openstack/openstack-helm
Code Issues Proposed changes

OpenStack Nova Helm Chart Initial Commit

Browse Source 
This is an initial commit of a functional nova chart.  It has been
tested with the neutron chart using a flat network configuration.
This commit is contained in:
Alan Meadows 2017-01-04 13:19:04 -08:00
parent 584e820eca
commit 8afa729ffb
25 changed files with 1236 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
Makefile
View File

@ -1,12 +1,12 @@
.PHONY: ceph bootstrap mariadb keystone memcached rabbitmq common openstack neutron maas all clean .PHONY: ceph bootstrap mariadb keystone memcached rabbitmq common openstack neutron nova maas all clean
B64_DIRS := common/secrets B64_DIRS := common/secrets
B64_EXCLUDE := $(wildcard common/secrets/*.b64) B64_EXCLUDE := $(wildcard common/secrets/*.b64)
CHARTS := ceph mariadb rabbitmq GLANCE memcached keystone glance horizon neutron maas openstack CHARTS := ceph mariadb rabbitmq GLANCE memcached keystone glance horizon neutron nova maas openstack
COMMON_TPL := common/templates/_globals.tpl COMMON_TPL := common/templates/_globals.tpl
all: common ceph bootstrap mariadb rabbitmq memcached keystone glance horizon neutron maas openstack all: common ceph bootstrap mariadb rabbitmq memcached keystone glance horizon neutron nova maas openstack
common: build-common common: build-common
@ -27,6 +27,8 @@ glance: build-glance
neutron: build-neutron neutron: build-neutron
nova: build-nova
maas: build-maas maas: build-maas
memcached: build-memcached memcached: build-memcached

3
nova/Chart.yaml Normal file
View File

@ -0,0 +1,3 @@
description: A Helm chart for nova
name: nova
version: 0.1.0

4
nova/requirements.yaml Normal file
View File

@ -0,0 +1,4 @@
dependencies:
- name: common
repository: http://localhost:8879/charts
version: 0.1.0

6
nova/templates/bin/_db-sync.sh.tpl Normal file
View File

@ -0,0 +1,6 @@
#!/bin/bash
set -ex
nova-manage db sync
nova-manage api_db sync
nova-manage db online_data_migrations

36
nova/templates/bin/_init.sh.tpl Normal file
View File

@ -0,0 +1,36 @@
#!/bin/bash
echo "Hello World"
set -ex
export HOME=/tmp
ansible localhost -vvv -m mysql_db -a "login_host='{{ include "keystone_db_host" . }}' \
login_port='{{ .Values.database.port }}' \
login_user='{{ .Values.database.root_user }}' \
login_password='{{ .Values.database.root_password }}' \
name='{{ .Values.database.nova_database_name }}'"
ansible localhost -vvv -m mysql_user -a "login_host='{{ include "keystone_db_host" . }}' \
login_port='{{ .Values.database.port }}' \
login_user='{{ .Values.database.root_user }}' \
login_password='{{ .Values.database.root_password }}' \
name='{{ .Values.database.nova_user }}' \
password='{{ .Values.database.nova_password }}' \
host='%' \
priv='{{ .Values.database.nova_database_name }}.*:ALL' append_privs='yes'"
ansible localhost -vvv -m mysql_db -a "login_host='{{ include "keystone_db_host" . }}' \
login_port='{{ .Values.database.port }}' \
login_user='{{ .Values.database.root_user }}' \
login_password='{{ .Values.database.root_password }}' \
name='{{ .Values.database.nova_api_database_name }}'"
ansible localhost -vvv -m mysql_user -a "login_host='{{ include "keystone_db_host" . }}' \
login_port='{{ .Values.database.port }}' \
login_user='{{ .Values.database.root_user }}' \
login_password='{{ .Values.database.root_password }}' \
name='{{ .Values.database.nova_user }}' \
password='{{ .Values.database.nova_password }}' \
host='%' \
priv='{{ .Values.database.nova_api_database_name }}.*:ALL' append_privs='yes'"

35
nova/templates/bin/_libvirt.sh.tpl Normal file
View File

@ -0,0 +1,35 @@
#!/bin/bash
set -ex
if [[ -f /var/run/libvirtd.pid ]]; then
test -d /proc/$(< /var/run/libvirtd.pid) && \
( echo "Libvirtd daemon is running" && exit 10 )
fi
rm -f /var/run/libvirtd.pid
if [[ -c /dev/kvm ]]; then
chmod 660 /dev/kvm
chown root:kvm /dev/kvm
fi
sleep 30
{{- if .Values.ceph.enabled }}
cat > /tmp/secret.xml <<EOF
<secret ephemeral='no' private='no'>
<uuid>{{ .Values.ceph.secret_uuid }}</uuid>
<usage type='ceph'>
<name>client.{{ .Values.ceph.cinder_user }} secret</name>
</usage>
</secret>
EOF
virsh secret-define --file /tmp/secret.xml
virsh secret-set-value --secret {{ .Values.ceph.secret_uuid }} --base64 {{ .Values.ceph.cinder_keyring }}
rm /tmp/secret.xml
{{- end }}
exec libvirtd -v --listen

