Fix for creation endpoins and services when v1/v2 are disabled.
Change-Id: I187e882c653c93ad4e1ef83a88ac4fcc3e60f763
This commit is contained in:
parent
937db470c3
commit
9216563be2
@ -14,7 +14,7 @@ apiVersion: v1
|
||||
appVersion: v1.0.0
|
||||
description: OpenStack-Helm Cinder
|
||||
name: cinder
|
||||
version: 0.3.2
|
||||
version: 0.3.3
|
||||
home: https://docs.openstack.org/cinder/latest/
|
||||
icon: https://www.openstack.org/themes/openstack/images/project-mascots/Cinder/OpenStack_Project_Cinder_vertical.png
|
||||
sources:
|
||||
|
@ -94,7 +94,7 @@ limitations under the License.
|
||||
{{- end -}}
|
||||
|
||||
{{- if empty .Values.conf.cinder.DEFAULT.osapi_volume_listen_port -}}
|
||||
{{- $_ := tuple "volumev3" "service" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" | set .Values.conf.cinder.DEFAULT "osapi_volume_listen_port" -}}
|
||||
{{- $_ := tuple "volume" "service" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" | set .Values.conf.cinder.DEFAULT "osapi_volume_listen_port" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- if .Values.conf.cinder.service_user.send_service_user_token -}}
|
||||
|
@ -90,7 +90,7 @@ spec:
|
||||
mountPath: /tmp/volume-usage-audit.sh
|
||||
subPath: volume-usage-audit.sh
|
||||
readOnly: true
|
||||
{{- dict "enabled" (or .Values.manifests.certificates .Values.tls.identity) "name" .Values.secrets.tls.volumev3.api.internal "path" "/etc/cinder/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 16 }}
|
||||
{{- dict "enabled" (or .Values.manifests.certificates .Values.tls.identity) "name" .Values.secrets.tls.volume.api.internal "path" "/etc/cinder/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 16 }}
|
||||
{{- dict "enabled" $envAll.Values.manifests.certificates "name" $envAll.Values.endpoints.oslo_db.auth.admin.secret.tls.internal "path" "/etc/mysql/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 16 }}
|
||||
{{- dict "enabled" $envAll.Values.manifests.certificates "name" $envAll.Values.endpoints.oslo_messaging.auth.admin.secret.tls.internal "path" "/etc/rabbitmq/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 16 }}
|
||||
{{ if $mounts_cinder_volume_usage_audit.volumeMounts }}{{ toYaml $mounts_cinder_volume_usage_audit.volumeMounts | indent 16 }}{{ end }}
|
||||
@ -107,7 +107,7 @@ spec:
|
||||
configMap:
|
||||
name: cinder-bin
|
||||
defaultMode: 0555
|
||||
{{- dict "enabled" (or .Values.manifests.certificates .Values.tls.identity) "name" .Values.secrets.tls.volumev3.api.internal | include "helm-toolkit.snippets.tls_volume" | indent 12 }}
|
||||
{{- dict "enabled" (or .Values.manifests.certificates .Values.tls.identity) "name" .Values.secrets.tls.volume.api.internal | include "helm-toolkit.snippets.tls_volume" | indent 12 }}
|
||||
{{- dict "enabled" $envAll.Values.manifests.certificates "name" $envAll.Values.endpoints.oslo_db.auth.admin.secret.tls.internal | include "helm-toolkit.snippets.tls_volume" | indent 12 }}
|
||||
{{- dict "enabled" $envAll.Values.manifests.certificates "name" $envAll.Values.endpoints.oslo_messaging.auth.admin.secret.tls.internal | include "helm-toolkit.snippets.tls_volume" | indent 12 }}
|
||||
{{ if $mounts_cinder_volume_usage_audit.volumes }}{{ toYaml $mounts_cinder_volume_usage_audit.volumes | indent 12 }}{{ end }}
|
||||
|
@ -93,17 +93,17 @@ spec:
|
||||
- stop
|
||||
ports:
|
||||
- name: c-api
|
||||
containerPort: {{ tuple "volumev3" "service" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
|
||||
containerPort: {{ tuple "volume" "service" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
|
||||
readinessProbe:
|
||||
httpGet:
|
||||
scheme: {{ tuple "volumev3" "service" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_scheme_lookup" | upper }}
|
||||
scheme: {{ tuple "volume" "service" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_scheme_lookup" | upper }}
