From a0092c79225871b64dff7c59ea07d61ba47c549b Mon Sep 17 00:00:00 2001 From: Pete Birley Date: Tue, 4 Apr 2017 10:34:25 -0500 Subject: [PATCH] Update Neutron DB Jobs --- neutron/templates/bin/_db-sync.sh.tpl | 22 ++++++++++++++ neutron/templates/bin/_init.sh.tpl | 33 --------------------- neutron/templates/configmap-bin.yaml | 6 ++-- neutron/templates/etc/_neutron.conf.tpl | 2 +- neutron/templates/job-db-init.yaml | 36 +++++++++++++++++++---- neutron/templates/job-db-sync.yaml | 27 +++++++++-------- neutron/templates/secret-db-root.env.yaml | 7 +++++ neutron/values.yaml | 24 +++++++++------ 8 files changed, 93 insertions(+), 64 deletions(-) create mode 100644 neutron/templates/bin/_db-sync.sh.tpl delete mode 100644 neutron/templates/bin/_init.sh.tpl create mode 100644 neutron/templates/secret-db-root.env.yaml diff --git a/neutron/templates/bin/_db-sync.sh.tpl b/neutron/templates/bin/_db-sync.sh.tpl new file mode 100644 index 0000000000..e5f5931a0e --- /dev/null +++ b/neutron/templates/bin/_db-sync.sh.tpl @@ -0,0 +1,22 @@ +#!/bin/bash + +# Copyright 2017 The Openstack-Helm Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -ex + +neutron-db-manage \ + --config-file /etc/neutron/neutron.conf \ + --config-file /etc/neutron/plugins/ml2/ml2-conf.ini \ + upgrade head diff --git a/neutron/templates/bin/_init.sh.tpl b/neutron/templates/bin/_init.sh.tpl deleted file mode 100644 index f8f942a4af..0000000000 --- a/neutron/templates/bin/_init.sh.tpl +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/bash - -# Copyright 2017 The Openstack-Helm Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -set -ex -export HOME=/tmp - -ansible localhost -vvv -m mysql_db -a "login_host='{{ include "helm-toolkit.mariadb_host" . }}' \ -login_port='{{ .Values.database.port }}' \ -login_user='{{ .Values.database.root_user }}' \ -login_password='{{ .Values.database.root_password }}' \ -name='{{ .Values.database.neutron_database_name }}'" - -ansible localhost -vvv -m mysql_user -a "login_host='{{ include "helm-toolkit.mariadb_host" . }}' \ -login_port='{{ .Values.database.port }}' \ -login_user='{{ .Values.database.root_user }}' \ -login_password='{{ .Values.database.root_password }}' \ -name='{{ .Values.database.neutron_user }}' \ -password='{{ .Values.database.neutron_password }}' \ -host='%' \ -priv='{{ .Values.database.neutron_database_name }}.*:ALL' append_privs='yes'" diff --git a/neutron/templates/configmap-bin.yaml b/neutron/templates/configmap-bin.yaml index 5db74eb60a..1d39df34cd 100644 --- a/neutron/templates/configmap-bin.yaml +++ b/neutron/templates/configmap-bin.yaml @@ -17,14 +17,16 @@ kind: ConfigMap metadata: name: neutron-bin data: + db-init.py: | +{{- include "helm-toolkit.db_init" . | indent 4 }} + db-sync.sh: | +{{ tuple "bin/_db-sync.sh.tpl" . | include "helm-toolkit.template" | indent 4 }} ks-service.sh: |+ {{- include "helm-toolkit.keystone_service" . | indent 4 }} ks-endpoints.sh: |+ {{- include "helm-toolkit.keystone_endpoints" . | indent 4 }} ks-user.sh: |+ {{- include "helm-toolkit.keystone_user" . | indent 4 }} - init.sh: | -{{ tuple "bin/_init.sh.tpl" . | include "helm-toolkit.template" | indent 4 }} neutron-openvswitch-agent.sh: | {{ tuple "bin/_neutron-openvswitch-agent.sh.tpl" . | include "helm-toolkit.template" | indent 4 }} openvswitch-db-server.sh: | diff --git a/neutron/templates/etc/_neutron.conf.tpl b/neutron/templates/etc/_neutron.conf.tpl index 4adcf32805..cae62114b3 100644 --- a/neutron/templates/etc/_neutron.conf.tpl +++ b/neutron/templates/etc/_neutron.conf.tpl @@ -70,7 +70,7 @@ l2_population = true arp_responder = true [database] -connection = mysql+pymysql://{{ .Values.database.neutron_user }}:{{ .Values.database.neutron_password }}@{{ include "helm-toolkit.mariadb_host" . }}/{{ .Values.database.neutron_database_name }} +connection = {{ tuple "oslo_db" "internal" "user" "mysql" . | include "helm-toolkit.authenticated_endpoint_uri_lookup" }} max_retries = -1 [keystone_authtoken] diff --git a/neutron/templates/job-db-init.yaml