Glance: remove oslo-genconfig

This PS removes the modified oslo-genconfig from glance.

Partially implements: blueprint remove-pregenerated-config-templates

Change-Id: Ie4d5dd9e4b03ba360c62f508e98e206f6f894b63
This commit is contained in:
Pete Birley 2017-09-18 17:37:33 -05:00
parent 9e117ce95b
commit a27e42b762
12 changed files with 186 additions and 7341 deletions

View File

@ -17,128 +17,124 @@ limitations under the License.
{{- if .Values.manifests.configmap_etc }}
{{- $envAll := . }}
{{- include "glance.conf.glance_values_skeleton" .Values.conf.glance | trunc 0 -}}
{{- include "glance.conf.glance_registry_values_skeleton" .Values.conf.glance_registry | trunc 0 -}}
{{- if empty .Values.conf.glance.keystone_authtoken.keystonemiddleware.auth_token.auth_uri -}}
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.glance.keystone_authtoken.keystonemiddleware.auth_token "auth_uri" | quote | trunc 0 -}}
{{- if empty .Values.conf.glance.keystone_authtoken.auth_uri -}}
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.glance.keystone_authtoken "auth_uri" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.glance_registry.keystone_authtoken.keystonemiddleware.auth_token.auth_uri -}}
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.glance_registry.keystone_authtoken.keystonemiddleware.auth_token "auth_uri" | quote | trunc 0 -}}
{{- if empty .Values.conf.glance_registry.keystone_authtoken.auth_uri -}}
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.glance_registry.keystone_authtoken "auth_uri" | quote | trunc 0 -}}
{{- end -}}
# FIXME(alanmeadows) fix for broken keystonemiddleware oslo config gen in newton - will remove in future
{{- if empty .Values.conf.glance.keystone_authtoken.keystonemiddleware.auth_token.auth_url -}}
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.glance.keystone_authtoken.keystonemiddleware.auth_token "auth_url" | quote | trunc 0 -}}
{{- if empty .Values.conf.glance.keystone_authtoken.auth_url -}}
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.glance.keystone_authtoken "auth_url" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.glance_registry.keystone_authtoken.keystonemiddleware.auth_token.auth_url -}}
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.glance_registry.keystone_authtoken.keystonemiddleware.auth_token "auth_url" | quote | trunc 0 -}}
{{- if empty .Values.conf.glance_registry.keystone_authtoken.auth_url -}}
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.glance_registry.keystone_authtoken "auth_url" | quote | trunc 0 -}}
{{- end -}}
# Set a random string as secret key.
{{- if empty .Values.conf.glance.keystone_authtoken.keystonemiddleware.auth_token.memcache_secret_key -}}
{{- randAlphaNum 64 | set .Values.conf.glance.keystone_authtoken.keystonemiddleware.auth_token "memcache_secret_key" | quote | trunc 0 -}}
{{- if empty .Values.conf.glance.keystone_authtoken.memcache_secret_key -}}
{{- randAlphaNum 64 | set .Values.conf.glance.keystone_authtoken "memcache_secret_key" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.glance_registry.keystone_authtoken.keystonemiddleware.auth_token.memcache_secret_key -}}
{{- randAlphaNum 64 | set .Values.conf.glance_registry.keystone_authtoken.keystonemiddleware.auth_token "memcache_secret_key" | quote | trunc 0 -}}
{{- if empty .Values.conf.glance_registry.keystone_authtoken.memcache_secret_key -}}
{{- randAlphaNum 64 | set .Values.conf.glance_registry.keystone_authtoken "memcache_secret_key" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.glance.keystone_authtoken.keystonemiddleware.auth_token.region_name -}}
{{- set .Values.conf.glance.keystone_authtoken.keystonemiddleware.auth_token "region_name" .Values.endpoints.identity.auth.user.region_name | quote | trunc 0 -}}
{{- if empty .Values.conf.glance.keystone_authtoken.region_name -}}
{{- set .Values.conf.glance.keystone_authtoken "region_name" .Values.endpoints.identity.auth.user.region_name | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.glance.keystone_authtoken.keystonemiddleware.auth_token.project_name -}}