|
||||
path: /
|
||||
port: {{ tuple "volumev3" "service" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
|
||||
port: {{ tuple "volume" "service" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
|
||||
livenessProbe:
|
||||
httpGet:
|
||||
scheme: {{ tuple "volumev3" "service" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_scheme_lookup" | upper }}
|
||||
scheme: {{ tuple "volume" "service" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_scheme_lookup" | upper }}
|
||||
path: /
|
||||
port: {{ tuple "volumev3" "service" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
|
||||
port: {{ tuple "volume" "service" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
|
||||
initialDelaySeconds: 30
|
||||
failureThreshold: 3
|
||||
periodSeconds: 10
|
||||
@ -165,7 +165,7 @@ spec:
|
||||
readOnly: true
|
||||
{{- end }}
|
||||
{{- dict "enabled" .Values.manifests.certificates "name" .Values.endpoints.oslo_db.auth.admin.secret.tls.internal "path" "/etc/mysql/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
|
||||
{{- dict "enabled" (or .Values.manifests.certificates .Values.tls.identity) "name" .Values.secrets.tls.volumev3.api.internal "path" "/etc/cinder/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
|
||||
{{- dict "enabled" (or .Values.manifests.certificates .Values.tls.identity) "name" .Values.secrets.tls.volume.api.internal "path" "/etc/cinder/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
|
||||
{{- dict "enabled" .Values.manifests.certificates "name" .Values.endpoints.oslo_messaging.auth.admin.secret.tls.internal "path" "/etc/rabbitmq/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
|
||||
{{ if $mounts_cinder_api.volumeMounts }}{{ toYaml $mounts_cinder_api.volumeMounts | indent 12 }}{{ end }}
|
||||
volumes:
|
||||
@ -188,7 +188,7 @@ spec:
|
||||
emptyDir: {}
|
||||
{{- end }}
|
||||
{{- dict "enabled" .Values.manifests.certificates "name" .Values.endpoints.oslo_db.auth.admin.secret.tls.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
|
||||
{{- dict "enabled" (or .Values.manifests.certificates .Values.tls.identity) "name" .Values.secrets.tls.volumev3.api.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
|
||||
{{- dict "enabled" (or .Values.manifests.certificates .Values.tls.identity) "name" .Values.secrets.tls.volume.api.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
|
||||
{{- dict "enabled" .Values.manifests.certificates "name" .Values.endpoints.oslo_messaging.auth.admin.secret.tls.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
|
||||
{{ if $mounts_cinder_api.volumes }}{{ toYaml $mounts_cinder_api.volumes | indent 8 }}{{ end }}
|
||||
{{- end }}
|
||||
|
@ -107,7 +107,7 @@ spec:
|
||||
- name: cinder-coordination
|
||||
mountPath: {{ ( split "://" .Values.conf.cinder.coordination.backend_url )._1 }}
|
||||
{{- end }}
|
||||
{{- dict "enabled" .Values.manifests.certificates "name" .Values.secrets.tls.volumev3.api.internal "path" "/etc/cinder/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
|
||||
{{- dict "enabled" .Values.manifests.certificates "name" .Values.secrets.tls.volume.api.internal "path" "/etc/cinder/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
|
||||
{{- dict "enabled" $envAll.Values.manifests.certificates "name" $envAll.Values.endpoints.oslo_db.auth.admin.secret.tls.internal "path" "/etc/mysql/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
|
||||
{{- dict "enabled" $envAll.Values.manifests.certificates "name" $envAll.Values.endpoints.oslo_messaging.auth.admin.secret.tls.internal "path" "/etc/rabbitmq/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
|
||||
{{ if $mounts_cinder_scheduler.volumeMounts }}{{ toYaml $mounts_cinder_scheduler.volumeMounts | indent 12 }}{{ end }}
|
||||
@ -128,7 +128,7 @@ spec:
|
||||
- name: cinder-coordination