b/neutron/templates/job-db-init.yaml index b2ee4e2602..13456fc465 100644 --- a/neutron/templates/job-db-init.yaml +++ b/neutron/templates/job-db-init.yaml @@ -33,14 +33,38 @@ spec: - name: neutron-db-init image: {{ .Values.images.db_init }} imagePullPolicy: {{ .Values.images.pull_policy }} + env: + - name: ROOT_DB_CONNECTION + valueFrom: + secretKeyRef: + name: neutron-db-root + key: DB_CONNECTION + - name: OPENSTACK_CONFIG_FILE + value: /etc/neutron/neutron.conf + - name: OPENSTACK_CONFIG_DB_SECTION + value: database + - name: OPENSTACK_CONFIG_DB_KEY + value: connection command: - - bash - - /tmp/init.sh + - python + - /tmp/db-init.py volumeMounts: - - name: initsh - mountPath: /tmp/init.sh - subPath: init.sh + - name: neutron-bin + mountPath: /tmp/db-init.py + subPath: db-init.py + readOnly: true + - name: etcneutron + mountPath: /etc/neutron + - name: neutronconf + mountPath: /etc/neutron/neutron.conf + subPath: neutron.conf + readOnly: true volumes: - - name: initsh + - name: etcneutron + emptyDir: {} + - name: neutronconf + configMap: + name: neutron-etc + - name: neutron-bin configMap: name: neutron-bin diff --git a/neutron/templates/job-db-sync.yaml b/neutron/templates/job-db-sync.yaml index 99b702c3d9..2fde70568a 100644 --- a/neutron/templates/job-db-sync.yaml +++ b/neutron/templates/job-db-sync.yaml @@ -33,14 +33,6 @@ spec: - name: neutron-db-sync image: {{ .Values.images.db_sync }} imagePullPolicy: {{ .Values.images.pull_policy }} - command: - - neutron-db-manage - - --config-file - - /etc/neutron/neutron.conf - - --config-file - - /etc/neutron/plugins/ml2/ml2-conf.ini - - upgrade - - head {{- if .Values.resources.enabled }} resources: limits: @@ -50,21 +42,30 @@ spec: cpu: {{ .Values.resources.jobs.db_sync.requests.cpu | quote }} memory: {{ .Values.resources.jobs.db_sync.requests.memory | quote }} {{- end }} + command: + - bash + - /tmp/db-sync.sh volumeMounts: - - name: pod-etc-neutron + - name: neutron-bin + mountPath: /tmp/db-sync.sh + subPath: db-sync.sh + readOnly: true + - name: etcneutron mountPath: /etc/neutron - name: neutronconf mountPath: /etc/neutron/neutron.conf subPath: neutron.conf - - name: ml2confini + readOnly: true + - name: neutronconf mountPath: /etc/neutron/plugins/ml2/ml2-conf.ini subPath: ml2-conf.ini + readOnly: true volumes: - - name: pod-etc-neutron + - name: etcneutron emptyDir: {} - name: neutronconf configMap: name: neutron-etc - - name: ml2confini + - name: neutron-bin configMap: - name: neutron-etc + name: neutron-bin diff --git a/neutron/templates/secret-db-root.env.yaml b/neutron/templates/secret-db-root.env.yaml new file mode 100644 index 0000000000..5d81dd0be6 --- /dev/null +++ b/neutron/templates/secret-db-root.env.yaml @@ -0,0 +1,7 @@ +apiVersion: v1 +kind: Secret +metadata: + name: neutron-db-root +type: Opaque +data: + DB_CONNECTION: {{ tuple "oslo_db" "internal" "admin" "mysql" . | include "helm-toolkit.authenticated_endpoint_uri_lookup" | b64enc }} diff --git a/neutron/values.yaml b/neutron/values.yaml index fddc039575..448154d95a 100644 --- a/neutron/values.yaml +++ b/neutron/values.yaml @@ -21,7 +21,7 @@ replicas: server: 1 images: - db_init: quay.io/stackanetes/stackanetes-kolla-toolbox:newton + db_init: quay.io/stackanetes/stackanetes-neutron-server:newton db_sync: quay.io/stackanetes/stackanetes-neutron-server:newton ks_user: quay.io/stackanetes/stackanetes-kolla-toolbox:newton ks_service: quay.io/stackanetes/stackanetes-kolla-toolbox:newton @@ -116,14 +116,6 @@ keystone: nova_project_domain: "default" nova_region_name: "RegionOne" -database: - port: 3306 - root_user: root - root_password: password - neutron_database_name: neutron - neutron_password: password - neutron_user: neutron - metadata_agent: default: debug: 'True' @@ -330,3 +322,17 @@ endpoints: scheme: 'http' port: api: 9696 + oslo_db: + auth: + admin: + username: root + password: password + user: + username: neutron + password: password + hosts: + default: mariadb + path: /neutron + scheme: mysql+pymysql + port: + mysql: 3306