{{- set .Values.conf.glance.keystone_authtoken.keystonemiddleware.auth_token "project_name" .Values.endpoints.identity.auth.user.project_name | quote | trunc 0 -}}
{{- if empty .Values.conf.glance.keystone_authtoken.project_name -}}
{{- set .Values.conf.glance.keystone_authtoken "project_name" .Values.endpoints.identity.auth.user.project_name | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.glance.keystone_authtoken.keystonemiddleware.auth_token.project_domain_name -}}
{{- set .Values.conf.glance.keystone_authtoken.keystonemiddleware.auth_token "project_domain_name" .Values.endpoints.identity.auth.user.project_domain_name | quote | trunc 0 -}}
{{- if empty .Values.conf.glance.keystone_authtoken.project_domain_name -}}
{{- set .Values.conf.glance.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.user.project_domain_name | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.glance.keystone_authtoken.keystonemiddleware.auth_token.user_domain_name -}}
{{- set .Values.conf.glance.keystone_authtoken.keystonemiddleware.auth_token "user_domain_name" .Values.endpoints.identity.auth.user.user_domain_name | quote | trunc 0 -}}
{{- if empty .Values.conf.glance.keystone_authtoken.user_domain_name -}}
{{- set .Values.conf.glance.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.user.user_domain_name | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.glance.keystone_authtoken.keystonemiddleware.auth_token.username -}}
{{- set .Values.conf.glance.keystone_authtoken.keystonemiddleware.auth_token "username" .Values.endpoints.identity.auth.user.username | quote | trunc 0 -}}
{{- if empty .Values.conf.glance.keystone_authtoken.username -}}
{{- set .Values.conf.glance.keystone_authtoken "username" .Values.endpoints.identity.auth.user.username | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.glance.keystone_authtoken.keystonemiddleware.auth_token.password -}}
{{- set .Values.conf.glance.keystone_authtoken.keystonemiddleware.auth_token "password" .Values.endpoints.identity.auth.user.password | quote | trunc 0 -}}
{{- if empty .Values.conf.glance.keystone_authtoken.password -}}
{{- set .Values.conf.glance.keystone_authtoken "password" .Values.endpoints.identity.auth.user.password | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.glance_registry.keystone_authtoken.keystonemiddleware.auth_token.region_name -}}
{{- set .Values.conf.glance_registry.keystone_authtoken.keystonemiddleware.auth_token "region_name" .Values.endpoints.identity.auth.user.region_name | quote | trunc 0 -}}
{{- if empty .Values.conf.glance_registry.keystone_authtoken.region_name -}}
{{- set .Values.conf.glance_registry.keystone_authtoken "region_name" .Values.endpoints.identity.auth.user.region_name | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.glance_registry.keystone_authtoken.keystonemiddleware.auth_token.project_name -}}
{{- set .Values.conf.glance_registry.keystone_authtoken.keystonemiddleware.auth_token "project_name" .Values.endpoints.identity.auth.user.project_name | quote | trunc 0 -}}
{{- if empty .Values.conf.glance_registry.keystone_authtoken.project_name -}}
{{- set .Values.conf.glance_registry.keystone_authtoken "project_name" .Values.endpoints.identity.auth.user.project_name | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.glance_registry.keystone_authtoken.keystonemiddleware.auth_token.project_domain_name -}}
{{- set .Values.conf.glance_registry.keystone_authtoken.keystonemiddleware.auth_token "project_domain_name" .Values.endpoints.identity.auth.user.project_domain_name | quote | trunc 0 -}}
{{- if empty .Values.conf.glance_registry.keystone_authtoken.project_domain_name -}}
{{- set .Values.conf.glance_registry.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.user.project_domain_name | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.glance_registry.keystone_authtoken.keystonemiddleware.auth_token.user_domain_name -}}
{{- set .Values.conf.glance_registry.keystone_authtoken.keystonemiddleware.auth_token "user_domain_name" .Values.endpoints.identity.auth.user.user_domain_name | quote | trunc 0 -}}
{{- if empty .Values.conf.glance_registry.keystone_authtoken.user_domain_name -}}