57
nova/templates/bin/_post.sh.tpl Normal file
View File

@ -0,0 +1,57 @@
#!/bin/bash
set -ex
export HOME=/tmp
ansible localhost -vvv -m kolla_keystone_service -a "service_name=nova \
service_type=compute \
description='Openstack Compute' \
endpoint_region={{ .Values.keystone.nova_region_name }} \
url='{{ include "endpoint_nova_api_internal" . }}' \
interface=admin \
region_name={{ .Values.keystone.admin_region_name }} \
auth='{{ include "keystone_auth" .}}'" \
-e "{'openstack_nova_auth':{{ include "keystone_auth" .}}}"
ansible localhost -vvv -m kolla_keystone_service -a "service_name=nova \
service_type=compute \
description='Openstack Compute' \
endpoint_region={{ .Values.keystone.nova_region_name }} \
url='{{ include "endpoint_nova_api_internal" . }}' \
interface=internal \
region_name={{ .Values.keystone.admin_region_name }} \
auth='{{ include "keystone_auth" .}}'" \
-e "{'openstack_nova_auth':{{ include "keystone_auth" .}}}"
ansible localhost -vvv -m kolla_keystone_service -a "service_name=nova \
service_type=compute \
description='Openstack Compute' \
endpoint_region={{ .Values.keystone.nova_region_name }} \
url='{{ include "endpoint_nova_api_internal" . }}' \
interface=public \
region_name={{ .Values.keystone.admin_region_name }} \
auth='{{ include "keystone_auth" .}}'" \
-e "{'openstack_nova_auth':{{ include "keystone_auth" .}}}"
ansible localhost -vvv -m kolla_keystone_user -a "project=service \
user={{ .Values.keystone.nova_user }} \
password={{ .Values.keystone.nova_password }} \
role=admin \
region_name={{ .Values.keystone.nova_region_name }} \
auth='{{ include "keystone_auth" .}}'" \
-e "{'openstack_nova_auth':{{ include "keystone_auth" .}}}"
cat <<EOF>/tmp/openrc
export OS_USERNAME={{.Values.keystone.admin_user}}
export OS_PASSWORD={{.Values.keystone.admin_password}}
export OS_PROJECT_DOMAIN_NAME={{.Values.keystone.domain_name}}
export OS_USER_DOMAIN_NAME={{.Values.keystone.domain_name}}
export OS_PROJECT_NAME={{.Values.keystone.admin_project_name}}
export OS_AUTH_URL={{include "endpoint_keystone_internal" .}}
export OS_AUTH_STRATEGY=keystone
export OS_REGION_NAME={{.Values.keystone.admin_region_name}}
export OS_INSECURE=1
EOF
. /tmp/openrc
env
openstack --debug role create _member_ --or-show

12
nova/templates/bin/_start.sh.tpl Normal file
View File

@ -0,0 +1,12 @@
#!/bin/bash
set -ex
# link our keystone wsgi to apaches running config
ln -s /configmaps/wsgi-keystone.conf /etc/apache2/sites-enabled/wsgi-keystone.conf
# Loading Apache2 ENV variables
source /etc/apache2/envvars
rm -rf /var/run/apache2/*
APACHE_DIR="apache2"
apache2 -DFOREGROUND

15
nova/templates/configmap-bin.yaml Normal file
View File

@ -0,0 +1,15 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: nova-bin
data:
db-sync.sh: |
{{ tuple "bin/_db-sync.sh.tpl" . | include "template" | indent 4 }}
init.sh: |
{{ tuple "bin/_init.sh.tpl" . | include "template" | indent 4 }}
start.sh: |
{{ tuple "bin/_start.sh.tpl" . | include "template" | indent 4 }}
post.sh: |
{{ tuple "bin/_post.sh.tpl" . | include "template" | indent 4 }}
libvirt.sh: |
{{ tuple "bin/_libvirt.sh.tpl" . | include "template" | indent 4 }}

13
nova/templates/configmap-etc.yaml Normal file
View File

@ -0,0 +1,13 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: nova-etc
data:
nova.conf: |+
{{ tuple "etc/_nova.conf.tpl" . | include "template" | indent 4 }}
ceph.client.cinder.keyring.yaml: |+
{{ tuple "etc/_ceph.client.cinder.keyring.yaml.tpl" . | include "template" | indent 4 }}
resolv.conf: |+
{{ tuple "etc/_resolv.conf.tpl" . | include "template" | indent 4 }}
libvirtd.conf: |+
{{ tuple "etc/_libvirtd.conf.tpl" . | include "template" | indent 4 }}