|
||||
emptyDir: {}
|
||||
{{- end }}
|
||||
{{- dict "enabled" .Values.manifests.certificates "name" .Values.secrets.tls.volumev3.api.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
|
||||
{{- dict "enabled" .Values.manifests.certificates "name" .Values.secrets.tls.volume.api.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
|
||||
{{- dict "enabled" $envAll.Values.manifests.certificates "name" $envAll.Values.endpoints.oslo_db.auth.admin.secret.tls.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
|
||||
{{- dict "enabled" $envAll.Values.manifests.certificates "name" $envAll.Values.endpoints.oslo_messaging.auth.admin.secret.tls.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
|
||||
{{ if $mounts_cinder_scheduler.volumes }}{{ toYaml $mounts_cinder_scheduler.volumes | indent 8 }}{{ end }}
|
||||
|
@ -131,7 +131,7 @@ spec:
|
||||
readOnly: true
|
||||
- name: pod-shared
|
||||
mountPath: /tmp/pod-shared
|
||||
{{- dict "enabled" (or .Values.manifests.certificates .Values.tls.identity) "name" .Values.secrets.tls.volumev3.api.internal | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
|
||||
{{- dict "enabled" (or .Values.manifests.certificates .Values.tls.identity) "name" .Values.secrets.tls.volume.api.internal | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
|
||||
env:
|
||||
{{- with $env := dict "ksUserSecret" .Values.secrets.identity.admin "useCA" (or .Values.manifests.certificates .Values.tls.identity) }}
|
||||
{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }}
|
||||
@ -281,7 +281,7 @@ spec:
|
||||
mountPropagation: HostToContainer
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- dict "enabled" (or .Values.manifests.certificates .Values.tls.identity) "name" .Values.secrets.tls.volumev3.api.internal "path" "/etc/cinder/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
|
||||
{{- dict "enabled" (or .Values.manifests.certificates .Values.tls.identity) "name" .Values.secrets.tls.volume.api.internal "path" "/etc/cinder/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
|
||||
{{- dict "enabled" $envAll.Values.manifests.certificates "name" $envAll.Values.endpoints.oslo_db.auth.admin.secret.tls.internal "path" "/etc/mysql/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
|
||||
{{- dict "enabled" $envAll.Values.manifests.certificates "name" $envAll.Values.endpoints.oslo_messaging.auth.admin.secret.tls.internal "path" "/etc/rabbitmq/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
|
||||
{{ if $mounts_cinder_volume.volumeMounts }}{{ toYaml $mounts_cinder_volume.volumeMounts | indent 12 }}{{ end }}
|
||||
@ -351,7 +351,7 @@ spec:
|
||||
path: /sys
|
||||
{{- end }}
|
||||
{{- dict "enabled" $envAll.Values.manifests.certificates "name" $envAll.Values.endpoints.oslo_db.auth.admin.secret.tls.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
|
||||
{{- dict "enabled" (or .Values.manifests.certificates .Values.tls.identity) "name" .Values.secrets.tls.volumev3.api.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
|
||||
{{- dict "enabled" (or .Values.manifests.certificates .Values.tls.identity) "name" .Values.secrets.tls.volume.api.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
|
||||
{{- dict "enabled" $envAll.Values.manifests.certificates "name" $envAll.Values.endpoints.oslo_messaging.auth.admin.secret.tls.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
|
||||
{{ if $mounts_cinder_volume.volumes }}{{ toYaml $mounts_cinder_volume.volumes | indent 8 }}{{ end }}
|
||||
{{- end }}
|
||||
|
@ -14,10 +14,10 @@ limitations under the License.
|
||||
|
||||
{{- if and .Values.manifests.ingress_api .Values.network.api.ingress.public }}
|
||||
{{- $envAll := . -}}
|
||||
{{- $ingressOpts := dict "envAll" $envAll "backendServiceType" "volumev3" "backendPort" "c-api" -}}
|
||||