{{- set .Values.conf.glance_registry.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.user.user_domain_name | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.glance_registry.keystone_authtoken.keystonemiddleware.auth_token.username -}}
{{- set .Values.conf.glance_registry.keystone_authtoken.keystonemiddleware.auth_token "username" .Values.endpoints.identity.auth.user.username | quote | trunc 0 -}}
{{- if empty .Values.conf.glance_registry.keystone_authtoken.username -}}
{{- set .Values.conf.glance_registry.keystone_authtoken "username" .Values.endpoints.identity.auth.user.username | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.glance_registry.keystone_authtoken.keystonemiddleware.auth_token.password -}}
{{- set .Values.conf.glance_registry.keystone_authtoken.keystonemiddleware.auth_token "password" .Values.endpoints.identity.auth.user.password | quote | trunc 0 -}}
{{- if empty .Values.conf.glance_registry.keystone_authtoken.password -}}
{{- set .Values.conf.glance_registry.keystone_authtoken "password" .Values.endpoints.identity.auth.user.password | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.glance.keystone_authtoken.keystonemiddleware.auth_token.memcached_servers -}}
{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.glance.keystone_authtoken.keystonemiddleware.auth_token "memcached_servers" | quote | trunc 0 -}}
{{- if empty .Values.conf.glance.keystone_authtoken.memcached_servers -}}
{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.glance.keystone_authtoken "memcached_servers" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.glance_registry.keystone_authtoken.keystonemiddleware.auth_token.memcached_servers -}}
{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.glance_registry.keystone_authtoken.keystonemiddleware.auth_token "memcached_servers" | quote | trunc 0 -}}
{{- if empty .Values.conf.glance_registry.keystone_authtoken.memcached_servers -}}
{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.glance_registry.keystone_authtoken "memcached_servers" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.glance.database.oslo.db.connection -}}
{{- tuple "oslo_db" "internal" "user" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.glance.database.oslo.db "connection" | quote | trunc 0 -}}
{{- if empty .Values.conf.glance.database.connection -}}
{{- tuple "oslo_db" "internal" "user" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.glance.database "connection" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.glance_registry.database.oslo.db.connection -}}
{{- tuple "oslo_db" "internal" "user" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.glance_registry.database.oslo.db "connection" | quote | trunc 0 -}}
{{- if empty .Values.conf.glance_registry.connection -}}
{{- tuple "oslo_db" "internal" "user" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.glance_registry.database "connection" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.glance.default.oslo.messaging.transport_url -}}
{{- tuple "oslo_messaging" "internal" "user" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.glance.default.oslo.messaging "transport_url" | quote | trunc 0 -}}
{{- if empty .Values.conf.glance.DEFAULT.transport_url -}}
{{- tuple "oslo_messaging" "internal" "user" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.glance.DEFAULT "transport_url" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.glance_registry.default.oslo.messaging.transport_url -}}
{{- tuple "oslo_messaging" "internal" "user" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.glance_registry.default.oslo.messaging "transport_url" | quote | trunc 0 -}}
{{- if empty .Values.conf.glance_registry.DEFAULT.transport_url -}}
{{- tuple "oslo_messaging" "internal" "user" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.glance_registry.DEFAULT "transport_url" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.glance.default.glance.api.registry_host -}}
{{- if empty .Values.conf.glance.DEFAULT.registry_host -}}
{{- $imageRegistry := tuple "image_registry" "internal" "api" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" }}
{{- $imageRegistryHostURI := split ":" $imageRegistry -}}