138
nova/templates/daemonset-compute.yaml Normal file
View File

@ -0,0 +1,138 @@
apiVersion: extensions/v1beta1
kind: DaemonSet
metadata:
name: nova-compute
spec:
template:
metadata:
labels:
app: nova-compute
annotations:
pod.beta.kubernetes.io/init-containers: '[
{
"name": "init",
"image": "{{ .Values.image.entrypoint }}",
"imagePullPolicy": "{{ .Values.image.pull_policy }}",
"env": [
{
"name": "NAMESPACE",
"value": "{{ .Release.Namespace }}"
},
{
"name": "INTERFACE_NAME",
"value": "eth0"
},
{
"name": "DEPENDENCY_SERVICE",
"value": "{{ include "joinListWithColon" .Values.dependencies.compute.service }}"
},
{
"name": "DEPENDENCY_JOBS",
"value": "{{ include "joinListWithColon" .Values.dependencies.compute.jobs }}"
},
{
"name": "DEPENDENCY_DAEMONSET",
"value": "{{ include "joinListWithColon" .Values.dependencies.compute.daemonset }}"
},
{
"name": "COMMAND",
"value": "echo done"
}
]
}
]'
spec:
nodeSelector:
{{ .Values.labels.compute_node_selector_key }}: {{ .Values.labels.compute_node_selector_value }}
securityContext:
runAsUser: 0
hostNetwork: true
hostPID: true
dnsPolicy: ClusterFirst
containers:
- name: nova-compute
image: {{ .Values.image.compute }}
imagePullPolicy: Always
securityContext:
privileged: true
command:
- nova-compute
- --config-file
- /etc/nova/nova.conf
env:
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
volumeMounts:
- name: novaconf
mountPath: /etc/nova/nova.conf
subPath: nova.conf
- mountPath: /lib/modules
name: libmodules
readOnly: true
- mountPath: /var/lib/nova
name: varlibnova
- mountPath: /var/lib/libvirt
name: varliblibvirt
- mountPath: /run
name: run
- mountPath: /sys/fs/cgroup
name: cgroup
- mountPath: /etc/resolv.conf
name: resolvconf
subPath: resolv.conf
{{- if .Values.ceph.enabled }}
- name: cephconf
mountPath: /etc/ceph/ceph.conf
subPath: ceph.conf
- name: cephclientcinderkeyring
mountPath: /etc/ceph/ceph.client.{{ .Values.ceph.cinder_user }}.keyring
subPath: ceph.client.{{ .Values.ceph.cinder_user }}.keyring
{{- end }}
volumes:
- name: novaconf
configMap:
name: nova-etc
items:
- key: nova.conf
path: nova.conf
- name: resolvconf
configMap:
name: nova-etc
items:
- key: resolv.conf
path: resolv.conf
- name: libmodules
hostPath:
path: /lib/modules
- name: varlibnova
hostPath:
path: /var/lib/nova
- name: varliblibvirt
hostPath:
path: /var/lib/libvirt
- name: run
hostPath:
path: /run
- name: cgroup
hostPath:
path: /sys/fs/cgroup
{{- if .Values.ceph.enabled }}
- name: cephconf
configMap:
name: nova-etc
items:
- key: ceph.conf
path: ceph.conf
- name: cephclientcinderkeyring
configMap:
name: nova-etc
items:
- key: ceph.client.cinder.keyring.yaml
path: ceph.client.cinder.keyring.yaml
{{- end }}