{{- $secretName := $envAll.Values.secrets.tls.volumev3.api.internal -}}
|
||||
{{- $ingressOpts := dict "envAll" $envAll "backendServiceType" "volume" "backendPort" "c-api" -}}
|
||||
{{- $secretName := $envAll.Values.secrets.tls.volume.api.internal -}}
|
||||
{{- if and .Values.manifests.certificates $secretName -}}
|
||||
{{- $_ := set $ingressOpts "certIssuer" .Values.endpoints.volumev3.host_fqdn_override.default.tls.issuerRef.name -}}
|
||||
{{- $_ := set $ingressOpts "certIssuer" .Values.endpoints.volume.host_fqdn_override.default.tls.issuerRef.name -}}
|
||||
{{- end -}}
|
||||
{{ $ingressOpts | include "helm-toolkit.manifests.ingress" }}
|
||||
{{- end }}
|
||||
|
@ -20,7 +20,7 @@ helm.sh/hook-weight: "5"
|
||||
{{- if and .Values.manifests.job_bootstrap .Values.bootstrap.enabled }}
|
||||
{{- $bootstrapJob := dict "envAll" . "serviceName" "cinder" "keystoneUser" .Values.bootstrap.ks_user "logConfigFile" .Values.conf.cinder.DEFAULT.log_config_append "jobAnnotations" (include "metadata.annotations.job.bootstrap" . | fromYaml) -}}
|
||||
{{- if or .Values.manifests.certificates .Values.tls.identity -}}
|
||||
{{- $_ := set $bootstrapJob "tlsSecret" .Values.secrets.tls.volumev3.api.internal -}}
|
||||
{{- $_ := set $bootstrapJob "tlsSecret" .Values.secrets.tls.volume.api.internal -}}
|
||||
{{- end -}}
|
||||
{{- if .Values.pod.tolerations.cinder.enabled -}}
|
||||
{{- $_ := set $bootstrapJob "tolerationsEnabled" true -}}
|
||||
|
@ -68,7 +68,7 @@ spec:
|
||||
mountPath: /tmp/create-internal-tenant.sh
|
||||
subPath: create-internal-tenant.sh
|
||||
readOnly: true
|
||||
{{- dict "enabled" (or .Values.manifests.certificates .Values.tls.identity) "name" .Values.secrets.tls.volumev3.api.internal | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
|
||||
{{- dict "enabled" (or .Values.manifests.certificates .Values.tls.identity) "name" .Values.secrets.tls.volume.api.internal | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
|
||||
env:
|
||||
{{- with $env := dict "ksUserSecret" $envAll.Values.secrets.identity.admin "useCA" (or .Values.manifests.certificates .Values.tls.identity) }}
|
||||
{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }}
|
||||
@ -97,5 +97,5 @@ spec:
|
||||
configMap:
|
||||
name: {{ $configMapBin | quote }}
|
||||
defaultMode: 0555
|
||||
{{- dict "enabled" (or .Values.manifests.certificates .Values.tls.identity) "name" .Values.secrets.tls.volumev3.api.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
|
||||
{{- dict "enabled" (or .Values.manifests.certificates .Values.tls.identity) "name" .Values.secrets.tls.volume.api.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
|
||||
{{- end -}}
|
||||
|
@ -17,10 +17,17 @@ helm.sh/hook: post-install,post-upgrade
|
||||
helm.sh/hook-weight: "-2"
|
||||
{{- end }}
|
||||
|
||||
{{- $volTypes := list "volumev3" -}}
|
||||
{{- if .Values.conf.cinder.DEFAULT.enable_v1_api }}
|
||||
{{- $volTypes = append $volTypes "volume" }}
|
||||
{{- end }}
|
||||
{{- if .Values.conf.cinder.DEFAULT.enable_v2_api }}
|
||||
{{- $volTypes = append $volTypes "volumev2" }}
|
||||
{{- end }}
|
||||
{{- if .Values.manifests.job_ks_endpoints }}
|
||||
{{- $ksServiceJob := dict "envAll" . "serviceName" "cinder" "serviceTypes" ( tuple "volumev3" ) -}}
|
||||
{{- $ksServiceJob := dict "envAll" . "serviceName" "cinder" "serviceTypes" ( $volTypes ) -}}
|
||||
{{- if or .Values.manifests.certificates .Values.tls.identity -}}
|
||||
{{- $_ := set $ksServiceJob "tlsSecret" .Values.secrets.tls.volumev3.api.internal -}}
|
||||
{{- $_ := set $ksServiceJob "tlsSecret" .Values.secrets.tls.volume.api.internal -}}
|
||||
{{- end -}}
|
||||
{{- if .Values.helm3_hook }}
|
||||
{{- $_ := set $ksServiceJob "jobAnnotations" (include "metadata.annotations.job.ks_endpoints" . | fromYaml) }}
|
||||
|
@ -24,9 +24,16 @@ helm.sh/hook-weight: "-3"
|