{{- $imageRegistryHostURI._0 | set .Values.conf.glance.default.glance.api "registry_host" | quote | trunc 0 -}}
{{- $imageRegistryHostURI._0 | set .Values.conf.glance.DEFAULT "registry_host" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.glance.default.glance.api.registry_port -}}
{{- if empty .Values.conf.glance.DEFAULT.registry_port -}}
{{- $imageRegistry := tuple "image_registry" "internal" "api" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" }}
{{- $imageRegistryHostURI := split ":" $imageRegistry -}}
{{- $imageRegistryHostURI._1 | set .Values.conf.glance.default.glance.api "registry_port" | quote | trunc 0 -}}
{{- $imageRegistryHostURI._1 | set .Values.conf.glance.DEFAULT "registry_port" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.glance.default.glance.api.public_endpoint -}}
{{- tuple "image" "public" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | set .Values.conf.glance.default.glance.api "public_endpoint" | quote | trunc 0 -}}
{{- if empty .Values.conf.glance.DEFAULT.public_endpoint -}}
{{- tuple "image" "public" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | set .Values.conf.glance.DEFAULT "public_endpoint" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.glance.glance_store.glance.store.stores -}}
{{- if empty .Values.conf.glance.glance_store.stores -}}
{{- if eq .Values.storage "rbd" }}
{{- "file, http, rbd" | set .Values.conf.glance.glance_store.glance.store "stores" | quote | trunc 0 -}}
{{- "file, http, rbd" | set .Values.conf.glance.glance_store "stores" | quote | trunc 0 -}}
{{- end -}}
{{- if eq .Values.storage "pvc" }}
{{- "file, http" | set .Values.conf.glance.glance_store.glance.store "stores" | quote | trunc 0 -}}
{{- "file, http" | set .Values.conf.glance.glance_store "stores" | quote | trunc 0 -}}
{{- end -}}
{{ if or (eq .Values.storage "radosgw") (eq .Values.storage "swift") }}
{{- "file, http, swift" | set .Values.conf.glance.glance_store.glance.store "stores" | quote | trunc 0 -}}
{{- "file, http, swift" | set .Values.conf.glance.glance_store "stores" | quote | trunc 0 -}}
{{- end -}}
{{- end -}}
{{- if empty .Values.conf.glance.glance_store.glance.store.default_store -}}
{{- if empty .Values.conf.glance.glance_store.default_store -}}
{{- if eq .Values.storage "rbd" }}
{{- "rbd" | set .Values.conf.glance.glance_store.glance.store "default_store" | quote | trunc 0 -}}
{{- "rbd" | set .Values.conf.glance.glance_store "default_store" | quote | trunc 0 -}}
{{- end -}}
{{- if eq .Values.storage "pvc" }}
{{- "file" | set .Values.conf.glance.glance_store.glance.store "default_store" | quote | trunc 0 -}}
{{- "file" | set .Values.conf.glance.glance_store "default_store" | quote | trunc 0 -}}
{{- end -}}
{{ if or (eq .Values.storage "radosgw") (eq .Values.storage "swift") }}
{{- "swift" | set .Values.conf.glance.glance_store.glance.store "default_store" | quote | trunc 0 -}}
{{- "swift" | set .Values.conf.glance.glance_store "default_store" | quote | trunc 0 -}}
{{- end -}}
{{- end -}}
@ -151,13 +147,13 @@ data:
rally_tests.yaml: |+
{{- tuple .Values.conf.rally_tests "etc/_rally_tests.yaml.tpl" . | include "helm-toolkit.utils.configmap_templater" }}
glance-api.conf: |+
{{- tuple .Values.conf.glance "etc/_glance-api.conf.tpl" . | include "helm-toolkit.utils.configmap_templater" }}
{{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.glance | indent 4 }}
glance-api-paste.ini: |+
{{- tuple .Values.conf.paste "etc/_glance-api-paste.ini.tpl" . | include "helm-toolkit.utils.configmap_templater" }}
{{ include "helm-toolkit.utils.to_ini" .Values.conf.paste | indent 4 }}
glance-registry.conf: |+
{{- tuple .Values.conf.glance_registry "etc/_glance-registry.conf.tpl" . | include "helm-toolkit.utils.configmap_templater" }}
{{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.glance_registry | indent 4 }}
glance-registry-paste.ini: |+
{{- tuple .Values.conf.paste_registry "etc/_glance-registry-paste.ini.tpl" . | include "helm-toolkit.utils.configmap_templater" }}
{{ include "helm-toolkit.utils.to_ini" .Values.conf.paste_registry | indent 4 }}
policy.json: |+
{{ toJson .Values.conf.policy | indent 4 }}
swift-store.conf: |+