132
nova/templates/daemonset-libvirt.yaml Normal file
View File

@ -0,0 +1,132 @@
apiVersion: extensions/v1beta1
kind: DaemonSet
metadata:
name: nova-libvirt
spec:
template:
metadata:
labels:
app: nova-libvirt
annotations:
pod.beta.kubernetes.io/init-containers: '[
{
"name": "init",
"image": "{{ .Values.image.entrypoint }}",
"imagePullPolicy": "{{ .Values.image.pull_policy }}",
"env": [
{
"name": "NAMESPACE",
"value": "{{ .Release.Namespace }}"
},
{
"name": "INTERFACE_NAME",
"value": "eth0"
},
{
"name": "DEPENDENCY_SERVICE",
"value": "{{ include "joinListWithColon" .Values.dependencies.libvirt.service }}"
},
{
"name": "DEPENDENCY_JOBS",
"value": "{{ include "joinListWithColon" .Values.dependencies.libvirt.jobs }}"
},
{
"name": "COMMAND",
"value": "echo done"
}
]
}
]'
spec:
nodeSelector:
{{ .Values.labels.compute_node_selector_key }}: {{ .Values.labels.compute_node_selector_value }}
securityContext:
runAsUser: 0
hostNetwork: true
dnsPolicy: ClusterFirst
containers:
- name: nova-libvirt
image: {{ .Values.image.libvirt }}
imagePullPolicy: Always
securityContext:
privileged: true
command:
- bash
- /tmp/libvirt.sh
volumeMounts:
- name: libvirtdconf
mountPath: /etc/libvirt/libvirtd.conf
subPath: libvirtd.conf
- name: libvirtsh
mountPath: /tmp/libvirt.sh
subPath: libvirt.sh
- mountPath: /lib/modules
name: libmodules
readOnly: true
- mountPath: /var/lib/nova
name: varlibnova
- mountPath: /var/lib/libvirt
name: varliblibvirt
- mountPath: /run
name: run
- mountPath: /sys/fs/cgroup
name: cgroup
- mountPath: /etc/resolv.conf
name: resolvconf
subPath: resolv.conf
{{- if .Values.ceph.enabled }}
- name: cephconf
mountPath: /etc/ceph/ceph.conf
subPath: ceph.conf
- name: cephclientcinderkeyring
mountPath: /etc/ceph/ceph.client.{{ .Values.ceph.cinder_user }}.keyring
subPath: ceph.client.{{ .Values.ceph.cinder_user }}.keyring
{{- end }}
volumes:
- name: libvirtdconf
configMap:
name: nova-etc
items:
- key: libvirtd.conf
path: libvirtd.conf
- name: libvirtsh
configMap:
name: nova-bin
items:
- key: libvirt.sh
path: libvirt.sh
- name: resolvconf
configMap:
name: nova-etc
items:
- key: resolv.conf
path: resolv.conf
- name: libmodules
hostPath:
path: /lib/modules
- name: varlibnova
hostPath:
path: /var/lib/nova
- name: varliblibvirt
hostPath:
path: /var/lib/libvirt
- name: run
hostPath:
path: /run
- name: cgroup
hostPath:
path: /sys/fs/cgroup
{{- if .Values.ceph.enabled }}
- name: cephconf
configMap:
name: nova-etc
items:
- key: ceph.conf
path: ceph.conf
- name: cephclientcinderkeyring
configMap:
name: nova-etc
items:
- key: ceph.client.cinder.keyring.yaml
path: ceph.client.cinder.keyring.yaml
{{- end }}

70
nova/templates/deployment-api.yaml Normal file
View File

@ -0,0 +1,70 @@
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: nova-api
spec:
replicas: {{ .Values.control_replicas }}
template:
metadata:
labels:
app: nova-api
annotations:
pod.beta.kubernetes.io/init-containers: '[
{
"name": "init",
"image": "{{ .Values.image.entrypoint }}",
"imagePullPolicy": "{{ .Values.image.pull_policy }}",
"env": [
{
"name": "NAMESPACE",
"value": "{{ .Release.Namespace }}"
},
{
"name": "INTERFACE_NAME",
"value": "eth0"
},
{
"name": "DEPENDENCY_SERVICE",
"value": "{{ include "joinListWithColon" .Values.dependencies.api.service }}"
},
{
"name": "DEPENDENCY_JOBS",
"value": "{{ include "joinListWithColon" .Values.dependencies.api.jobs }}"
},
{
"name": "COMMAND",
"value": "echo done"
}
]
}
]'
spec:
nodeSelector:
{{ .Values.labels.control_node_selector_key }}: {{ .Values.labels.control_node_selector_value }}
containers:
- name: nova-api
image: {{ .Values.image.api }}
# https://bugs.launchpad.net/kolla-mesos/+bug/1546007
securityContext:
privileged: true
command:
- nova-api
- --config-file
- /etc/nova/nova.conf
ports:
- containerPort: {{ .Values.network.port.api }}
- containerPort: {{ .Values.network.port.metadata }}
readinessProbe:
tcpSocket:
port: {{ .Values.network.port.api }}
volumeMounts:
- name: novaconf
mountPath: /etc/nova/nova.conf
subPath: nova.conf
volumes:
- name: novaconf
configMap:
name: nova-etc
items:
- key: nova.conf
path: nova.conf