||||
{{- $serviceTypes = append $serviceTypes $v }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- $ksServiceJob := dict "envAll" . "serviceName" "cinder" "serviceTypes" $serviceTypes -}}
|
||||
{{- $volTypes := list "volumev3" -}}
|
||||
{{- if .Values.conf.cinder.DEFAULT.enable_v1_api }}
|
||||
{{- $volTypes = append $volTypes "volume" }}
|
||||
{{- end }}
|
||||
{{- if .Values.conf.cinder.DEFAULT.enable_v2_api }}
|
||||
{{- $volTypes = append $volTypes "volumev2" }}
|
||||
{{- end }}
|
||||
{{- $ksServiceJob := dict "envAll" . "serviceName" "cinder" "serviceTypes" ( $volTypes ) -}}
|
||||
{{- if or .Values.manifests.certificates .Values.tls.identity -}}
|
||||
{{- $_ := set $ksServiceJob "tlsSecret" .Values.secrets.tls.volumev3.api.internal -}}
|
||||
{{- $_ := set $ksServiceJob "tlsSecret" .Values.secrets.tls.volume.api.internal -}}
|
||||
{{- end -}}
|
||||
{{- if .Values.helm3_hook }}
|
||||
{{- $_ := set $ksServiceJob "jobAnnotations" (include "metadata.annotations.job.ks_service" . | fromYaml) }}
|
||||
|
@ -20,7 +20,7 @@ helm.sh/hook-weight: "-1"
|
||||
{{- if .Values.manifests.job_ks_user }}
|
||||
{{- $ksUserJob := dict "envAll" . "serviceName" "cinder" -}}
|
||||
{{- if or .Values.manifests.certificates .Values.tls.identity -}}
|
||||
{{- $_ := set $ksUserJob "tlsSecret" .Values.secrets.tls.volumev3.api.internal -}}
|
||||
{{- $_ := set $ksUserJob "tlsSecret" .Values.secrets.tls.volume.api.internal -}}
|
||||
{{- end -}}
|
||||
{{- if .Values.helm3_hook }}
|
||||
{{- $_ := set $ksUserJob "jobAnnotations" (include "metadata.annotations.job.ks_user" . | fromYaml) }}
|
||||
|
@ -53,7 +53,7 @@ spec:
|
||||
mountPath: /tmp/ks-user.sh
|
||||
subPath: ks-user.sh
|
||||
readOnly: true
|
||||
{{ dict "enabled" .Values.manifests.certificates "name" $envAll.Values.secrets.tls.volumev3.api.internal | include "helm-toolkit.snippets.tls_volume_mount" | indent 8 }}
|
||||
{{ dict "enabled" .Values.manifests.certificates "name" $envAll.Values.secrets.tls.volume.api.internal | include "helm-toolkit.snippets.tls_volume_mount" | indent 8 }}
|
||||
env:
|
||||
{{- with $env := dict "ksUserSecret" .Values.secrets.identity.admin "useCA" .Values.manifests.certificates }}
|
||||
{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 8 }}
|
||||
@ -93,7 +93,7 @@ spec:
|
||||
readOnly: true
|
||||
- name: rally-db
|
||||
mountPath: /var/lib/rally
|
||||
{{ dict "enabled" .Values.manifests.certificates "name" .Values.secrets.tls.volumev3.api.internal | include "helm-toolkit.snippets.tls_volume_mount" | indent 8 }}
|
||||
{{ dict "enabled" .Values.manifests.certificates "name" .Values.secrets.tls.volume.api.internal | include "helm-toolkit.snippets.tls_volume_mount" | indent 8 }}
|
||||
{{ if $mounts_tests.volumeMounts }}{{ toYaml $mounts_tests.volumeMounts | indent 8 }}{{ end }}
|
||||
volumes:
|
||||
- name: pod-tmp
|
||||
@ -108,6 +108,6 @@ spec:
|
||||
defaultMode: 0555
|
||||
- name: rally-db
|
||||
emptyDir: {}
|
||||
{{- dict "enabled" .Values.manifests.certificates "name" .Values.secrets.tls.volumev3.api.internal | include "helm-toolkit.snippets.tls_volume" | indent 4 }}
|
||||
{{- dict "enabled" .Values.manifests.certificates "name" .Values.secrets.tls.volume.api.internal | include "helm-toolkit.snippets.tls_volume" | indent 4 }}
|
||||
{{ if $mounts_tests.volumes }}{{ toYaml $mounts_tests.volumes | indent 4 }}{{ end }}
|
||||
{{- end }}
|
||||
|
@ -13,5 +13,5 @@ limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if .Values.manifests.secret_ingress_tls }}
|
||||
{{- include "helm-toolkit.manifests.secret_ingress_tls" ( dict "envAll" . "backendServiceType" "volumev3" ) }}
|
||||
{{- include "helm-toolkit.manifests.secret_ingress_tls" ( dict "envAll" . "backendServiceType" "volume" ) }}
|
||||
{{- end }}
|
||||
|
@ -18,11 +18,11 @@ limitations under the License.