View File

@ -52,10 +52,10 @@ spec:
- chown
- -R
- "glance:"
- {{ .Values.conf.glance.glance_store.glance.store.filesystem_store_datadir }}
- {{ .Values.conf.glance.glance_store.filesystem_store_datadir }}
volumeMounts:
- name: glance-images
mountPath: {{ .Values.conf.glance.glance_store.glance.store.filesystem_store_datadir }}
mountPath: {{ .Values.conf.glance.glance_store.filesystem_store_datadir }}
{{ if eq .Values.storage "rbd" }}
- name: ceph-keyring-placement
image: {{ .Values.images.api }}
@ -64,7 +64,7 @@ spec:
runAsUser: {{ .Values.pod.user.glance.uid }}
env:
- name: RBD_STORE_USER
value: {{ .Values.conf.glance.glance_store.glance.store.rbd_store_user | quote }}
value: {{ .Values.conf.glance.glance_store.rbd_store_user | quote }}
command:
- /tmp/ceph-keyring.sh
volumeMounts:
@ -96,10 +96,10 @@ spec:
- /tmp/glance-api.sh
- stop
ports:
- containerPort: {{ .Values.conf.glance.default.glance.api.bind_port }}
- containerPort: {{ .Values.conf.glance.DEFAULT.bind_port }}
readinessProbe:
tcpSocket:
port: {{ .Values.conf.glance.default.glance.api.bind_port }}
port: {{ .Values.conf.glance.DEFAULT.bind_port }}
volumeMounts:
- name: etcglance
mountPath: /etc/glance
@ -120,11 +120,11 @@ spec:
subPath: policy.json
readOnly: true
- name: glance-etc
mountPath: {{ .Values.conf.glance.glance_store.glance.store.swift_store_config_file }}
mountPath: {{ .Values.conf.glance.glance_store.swift_store_config_file }}
subPath: swift-store.conf
readOnly: true
- name: glance-images
mountPath: {{ .Values.conf.glance.glance_store.glance.store.filesystem_store_datadir }}
mountPath: {{ .Values.conf.glance.glance_store.filesystem_store_datadir }}
{{- if eq .Values.storage "rbd" }}
- name: etcceph
mountPath: /etc/ceph

View File

@ -59,10 +59,10 @@ spec:
- /tmp/glance-registry.sh
- stop
ports:
- containerPort: {{ .Values.conf.glance_registry.default.glance.registry.bind_port }}
- containerPort: {{ .Values.conf.glance_registry.DEFAULT.bind_port }}
readinessProbe:
tcpSocket:
port: {{ .Values.conf.glance_registry.default.glance.registry.bind_port }}
port: {{ .Values.conf.glance_registry.DEFAULT.bind_port }}
volumeMounts:
- name: etcglance
mountPath: /etc/glance