61
nova/templates/deployment-conductor.yaml Normal file
View File

@ -0,0 +1,61 @@
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: nova-conductor
spec:
replicas: {{ .Values.control_replicas }}
template:
metadata:
labels:
app: nova-conductor
annotations:
pod.beta.kubernetes.io/init-containers: '[
{
"name": "init",
"image": "{{ .Values.image.entrypoint }}",
"imagePullPolicy": "{{ .Values.image.pull_policy }}",
"env": [
{
"name": "NAMESPACE",
"value": "{{ .Release.Namespace }}"
},
{
"name": "INTERFACE_NAME",
"value": "eth0"
},
{
"name": "DEPENDENCY_SERVICE",
"value": "{{ include "joinListWithColon" .Values.dependencies.conductor.service }}"
},
{
"name": "DEPENDENCY_JOBS",
"value": "{{ include "joinListWithColon" .Values.dependencies.conductor.jobs }}"
},
{
"name": "COMMAND",
"value": "echo done"
}
]
}
]'
spec:
nodeSelector:
{{ .Values.labels.control_node_selector_key }}: {{ .Values.labels.control_node_selector_value }}
containers:
- name: nova-conductor
image: {{ .Values.image.conductor }}
command:
- nova-conductor
- --config-file
- /etc/nova/nova.conf
volumeMounts:
- name: novaconf
mountPath: /etc/nova/nova.conf
subPath: nova.conf
volumes:
- name: novaconf
configMap:
name: nova-etc
items:
- key: nova.conf
path: nova.conf

61
nova/templates/deployment-consoleauth.yaml Normal file
View File

@ -0,0 +1,61 @@
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: nova-consoleauth
spec:
replicas: {{ .Values.control_replicas }}
template:
metadata:
labels:
app: nova-consoleauth
annotations:
pod.beta.kubernetes.io/init-containers: '[
{
"name": "init",
"image": "{{ .Values.image.entrypoint }}",
"imagePullPolicy": "{{ .Values.image.pull_policy }}",
"env": [
{
"name": "NAMESPACE",
"value": "{{ .Release.Namespace }}"
},
{
"name": "INTERFACE_NAME",
"value": "eth0"
},
{
"name": "DEPENDENCY_SERVICE",
"value": "{{ include "joinListWithColon" .Values.dependencies.consoleauth.service }}"
},
{
"name": "DEPENDENCY_JOBS",
"value": "{{ include "joinListWithColon" .Values.dependencies.consoleauth.jobs }}"
},
{
"name": "COMMAND",
"value": "echo done"
}
]
}
]'
spec:
nodeSelector:
{{ .Values.labels.control_node_selector_key }}: {{ .Values.labels.control_node_selector_value }}
containers:
- name: nova-consoleauth
image: {{ .Values.image.consoleauth }}
command:
- nova-consoleauth
- --config-file
- /etc/nova/nova.conf
volumeMounts:
- name: novaconf
mountPath: /etc/nova/nova.conf
subPath: nova.conf
volumes:
- name: novaconf
configMap:
name: nova-etc
items:
- key: nova.conf
path: nova.conf

61
nova/templates/deployment-scheduler.yaml Normal file
View File

@ -0,0 +1,61 @@
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: nova-scheduler
spec:
replicas: {{ .Values.control_replicas }}
template:
metadata:
labels:
app: nova-scheduler
annotations:
pod.beta.kubernetes.io/init-containers: '[
{
"name": "init",
"image": "{{ .Values.image.entrypoint }}",
"imagePullPolicy": "{{ .Values.image.pull_policy }}",
"env": [
{
"name": "NAMESPACE",
"value": "{{ .Release.Namespace }}"
},
{
"name": "INTERFACE_NAME",
"value": "eth0"
},
{
"name": "DEPENDENCY_SERVICE",
"value": "{{ include "joinListWithColon" .Values.dependencies.scheduler.service }}"
},
{
"name": "DEPENDENCY_JOBS",
"value": "{{ include "joinListWithColon" .Values.dependencies.scheduler.jobs }}"
},
{
"name": "COMMAND",
"value": "echo done"
}
]
}
]'
spec:
nodeSelector:
{{ .Values.labels.control_node_selector_key }}: {{ .Values.labels.control_node_selector_value }}
containers:
- name: nova-scheduler
image: {{ .Values.image.scheduler }}
command:
- nova-scheduler
- --config-file
- /etc/nova/nova.conf
volumeMounts:
- name: novaconf
mountPath: /etc/nova/nova.conf
subPath: nova.conf
volumes:
- name: novaconf
configMap:
name: nova-etc
items:
- key: nova.conf
path: nova.conf

18
nova/templates/etc/_ceph.conf.tpl Normal file
View File

@ -0,0 +1,18 @@
[global]
rgw_thread_pool_size = 1024
rgw_num_rados_handles = 100
{{- if .Values.ceph.enabled }}
[mon]
{{- if .Values.ceph.monitors }}
{{ range .Values.ceph.monitors }}
[mon.{{ . }}]
host = {{ . }}
mon_addr = {{ . }}
{{ end }}
{{- else }}
mon_host = ceph-mon.ceph
{{- end }}
{{- end }}
[client]
rbd_cache_enabled = true
rbd_cache_writethrough_until_flush = true

