{{ include "keystone_auth" .}}'" \ +-e "{'openstack_nova_auth':{{ include "keystone_auth" .}}}" + +ansible localhost -vvv -m kolla_keystone_service -a "service_name=nova \ +service_type=compute \ +description='Openstack Compute' \ +endpoint_region={{ .Values.keystone.nova_region_name }} \ +url='{{ include "endpoint_nova_api_internal" . }}' \ +interface=public \ +region_name={{ .Values.keystone.admin_region_name }} \ +auth='{{ include "keystone_auth" .}}'" \ +-e "{'openstack_nova_auth':{{ include "keystone_auth" .}}}" + +ansible localhost -vvv -m kolla_keystone_user -a "project=service \ +user={{ .Values.keystone.nova_user }} \ +password={{ .Values.keystone.nova_password }} \ +role=admin \ +region_name={{ .Values.keystone.nova_region_name }} \ +auth='{{ include "keystone_auth" .}}'" \ +-e "{'openstack_nova_auth':{{ include "keystone_auth" .}}}" + +cat </tmp/openrc +export OS_USERNAME={{.Values.keystone.admin_user}} +export OS_PASSWORD={{.Values.keystone.admin_password}} +export OS_PROJECT_DOMAIN_NAME={{.Values.keystone.domain_name}} +export OS_USER_DOMAIN_NAME={{.Values.keystone.domain_name}} +export OS_PROJECT_NAME={{.Values.keystone.admin_project_name}} +export OS_AUTH_URL={{include "endpoint_keystone_internal" .}} +export OS_AUTH_STRATEGY=keystone +export OS_REGION_NAME={{.Values.keystone.admin_region_name}} +export OS_INSECURE=1 +EOF + +. /tmp/openrc +env +openstack --debug role create _member_ --or-show diff --git a/nova/templates/bin/_start.sh.tpl b/nova/templates/bin/_start.sh.tpl new file mode 100644 index 0000000000..7c802358bc --- /dev/null +++ b/nova/templates/bin/_start.sh.tpl @@ -0,0 +1,12 @@ +#!/bin/bash +set -ex + +# link our keystone wsgi to apaches running config +ln -s /configmaps/wsgi-keystone.conf /etc/apache2/sites-enabled/wsgi-keystone.conf + +# Loading Apache2 ENV variables +source /etc/apache2/envvars +rm -rf /var/run/apache2/* +APACHE_DIR="apache2" + +apache2 -DFOREGROUND diff --git a/nova/templates/configmap-bin.yaml b/nova/templates/configmap-bin.yaml new file mode 100644 index 0000000000..6c7d10cebd --- /dev/null +++ b/nova/templates/configmap-bin.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: nova-bin +data: + db-sync.sh: | +{{ tuple "bin/_db-sync.sh.tpl" . | include "template" | indent 4 }} + init.sh: | +{{ tuple "bin/_init.sh.tpl" . | include "template" | indent 4 }} + start.sh: | +{{ tuple "bin/_start.sh.tpl" . | include "template" | indent 4 }} + post.sh: | +{{ tuple "bin/_post.sh.tpl" . | include "template" | indent 4 }} + libvirt.sh: | +{{ tuple "bin/_libvirt.sh.tpl" . | include "template" | indent 4 }} diff --git a/nova/templates/configmap-etc.yaml b/nova/templates/configmap-etc.yaml new file mode 100644 index 0000000000..f96fbcefea --- /dev/null +++ b/nova/templates/configmap-etc.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: nova-etc +data: + nova.conf: |+ +{{ tuple "etc/_nova.conf.tpl" . | include "template" | indent 4 }} + ceph.client.cinder.keyring.yaml: |+ +{{ tuple "etc/_ceph.client.cinder.keyring.yaml.tpl" . | include "template" | indent 4 }} + resolv.conf: |+ +{{ tuple "etc/_resolv.conf.tpl" . | include "template" | indent 4 }} + libvirtd.conf: |+ +{{ tuple "etc/_libvirtd.conf.tpl" . | include "template" | indent 4 }} diff --git a/nova/templates/daemonset-compute.yaml b/nova/templates/daemonset-compute.yaml new file mode 100644 index 0000000000..53f4c6ce8b --- /dev/null +++ b/nova/templates/daemonset-compute.yaml @@ -0,0 +1,138 @@ +apiVersion: extensions/v1beta1 +kind: DaemonSet +metadata: + name: nova-compute +spec: + template: + metadata: + labels: + app: nova-compute + annotations: + pod.beta.kubernetes.io/init-containers: '[ + { + "name": "init", + "image": "{{ .Values.image.entrypoint }}", + "imagePullPolicy": "{{ .Values.image.pull_policy }}", + "env": [ + { + "name": "NAMESPACE", + "value": "{{ .Release.Namespace }}" + }, + { + "name": "INTERFACE_NAME", + "value": "eth0" + }, + { + "name": "DEPENDENCY_SERVICE", + "value": "{{ include "joinListWithColon" .Values.dependencies.compute.service }}" + }, + { + "name": "DEPENDENCY_JOBS", + "value": "{{ include "joinListWithColon" .Values.dependencies.compute.jobs }}" + }, + { + "name": "DEPENDENCY_DAEMONSET", + "value": "{{ include "joinListWithColon" .Values.dependencies.compute.daemonset }}" + }, + { + "name": "COMMAND", + "value": "echo done" + } + ] + } + ]' + spec: + nodeSelector: + {{ .Values.labels.compute_node_selector_key }}: {{ .Values.labels.compute_node_selector_value }} + securityContext: + runAsUser: 0 + hostNetwork: true + hostPID: true + dnsPolicy: ClusterFirst + containers: + - name: nova-compute + image: {{ .Values.image.compute }} + imagePullPolicy: Always + securityContext: + privileged: true + command: + - nova-compute + - --config-file + - /etc/nova/nova.conf + env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + volumeMounts: + - name: novaconf + mountPath: /etc/nova/nova.conf + subPath: nova.conf + - mountPath: /lib/modules + name: libmodules + readOnly: true + - mountPath: /var/lib/nova + name: varlibnova + - mountPath: /var/lib/libvirt + name: varliblibvirt + - mountPath: /run + name: run + - mountPath: /sys/fs/cgroup + name: cgroup + - mountPath: /etc/resolv.conf + name: resolvconf + subPath: resolv.conf + {{- if .Values.ceph.enabled }} + - name: cephconf + mountPath: /etc/ceph/ceph.conf + subPath: ceph.conf + - name: cephclientcinderkeyring + mountPath: /etc/ceph/ceph.client.{{ .Values.ceph.cinder_user }}.keyring + subPath: ceph.client.{{ .Values.ceph.cinder_user }}.keyring + {{- end }} + volumes: + - name: novaconf + configMap: + name: nova-etc + items: + - key: nova.conf + path: nova.conf + - name: resolvconf + configMap: + name: nova-etc + items: + - key: resolv.conf + path: resolv.conf + - name: libmodules + hostPath: + path: /lib/modules + - name: varlibnova + hostPath: + path: /var/lib/nova + - name: varliblibvirt + hostPath: + path: /var/lib/libvirt + - name: run + hostPath: + path: /run + - name: cgroup + hostPath: + path: /sys/fs/cgroup + {{- if .Values.ceph.enabled }} + - name: cephconf + configMap: + name: nova-etc + items: + - key: ceph.conf + path: ceph.conf + - name: cephclientcinderkeyring + configMap: + name: nova-etc + items: + - key: ceph.client.cinder.keyring.yaml + path: ceph.client.cinder.keyring.yaml + {{- end }} diff --git a/nova/templates/daemonset-libvirt.yaml b/nova/templates/daemonset-libvirt.yaml new file mode 100644 index 0000000000..31d442e14b --- /dev/null +++ b/nova/templates/daemonset-libvirt.yaml @@ -0,0 +1,132 @@ +apiVersion: extensions/v1beta1 +kind: DaemonSet +metadata: + name: nova-libvirt +spec: + template: + metadata: + labels: + app: nova-libvirt + annotations: + pod.beta.kubernetes.io/init-containers: '[ + { + "name": "init", + "image": "{{ .Values.image.entrypoint }}", + "imagePullPolicy": "{{ .Values.image.pull_policy }}", + "env": [ + { + "name": "NAMESPACE", + "value": "{{ .Release.Namespace }}" + }, + { + "name": "INTERFACE_NAME", + "value": "eth0" + }, + { + "name": "DEPENDENCY_SERVICE", + "value": "{{ include "joinListWithColon" .Values.dependencies.libvirt.service }}" + }, + { + "name": "DEPENDENCY_JOBS", + "value": "{{ include "joinListWithColon" .Values.dependencies.libvirt.jobs }}" + }, + { + "name": "COMMAND", + "value": "echo done" + } + ] + } + ]' + spec: + nodeSelector: + {{ .Values.labels.compute_node_selector_key }}: {{ .Values.labels.compute_node_selector_value }} + securityContext: + runAsUser: 0 + hostNetwork: true + dnsPolicy: ClusterFirst + containers: + - name: nova-libvirt + image: {{ .Values.image.libvirt }} + imagePullPolicy: Always + securityContext: + privileged: true + command: + - bash + - /tmp/libvirt.sh + volumeMounts: + - name: libvirtdconf + mountPath: /etc/libvirt/libvirtd.conf + subPath: libvirtd.conf + - name: libvirtsh + mountPath: /tmp/libvirt.sh + subPath: libvirt.sh + - mountPath: /lib/modules + name: libmodules + readOnly: true + - mountPath: /var/lib/nova + name: varlibnova + - mountPath: /var/lib/libvirt + name: varliblibvirt + - mountPath: /run + name: run + - mountPath: /sys/fs/cgroup + name: cgroup + - mountPath: /etc/resolv.conf + name: resolvconf + subPath: resolv.conf + {{- if .Values.ceph.enabled }} + - name: cephconf + mountPath: /etc/ceph/ceph.conf + subPath: ceph.conf + - name: cephclientcinderkeyring + mountPath: /etc/ceph/ceph.client.{{ .Values.ceph.cinder_user }}.keyring + subPath: ceph.client.{{ .Values.ceph.cinder_user }}.keyring + {{- end }} + volumes: + - name: libvirtdconf + configMap: + name: nova-etc + items: + - key: libvirtd.conf + path: libvirtd.conf + - name: libvirtsh + configMap: + name: nova-bin + items: + - key: libvirt.sh + path: libvirt.sh + - name: resolvconf + configMap: + name: nova-etc + items: + - key: resolv.conf + path: resolv.conf + - name: libmodules + hostPath: + path: /lib/modules + - name: varlibnova + hostPath: + path: /var/lib/nova + - name: varliblibvirt + hostPath: + path: /var/lib/libvirt + - name: run + hostPath: + path: /run + - name: cgroup + hostPath: + path: /sys/fs/cgroup + {{- if .Values.ceph.enabled }} + - name: cephconf + configMap: + name: nova-etc + items: + - key: ceph.conf + path: ceph.conf + - name: cephclientcinderkeyring + configMap: + name: nova-etc + items: + - key: ceph.client.cinder.keyring.yaml + path: ceph.client.cinder.keyring.yaml + {{- end }} diff --git a/nova/templates/deployment-api.yaml b/nova/templates/deployment-api.yaml new file mode 100644 index 0000000000..4ce90155aa --- /dev/null +++ b/nova/templates/deployment-api.yaml @@ -0,0 +1,70 @@ +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: nova-api +spec: + replicas: {{ .Values.control_replicas }} + template: + metadata: + labels: + app: nova-api + annotations: + pod.beta.kubernetes.io/init-containers: '[ + { + "name": "init", + "image": "{{ .Values.image.entrypoint }}", + "imagePullPolicy": "{{ .Values.image.pull_policy }}", + "env": [ + { + "name": "NAMESPACE", + "value": "{{ .Release.Namespace }}" + }, + { + "name": "INTERFACE_NAME", + "value": "eth0" + }, + { + "name": "DEPENDENCY_SERVICE", + "value": "{{ include "joinListWithColon" .Values.dependencies.api.service }}" + }, + { + "name": "DEPENDENCY_JOBS", + "value": "{{ include "joinListWithColon" .Values.dependencies.api.jobs }}" + }, + { + "name": "COMMAND", + "value": "echo done" + } + ] + } + ]' + spec: + nodeSelector: + {{ .Values.labels.control_node_selector_key }}: {{ .Values.labels.control_node_selector_value }} + containers: + - name: nova-api + image: {{ .Values.image.api }} + # https://bugs.launchpad.net/kolla-mesos/+bug/1546007 + securityContext: + privileged: true + command: + - nova-api + - --config-file + - /etc/nova/nova.conf + ports: + - containerPort: {{ .Values.network.port.api }} + - containerPort: {{ .Values.network.port.metadata }} + readinessProbe: + tcpSocket: + port: {{ .Values.network.port.api }} + volumeMounts: + - name: novaconf + mountPath: /etc/nova/nova.conf + subPath: nova.conf + volumes: + - name: novaconf + configMap: + name: nova-etc + items: + - key: nova.conf + path: nova.conf diff --git a/nova/templates/deployment-conductor.yaml b/nova/templates/deployment-conductor.yaml new file mode 100644 index 0000000000..5ff5239381 --- /dev/null +++ b/nova/templates/deployment-conductor.yaml @@ -0,0 +1,61 @@ +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: nova-conductor +spec: + replicas: {{ .Values.control_replicas }} + template: + metadata: + labels: + app: nova-conductor + annotations: + pod.beta.kubernetes.io/init-containers: '[ + { + "name": "init", + "image": "{{ .Values.image.entrypoint }}", + "imagePullPolicy": "{{ .Values.image.pull_policy }}", + "env": [ + { + "name": "NAMESPACE", + "value": "{{ .Release.Namespace }}" + }, + { + "name": "INTERFACE_NAME", + "value": "eth0" + }, + { + "name": "DEPENDENCY_SERVICE", + "value": "{{ include "joinListWithColon" .Values.dependencies.conductor.service }}" + }, + { + "name": "DEPENDENCY_JOBS", + "value": "{{ include "joinListWithColon" .Values.dependencies.conductor.jobs }}" + }, + { + "name": "COMMAND", + "value": "echo done" + } + ] + } + ]' + spec: + nodeSelector: + {{ .Values.labels.control_node_selector_key }}: {{ .Values.labels.control_node_selector_value }} + containers: + - name: nova-conductor + image: {{ .Values.image.conductor }} + command: + - nova-conductor + - --config-file + - /etc/nova/nova.conf + volumeMounts: + - name: novaconf + mountPath: /etc/nova/nova.conf + subPath: nova.conf + volumes: + - name: novaconf + configMap: + name: nova-etc + items: + - key: nova.conf + path: nova.conf diff --git a/nova/templates/deployment-consoleauth.yaml b/nova/templates/deployment-consoleauth.yaml new file mode 100644 index 0000000000..52596ae6e1 --- /dev/null +++ b/nova/templates/deployment-consoleauth.yaml @@ -0,0 +1,61 @@ +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: nova-consoleauth +spec: + replicas: {{ .Values.control_replicas }} + template: + metadata: + labels: + app: nova-consoleauth + annotations: + pod.beta.kubernetes.io/init-containers: '[ + { + "name": "init", + "image": "{{ .Values.image.entrypoint }}", + "imagePullPolicy": "{{ .Values.image.pull_policy }}", + "env": [ + { + "name": "NAMESPACE", + "value": "{{ .Release.Namespace }}" + }, + { + "name": "INTERFACE_NAME", + "value": "eth0" + }, + { + "name": "DEPENDENCY_SERVICE", + "value": "{{ include "joinListWithColon" .Values.dependencies.consoleauth.service }}" + }, + { + "name": "DEPENDENCY_JOBS", + "value": "{{ include "joinListWithColon" .Values.dependencies.consoleauth.jobs }}" + }, + { + "name": "COMMAND", + "value": "echo done" + } + ] + } + ]' + spec: + nodeSelector: + {{ .Values.labels.control_node_selector_key }}: {{ .Values.labels.control_node_selector_value }} + containers: + - name: nova-consoleauth + image: {{ .Values.image.consoleauth }} + command: + - nova-consoleauth + - --config-file + - /etc/nova/nova.conf + volumeMounts: + - name: novaconf + mountPath: /etc/nova/nova.conf + subPath: nova.conf + volumes: + - name: novaconf + configMap: + name: nova-etc + items: + - key: nova.conf + path: nova.conf diff --git a/nova/templates/deployment-scheduler.yaml b/nova/templates/deployment-scheduler.yaml new file mode 100644 index 0000000000..6188cd7bf5 --- /dev/null +++ b/nova/templates/deployment-scheduler.yaml @@ -0,0 +1,61 @@ +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: nova-scheduler +spec: + replicas: {{ .Values.control_replicas }} + template: + metadata: + labels: + app: nova-scheduler + annotations: + pod.beta.kubernetes.io/init-containers: '[ + { + "name": "init", + "image": "{{ .Values.image.entrypoint }}", + "imagePullPolicy": "{{ .Values.image.pull_policy }}", + "env": [ + { + "name": "NAMESPACE", + "value": "{{ .Release.Namespace }}" + }, + { + "name": "INTERFACE_NAME", + "value": "eth0" + }, + { + "name": "DEPENDENCY_SERVICE", + "value": "{{ include "joinListWithColon" .Values.dependencies.scheduler.service }}" + }, + { + "name": "DEPENDENCY_JOBS", + "value": "{{ include "joinListWithColon" .Values.dependencies.scheduler.jobs }}" + }, + { + "name": "COMMAND", + "value": "echo done" + } + ] + } + ]' + spec: + nodeSelector: + {{ .Values.labels.control_node_selector_key }}: {{ .Values.labels.control_node_selector_value }} + containers: + - name: nova-scheduler + image: {{ .Values.image.scheduler }} + command: + - nova-scheduler + - --config-file + - /etc/nova/nova.conf + volumeMounts: + - name: novaconf + mountPath: /etc/nova/nova.conf + subPath: nova.conf + volumes: + - name: novaconf + configMap: + name: nova-etc + items: + - key: nova.conf + path: nova.conf diff --git a/nova/templates/etc/_ceph.conf.tpl b/nova/templates/etc/_ceph.conf.tpl new file mode 100644 index 0000000000..d41b65bd62 --- /dev/null +++ b/nova/templates/etc/_ceph.conf.tpl @@ -0,0 +1,18 @@ +[global] +rgw_thread_pool_size = 1024 +rgw_num_rados_handles = 100 +{{- if .Values.ceph.enabled }} +[mon] +{{- if .Values.ceph.monitors }} +{{ range .Values.ceph.monitors }} + [mon.{{ . }}] + host = {{ . }} + mon_addr = {{ . }} +{{ end }} +{{- else }} +mon_host = ceph-mon.ceph +{{- end }} +{{- end }} +[client] + rbd_cache_enabled = true + rbd_cache_writethrough_until_flush = true diff --git a/nova/templates/etc/_libvirtd.conf.tpl b/nova/templates/etc/_libvirtd.conf.tpl new file mode 100644 index 0000000000..d7d0c36e89 --- /dev/null +++ b/nova/templates/etc/_libvirtd.conf.tpl @@ -0,0 +1,6 @@ +listen_tcp = 1 +auth_tcp = "none" +ca_file = "" +log_level = 2 +log_outputs = "2:stderr" +listen_addr = "{{ .Values.network.ip_address }}" \ No newline at end of file diff --git a/nova/templates/etc/_nova.conf.tpl b/nova/templates/etc/_nova.conf.tpl new file mode 100644 index 0000000000..e3a46eef20 --- /dev/null +++ b/nova/templates/etc/_nova.conf.tpl @@ -0,0 +1,108 @@ +[DEFAULT] +debug = {{ .Values.nova.default.debug }} +default_ephemeral_format = ext4 +host_subset_size = 30 +ram_allocation_ratio=1.0 +disk_allocation_ratio=1.0 +cpu_allocation_ratio=3.0 +force_config_drive = {{ .Values.nova.default.force_config_drive }} +state_path = /var/lib/nova + +osapi_compute_listen = {{ .Values.network.ip_address }} +osapi_compute_listen_port = {{ .Values.network.port.api }} +osapi_compute_workers = {{ .Values.nova.default.osapi_workers }} + +workers = {{ .Values.nova.default.osapi_workers }} +metadata_workers = {{ .Values.nova.default.metadata_workers }} + +use_neutron = True +firewall_driver = nova.virt.firewall.NoopFirewallDriver +linuxnet_interface_driver = openvswitch + +allow_resize_to_same_host = True + +compute_driver = libvirt.LibvirtDriver + +# Though my_ip is not used directly, lots of other variables use $my_ip +my_ip = {{ .Values.network.ip_address }} + +transport_url = rabbit://{{ .Values.rabbitmq.admin_user }}:{{ .Values.rabbitmq.admin_password }}@{{ .Values.rabbitmq.address }}:{{ .Values.rabbitmq.port }} + +[vnc] +novncproxy_host = {{ .Values.network.ip_address }} +novncproxy_port = {{ .Values.network.port.novncproxy }} +vncserver_listen = 0.0.0.0 +vncserver_proxyclient_address = {{ .Values.network.ip_address }} + +novncproxy_base_url = http://{{ .Values.network.external_ips }}:{{ .Values.network.port.novncproxy }}/vnc_auto.html + +[oslo_concurrency] +lock_path = /var/lib/nova/tmp + +[conductor] +workers = {{ .Values.nova.default.conductor_workers }} + +[glance] +api_servers = {{ include "endpoint_glance_api_internal" . }} +num_retries = 3 + +[cinder] +catalog_info = volume:cinder:internalURL + +[neutron] +url = {{ include "endpoint_neutron_api_internal" . }} + +metadata_proxy_shared_secret = {{ .Values.neutron.metadata_secret }} +service_metadata_proxy = True + +auth_url = {{ include "endpoint_keystone_admin" . }} +auth_type = password +project_domain_name = default +user_domain_id = default +project_name = service +username = {{ .Values.keystone.neutron_user }} +password = {{ .Values.keystone.neutron_password }} + +[database] +connection = mysql+pymysql://{{ .Values.database.nova_user }}:{{ .Values.database.nova_password }}@{{ .Values.database.address }}/{{ .Values.database.nova_database_name }} +max_retries = -1 + +[api_database] +connection = mysql+pymysql://{{ .Values.database.nova_user }}:{{ .Values.database.nova_password }}@{{ .Values.database.address }}/{{ .Values.database.nova_api_database_name }} +max_retries = -1 + +[keystone_authtoken] +auth_uri = {{ include "endpoint_keystone_internal" . }} +auth_url = {{ include "endpoint_keystone_admin" . }} +auth_type = password +project_domain_id = default +user_domain_id = default +project_name = service +username = {{ .Values.keystone.nova_user }} +password = {{ .Values.keystone.nova_password }} + +[libvirt] +connection_uri = "qemu+tcp://127.0.0.1/system" +images_type = qcow2 +# Enabling live-migration without hostname resolution +# live_migration_inbound_addr = {{ .Values.network.ip_address }} + +{{- if .Values.ceph.enabled }} +images_rbd_pool = {{ .Values.ceph.nova_pool }} +images_rbd_ceph_conf = /etc/ceph/ceph.conf +rbd_user = {{ .Values.ceph.cinder_user }} +rbd_secret_uuid = {{ .Values.ceph.secret_uuid }} +{{- end }} +disk_cachemodes="network=writeback" +hw_disk_discard = unmap + +[upgrade_levels] +compute = auto + +[cache] +enabled = True +backend = oslo_cache.memcache_pool +memcache_servers = {{ .Values.memcached.address }} + +[wsgi] +api_paste_config = /etc/nova/api-paste.ini diff --git a/nova/templates/etc/_resolv.conf.tpl b/nova/templates/etc/_resolv.conf.tpl new file mode 100644 index 0000000000..7c1e9d839a --- /dev/null +++ b/nova/templates/etc/_resolv.conf.tpl @@ -0,0 +1,5 @@ +search {{ .Release.Namespace }}.svc.{{ .Values.network.dns.kubernetes_domain }} svc.{{ .Values.network.dns.kubernetes_domain }} {{ .Values.network.dns.kubernetes_domain }} +{{- range .Values.network.dns.servers }} +nameserver {{ . | title }} +{{- end }} +options ndots:5 diff --git a/nova/templates/job-db-sync.yaml b/nova/templates/job-db-sync.yaml new file mode 100644 index 0000000000..0e5c2102a0 --- /dev/null +++ b/nova/templates/job-db-sync.yaml @@ -0,0 +1,56 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: nova-db-sync +spec: + template: + metadata: + annotations: + pod.beta.kubernetes.io/init-containers: '[ + { + "name": "init", + "image": "{{ .Values.image.entrypoint }}", + "imagePullPolicy": "{{ .Values.image.pull_policy }}", + "env": [ + { + "name": "NAMESPACE", + "value": "{{ .Release.Namespace }}" + }, + { + "name": "DEPENDENCY_SERVICE", + "value": "{{ include "joinListWithColon" .Values.dependencies.db_sync.service }}" + }, + { + "name": "DEPENDENCY_JOBS", + "value": "{{ include "joinListWithColon" .Values.dependencies.db_sync.jobs }}" + }, + { + "name": "COMMAND", + "value": "echo done" + } + ] + } + ]' + spec: + restartPolicy: OnFailure + containers: + - name: nova-db-sync + image: {{ .Values.image.db_sync }} + imagePullPolicy: Always + command: + - bash + - /tmp/db-sync.sh + volumeMounts: + - name: novaconf + mountPath: /etc/nova/nova.conf + subPath: nova.conf + - name: nova-bin + mountPath: /tmp/db-sync.sh + subPath: db-sync.sh + volumes: + - name: novaconf + configMap: + name: nova-etc + - name: nova-bin + configMap: + name: nova-bin diff --git a/nova/templates/job-init.yaml b/nova/templates/job-init.yaml new file mode 100644 index 0000000000..16a2201ad8 --- /dev/null +++ b/nova/templates/job-init.yaml @@ -0,0 +1,50 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: nova-init +spec: + template: + metadata: + annotations: + pod.beta.kubernetes.io/init-containers: '[ + { + "name": "init", + "image": "{{ .Values.image.entrypoint }}", + "imagePullPolicy": "{{ .Values.image.pull_policy }}", + "env": [ + { + "name": "NAMESPACE", + "value": "{{ .Release.Namespace }}" + }, + { + "name": "DEPENDENCY_SERVICE", + "value": "{{ include "joinListWithColon" .Values.dependencies.init.service }}" + }, + { + "name": "DEPENDENCY_JOBS", + "value": "{{ include "joinListWithColon" .Values.dependencies.init.jobs }}" + }, + { + "name": "COMMAND", + "value": "echo done" + } + ] + } + ]' + spec: + restartPolicy: OnFailure + containers: + - name: nova-init + image: {{ .Values.image.init }} + imagePullPolicy: Always + command: + - bash + - /tmp/init.sh + volumeMounts: + - name: nova-bin + mountPath: /tmp/init.sh + subPath: init.sh + volumes: + - name: nova-bin + configMap: + name: nova-bin diff --git a/nova/templates/job-post.yaml b/nova/templates/job-post.yaml new file mode 100644 index 0000000000..48b0f3e52d --- /dev/null +++ b/nova/templates/job-post.yaml @@ -0,0 +1,59 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: nova-post +spec: + template: + metadata: + annotations: + pod.beta.kubernetes.io/init-containers: '[ + { + "name": "init", + "image": "{{ .Values.image.entrypoint }}", + "imagePullPolicy": "{{ .Values.image.pull_policy }}", + "env": [ + { + "name": "NAMESPACE", + "value": "{{ .Release.Namespace }}" + }, + { + "name": "DEPENDENCY_SERVICE", + "value": "{{ include "joinListWithColon" .Values.dependencies.post.service }}" + }, + { + "name": "DEPENDENCY_JOBS", + "value": "{{ include "joinListWithColon" .Values.dependencies.post.jobs }}" + }, + { + "name": "COMMAND", + "value": "echo done" + } + ] + } + ]' + spec: + restartPolicy: OnFailure + containers: + - name: nova-post + image: {{ .Values.image.post }} + imagePullPolicy: Always + command: + - bash + - /tmp/post.sh + env: + - name: ANSIBLE_LIBRARY + value: /usr/share/ansible/ + volumeMounts: + - name: novaconf + mountPath: /etc/nova/nova.conf + subPath: nova.conf + - name: nova-bin + mountPath: /tmp/post.sh + subPath: post.sh + volumes: + - name: novaconf + configMap: + name: nova-etc + - name: nova-bin + configMap: + name: nova-bin diff --git a/nova/templates/service-api.yaml b/nova/templates/service-api.yaml new file mode 100644 index 0000000000..6aa4144d2a --- /dev/null +++ b/nova/templates/service-api.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: Service +metadata: + name: nova-api +spec: + ports: + - name: nova-api + port: {{ .Values.network.port.api }} + - name: nova-metadata + port: {{ .Values.network.port.metadata }} + selector: + app: nova-api diff --git a/nova/values.yaml b/nova/values.yaml new file mode 100644 index 0000000000..2530bc1c06 --- /dev/null +++ b/nova/values.yaml @@ -0,0 +1,213 @@ +# Default values for keystone. +# This is a YAML-formatted file. +# Declare name/value pairs to be passed into your templates. +# name: value + +labels: + control_node_selector_key: openstack-control-plane + control_node_selector_value: enabled + compute_node_selector_key: openstack-compute-node + compute_node_selector_value: enabled + +control_replicas: 1 +compute_replicas: 1 + +image: + init: quay.io/stackanetes/stackanetes-kolla-toolbox:barcelona + db_sync: quay.io/stackanetes/stackanetes-nova-api:barcelona + api: quay.io/stackanetes/stackanetes-nova-api:barcelona + conductor: quay.io/stackanetes/stackanetes-nova-conductor:barcelona + scheduler: quay.io/stackanetes/stackanetes-nova-scheduler:barcelona + novncproxy: quay.io/stackanetes/stackanetes-nova-novncproxy:barcelona + consoleauth: quay.io/stackanetes/stackanetes-nova-consoleauth:barcelona + compute: quay.io/stackanetes/stackanetes-nova-compute:barcelona + libvirt: quay.io/stackanetes/stackanetes-nova-libvirt:barcelona + post: quay.io/stackanetes/stackanetes-kolla-toolbox:barcelona + entrypoint: quay.io/stackanetes/kubernetes-entrypoint:v0.1.0 + pull_policy: "IfNotPresent" + +network: + ip_address: "0.0.0.0" + # TODO(DTadrzak): move external IPs to common, this variable should be shared with + # horizon service + external_ips: "" + minion_interface_name: "eno1" + dns: + servers: + - "10.96.0.10" + - "8.8.8.8" + kubernetes_domain: "cluster.local" + other_domains: "" + + port: + api: 8774 + metadata: 8775 + novncproxy: 6080 + +nova: + default: + debug: false + osapi_workers: 8 + metadata_workers: 8 + conductor_workers: 8 + force_config_drive: True + drain_timeout: 60 + +database: + address: "mariadb" + port: 3306 + root_user: "root" + root_password: "password" + + nova_user: "nova" + nova_password: "password" + nova_database_name: "nova" + nova_api_database_name: "nova_api" + +keystone: + admin_user: "admin" + admin_password: "password" + admin_project_name: "admin" + admin_region_name: "RegionOne" + domain_name: "default" + tenant_name: "admin" + + neutron_user: "neutron" + neutron_password: "password" + neutron_region_name: "RegionOne" + + nova_user: "nova" + nova_password: "password" + nova_region_name: "RegionOne" + +rabbitmq: + address: "rabbitmq" + admin_user: "rabbitmq" + admin_password: "password" + port: 5672 + +ceph: + enabled: false + monitors: [] + cinder_user: "cinder" + cinder_keyring: null + nova_pool: "vms" + secret_uuid: "" + +neutron: + metadata_secret: "password" + +memcached: + address: "memcached:11211" + +dependencies: + api: + jobs: + - mariadb-seed + - keystone-db-sync + - nova-init + - nova-db-sync + service: + - mariadb + db_sync: + jobs: + - nova-init + - keystone-init + - mariadb-seed + service: + - mariadb + db_sync: + jobs: + - nova-init + - keystone-init + - mariadb-seed + service: + - mariadb + post: + jobs: + - nova-init + - keystone-init + - mariadb-seed + service: + - mariadb + - nova-api + init: + jobs: + - mariadb-seed + service: + - mariadb + compute: + jobs: + - nova-init + - nova-post + - nova-db-sync + service: + - keystone-api + - nova-api + daemonset: + - nova-libvirt + libvirt: + jobs: + - nova-init + - nova-post + - nova-db-sync + service: + - keystone-api + - nova-api + consoleauth: + jobs: + - mariadb-seed + - keystone-db-sync + - nova-init + - nova-db-sync + service: + - mariadb + scheduler: + jobs: + - mariadb-seed + - keystone-db-sync + - nova-init + - nova-db-sync + service: + - mariadb + conductor: + jobs: + - mariadb-seed + - keystone-db-sync + - nova-init + - nova-db-sync + service: + - mariadb + +# typically overriden by environmental +# values, but should include all endpoints +# required by this chart +endpoints: + glance: + hosts: + default: glance-api + type: image + path: null + scheme: 'http' + port: + api: 9292 + registry: 9191 + nova: + hosts: + default: nova-api + path: "/v2/%(tenant_id)s" + type: compute + scheme: 'http' + port: + api: 8774 + metadata: 8775 + novncproxy: 6080 + keystone: + hosts: + default: keystone-api + path: /v3 + type: identity + scheme: 'http' + port: + admin: 35357 + public: 5000