View File

@ -1,90 +0,0 @@
# Use this pipeline for no auth or image caching - DEFAULT
[pipeline:glance-api]
pipeline = cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler unauthenticated-context rootapp
# Use this pipeline for image caching and no auth
[pipeline:glance-api-caching]
pipeline = cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler unauthenticated-context cache rootapp
# Use this pipeline for caching w/ management interface but no auth
[pipeline:glance-api-cachemanagement]
pipeline = cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler unauthenticated-context cache cachemanage rootapp
# Use this pipeline for keystone auth
[pipeline:glance-api-keystone]
pipeline = cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler authtoken context rootapp
# Use this pipeline for keystone auth with image caching
[pipeline:glance-api-keystone+caching]
pipeline = cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler authtoken context cache rootapp
# Use this pipeline for keystone auth with caching and cache management
[pipeline:glance-api-keystone+cachemanagement]
pipeline = cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler authtoken context cache cachemanage rootapp
# Use this pipeline for authZ only. This means that the registry will treat a
# user as authenticated without making requests to keystone to reauthenticate
# the user.
[pipeline:glance-api-trusted-auth]
pipeline = cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler context rootapp
# Use this pipeline for authZ only. This means that the registry will treat a
# user as authenticated without making requests to keystone to reauthenticate
# the user and uses cache management
[pipeline:glance-api-trusted-auth+cachemanagement]
pipeline = cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler context cache cachemanage rootapp
[composite:rootapp]
paste.composite_factory = glance.api:root_app_factory
/: apiversions
/v1: apiv1app
/v2: apiv2app
[app:apiversions]
paste.app_factory = glance.api.versions:create_resource
[app:apiv1app]
paste.app_factory = glance.api.v1.router:API.factory
[app:apiv2app]
paste.app_factory = glance.api.v2.router:API.factory
[filter:healthcheck]
paste.filter_factory = oslo_middleware:Healthcheck.factory
backends = disable_by_file
disable_by_file_path = /etc/glance/healthcheck_disable
[filter:versionnegotiation]
paste.filter_factory = glance.api.middleware.version_negotiation:VersionNegotiationFilter.factory
[filter:cache]
paste.filter_factory = glance.api.middleware.cache:CacheFilter.factory
[filter:cachemanage]
paste.filter_factory = glance.api.middleware.cache_manage:CacheManageFilter.factory
[filter:context]
paste.filter_factory = glance.api.middleware.context:ContextMiddleware.factory
[filter:unauthenticated-context]
paste.filter_factory = glance.api.middleware.context:UnauthenticatedContextMiddleware.factory
[filter:authtoken]
paste.filter_factory = keystonemiddleware.auth_token:filter_factory
delay_auth_decision = true
[filter:gzip]
paste.filter_factory = glance.api.middleware.gzip:GzipMiddleware.factory
[filter:osprofiler]
paste.filter_factory = osprofiler.web:WsgiMiddleware.factory
hmac_keys = SECRET_KEY #DEPRECATED
enabled = yes #DEPRECATED
[filter:cors]
paste.filter_factory = oslo_middleware.cors:filter_factory
oslo_config_project = glance
oslo_config_program = glance-api
[filter:http_proxy_to_wsgi]
paste.filter_factory = oslo_middleware:HTTPProxyToWSGI.factory

File diff suppressed because it is too large Load Diff

View File

@ -1,35 +0,0 @@
# Use this pipeline for no auth - DEFAULT
[pipeline:glance-registry]
pipeline = healthcheck osprofiler unauthenticated-context registryapp
# Use this pipeline for keystone auth
[pipeline:glance-registry-keystone]
pipeline = healthcheck osprofiler authtoken context registryapp
# Use this pipeline for authZ only. This means that the registry will treat a
# user as authenticated without making requests to keystone to reauthenticate
# the user.
[pipeline:glance-registry-trusted-auth]
pipeline = healthcheck osprofiler context registryapp
[app:registryapp]
paste.app_factory = glance.registry.api:API.factory
[filter:healthcheck]
paste.filter_factory = oslo_middleware:Healthcheck.factory
backends = disable_by_file
disable_by_file_path = /etc/glance/healthcheck_disable
[filter:context]
paste.filter_factory = glance.api.middleware.context:ContextMiddleware.factory
[filter:unauthenticated-context]
paste.filter_factory = glance.api.middleware.context:UnauthenticatedContextMiddleware.factory
[filter:authtoken]
paste.filter_factory = keystonemiddleware.auth_token:filter_factory
[filter:osprofiler]
paste.filter_factory = osprofiler.web:WsgiMiddleware.factory
hmac_keys = SECRET_KEY #DEPRECATED
enabled = yes #DEPRECATED