6
nova/templates/etc/_libvirtd.conf.tpl Normal file
View File

@ -0,0 +1,6 @@
listen_tcp = 1
auth_tcp = "none"
ca_file = ""
log_level = 2
log_outputs = "2:stderr"
listen_addr = "{{ .Values.network.ip_address }}"

108
nova/templates/etc/_nova.conf.tpl Normal file
View File

@ -0,0 +1,108 @@
[DEFAULT]
debug = {{ .Values.nova.default.debug }}
default_ephemeral_format = ext4
host_subset_size = 30
ram_allocation_ratio=1.0
disk_allocation_ratio=1.0
cpu_allocation_ratio=3.0
force_config_drive = {{ .Values.nova.default.force_config_drive }}
state_path = /var/lib/nova
osapi_compute_listen = {{ .Values.network.ip_address }}
osapi_compute_listen_port = {{ .Values.network.port.api }}
osapi_compute_workers = {{ .Values.nova.default.osapi_workers }}
workers = {{ .Values.nova.default.osapi_workers }}
metadata_workers = {{ .Values.nova.default.metadata_workers }}
use_neutron = True
firewall_driver = nova.virt.firewall.NoopFirewallDriver
linuxnet_interface_driver = openvswitch
allow_resize_to_same_host = True
compute_driver = libvirt.LibvirtDriver
# Though my_ip is not used directly, lots of other variables use $my_ip
my_ip = {{ .Values.network.ip_address }}
transport_url = rabbit://{{ .Values.rabbitmq.admin_user }}:{{ .Values.rabbitmq.admin_password }}@{{ .Values.rabbitmq.address }}:{{ .Values.rabbitmq.port }}
[vnc]
novncproxy_host = {{ .Values.network.ip_address }}
novncproxy_port = {{ .Values.network.port.novncproxy }}
vncserver_listen = 0.0.0.0
vncserver_proxyclient_address = {{ .Values.network.ip_address }}
novncproxy_base_url = http://{{ .Values.network.external_ips }}:{{ .Values.network.port.novncproxy }}/vnc_auto.html
[oslo_concurrency]
lock_path = /var/lib/nova/tmp
[conductor]
workers = {{ .Values.nova.default.conductor_workers }}
[glance]
api_servers = {{ include "endpoint_glance_api_internal" . }}
num_retries = 3
[cinder]
catalog_info = volume:cinder:internalURL
[neutron]
url = {{ include "endpoint_neutron_api_internal" . }}
metadata_proxy_shared_secret = {{ .Values.neutron.metadata_secret }}
service_metadata_proxy = True
auth_url = {{ include "endpoint_keystone_admin" . }}
auth_type = password
project_domain_name = default
user_domain_id = default
project_name = service
username = {{ .Values.keystone.neutron_user }}
password = {{ .Values.keystone.neutron_password }}
[database]
connection = mysql+pymysql://{{ .Values.database.nova_user }}:{{ .Values.database.nova_password }}@{{ .Values.database.address }}/{{ .Values.database.nova_database_name }}
max_retries = -1
[api_database]
connection = mysql+pymysql://{{ .Values.database.nova_user }}:{{ .Values.database.nova_password }}@{{ .Values.database.address }}/{{ .Values.database.nova_api_database_name }}
max_retries = -1
[keystone_authtoken]
auth_uri = {{ include "endpoint_keystone_internal" . }}
auth_url = {{ include "endpoint_keystone_admin" . }}
auth_type = password
project_domain_id = default
user_domain_id = default
project_name = service
username = {{ .Values.keystone.nova_user }}
password = {{ .Values.keystone.nova_password }}
[libvirt]
connection_uri = "qemu+tcp://127.0.0.1/system"
images_type = qcow2
# Enabling live-migration without hostname resolution
# live_migration_inbound_addr = {{ .Values.network.ip_address }}
{{- if .Values.ceph.enabled }}
images_rbd_pool = {{ .Values.ceph.nova_pool }}
images_rbd_ceph_conf = /etc/ceph/ceph.conf
rbd_user = {{ .Values.ceph.cinder_user }}
rbd_secret_uuid = {{ .Values.ceph.secret_uuid }}
{{- end }}
disk_cachemodes="network=writeback"
hw_disk_discard = unmap
[upgrade_levels]
compute = auto
[cache]
enabled = True
backend = oslo_cache.memcache_pool
memcache_servers = {{ .Values.memcached.address }}
[wsgi]
api_paste_config = /etc/nova/api-paste.ini