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: {{ tuple "volumev3" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
|
||||
name: {{ tuple "volume" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
|
||||
spec:
|
||||
ports:
|
||||
- name: c-api
|
||||
port: {{ tuple "volumev3" "service" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
|
||||
port: {{ tuple "volume" "service" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
|
||||
{{ if .Values.network.api.node_port.enabled }}
|
||||
nodePort: {{ .Values.network.api.node_port.port }}
|
||||
{{ end }}
|
||||
|
@ -13,6 +13,6 @@ limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if and .Values.manifests.service_ingress_api .Values.network.api.ingress.public }}
|
||||
{{- $serviceIngressOpts := dict "envAll" . "backendServiceType" "volumev3" -}}
|
||||
{{- $serviceIngressOpts := dict "envAll" . "backendServiceType" "volume" -}}
|
||||
{{ $serviceIngressOpts | include "helm-toolkit.manifests.service_ingress" }}
|
||||
{{- end }}
|
||||
|
@ -434,7 +434,19 @@ conf:
|
||||
composite:osapi_volume:
|
||||
use: call:cinder.api:root_app_factory
|
||||
/: apiversions
|
||||
/v1: openstack_volume_api_v1
|
||||
/v2: openstack_volume_api_v2
|
||||
/v3: openstack_volume_api_v3
|
||||
composite:openstack_volume_api_v1:
|
||||
use: call:cinder.api.middleware.auth:pipeline_factory
|
||||
noauth: cors http_proxy_to_wsgi request_id faultwrap sizelimit osprofiler noauth apiv1
|
||||
keystone: cors http_proxy_to_wsgi request_id faultwrap sizelimit osprofiler authtoken audit keystonecontext apiv1
|
||||
keystone_nolimit: cors http_proxy_to_wsgi request_id faultwrap sizelimit osprofiler authtoken audit keystonecontext apiv1
|
||||
composite:openstack_volume_api_v2:
|
||||
use: call:cinder.api.middleware.auth:pipeline_factory
|
||||
noauth: cors http_proxy_to_wsgi request_id faultwrap sizelimit osprofiler noauth apiv2
|
||||
keystone: cors http_proxy_to_wsgi request_id faultwrap sizelimit osprofiler authtoken audit keystonecontext apiv2
|
||||
keystone_nolimit: cors http_proxy_to_wsgi request_id faultwrap sizelimit osprofiler authtoken audit keystonecontext apiv2
|
||||
composite:openstack_volume_api_v3:
|
||||
use: call:cinder.api.middleware.auth:pipeline_factory
|
||||
noauth: cors http_proxy_to_wsgi request_id faultwrap sizelimit osprofiler noauth apiv3
|
||||
@ -455,6 +467,10 @@ conf:
|
||||
paste.filter_factory: cinder.api.middleware.auth:NoAuthMiddleware.factory
|
||||
filter:sizelimit:
|
||||
paste.filter_factory: oslo_middleware.sizelimit:RequestBodySizeLimiter.factory
|
||||
app:apiv1:
|
||||
paste.app_factory: cinder.api.v1.router:APIRouter.factory
|
||||
app:apiv2:
|
||||
paste.app_factory: cinder.api.v2.router:APIRouter.factory
|
||||
app:apiv3:
|
||||
paste.app_factory: cinder.api.v3.router:APIRouter.factory
|
||||
pipeline:apiversions:
|
||||
@ -487,6 +503,8 @@ conf:
|
||||
types: type
|
||||
volumes: volume
|
||||
service_endpoints:
|
||||
volume: service/storage/block
|
||||
volumev2: service/storage/block
|
||||
volumev3: service/storage/block
|
||||
cinder_sudoers: |
|
||||
# This sudoers file supports rootwrap for both Kolla and LOCI Images.
|
||||
@ -774,6 +792,7 @@ conf:
|
||||
use_syslog: false
|
||||
use_stderr: true
|
||||
enable_v1_api: false
|
||||
enable_v2_api: false
|
||||
volume_name_template: "%s"
|
||||
osapi_volume_workers: 1
|
||||
glance_api_version: 2
|
||||
@ -911,7 +930,7 @@ conf:
|
||||
rados_connect_timeout: -1
|
||||
rbd_user: cinder
|
||||
rbd_secret_uuid: 457eb676-33da-42ec-9a8c-9293d545c337
|
||||
image_volume_cache_enabled: True
|
||||
image_volume_cache_enabled: true
|
||||
image_volume_cache_max_size_gb: 200
|
||||
image_volume_cache_max_count: 50
|
||||
rally_tests:
|
||||
@ -1029,7 +1048,7 @@ dependencies:
|
||||
- endpoint: internal
|
||||
service: identity
|
||||
- endpoint: internal
|
||||
service: volumev3
|
||||
service: volume
|
||||
backup_storage_init:
|
||||
jobs: null
|
||||
bootstrap:
|
||||
@ -1037,7 +1056,7 @@ dependencies:
|
||||
- endpoint: internal
|
||||
service: identity
|
||||
- endpoint: internal
|
||||
service: volumev3
|
||||
service: volume
|
||||
pod:
|
||||
- requireSameNode: false
|
||||
labels:
|
||||
@ -1088,7 +1107,7 @@ dependencies:
|
||||
- endpoint: internal
|
||||
service: identity
|
||||
- endpoint: internal
|
||||
service: volumev3
|
||||
service: volume
|
||||
storage_init:
|
||||
jobs: null
|
||||
tests:
|
||||
@ -1096,7 +1115,7 @@ dependencies:
|
||||
- endpoint: internal
|
||||
service: identity
|
||||
- endpoint: internal
|
||||
service: volumev3
|
||||
service: volume
|
||||
volume:
|
||||
jobs:
|
||||
- cinder-db-sync
|
||||
@ -1108,7 +1127,7 @@ dependencies:
|
||||
- endpoint: internal
|
||||
service: identity
|
||||
- endpoint: internal
|
||||
service: volumev3
|
||||
service: volume
|
||||
volume_usage_audit:
|
||||
jobs:
|
||||
- cinder-db-sync
|
||||
@ -1120,7 +1139,7 @@ dependencies:
|
||||
- endpoint: internal
|
||||
service: identity
|
||||
- endpoint: internal
|
||||
service: volumev3
|
||||
service: volume
|
||||
image_repo_sync:
|
||||
services:
|
||||
- endpoint: internal
|
||||
@ -1147,7 +1166,7 @@ secrets:
|
||||
admin: cinder-rabbitmq-admin
|
||||
cinder: cinder-rabbitmq-user
|
||||
tls:
|
||||
volumev3:
|
||||
volume:
|
||||
api:
|
||||
public: cinder-tls-public
|
||||
internal: cinder-tls-api
|
||||
@ -1240,8 +1259,52 @@ endpoints:
|
||||
api:
|
||||
default: 9292
|
||||
public: 80
|
||||
volumev3:
|
||||
volume:
|
||||
name: cinder
|
||||
hosts:
|
||||
default: cinder-api
|
||||
public: cinder
|
||||
host_fqdn_override:
|
||||
default: null
|
||||
# NOTE(portdirect): this chart supports TLS for fqdn over-ridden public
|
||||
# endpoints using the following format:
|
||||
# public:
|
||||
# host: null
|
||||
# tls:
|
||||
# crt: null
|
||||
# key: null
|
||||
path:
|
||||
default: '/v1/%(tenant_id)s'
|
||||
scheme:
|
||||
default: 'http'
|
||||
port:
|
||||
api:
|
||||
default: 8776
|
||||
public: 80
|
||||
volumev2:
|
||||
name: cinderv2
|
||||
hosts:
|
||||
default: cinder-api
|
||||
public: cinder
|
||||
host_fqdn_override:
|
||||
default: null
|
||||
# NOTE(portdirect): this chart supports TLS for fqdn over-ridden public
|
||||
# endpoints using the following format:
|
||||
# public:
|
||||
# host: null
|
||||
# tls:
|
||||
# crt: null
|
||||
# key: null
|
||||
path:
|
||||
default: '/v2/%(tenant_id)s'
|
||||
scheme:
|
||||
default: 'http'
|
||||
port:
|
||||
api:
|
||||
default: 8776
|
||||
public: 80
|
||||
volumev3:
|
||||
name: cinderv3
|
||||
hosts:
|
||||
default: cinder-api
|
||||
public: cinder
|
||||
|
@ -33,7 +33,7 @@ conf:
|
||||
ThreadLimit 720
|
||||
</IfModule>
|
||||
wsgi_cinder: |
|
||||
{{- $portInt := tuple "volumev3" "internal" "api" $ | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
|
||||
{{- $portInt := tuple "volume" "internal" "api" $ | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
|
||||
Listen {{ $portInt }}
|
||||
<VirtualHost *:{{ $portInt }}>
|
||||
ServerName {{ printf "%s.%s.svc.%s" "cinder-api" .Release.Namespace .Values.endpoints.cluster_domain_suffix }}
|
||||
@ -95,6 +95,34 @@ endpoints:
|
||||
port:
|
||||
api:
|
||||
public: 443
|
||||
volume:
|
||||
host_fqdn_override:
|
||||
default:
|
||||
tls:
|
||||
secretName: cinder-tls-api
|
||||
issuerRef:
|
||||
name: ca-issuer
|
||||
kind: ClusterIssuer
|
||||
scheme:
|
||||
default: https
|
||||
internal: https
|
||||
port:
|
||||
api:
|
||||
public: 443
|
||||
volumev2:
|
||||
host_fqdn_override:
|
||||
default:
|
||||
tls:
|
||||
secretName: cinder-tls-api
|
||||
issuerRef:
|
||||
name: ca-issuer
|
||||
kind: ClusterIssuer
|
||||
scheme:
|
||||
default: https
|
||||
internal: https
|
||||
port:
|
||||
api:
|
||||
public: 443
|
||||
volumev3:
|
||||
host_fqdn_override:
|
||||
default:
|
||||
|
@ -1019,8 +1019,10 @@ Update script overrides as following:
|
||||
| ID | Name | Type |
|
||||
+----------------------------------+----------+--------------+
|
||||
| 0eddeb6af4fd43ea8f73f63a1ae01438 | swift | object-store |
|
||||
| 66bd0179eada4ab8899a58356fd4d508 | cinder | volume |
|
||||
| 67cc6b945e934246b25d31a9374a64af | keystone | identity |
|
||||
| 81a61ec8eff74070bb3c2f0118c1bcd5 | glance | image |
|
||||
| c126046fc5ec4c52acfc8fee0e2f4dda | cinderv2 | volumev2 |
|
||||
| f89b99a31a124b7790e3bb60387380b1 | cinderv3 | volumev3 |
|
||||
+----------------------------------+----------+--------------+
|
||||
+ sleep 30
|
||||
|
@ -52,4 +52,5 @@ cinder:
|
||||
- 0.3.0 Remove support for Train and Ussuri
|
||||
- 0.3.1 Change ceph-config-helper image tag
|
||||
- 0.3.2 Remove default policy rules
|
||||
- 0.3.3 Fix for creation endpoins and services when v1/v2 are disabled
|
||||
...
|
||||
|
@ -281,6 +281,38 @@ $(cat ${GLANCE_API_CRT} | sed 's/^/ /')
|
||||
key: |
|
||||
$(cat ${GLANCE_API_KEY} | sed 's/^/ /')
|
||||
ca: |
|
||||
$(cat ${OSH_CA_ROOT}/ca.pem | sed 's/^/ /')
|
||||
volume:
|
||||
scheme:
|
||||
public: https
|
||||
port:
|
||||
api:
|
||||
public: 443
|
||||
host_fqdn_override:
|
||||
public:
|
||||
host: "$(cat "${CINDER_CSR}" | jq -r '.CN')"
|
||||
tls:
|
||||
crt: |
|
||||
$(cat ${CINDER_CRT} | sed 's/^/ /')
|
||||
key: |
|
||||
$(cat ${CINDER_KEY} | sed 's/^/ /')
|
||||
ca: |
|
||||
$(cat ${OSH_CA_ROOT}/ca.pem | sed 's/^/ /')
|
||||
volumev2:
|
||||
scheme:
|
||||
public: https
|
||||
port:
|
||||
api:
|
||||
public: 443
|
||||
host_fqdn_override:
|
||||
public:
|
||||
host: "$(cat "${CINDER_CSR}" | jq -r '.CN')"
|
||||
tls:
|
||||
crt: |
|
||||
$(cat ${CINDER_CRT} | sed 's/^/ /')
|
||||
key: |
|
||||
$(cat ${CINDER_KEY} | sed 's/^/ /')
|
||||
ca: |
|
||||
$(cat ${OSH_CA_ROOT}/ca.pem | sed 's/^/ /')
|
||||
volumev3:
|
||||
scheme:
|
||||
|
Loading…
Reference in New Issue
Block a user