File diff suppressed because it is too large Load Diff

View File

@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
limitations under the License.
*/}}
[{{ .Values.conf.glance.glance_store.glance.store.default_swift_reference }}]
[{{ .Values.conf.glance.glance_store.default_swift_reference }}]
{{- if eq .Values.storage "radosgw" }}
auth_version = 1
auth_address = {{ tuple "ceph_object_store" "public" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" }}

View File

@ -70,11 +70,11 @@ spec:
value: {{ .Values.storage | quote }}
{{- if eq .Values.storage "rbd" }}
- name: RBD_POOL_NAME
value: {{ .Values.conf.glance.glance_store.glance.store.rbd_store_pool | quote }}
value: {{ .Values.conf.glance.glance_store.rbd_store_pool | quote }}
- name: RBD_POOL_USER
value: {{ .Values.conf.glance.glance_store.glance.store.rbd_store_user | quote }}
value: {{ .Values.conf.glance.glance_store.rbd_store_user | quote }}
- name: RBD_POOL_CHUNK_SIZE
value: {{ .Values.conf.glance.glance_store.glance.store.rbd_store_chunk_size | quote }}
value: {{ .Values.conf.glance.glance_store.rbd_store_chunk_size | quote }}
- name: RBD_POOL_SECRET
value: {{ .Values.secrets.rbd | quote }}
{{ end }}
@ -107,7 +107,7 @@ spec:
{{ end }}
{{- if eq .Values.storage "pvc" }}
- name: glance-images
mountPath: {{ .Values.conf.glance.glance_store.glance.store.filesystem_store_datadir }}
mountPath: {{ .Values.conf.glance.glance_store.filesystem_store_datadir }}
{{ end }}
volumes:
- name: glance-bin

View File

@ -24,7 +24,7 @@ metadata:
spec:
ports:
- name: g-api
port: {{ .Values.conf.glance.default.glance.api.bind_port }}
port: {{ .Values.conf.glance.DEFAULT.bind_port }}
{{ if .Values.network.api.node_port.enabled }}
nodePort: {{ .Values.network.api.node_port.port }}
{{ end }}

View File

@ -24,7 +24,7 @@ metadata:
spec:
ports:
- name: g-reg
port: {{ .Values.conf.glance_registry.default.glance.registry.bind_port }}
port: {{ .Values.conf.glance_registry.DEFAULT.bind_port }}
{{ if .Values.network.registry.node_port.enabled }}
nodePort: {{ .Values.network.registry.node_port.port }}
{{ end }}