5
nova/templates/etc/_resolv.conf.tpl Normal file
View File

@ -0,0 +1,5 @@
search {{ .Release.Namespace }}.svc.{{ .Values.network.dns.kubernetes_domain }} svc.{{ .Values.network.dns.kubernetes_domain }} {{ .Values.network.dns.kubernetes_domain }}
{{- range .Values.network.dns.servers }}
nameserver {{ . | title }}
{{- end }}
options ndots:5

56
nova/templates/job-db-sync.yaml Normal file
View File

@ -0,0 +1,56 @@
apiVersion: batch/v1
kind: Job
metadata:
name: nova-db-sync
spec:
template:
metadata:
annotations:
pod.beta.kubernetes.io/init-containers: '[
{
"name": "init",
"image": "{{ .Values.image.entrypoint }}",
"imagePullPolicy": "{{ .Values.image.pull_policy }}",
"env": [
{
"name": "NAMESPACE",
"value": "{{ .Release.Namespace }}"
},
{
"name": "DEPENDENCY_SERVICE",
"value": "{{ include "joinListWithColon" .Values.dependencies.db_sync.service }}"
},
{
"name": "DEPENDENCY_JOBS",
"value": "{{ include "joinListWithColon" .Values.dependencies.db_sync.jobs }}"
},
{
"name": "COMMAND",
"value": "echo done"
}
]
}
]'
spec:
restartPolicy: OnFailure
containers:
- name: nova-db-sync
image: {{ .Values.image.db_sync }}
imagePullPolicy: Always
command:
- bash
- /tmp/db-sync.sh
volumeMounts:
- name: novaconf
mountPath: /etc/nova/nova.conf
subPath: nova.conf
- name: nova-bin
mountPath: /tmp/db-sync.sh
subPath: db-sync.sh
volumes:
- name: novaconf
configMap:
name: nova-etc
- name: nova-bin
configMap:
name: nova-bin

50
nova/templates/job-init.yaml Normal file
View File

@ -0,0 +1,50 @@
apiVersion: batch/v1
kind: Job
metadata:
name: nova-init
spec:
template:
metadata:
annotations:
pod.beta.kubernetes.io/init-containers: '[
{
"name": "init",
"image": "{{ .Values.image.entrypoint }}",
"imagePullPolicy": "{{ .Values.image.pull_policy }}",
"env": [
{
"name": "NAMESPACE",
"value": "{{ .Release.Namespace }}"
},
{
"name": "DEPENDENCY_SERVICE",
"value": "{{ include "joinListWithColon" .Values.dependencies.init.service }}"
},
{
"name": "DEPENDENCY_JOBS",
"value": "{{ include "joinListWithColon" .Values.dependencies.init.jobs }}"
},
{
"name": "COMMAND",
"value": "echo done"
}
]
}
]'
spec:
restartPolicy: OnFailure
containers:
- name: nova-init
image: {{ .Values.image.init }}
imagePullPolicy: Always
command:
- bash
- /tmp/init.sh
volumeMounts:
- name: nova-bin
mountPath: /tmp/init.sh
subPath: init.sh
volumes:
- name: nova-bin
configMap:
name: nova-bin

59
nova/templates/job-post.yaml Normal file
View File

@ -0,0 +1,59 @@
apiVersion: batch/v1
kind: Job
metadata:
name: nova-post
spec:
template:
metadata:
annotations:
pod.beta.kubernetes.io/init-containers: '[
{
"name": "init",
"image": "{{ .Values.image.entrypoint }}",
"imagePullPolicy": "{{ .Values.image.pull_policy }}",
"env": [
{
"name": "NAMESPACE",
"value": "{{ .Release.Namespace }}"
},
{
"name": "DEPENDENCY_SERVICE",
"value": "{{ include "joinListWithColon" .Values.dependencies.post.service }}"
},
{
"name": "DEPENDENCY_JOBS",
"value": "{{ include "joinListWithColon" .Values.dependencies.post.jobs }}"
},
{
"name": "COMMAND",
"value": "echo done"
}
]
}
]'
spec:
restartPolicy: OnFailure
containers:
- name: nova-post
image: {{ .Values.image.post }}
imagePullPolicy: Always
command:
- bash
- /tmp/post.sh
env:
- name: ANSIBLE_LIBRARY
value: /usr/share/ansible/
volumeMounts:
- name: novaconf
mountPath: /etc/nova/nova.conf
subPath: nova.conf
- name: nova-bin
mountPath: /tmp/post.sh
subPath: post.sh
volumes:
- name: novaconf
configMap:
name: nova-etc
- name: nova-bin
configMap:
name: nova-bin

12
nova/templates/service-api.yaml Normal file
View File

@ -0,0 +1,12 @@
apiVersion: v1
kind: Service
metadata:
name: nova-api
spec:
ports:
- name: nova-api
port: {{ .Values.network.port.api }}
- name: nova-metadata
port: {{ .Values.network.port.metadata }}
selector:
app: nova-api

213
nova/values.yaml Normal file
View File

@ -0,0 +1,213 @@
# Default values for keystone.
# This is a YAML-formatted file.
# Declare name/value pairs to be passed into your templates.
# name: value
labels:
control_node_selector_key: openstack-control-plane
control_node_selector_value: enabled
compute_node_selector_key: openstack-compute-node
compute_node_selector_value: enabled
control_replicas: 1
compute_replicas: 1
image:
init: quay.io/stackanetes/stackanetes-kolla-toolbox:barcelona
db_sync: quay.io/stackanetes/stackanetes-nova-api:barcelona
api: quay.io/stackanetes/stackanetes-nova-api:barcelona
conductor: quay.io/stackanetes/stackanetes-nova-conductor:barcelona
scheduler: quay.io/stackanetes/stackanetes-nova-scheduler:barcelona
novncproxy: quay.io/stackanetes/stackanetes-nova-novncproxy:barcelona
consoleauth: quay.io/stackanetes/stackanetes-nova-consoleauth:barcelona
compute: quay.io/stackanetes/stackanetes-nova-compute:barcelona
libvirt: quay.io/stackanetes/stackanetes-nova-libvirt:barcelona
post: quay.io/stackanetes/stackanetes-kolla-toolbox:barcelona
entrypoint: quay.io/stackanetes/kubernetes-entrypoint:v0.1.0
pull_policy: "IfNotPresent"
network:
ip_address: "0.0.0.0"
# TODO(DTadrzak): move external IPs to common, this variable should be shared with
# horizon service
external_ips: ""
minion_interface_name: "eno1"
dns:
servers:
- "10.96.0.10"
- "8.8.8.8"
kubernetes_domain: "cluster.local"
other_domains: ""
port:
api: 8774
metadata: 8775
novncproxy: 6080
nova:
default:
debug: false
osapi_workers: 8
metadata_workers: 8
conductor_workers: 8
force_config_drive: True
drain_timeout: 60
database:
address: "mariadb"
port: 3306
root_user: "root"
root_password: "password"
nova_user: "nova"
nova_password: "password"
nova_database_name: "nova"
nova_api_database_name: "nova_api"
keystone:
admin_user: "admin"
admin_password: "password"
admin_project_name: "admin"
admin_region_name: "RegionOne"
domain_name: "default"
tenant_name: "admin"
neutron_user: "neutron"
neutron_password: "password"
neutron_region_name: "RegionOne"
nova_user: "nova"
nova_password: "password"
nova_region_name: "RegionOne"
rabbitmq:
address: "rabbitmq"
admin_user: "rabbitmq"
admin_password: "password"
port: 5672
ceph:
enabled: false
monitors: []
cinder_user: "cinder"
cinder_keyring: null
nova_pool: "vms"
secret_uuid: ""
neutron:
metadata_secret: "password"
memcached:
address: "memcached:11211"
dependencies:
api:
jobs:
- mariadb-seed
- keystone-db-sync
- nova-init
- nova-db-sync
service:
- mariadb
db_sync:
jobs:
- nova-init
- keystone-init
- mariadb-seed
service:
- mariadb
db_sync:
jobs:
- nova-init
- keystone-init
- mariadb-seed
service:
- mariadb
post:
jobs:
- nova-init
- keystone-init
- mariadb-seed
service:
- mariadb
- nova-api
init:
jobs:
- mariadb-seed
service:
- mariadb
compute:
jobs:
- nova-init
- nova-post
- nova-db-sync
service:
- keystone-api
- nova-api
daemonset:
- nova-libvirt
libvirt:
jobs:
- nova-init
- nova-post
- nova-db-sync
service:
- keystone-api
- nova-api
consoleauth:
jobs:
- mariadb-seed
- keystone-db-sync
- nova-init
- nova-db-sync
service:
- mariadb
scheduler:
jobs:
- mariadb-seed
- keystone-db-sync
- nova-init
- nova-db-sync
service:
- mariadb
conductor:
jobs:
- mariadb-seed
- keystone-db-sync
- nova-init
- nova-db-sync
service:
- mariadb
# typically overriden by environmental
# values, but should include all endpoints
# required by this chart
endpoints:
glance:
hosts:
default: glance-api
type: image
path: null
scheme: 'http'
port:
api: 9292
registry: 9191
nova:
hosts:
default: nova-api
path: "/v2/%(tenant_id)s"
type: compute
scheme: 'http'
port:
api: 8774
metadata: 8775
novncproxy: 6080
keystone:
hosts:
default: keystone-api
path: /v3
type: identity
scheme: 'http'
port:
admin: 35357
public: 5000