View File

@ -75,8 +75,62 @@ conf:
override:
append:
paste:
override:
append:
pipeline:glance-api:
pipeline: cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler unauthenticated-context rootapp
pipeline:glance-api-caching:
pipeline: cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler unauthenticated-context cache rootapp
pipeline:glance-api-cachemanagement:
pipeline: cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler unauthenticated-context cache cachemanage rootapp
pipeline:glance-api-keystone:
pipeline: cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler authtoken context rootapp
pipeline:glance-api-keystone+caching:
pipeline: cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler authtoken context cache rootapp
pipeline:glance-api-keystone+cachemanagement:
pipeline: cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler authtoken context cache cachemanage rootapp
pipeline:glance-api-trusted-auth:
pipeline: cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler context rootapp
pipeline:glance-api-trusted-auth+cachemanagement:
pipeline: cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler context cache cachemanage rootapp
composite:rootapp:
paste.composite_factory: glance.api:root_app_factory
/: apiversions
/v1: apiv1app
/v2: apiv2app
app:apiversions:
paste.app_factory: glance.api.versions:create_resource
app:apiv1app:
paste.app_factory: glance.api.v1.router:API.factory
app:apiv2app:
paste.app_factory: glance.api.v2.router:API.factory
filter:healthcheck:
paste.filter_factory: oslo_middleware:Healthcheck.factory
backends: disable_by_file
disable_by_file_path: /etc/glance/healthcheck_disable
filter:versionnegotiation:
paste.filter_factory: glance.api.middleware.version_negotiation:VersionNegotiationFilter.factory
filter:cache:
paste.filter_factory: glance.api.middleware.cache:CacheFilter.factory
filter:cachemanage:
paste.filter_factory: glance.api.middleware.cache_manage:CacheManageFilter.factory
filter:context:
paste.filter_factory: glance.api.middleware.context:ContextMiddleware.factory
filter:unauthenticated-context:
paste.filter_factory: glance.api.middleware.context:UnauthenticatedContextMiddleware.factory
filter:authtoken:
paste.filter_factory: keystonemiddleware.auth_token:filter_factory
delay_auth_decision: true
filter:gzip:
paste.filter_factory: glance.api.middleware.gzip:GzipMiddleware.factory
filter:osprofiler:
paste.filter_factory: osprofiler.web:WsgiMiddleware.factory
hmac_keys: SECRET_KEY #DEPRECATED
enabled: yes #DEPRECATED
filter:cors:
paste.filter_factory: oslo_middleware.cors:filter_factory
oslo_config_project: glance
oslo_config_program: glance-api
filter:http_proxy_to_wsgi:
paste.filter_factory: oslo_middleware:HTTPProxyToWSGI.factory
policy:
context_is_admin: role:admin
default: role:admin
@ -125,21 +179,13 @@ conf:
add_metadef_tag: ''
add_metadef_tags: ''
glance:
override:
append:
default:
glance:
api:
DEFAULT:
bind_port: 9292
keystone_authtoken:
keystonemiddleware:
auth_token:
auth_type: password
auth_version: v3
memcache_security_strategy: ENCRYPT
glance_store:
glance:
store:
rbd_store_chunk_size: 8
rbd_store_pool: images
rbd_store_user: images
@ -150,29 +196,43 @@ conf:
swift_store_create_container_on_put: true
swift_store_config_file: /etc/glance/swift-store.conf
paste_deploy:
glance:
api:
flavor: keystone
database:
connection: null
paste_registry:
override:
append:
pipeline:glance-registry:
pipeline: healthcheck osprofiler unauthenticated-context registryapp
pipeline:glance-registry-keystone:
pipeline: healthcheck osprofiler authtoken context registryapp
pipeline:glance-registry-trusted-auth:
pipeline: healthcheck osprofiler context registryapp
app:registryapp:
paste.app_factory: glance.registry.api:API.factory
filter:healthcheck:
paste.filter_factory: oslo_middleware:Healthcheck.factory
backends: disable_by_file
disable_by_file_path: /etc/glance/healthcheck_disable
filter:context:
paste.filter_factory: glance.api.middleware.context:ContextMiddleware.factory
filter:unauthenticated-context:
paste.filter_factory: glance.api.middleware.context:UnauthenticatedContextMiddleware.factory
filter:authtoken:
paste.filter_factory: keystonemiddleware.auth_token:filter_factory
filter:osprofiler:
paste.filter_factory: osprofiler.web:WsgiMiddleware.factory
hmac_keys: SECRET_KEY #DEPRECATED
enabled: yes #DEPRECATED
glance_registry:
override:
append:
default:
glance:
registry:
DEFAULT:
bind_port: 9191
keystone_authtoken:
keystonemiddleware:
auth_token:
auth_type: password
auth_version: v3
memcache_security_strategy: ENCRYPT
paste_deploy:
glance:
registry:
flavor: keystone
database:
connection: null
swift_store:
override:
append: